The main question is whether this will lead to a flywheel effect, where adoption is self-reinforcing. Because we've been seeing that in the Netherlands, a small country that is nevertheless now in the top 5 countries with most Signal users, where growth is now 25 times the usual rate. That is still a quite higher rate than:
> the week’s rate of adoption has been twice that of a typical week for 2025, which in turn was twice that of a typical week the same time last year.
Market penetration here is getting significant enough for more and more people.
If Signal gets too popular then server costs will become significant. Signal needs a viable business model to survive. The big weakness here is that there is only one entity that can run the servers. If that server goes away then any attempt to start it up again would have to do so at the high level of usage that originally killed Signal.
Signal is, alas, merely a project. It will never morph into something like email that can withstand server running entities disappearing. So huge popularity could actually be a bad thing...
As usual, by having 1% of the users pay 100x the rate, because $60/y aka $5/mo is nothing to them. That is, identify well-moneyed users and offer them something substantially-looking but trivial to support. Twitter/X's blue marks are a perfect example.
If every user of free software donated for all the free software they use, people's monthly donation bill for their "free" software would be hundreds of dollars or more.
so what? that's not a reason to not donate at all. It's not an "all or nothing" proposition. donating a little is still better than donating nothing.
(and what's more, I disagree with your premise. I think I'd everyone donated, the cost would be very spread out and it would be shockingly affordable, especially relative to the benefits we get)
That $3/month figure actually makes me more concerned. Sure it's low for a business with revenue but donation funded services rarely get donations from more than a few percent of their users. So Signal probably needs something like $30-40/month from people who actually donate, which seems unlikely.
> That $3/month figure actually makes me more concerned. Sure it's low for a business with revenue but donation funded services rarely get donations from more than a few percent of their users
That's way, way lower than most other services, including most messaging services.
And donations aren't Signal's only source of revenue. Over a third comes from other sources.
> So Signal probably needs something like $30-40/month from people who actually donate, which seems unlikely.
Well, they broke even last year, so apparently it does work out.
The minimum I can choose in-app is £5 ~$6.50/month (unless I do a one-time £3). I notice on their website they accept crypto, stock and "DAF" https://signal.org/donate/
Just to be explicit, since your comment doesn't mention it: via your link they also accept Credit Card, PayPal, and bank transfers, and you can specify custom amounts there.
Probably because people are realizing that it has the auto-delete feature that the Whitehouse is DEFINITELY not relying on in having senior staff communicate on this platform.
I think GP means "relying on" in the "avoiding official record keeping" sense rather than the feature being used literally. You could explain away the latter as a bug or accident, BUT given the brazen corruption of this admin, they're probably using it intentionally to skirt existing laws or procedures.
There is zero reason for them not to just blatantly avoid keeping legally-required records.
They illegally fired the watchdogs put in place after Nixon (practically the only fucking useful thing we did about that—the laughably weak handling of the Watergate affair, and, shortly after, Iran-Contra, sent us well down the path we're possibly seeing the end of now) as one of their first acts, and nothing bad happened. Nothing they've done to evade legally-required scrutiny and oversight has brought them any trouble at all so far. Why would they stop?
I don't understand why someone, under guidance from the NSA and others, hasn't built a hardware/software platform for secure communications for yahoos like this. Leak any classified data on a normal phone even in an e2e encrypted app, straight to jail.
Get your phone rooted by pegasus or whatever the newest chinese/israeli/whoever 0 click exploit and your fancy signal data is wide the fuck open. It's literally insane to me.
Disappointed to see that even Wired is falling into the frame of the scandal being the accidental inclusion of a member of the public in a sensitive chat. Once again, Wired, the scandal is that the VP and the members of the cabinet are categorically forbidden from using Signal for any reason.
If I didn't know any better, I'd say these people were acting like they were picked by a convicted felon who acts like he's above the law, mainly because his experience tells him that he is.
Well, also the entire government said as much, including the the AG, whose belief is a sitting President can't be indicted, and SCOTUS, who claims basically, that the President can't engage in illegal acts.
The only theoretical mechanism left is impeachment, but if the impossible happens and Congress does vote to remove, the administration will ignore it, or have SCOTUS rule against it. It just depends on how above board they care to pretend to make it look.
