• Todd Bonzalez@lemm.ee
      link
      fedilink
      English
      arrow-up
      6
      ·
      3 months ago

      The encryption algorithm may be open source, but they rolled it themselves. It is proprietary encryption.

      • pressanykeynow@lemmy.world
        link
        fedilink
        English
        arrow-up
        15
        ·
        3 months ago

        Again, it’s not, go to their github, check the code of the client, compile it yourself, and make a reproducible build to check that the client they ship to your phone is the same. You are talking nonsense.

        • Todd Bonzalez@lemm.ee
          link
          fedilink
          English
          arrow-up
          8
          ·
          edit-2
          3 months ago

          You’re not getting what I’m saying, because you don’t understand what “proprietary” means in this context.

          Proprietary encryption ≠ Proprietary code.

          You can roll your own shitty novel encryption algorithm and license it under GPL if you want, it’s still proprietary encryption in that Signal has its own unvetted encryption algorithm instead of using a trusted existing algorithm.

          EDIT: How are people not understanding this?

          Proprietary licensing is different from a proprietary way of doing things.

          If you folks think that a GitHub repo and GPL license are all you need to vet an encryption algorithm, and you think that absolves an novel untested algo from being called “proprietary encryption” you’re gonna get burned one day because your trust was built on not understanding encryption.

          Signal built their own encryption algorithm. That’s proprietary encryption. If you still think I’m wrong, pick up a dictionary, look up “proprietary” and “encryption”, and you might just have a chance at understanding that “proprietary” is an adjective that can apply to a lot of different words.