Arguments for Signal over Whatsapp, Messenger, and SnapChat
-
Here are 28 arguments for you to use.
-
Practically speaking, there's a huge difference.
RCS/iMessage are great. They're a huge upgrade over SMS, however, the E2E statements they make aren't really verifiable to the degree necessary to call them secure. They also require hardware compatibility, software compatibility, environment compatibility (root breaks RCS) as well as network compatibility so the pool of devices that work both ways with RCS is still pretty small. It's frankly a mess.
Realistically speaking, he's right. There's no difference. People don't casually message information which is important enough to require perfect forward secrecy. So at the end of the day choose which works best for you and if you do dumb shit like sending credit card and social security numbers over clearnet, then prepare to have your anus widened.
I personally prefer running an MTProto proxy on top of Telegram. I control the proxy, so I can view where the network traffic is going in transit for the most part. Is MTProto perfect? No. But it's vastly improved since previous independent audits and it's "good enough."
If critically sensitive information has to touch a device with internet access then you need a mature security protocol like PGP or some other shared key cryptography so you can verifiably ensure you're talking to whom you're supposed to be talking to. If that's something you're interested in, give Keybase a try. It's a really great platform built around a really great technology (PGP). The mobile application comes with a chat option that uses your PGP key to symmetrically encrypt your chat messages using Scrypt (with PBKDF2) making it significantly more secure than any other option mentioned here.
-
WhatsApp fails to include a libre software licence text file. We do not control it, anti-libre software.
-
These are not designed to penetrate disinformation.
-
Both easy, backdoor the idea.
-
If we can't self host Signal, it isn't much better than WhatsApp.
-
This is an important extra point: being open source, a government can’t secretly mandate a back door, because everyone would be able to see it. For the other options listed, there are no guarantees.
-
I convinced my family to switch by giving them my Signal contact info and letting them know that that’s where they could contact me. I ditched my WhatsApp account when Facebook bought them, and never had any of the other accounts because I knew too much about the people behind the companies.
-
I think that this is a pretty good reason.
If the billionaires are using it for privacy, then it is likely the best one.
I mean, how much do you wanna bet that they all had a private dinner with the other billionaires that own other apps and had a private conversation about whether their messages are actually private and able to be hid from the government?
-
Send them both a bunch of videos from Naomi Brockwell (NBTV). Or buy them each a copy of her book
-
They definitely can, see the recent xz backdoor. But the question is whether it would be found out or not.
-
I haven't check in a while but I think I remember that proprietary app either do not have security audits or they failed them. You should check though I am not 100% sure.
-
Signal is not the answer.
Signal's backend is essentially closed-source, and to my knowledge none of their binaries are reproducible with the code available.
If you really want privacy and security in E2EE, you want somethjng that's completely open-source (front and backend), and can be self-hosted entirely.
Matrix is this. -
Signal is the best alternative to Meta messaging apps and to Snapchat for normies.
-
show them a picture of zuckersuckers face and ask if they would trust him with your secrets
-
Show them this: https://techcrunch.com/2025/01/22/whatsapp-wins-reprieve-in-india-over-user-data-sharing/
The dispute began when WhatsApp required users to accept expanded data sharing with Meta’s platforms or risk losing access to the messaging service. While European users can opt out of such sharing, Indian users cannot — a distinction that regulators found problematic.
Meta doesn’t know what you’re talking about, because WhatsApp is e2ee. But they know:
- who are you talking to
- when
- how often
- what else were you doing before/during/after the talk
- links that are shared (the preview fetch is not e2ee afaik)
These are all valuable metadata and given enough of it, they can even infer what you were talking about. Target you with ads on their other platforms (but rumors are that WhatsApp will have ads inside eventually)
-
xz almost worked because it was in something nobody was looking at. Signal code is audited regularly.
-
For the purposes of the average person the tech guy in your op is absolutely 100% correct.
All the platforms listed use transport encryption and that’s enough to avoid mitm surveillance which is enough for most people.
Most people’s “threat model” is the police or a pi. All the apps listed including signal have to comply with orders from American police and have “sidechain attacks” that involve stuff like getting some member of the groupchat’s device and scrolling up or tricking someone into giving up sensitive information.
-
(the preview fetch is not e2ee afaik)
Technically, it is, but end to end encryption only covers the data between the ends, and not what one of the ends chooses to do with it. If one end of the conversation chooses to log the conversation in an insecure way, the conversation itself might technically be encrypted, but the contents of the conversation can be learned by another. Or if one end simply chooses to forward a message to a new party not part of the original conversation.
The link previews are happening outside of the conversation, and that action can be seen by people like the owner of the website, your ISP, and maybe WhatsApp itself (if configured in that way, not sure if it does).
So end to end isn't a panacea. You have to understand how it fits into the broader context of security and threat models.
-
With that in mind, security and privacy are two completely different things.
For instance, I would say that WhatsApp is fairly secure. It just isn't private at all. Meta can (and does) see and track your meta data.
Why is that important? I liked these 2 examples I read somewhere because they are simple but explain how powerful it is.
Your phone calls are private. Your carrier isn't allowed to listen in on your call to know what you talk about. But they can see that you called a suicide hotline while standing on a bridge.
They can see that your doctor's office called you and then you called an abortion clinic next. The following week your GPS location went to that clinic.
Are these things Person A would willingly tell their phone provider? It's none of their business so I assume not. But they essentially are when they don't care about their privacy.Another stance I take is that even if they don't care about their privacy, can they at least respect mine? I don't give their phone number out to anybody that asks. But non private apps look at all their contacts so they are doing exactly that to me.
Think of the last spam call they got. If they knew it was because of you wouldn't they be upset?
