cross-posted from: https://lemm.ee/post/56591279

Swedish government wants a back door in signal for police and ‘Säpo’ (Swedish federation that checks for spies)

Let’s say that this becomes a law and Signal decides to withdraw from Sweden as they clearly state that they won’t implement a back door; would a citizen within the country still be able to use and access Signals services? Assuming that google play services probably would remove the Signal app within Sweden (which I also don’t use)

I just want the government to go f*ck themselves, y’know?

    • solo@slrpnk.net
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 hours ago

      They still have a tone of open-source stuff. It’s just that not everything is open-source anymore. Meaning, since everything is not public, we have no way of knowing if this private piece of software is what they say, or anything else actually.

      So, trust a company because they say they are not evil? I’ll pass

      From Signal Blog 01 Nov 2021:

      Improving first impressions on Signal

      We build Signal in the open, with publicly available source code for our applications and servers. To keep Signal a free global communication service without spam, we must depart from our totally-open posture and develop one piece of the server in private: a system for detecting and disrupting spam campaigns.

    • zmrl@lemmy.zip
      link
      fedilink
      English
      arrow-up
      2
      ·
      13 hours ago

      There isn’t any proof that the app you download is built exactly from the source code on github. There could be an intermediate step to inject whatever they want before packaging it for the app stores.

      There’s also the conspiracy that Signal has been compromised since the beginning as they received initial funding from the CIA. Not sure exactly where I stand on this, but it is plausible.

      The protocol itself is open source though so someone could make an open source service with that.

      • Successful_Try543@feddit.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        12 hours ago

        There isn’t any proof that the app you download is built exactly from the source code on github.

        In principle, this statement holds for any app that you don’t compile yourself. As we’ve learned from the xz disaster last year, even the dource code versions on GitHub don’t have to match.

        There are at least two Signal versions: The official version, the one from the Guardian Project. For the latter I assume that they build from the publicly available source code. And then there is at least the fork Molly.