This should give pause to thought for all those promoting Firefox forks too.
What do FF forks have anything to do with that?
Risk of forks of a FOSS project that turn out to have added a vulnerability I think is the point.
The problem here is not the fork itself tho, and it rarely is. The very obvious and openly communicated issue is the complete undermining of E2EE and sending everything to a single entity. Of course, very niche forks may have too few eyes on them to detect malicious changes, but that just isn’t at all the current situation with the Signal fork.
Was the Signal fork FOSS?
The TeleMessage website until recently boasted the ability to “capture, archive and monitor mobile communication” through text messages, voice calls, WhatsApp, WeChat, Telegram, and Signal, as seen in an Internet Archive capture from Saturday. Another archived page says that TeleMessage “captures and records Signal calls, messages, deletions, including text, multimedia, [and] files,” and “maintain[s] all Signal app features and functionality as well as the Signal encryption.”
Just don’t even use encryption at that point
https://www.archives.gov/records-mgmt
Archiving communications is not optional (yet).
Why the fuck are you cloning signal you idiot fucks?
Interesting. Government record keeping rules require logging of many things. Normal Signal probably would not comply. This might.
At what point has this admin given a damn about rules?
