I have no doubt that Signal is now compromised, since its board was overhauled recently and now includes people with a US government background. Yes, the encryption model theoretically remains secure, but 1) Signal now uploads your contact list to their servers and claims it is secured by Intel’s secure enclave, but multiple vulnerabilities have been found in that, and 2) if targeted, most users are defenseless against a malicious update. Meanwhile, WhatsApp, which is heavily used by EU citizens, claims end-to-end encryption, but it leaks metadata and also chat content is leaked through the automated backups that most users don’t disable.
The only question is to what extent Five Eyes members besides the US get access to all that. Unfortunately, there doesn’t seem to be any initiative inside the EU to protect users better, while also letting us enjoy an internet without behavioral advertising.
The only question is to what extent Five Eyes members besides the US get access to all that. Unfortunately, there doesn’t seem to be any initiative inside the EU to protect users better, while also letting us enjoy an internet without behavioral advertising.