I feel like it’s a honey trap.
replies(1):
That's a serious accusation you are 'feeling'. What evidence do you have?
If I check the magic number to verify the security of my encryption with a contact, there's only one number to verify, yet I can have any number of desktop clients attached which seem to be independently capable of decrypting messages with my phone offline. There's also no indication to the sender that their message has been sent to multiple devices or any obvious way of working out where its been seen.
There's also been the historical reliance on google services, the holsitlity towards people running their own servers and on occasion general hostility towards devs and end users too.
For something that started off as a way of sending p2p e2e encrypted textual communication over the lowest common demoninator protocol worldwide, it's come a long way. Being able to send animated cat gifs to a group is great, but it feels (especially with the server code so far behind and no real way of verifying thats actually what's running anyway) like we're getting further and further from simple & verifiable and more and more into trust us territory, and it seems right to treat that with some suspicion.
You're confusing e2e and p2p here.
Please don't do this, they are completely different things.
Signal messages are encrypted end to end, by the client, which is unambiguously open source: people can, and do, build the latest client using the published source code, to verify the binary.
You do have to register, so the server can perform contact discovery, and route messages. And it isn't peer-to-peer, messages pass through a central server for routing.
I have no objection to your disliking this architecture, I readily concede that it isn't as secure and anonymous as it theoretically could be, and as Matrix actually is.
But please don't propagate misinformation while doing so.
I was trying to consciously use both those terms and not interchangeably. It's still end-to-end encrypted, but it's impossible to work without interacting with their servers. When it first started as TextSecure it was capable of encrypting SMS between two handsets in a completely peer-to-peer way; no internet or 3rd party interaction required (just some ability to send SMS).
Sure, being able to E2E an SMS was pretty cool! I've given up on SMS ever being replaced with a reasonably modern protocol, I think we're just stuck with siloed apps for the foreseeable future. Which is a pity. Maybe Riot/Matrix will be a fait accompli once its been around for long enough.