> It is not a protection, just a security theater.
Signal is a perfectly good protection against passive attackers. MITMing a non negligible portion of Signal users would be too visible to be worth doing. This doesn't solve target surveillance (but key fingerprint checks help there), but this does ensure that most of the data exchanged via Signal services does not feed NSA databases.
> If you don't trust your service provider not to spy on you, you must not trust it completely.
Ideally you wouldn't trust anything nor anyone, that's the Mossad thread model and it's not useful to judge incremental improvements.
> Don't want to be spied by your service provider - run you own server. That's what federation is for.
A server running where? Most "servers" are rented from a big cloud provider, and there's no physical control over it. Having to trust these is definitely worse in terms of security. This is also forgetting the users Signal is targeting, who are not technical users, but precisely people who don't know what a server is.
> MITMing a non negligible portion of Signal users would be too visible to be worth doing.
You are not trusting Signal to have your unencrypted chats. Why do you trust their client apps? You aren't building them yourselves, right? MitMing ALL users and just showing them matching fingerprints so they feel safe is pretty plausible, since all users communicate using one central server. Of course, this MitMing is best perpetrated by Signal themselves.
> A server running where? Most "servers" are rented from a big cloud provider, and there's no physical control over it.
If you are a criminal, somewhere in TOR. If you are a legal organization, in your server room. If you are neither, nobody freaking cares about your chats and you might as well keep them unencrypted, enjoying better portability and overall improved user experience, as proven by Telegram.
Because it's open-source, has been reviewed extensively, and people (with various degrees of expertise) keep looking at it.
> You aren't building them yourselves, right?
It builds reproducibly on Android, so this doesn't matter.
> If you are neither, nobody freaking cares about your chats
That's not what the Snowden leaks showed, nor what scandals about e.g. some $BIG_CORP employees stalking their acquaintances via their privileged accesses demonstrated. E2EE on Signal means I don't have to trust that some employees won't abuse their rights to access my data. Do you even know how many people could access your Telegram chats if they wanted to? Just look up "stalker facebook employee", this is not some theoretical scenario.
You're basically saying you and others have "nothing to hide". This argument has been repeated and debunked ad nauseam, if the whole literature against this stance hasn't convinced you yet I don't have more to convince you now.
> Because it's open-source, has been reviewed extensively, and people (with various degrees of expertise) keep looking at it.
Sooo your security is based on blind trust in some people out there who definitely do keep looking at Signal's apps, somehow verify that every shipped version of their app contain the same code as their open source repository? That's a lot of trusting.
(Wouldn't it be simpler to just trust Signal not to watch what you are texting to your significant other, and keep everything without encryption, saving yourself a lot of trouble?)
> E2EE on Signal means I don't have to trust that some employees won't abuse their rights to access my data.
So your threat model are Signal's employees who might be stalking you? You know, you could run a $2/month xmpp server that would serve you just fine, and you wouldn't have to worry about any threat of this kind. This not-working-federated-protocol is surprisingly effective in sending and receiving messages.
> Wouldn't it be simpler to just trust Signal not to watch what you are texting to your significant other
This doesn't hold in practice, you simply cannot trust any single entity about this, since it's bound to be abused eventually.
> You know, you could run a $2/month xmpp server that would serve you just fine, and you wouldn't have to worry about any threat of this kind.
So instead of managing my client, I need to manage both my client and a server, and trust this server on top of the client? That's obviously worse, I'm starting to think you're trolling.
> A server running where? Most "servers" are rented from a big cloud provider, and there's no physical control over it. Having to trust these is definitely worse in terms of security.
For the record, Signal's servers run on US cloud providers, including AWS and Google Cloud. Signal do not have physical control over their machines either, which I believe invalidates this point about self-hosting.
Signal is a perfectly good protection against passive attackers. MITMing a non negligible portion of Signal users would be too visible to be worth doing. This doesn't solve target surveillance (but key fingerprint checks help there), but this does ensure that most of the data exchanged via Signal services does not feed NSA databases.
> If you don't trust your service provider not to spy on you, you must not trust it completely.
Ideally you wouldn't trust anything nor anyone, that's the Mossad thread model and it's not useful to judge incremental improvements.
> Don't want to be spied by your service provider - run you own server. That's what federation is for.
A server running where? Most "servers" are rented from a big cloud provider, and there's no physical control over it. Having to trust these is definitely worse in terms of security. This is also forgetting the users Signal is targeting, who are not technical users, but precisely people who don't know what a server is.