cross-posted from: https://lemm.ee/post/56591279
Swedish government wants a back door in signal for police and ‘Säpo’ (Swedish federation that checks for spies)
Let’s say that this becomes a law and Signal decides to withdraw from Sweden as they clearly state that they won’t implement a back door; would a citizen within the country still be able to use and access Signals services? Assuming that google play services probably would remove the Signal app within Sweden (which I also don’t use)
I just want the government to go f*ck themselves, y’know?
What part am I missing? They seem to have the source code of their server and the different apps on their GitHub page.
There isn’t any proof that the app you download is built exactly from the source code on github. There could be an intermediate step to inject whatever they want before packaging it for the app stores.
There’s also the conspiracy that Signal has been compromised since the beginning as they received initial funding from the CIA. Not sure exactly where I stand on this, but it is plausible.
The protocol itself is open source though so someone could make an open source service with that.
In principle, this statement holds for any app that you don’t compile yourself. As we’ve learned from the xz disaster last year, even the dource code versions on GitHub don’t have to match.
There are at least two Signal versions: The official version, the one from the Guardian Project. For the latter I assume that they build from the publicly available source code. And then there is at least the fork Molly.