Its use of SGX for secure value recovery is highly problematic [1].<p>@matthew_d_green twitter feed has a regular stream of high-quality Signal commentary.<p>[1] <a href="https://arstechnica.com/information-technology/2020/06/new-exploits-plunder-crypto-keys-and-more-from-intels-ultrasecure-sgx/" rel="nofollow">https://arstechnica.com/information-technology/2020/06/new-e...</a><p>[2] <a href="https://twitter.com/signalapp/status/1262844332278603777" rel="nofollow">https://twitter.com/signalapp/status/1262844332278603777</a>
Probably at least as secure and very likely moreso than pretty much any other option. cite as "random redneck off the internet" and due yer own dilligencing, of course.<p>I must say its preferable for plain old SMS messaging, if nothing else, for the options it offers and the stable sane behavior.
Depends on what you need. EFF previously used to have a scorecard[1] for all the messaging applications, but they reconsidered the model of their recommendation and put together a good set of articles on the topic which ask questions to consider and provide privacy and tech context. Here's one: <a href="https://www.eff.org/deeplinks/2018/03/thinking-about-what-you-need-secure-messenger" rel="nofollow">https://www.eff.org/deeplinks/2018/03/thinking-about-what-yo...</a><p>The rest are linked from here[2].<p>[1]: <a href="https://www.eff.org/pages/secure-messaging-scorecard" rel="nofollow">https://www.eff.org/pages/secure-messaging-scorecard</a><p>[2]: <a href="https://www.eff.org/de/deeplinks/2018/03/secure-messaging-more-secure-mess" rel="nofollow">https://www.eff.org/de/deeplinks/2018/03/secure-messaging-mo...</a>
It all depends on the context / your threat model. Do you want to prevent a service provider from reading your messages? It's good. Do you want to be the next Snowden? Probably not. Do you trust people you talk to? Etc.
Pretty much anything will fail if the end device is compromised. It's probably good up to that point. Otherwise you will have to look into some sort of air gapping to a physically secure device dedicated to messaging (e.g. Yubikey).<p>As always, it depends on the threat model...
Rather than conspiracies theories of, depends if you are a spy or not.<p>Anyone want to explain where Signal fails for top level spying and Nation States are coming after you?<p>And what the safer alternative is?
you have to understand and read their security model in order to assess whether it is an appropriate technology for your context. every time you use a security advertised platform read the threat/security model.
Best way to avoid interference or maintain security is to adopt old school tactics. Look at the war games the military played to prepare for Iraq and how the low tech red team comms worked.