mg is a user on You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

I'm actively recruiting volunteer devs for a native Signal / Signal-like client in Gtk, in the hopes that we can bring it to the @Purism Librem 5 phone. Please contact if interested.

PGP/GPG: FA9D 40F1 5FE1 D8AB 8312 4AAA 77E3 1447 CD1F C3F6


Anything to do with #Signal do not count with me.

Why not opt for an #open solution, as opposed to an "open" one?


@philippemargery @61 @Purism Signal isn't "bad". In a nutshell:

OpenWhisperSystems / the devs behind Signal made the choice to centralize the service and build identity around the phone number system, instead of doing the federated / decentralized approach.

They did this consciously to encourage widespread adoption without the traditional difficulties associated with a decentralized, multiple-client approach.

That makes it different from approaches by, XMPP, and so on. 1/2

@philippemargery @61 @Purism OWS has had a contentious relationship w/ FOSS devs who want alt. clients/forks of Signal that interop w/ OWS network

From the OWS perspective, it's important to keep the UI/UX consistent; alternative clients degrade the user experience for everyone on the network, and use expensive resources. Security and QC are impossible to verify for apps out of OWS control

The FOSS-y arguments are familiar, and include the fact that centralization is dangerous for freedom. 2/2


As for the OWS perspective, we're going to have to file that under #utterbollocks.

For the record, I have nothing against closed source per se. It's specious arguments, outright lies and #antisocial behaviour that gets in my tits. And that's the things that #signal truly are experts on.

@philippemargery @Purism

@diggity @philippemargery @Purism

Just for the record.

* First things first, the #wikipedia advertised “Open Whisper Systems” does not actually exist. Prove me wrong with an official incorporation document.
* The also #wikihyped “Signal Foundation”, AFAICT does not exist either, according to people who should know, namely

See next message for what *does* exist…

@diggity @philippemargery @Purism

* Previously, when this guy came up with his previous product iteration, he had set up another #Delaware entity, WHISPER SYSTEMS TECHNOLOGIES, INC. This was in 2011.
* In 2012, a #California #LLC ( was selling his software on the #apple store (

@diggity @philippemargery @Purism

The #California entity QUIET RIDDLE VENTURES, LLC is still active (as is the 2011 DE corporation) with a modest income and one employee on file (

@diggity @philippemargery @Purism
For the Delaware entities, if someone wants to shell out $20 you can get the tax returns which should give an idea to what extent the claims made in #wackypedia and the press are true or not, and where any money has been coming from and going to.

For the “foundations”, please someone publish their articles. And obviously, as for any other private non-profit, their finances.

@diggity @philippemargery @Purism

Not even getting into the technical aspects of it. #Security? Your own phone number as your ID, what could possibly go wrong?

It could be a decent closed source app if it weren't for the #bullshit security #hype.

But the obvious disparity between the public claims and the hard data that can be found with just a casual search, are no journalists wanting to dig a bit into that? @maxeddy?

Wow. It is indeed intriguing. Thanks for that. What messenging up do you use? My family is fed-up with me asking them change app all the time.... 😂
@diggity @Purism @maxeddy

#xmpp user since 2001.

I've changed JID (Jabber ID) exactly once, around ten years ago.

@diggity @Purism @maxeddy

@61 @philippemargery @diggity @Purism @maxeddy
What about all the metadata that your XMPP server (and the others you contact to) can see and manipulate? I was using but just leave it after discover about this.

@Gorio @61 @philippemargery @diggity @Purism @maxeddy
hast really dumb Arguments, as they apply to literally every webserver, mailserver and dozens of other services. not using e2e is generally a bad idea, we knew this before…


IMO I don't think the arguments are dumb, they are valid and worth reminding of.

Where the write-up lacks is in being opinionated and, above all, failing to point out that the highlighted concerns apply pretty much to every client/server system, such as #email or #mastodon.

@Gorio @philippemargery @diggity @Purism @maxeddy

mg @mg

@61 @Gorio @philippemargery @diggity @Purism @maxeddy
they even recommend signal instead, it is hilarious.


Yeah that's a major loss of credibility right there. I unsubscribed when I saw that one.

@Gorio @philippemargery @diggity @Purism @maxeddy