• 0 Posts
  • 21 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle
  • Signal forks can have unexpected behaviours like retaining deleted messages and also they don’t get updated at the same rate that Signal get updated.

    There are ways to save messages before they are deleted even if the stock app is used. Do not ever rely on this feature to work in a “safe” way.

    Every couple of years I hear a story about hackers disturbing signal with backdoors, which would be impossible or very hard to be done If they blocked third party clients. (Ex: 1)

    That is a problem the users who prefer 3rd party clients have to deal with. Obviously if you care enough to not use the official build, you of cause have to take care of using a trustworthy source. That is not “your problem” though.

    The amount of people who use third party Signal clients are very few anyway.

    That sounds a lot like “I don’t use it, so none else needs it either” argument. In my opinion, none of your arguments above are a good reason to combat 3rd party clients.


  • Not in all situations. And in a way a user will not be aware of. The service or website can define what type of passkey is allowed (based in attestation). You may not be able to acutally use your “movable” keys because someone else decided so. You will not notice this until you actually face such a service. And when that happens, you can be sure that the average user will not understand what ia going on. Not all passkeys are equal, but that fact is hidden from the user.


















  • Can you give more details of the scan result? Exodus only lists the Play store version. I installed the F-Droid version but Exodus app reports it as “same version” and just shows the clean Google Play Store results. This is obviously wrong, the SHA1 listed for the Play Store version on the Exodus website is different compared to the F-Droid .apk I have installed. Sadly the Exodus website does not support scanning F-Droid apps from third-party repos so I have no idea how to scan it.

    That being said, according to the privacy policy (https://voiceinput.futo.org/VoiceInput/PrivacyPolicy), the F-Droid .apk version should have some kind of crash report build-in. So I could imagine that this might get flagged.