SIGNAL APP NOW UPDATES ITSELF WITHOUT THE PLAY STORE, MAKING IT CLOSER TO /OURIM/

Wire has sketchy parent company that is planning on monetizing it. Also devs are ex-skype botnet programmers.

No, signal uses RSA for encryption. At the moment your public key is tied to your phone number on signals servers. It would be possible to tie it to something else instead, like a username.

Is there any app like this that doesn't need a phone number? Looking to get off the cell network here

seems you are a signal professional shill. let them know i don't use a cellphone, but i had an idea. when you open the application, for phones with the feature, use the fingerprint sensor to unblock the app itself.

i mean, you enter the application, then it waits till you authorize with your fingerprint. with phones with no fingerprint reader, it could be retina scan or face recognition, but it may be to far

Uh no

Are you being retarded on purpose?

Doesn't matter if they created Skype if the code is open source, which Wire is.

It won't be a username. It will be a random ID number like a slightly longer phone number.

Are you? Password protection isn't available on iOS.

Wire

Using iOS is like bending over to take it up the ass from anybody who wants to hurt you. You already lost.

but I thought iOS encryption was the best ever?

Use auto deleting messages

Name a phone with better proven hardware encryption, It's why I use one.

So because the developers don't include an obvious feature it's the users fault? Is this what we're saying?

>>iOS
>>worrying about security

The FBI didn't have any issues

An old 5C only exploit? Are you implying android is more secure right now?

An obvious as fuck security measure is missing that's all this comes down to.

???

What's the purpose of an IM if no one actually uses it?

Telegram masterrace here.

>Wire: centralized but secure service made by a corporation which is beholden to governments and law need for profit motives
>Signal: centralized but secure service made by a seafaring anti-goverment bro-tier hacker who does not have a profit motive and has a whole life philosophy revolving around telling governments and corporations to fuck themselves

Lolno

Are you that same guy who spends all day in the Tox groupchat just to tell people to get out and use Wire?

>hardware encryption

Using the fingerprint sensor to unlock the app already works on iOS; I wish it did on Android.

Oh my god, an actual Macfag on Sup Forums talking about how impenetrable Apple security is....I feel like Indiana Jones. I thought all you guys left like six years ago!

> (((seafaring anti-government bro-tier hacker)))
> (((who does not have a profit motive)))

Moxschlomo Marlinsfeld is his name.

What is enclave.

Wow legit argument again, iphone is the only apple product I use. Prove to me android is more secure, I'll wait.

And yet still no argument why Signal has no password protection?

>he wants a backdoor pushed without his knowledge
>he lets the OWS mitm him by serving fake keys during the key exchange
Just keep embracing the botnet you retards

>HOLY FUCK.
Why do Americans always say "holy [x]"?

Calm the fuck down, you massive hysterical retard.

Sign up on desktop and you get an email option.

Real men make other people join their IM services, not the other way around. Be a leader, not a follower.

What's wrong with Telegram?

The way I see it, acceptable messaging apps are
>Signal
>Telegram
>Conversations / ChatSecure / Gajim
>Wire
and probably others. No need to argue about which one's the best, just use them all and see which of your friends are on which one.

Also the XMPP ones are totally the best.

Nothing wrong with Telegram. If you desire to make it more difficult for (((them))) or want some semblance of privacy though then it's not your best option.

Have you tried Ring?

>shills in dudespeak
I thought Tox was shut down or something?

>no open source server software
>no server audits
>can't host your own signal server
XMPP is still Sup Forums approved. Signal shills need to get fucked.

Nope. [spoiler]How does one go about "shutting down" free software?[/spoiler]

It seems more rare these days to find someone on Sup Forums that actually runs their own server/services at home. Possibly due to the degradation of education. Many of them require a nanny (government) to tell them what to do. Sad.

>XMPP
Jabber is a shitshow, might as well run your IRCd and not deal with the overhead of an XML-based protocol.
Or just use some IRC network, your ERP will get lost among the tons there.

like..., your public key fingerprint (only sane choice)?

Don't shill wire, They didn't even acknowledged that wire wasn't working with microg faggot.

Some random user came with a patch after six months and wire has just started wrong with microg.

There are paid shills for Wire everywhere and I can't understand why.

Unpaid shill here.
The reason I recommend Wire is because it's just more functional than Signal (and Whatsapp and pretty much anything else) at this point.
If Signal had the same functionality and no phone requirement I'd shill for it all day.

what the hell is happening at OWS? did moxie get tired of sucking google cock? did they stop stroking his hair and calling him a good boy after he swallowed? or did moxie quit?

>victim of dyslexia

>I can't understand why people recommend a better app
This board is 18+

>current year
>Not using XMPP/Jabber with OTR

>There are paid shills for Wire everywhere

You people say this about every app.

Wire is still better

We also need server federation, don't forget that! Without that we're hopelessly dependent on the main servers and on trusting that they are indeed running unmodified builds of the published server source.

Oh, also, the RedPhone server code is still closed, no?

He's bowing to intense pressure from the public.

>WebRTC, OPUS video calling.
Too bad it's slowly dying of feature creep.

For some reason, this made me laugh really hard. That's some next level pretentiousness.

Anyways, I made my friends use Telegram instead of Whatsapp to group chat and stuff, so, that's something.

Does signal allow signing up without a phone # yet?

Does signal share your phone number with people you add?

>Does signal allow signing up without a phone # yet?
OP says no, dumbass.

>Does signal share your phone number with people you add?
It works like Whatsapp. If two people have each other's number in contacts, they become Signal friends.

I don't use whatsapp so i don't really know what you mean by that.

If i add someone not in my contacts to signal do they get my phone number or just a signal user name?

