Hacker News new | past | comments | ask | show | jobs | submit login

The US authorities can make the same orders that they made with LavaBit (i.e. ordering them to produce a backdoored build and replace yours with it), and they can make them secretly. Given that Signal by design requires you to use it with auto-update enabled (and, notably, goes to some effort to take down ways of using it without auto-update), and has no real verification of those auto-updated builds, I would consider it foolish to rely on the secrecy of Signal if your threat model includes the US authorities or anyone who might be able to call in a favour with them.



How odd. I have, and continue, to use Signal without auto-update enabled.

I have been prompted, twice in three years to update though.

Perhaps the requirement depends on your country?


Ya, does it do that thing banking apps do where it insists on the most recent version in order to even be usable?

Otherwise, thats more of an iOS option that can be easily altered

Settings < App Store < Automatic Downloads > App Updates




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: