Signal advises its users to install the app from the Play Store. While you can still get the .apk from Signal’s website, the developers warn against that. The EU can definitely exert pressure against what is hosted on the Play Store.
Telegram famously lacks end-to-end encryption (unless you intentionally use its private-chat feature, which few people do) and shouldn’t be mentioned in the same context as Signal.
Molly is a just as good (if not better) fork of Signal that is distributed on FDroid. It's the same network and same chats/contacts, just a different front-end.
And Signal avoids FDroid because they don't want someone else signing packages but they can always provide an FDroid repository like many others do and sign everything themselves.
If push comes to shove they'll be fine and pressure to black box signal in the EU is unlikely to hold up if they can just move users to another app store.
Signal being restricted to F-Droid would be the end of the app as any kind of mass phenomenon. Sure, like my fellow nerds here on HN, I use F-Droid. But none of the ordinary friends and relatives I managed to convince to install Signal, since it was free from the Play Store with just a few taps, would continue using the app if it were relegated to that repository they have never heard of.
Signal’s developers have spoken on a number of occasions about how their aim is to ensure encryption for the masses, not a techie elite.
Yeah, I communicate with way too many people on iPhones who will simply not switch to Android. If it disappears from the Apple App Store we will have to use a different messenger.
I mean if the choice is between "installing black box MITM to signal", "pulling it from the EU google play store and requiring users to download the apk manually", and "pulling it from the EU google play store and allowing users to use fdroid" then the choice is obvious.
Mass adoption can continue elsewhere if the EU chooses to go down a route that would make play store support in the EU non-viable.
Their reasoning for having it Play Store only is that Google does not require app developers to provide their signing keys/sign the APK themselves. Now this is no longer the case as Google changed their policies.
NOTE: F-Droid does not require app developers to share their keys, instead they build the application themselves and sign it with their keys -- something Signal is not a fan of.
I have also seen the preference for installing from Play Store explained as being that users are safer if they use default setups and do what everyone else is doing. For users who are not savvy, going the sideloading route can expose them to risk.
For me this line of thinking doesn't make a lot of sense. The Google Play option will always exist as it is a prerequisite for widespread adoption on Android. Also arguably, you're safer on F-Droid due to the level of vetting on that platform; so providing Signal on it is a good endorsement for general user safety and privacy.
Either way, this isn't about only offering the application on Google Play or only on F-Droid; but providing the option for both. Non-tech savvy users will always pick the more familiar and easy option on average, Google Play.
> If push comes to shove they'll be fine and pressure to black box signal in the EU is unlikely to hold up if they can just move users to another app store.
Yes but the assumption is that "push comes to shove" and they have to choose between pulling it from the EU play store and installing black box MITM software.
Having relatively easy alternatives in place would reduce the leverage the EU has to actually practically enforce this and hopefully pressure them into at minimum non-enforcement and preferably walking back the obviously unenforceable legislation.
But if it looks like they could practically force out Signal and co or force them to adopt this MITM if they want to continue existing, then they might be more likely to pursue it.
If you enable private chat, you don't get notifications for new messages, that way the feature is self defeating, it seems to me at least. (Something could also have gone wrong?)
Notifications generally go through Google Firebase so by not running private messages through firebase they avoid potential leaks. At least that's my guess
A common way around this is to simply send a notification through Firebase/other push notification mechanism that tells the app there is a new message.
The app can then retrieve the message and decrypt it. Most of them will then update the notification shown to the user with the full message content.
Maybe the concern is that Firebase still learns that user A and user B receive notifications back and forth at around the same time, interspersed with periods of no notifications for both
If A and B talk regularly, there might not be many other C who by coincidence exchange notifications at the same time
So you might be vulnerable to a sort of traffic analysis
Server side push messaging uses cloud infrastructure on both Android and iOS devices.
Some applications choose to make these notifications more 'secure' by not sending any content through them, just the fact that you have a new notification, but that makes the UX a little less friendly.
No, it can be encrypted and then you have a hook that decrypts the notification on-device. On iOS you need to get approval from Apple to do this though
Telegram famously lacks end-to-end encryption (unless you intentionally use its private-chat feature, which few people do) and shouldn’t be mentioned in the same context as Signal.