>I made my friends use Telegram instead of Whatsapp

>going from an app with decent encryption to a russian botnet

How is the signal desktop chrome webapp?

Again, you don't add people to Signal. Signal reads your contacts and if any of those people a) have you in their contacts too and b) have Signal, they automatically become your friend.

This is what Whatsapp and Telegram do as well.

It's sucks since like Whatsapp it's nothing more than a bridge to your phone. It's going to be phased out since Google is phasing out Chrome apps. They will have to do a standalone client or web app.

Hmm. If i can't add people without them being in my contacts that's kind of a deal breaker for privacy.

I have to say wire still wins hands down.

Let us self host then we'll talk

It's meant for people who are already friends but that may change in the future since many people are demanding that Signal can be used without a phone number. I expect them to add something similar to Ring ID numbers.

Botnet xD

I don't understand the concern over play services or where the server itself is hosted. If the encryption method used is as good as it should be then the server would never get anything but encrypted garble anyway.

metadata

signal for x86 when?

Full control of data

it's a pretty fucking shady service/program.

The only thing I wish they'd allow for is people being able to implement the tech over their own servers and use that if they wanted to.

I wouldn't use it but it would be nice.

How could Signal implement a system where they can:

a. allow for passwords instead of phone numbers to allow for true multi-device communication without relying on a phone.

b. still have a dictionary where the key is the phone number so you can find which of your friends/contacts are using signal

Also, if you switched to passwords instead of just using the numbers wouldn't backups of all your messages just be sitting there encrypted on a server somewhere? And tying the dictionary to your phone number allows for Signal to take care of all the user security. I just don't see how they can switch to a password system while maintaining the current functionality. Can someone give me their thoughts? I love signal and use it as more normal messaging application though.

He can't so he's just gonna keep memeing.

I like Signal, but the iOS version is sorely lacking. I managed to convert multiple friends who use Android to Signal partly because it didn't interfere with the communication of non-Signal users. IIRC, the iOS version only lets you communicate with contacts that also use Signal, which is retarded because most normies use iOS.

You mean you use Signal for signal encrypted chat and also as normal sms app?
So is it that apple doesn't allow iOS users to replace the sms app?

Biometrics are garbage and insecure.
Who's to say that the guy who wants access to your shit isn't just going to shove the phone in your face and have it unlock itself?

The courts protect passwords using the 5th Amendment. Your fingerprints aren't. You're required to divulge biometric data.

You are correct. Thanks Apple.

Matrix

>proven hardware encryption

relying on "secure" hardware is by far the stupidest thing I've ever heard.

what happens when your "secure" hardware has a fundamental flaw in the silicon?

you think Apple is going to recall every damn phone with the affected chips?

software security is significantly more valuable than depending on some retarded nonfree blobed negative ring hardware bullshit.

>I don't understand the concern over play services

maybe because play services is a highly integrated blob in Android that could potentially have memory access to all your apps?

That would be WhatsApp. At least that got normies to use fairly good crypto even if they don't give a shit.

No.

Incorrect: the Signal protocol does not use RSA. It uses Curve25519 for public key primitives, along with AES-256-CBC, HMAC-SHA256 and SHA256.

Still waiting for Wire to open the server source (they said they're going to do that Q1 2017). They fixed most of the bugs I reported. Still waiting on media to be e2e.

If you lock your phone with a passcode, iOS's encryption is superior to Android's. (I don't like Apple's control/walled garden approach to iOS, or the feel of it as an OS in general, but credit where credit is due: iOS's security while far from perfect is a lot better than Android's, which is a complete fucking trashfire oh my god you have no idea.)

They didn't actually ask the NSA, they wanted caselaw (and got BTFO). They couldn't even do NAND mirroring when it was explained to them, and contracted Cellebrite to do it for $$$$$$, who by the way also just got a 6/6s exploit for a cool million dollars via Zerodium.

Telegram is fucking garbage. Cleartext shit most of the time, shit when it does encrypt. Example: their response to the SHA-1 collision was to explain how it didn't affect them. (It does, in fact, affect them.)

Tried Matrix/riot.im?

You went the wrong way, you bloody idiot. Telegram group chats are completely cleartext. WhatsApp's are encrypted with best-of-breed e2e (Signal + Noise).

Shite. Needs replacing. Chrome apps are dead-end anyway. Replacement is under way.

Finished documenting the protocol.

The new WebRTC part replaces the RedPhone part for comms.

Have you used Ring? What do you think of it?

>The courts protect passwords using the 5th Amendment. Your fingerprints aren't. You're required to divulge biometric data.
The other think they're doing is building a profile of you now with your own biometrics. It's kind of fucked up but advertisers and corps will have your fingerprints maybe retina scans and general data associated with your metadata. Crazy shit.

>Name a phone with better proven hardware encryption
Any samsung with the latest KNOX security.

This is the only Sup Forums approved messenger.

I'll stick to XMPP+OMEMO until a decent matrix desktop client shows up.

All we need now is an official build on F-Droid.

>XMPP + OMEMO
Lmfao good luck convincing a normie to use that.

>WE ARE LITERALLY 2 STEPS FROM SIGNAL BECOMING THE MOST Sup Forums APPROVED IM SERVICE THAT HAS EVER EXISTED.
Not as long as xmpp exists to be desu senpai

This is the only real Sup Forums approved reply in this thread.

>signal
>not Tox
Casual.

>toxshit
you've lost the plot kid

>KNOX
>KNOX
Knox stores PIN in plain-text instead of salted hash or KDF, and "secures" processing it merely by obfuscated code.

Yeah seriously

UI was designed by a 14 year old girl who learned CSS in 8th grade.

It lacks being casual friendly. No point in something I can't get others to use.

I think Wire is looking the best