All the inconvenient rules that make the low level employees less efficient don't apply to the upper ranks. That allows them to complain about their employees.
The other, other scandal is that they collapsed a building on many innocent people in the process. This action comes at a high price both morally and in terms of ensuring the legitimacy of the enemy among the civilian population.
A similar gross error / crime was committed at the beginning of the war in Somalia, and was in the view of some the single action that contributed the most to US ground forces being pulled into the conflict. In that case, a missile was fired into a meeting room where tribal leaders were conferring.
I’m not sure why you think that is a scandal; isn’t it a good thing that civil servants and members of the government are supposed to use government-controlled communications channels with proper access control, encryption, and retention in place? Why should they rely on a third-Party, commercial provider, and why on earth is it a scandal that they are forbidden from doing so..?
To every veteran and aerospace engineer who honored the classification of information, this incident and likely prior ones, is horrendous and criminal.
Violators are immediately arrested and charged. I hate to see top-level exceptions to both record-keeping and mishandling of classified information. That's where they do the most damage.
As others have noted, the flaw in using Signal on consumer phones is due to vulnerabilities in the phone itself. And it was wrong to use consumer phones.
That said, I was recommending Signal to friends in order to have online discussions, using the conferencing feature, since it is cross-platform and cross-device. However, one friend lost their Apple login and can't install software on their phone. I sent a very long explainer on how to reset it.
Guess I'll try face-time conferencing, which works on Apple Devices [0] and will work with others via web [1]. Requires ios 15 or Monterey to initiate.
Signal makes it very difficult to even tell what parties are talking to each other (though if you have nation-state-level internet tracking, you can probably tell.)
Signal doesn't know anything about you except your number or screenname, when you signed up, and when you were last active.
Zoom is none of those things and the grandparent commenter has no idea what they're talking about.
signal may be e2e encrypted, but if i root your phone with a 0 click exploit. Which most of the state level actors we care about can and do do. Then I can just read your signal messages out of memory as soon as you open them. period. end of.
Using a public smartphone to conduct discussions about classified information is straight crazy. E2E encrypted or not.
I read this as you suggesting that signal is somehow at fault here?
If I'm getting that wrong, ignore me, if I'm not, could you expand that? I don't follow how signal did anything wrong here, or was in any way responsible.
I don't see any part they are saying this is Signal's fault (vs the fault of the people who committed the "horrendous and criminal" acts? Which part are you referring to?
I thought I made it clear that the phone OS is vulnerable. Like, what good is encryption when malware can steal your camera, microphone and screen? Zero. I have been a Signal fan for a long time.
The problem isn't specifically the release of this information, which to my understanding didn't reduce the effectiveness of the operation. But the real problem is that now that other state actors and intelligence agencies know that our top military and intelligence officials sometimes share details of impending operations on their personal cell phones, there is now a pretty strong incentive to try to crack those phones or crack the Signal protocol somehow to get access to that information. And Signal and Apple do their best but they don't have the kind of resources that the NSA or CIA can bring to bear on securing a piece of equipment from espionage.
The more interesting part for me is, this is just one instance we found out because they screwed up. I am sure there are many many more of these channels where national security details are discussed.
Signal still is hosted in the US, do we know how much they will fight if the government asks it to retrieve someone's messages? I don't know if I trust messaging apps that are already pandering to the administration to keep my data safe or fight to not decrypt my data.
Their shtick is that they won't have to fight much, because they can't turnover someone's messages. Here are some examples of where they were legally compelled to turn over everything they had, and they did - but it was roughly nothing: https://signal.org/bigbrother/
We can expect that every military action has a principals committee (if not a principles committee).
Most actions that are on the record, with classified data properly conveyed through their "high side" inboxes and properly archived, will have those records accessible to special counsel or historical analysts. If, as I suspect, most of the current cabinet's principals committees are meeting over Signal, the records of those communications will be conspicuously absent.
It's not like these guys are masterminds meticulously generating compelling and consistent alternate records in the SCIF, then also pulling out their phones and telling most of the same people most of the same things in group chat messages. They're just not having the discussions in the SCIF at all, and that will be evident to anyone who cares to investigate.
