• Todd Bonzalez
        link
        fedilink
        English
        63 months ago

        The encryption algorithm may be open source, but they rolled it themselves. It is proprietary encryption.

        • @[email protected]
          link
          fedilink
          English
          153 months ago

          Again, it’s not, go to their github, check the code of the client, compile it yourself, and make a reproducible build to check that the client they ship to your phone is the same. You are talking nonsense.

          • Todd Bonzalez
            link
            fedilink
            English
            8
            edit-2
            3 months ago

            You’re not getting what I’m saying, because you don’t understand what “proprietary” means in this context.

            Proprietary encryption ≠ Proprietary code.

            You can roll your own shitty novel encryption algorithm and license it under GPL if you want, it’s still proprietary encryption in that Signal has its own unvetted encryption algorithm instead of using a trusted existing algorithm.

            EDIT: How are people not understanding this?

            Proprietary licensing is different from a proprietary way of doing things.

            If you folks think that a GitHub repo and GPL license are all you need to vet an encryption algorithm, and you think that absolves an novel untested algo from being called “proprietary encryption” you’re gonna get burned one day because your trust was built on not understanding encryption.

            Signal built their own encryption algorithm. That’s proprietary encryption. If you still think I’m wrong, pick up a dictionary, look up “proprietary” and “encryption”, and you might just have a chance at understanding that “proprietary” is an adjective that can apply to a lot of different words.