49492093097198310931

2

49492093097198310931 wrote

Every time signal does something like this I find myself worrying that they've sold out or they're making room for backdoors or something.

I don't get your reasoning, just because they helped (in return for some important revenue) some companies adopt their Signal protocol doesn't mean that they'll introduce backdoors into Signal (it also doesn't mean that those same companies can't introduce backdoors if they want in their own closed-source apps).

how their desktop app runs with Chrome

Their justification at the time was that Chrome was the most popular browser, but the Chrome-only app was deprecated in favor of a standalone app now: https://signal.org/blog/standalone-signal-desktop/

2

49492093097198310931 wrote

This is a bit misleading. Anyone being able to run a relay is indeed a good thing, but it also enables bad actors to easily setup malicious nodes.

There's simply no better alternatives.

The page makes the argument that VPNs can mess with your traffic, which is definitely true for exit nodes. It is well documented that bad exit nodes have been caught and blocked by the network.

Again here there's no alternative, with all networks you must pass through some "exit" and at that point, if there's no SSL, then you're not secure.

8

49492093097198310931 wrote

I just hope certain individuals or groups don't hold a lot of guards and exit nodes.

Anyone can run relays that's why it's difficult and expensive for a single entity to have enough consensus on the Tor network to conduct such attack. Also, since the Tor Browser gives you a different circuit for each different website that means that at best they can de-anonymize a single circuit of yours, but with significantly higher consensus they may hit more of those. However, you can be sure that no single entity in a circuit controls both the guard node and the exit by running your very own relay or bridge and then connecting to it.

I think some of the arguments on that page also apply to Tor.

No they don't because of Tor's 3-hops (and in the case of normal onion services: 6-hops) design.