I don't know the latest details about Android/iOS app signing, but presumably reproducible builds + sufficiently strong signing would make it secure enough for most users. For those who are truly paranoid, then can build it themselves (subject to their own device OS's requirements, which are hardly a unique problem to Signal).
In short, Signal's security should be as good as any mobile app can be, and can be even better if you're willing to put in legwork.
When was the last time you verified that the update being pushed to the app store by signal matches the git repo?
When was the last time you checked what updates have been made to the git repo?
Of course what you're saying is "technically" possible to avoid signal changing code and circumventing encryption, but show me one person who does a check of all the changes to signal source(and verified the binary matches) before they let their app store update it and they launch it...
Everyone I know has signal auto-update through the app store and don't even know it updated until after they launch it.
Well, the security should be good enough for most people's threat models. But government officials will probably want to have some restrictions on who can be added to a group, for example.
I understand the point about the app being distributed by the same people who run the service, but it's much harder to hide shenanigans with a local app versus a web app, especially when the app is open source.
When was the last time you verified an update to signal against the source code? The threat model is circumvented for people that do that before every update, but unless you're doing that they can push whatever code they want to your app.
What's your point/goal with this and your cousin comments? Yes, of course at some point you need to trust a binary or verify yourself. I'm technically correct and you're technically correct. What are you getting at? Do you suggest people not use Signal? What do you suggest as an alternative? What should Signal do to change things? Splitting management of the app and service doesn't help much; a compromised browser, not co-owned with the services it accesses, is enough to eavesdrop on someone despite HTTPS.
My point is to make a comment on social media and get responses to see what other people think.
All I'm getting at is that any company that distributes code to you and tells you they can't see your data is lying. They just don't want to access your data right now.
I would suggest people understand this and position themselves accordingly security-wise.
If that means not using signal because its not secure enough then ok.
If that means continuing to use signal with the understanding that it's only secure until signal decides they want your data(or a gov forces them to), then ok
Splitting management of an app and service is the exact solution. If signal can't control when to push updates to your phone then they can't control when they want to break encryption.
In your compromised browser example we understand that browsers have an interest in imementing HTTPS correctly and treat them accordingly. That's part of the reason the market is dominated by 2 engines that do their development as much in the public as possible
Signal is an app whose distribution is controlled by the same people that say they don't have access to your data.
They could at any point push an update that decrypts your messages locally and pushes them decrypted to a server. The only way to prevent this would be to verify each binary update to signal matches the source code, and no modifications have been made to the source to do this.
Signal is quite militant about keeping as little information as possible, and actively resisting subpoenas.
I think signal is one of the least likely companies to cooperate with the US government on surveillance.
They aren't pandering to the government either. In fact they jokingly made fun of the US administration for this signal mistake.
Like anything US based the risk from government is not so much technical correctness but the risk that they (or Google or Apple or whoever distributes the app) could secretly be compelled to do something like distribute a version of Signal that exfiltrates private keys or messages, perhaps based on specific criteria, w/o the user's knowledge. On top of the risks inherent in the underlying platforms (iOS, Android, etc.).
Signal also does not think that warrant canaries pass legal muster.
But it's still probably the best option. And if you're concerned by those risks I think building and auditing the public source code instead of relying on app store distribution would mitigate.
Signal can't retrieve anyone messages since messages are end-to-end encrypted. The whole point is that the server can't decrypt messages. In addition, Signal doesn't store the messages or even logs about the messages. There is no way to verify this, but Signal has shown how they responded to requests in the past.
Signal hasn't been pandering to the US government. All their previous behavior is that they would tell off the government if asked to add a backdoor. Keep in mind that Signal is non-profit, not company trying to make money.
it doesn't matter. If I root your phone I can read your signal messages as soon as the app is open right out of memory. State level actors have, in the past and one imagines still, utilized sophisticated malware that doesn't even require any user action (aka 0click) to root android and ios.
> the week’s rate of adoption has been twice that of a typical week for 2025, which in turn was twice that of a typical week the same time last year.
Market penetration here is getting significant enough for more and more people.
[1] https://signalapp.nl/signal-app-nieuws/nederland-top-5-land-...
[2] https://signalapp.nl/signal-app-nieuws/nederlanders-kiezen-m...