i’ve just seen a comment in a post, in this very community, saying people trust signal because of missinformation (from what i could undertand).

if this is true, then i have a few questions:

-what menssaging app should i use for secure communications? i need an app that balances simplicity and security.

-how to explain it to my friends who use signal because i recomended?

-what this means for other apps in general?

  • pkjqpg1h@lemmy.zipEnglish
    3·
    8 hours ago

    https://signal.org/blog/private-contact-discovery/

    Since the enclave attests to the software that’s running remotely, and since the remote server and OS have no visibility into the enclave, the service learns nothing about the contents of the client request. It’s almost as if the client is executing the query locally on the client device.

    • wildbus8979@sh.itjust.works
      1·
      8 hours ago

      … Providing you trust Intel SGX (and AWS for giving them access to actual SGX and not just emulating a compromised instruction set)

      • pkjqpg1h@lemmy.zip
        1·
        7 hours ago

        Providing you trust Intel SGX (and AWS for giving them access to actual SGX and not just emulating a compromised instruction set)

        😃

        conspiracy begins…

        • wildbus8979@sh.itjust.works
          2·
          2 hours ago

          What conspiracy? CPU bugs aren’t a conspiracy, they are just a fact. Amazon’s involvement with American three letter agencies isn’t a conspiracy, it’s a fact.

          • Ontimp@feddit.org
            1·
            47 minutes ago

            Yea but if you worry about CPU bugs there is no such thing as trust, no matter who owns the infrastructure. Any software can have critical bugs and any system that can be accessed remotely can be compromised. Personally I’d trust the people at Signal that they have made a reasonable architecture section to balance availability and privacy