Telegram founder and CEO alledges signal has backdoors, they don't provide reproduceible builds, etc.
Here's what he said in a post on his telegram channel:
🤫 A story shared by Jack Dorsey, the founder of Twitter, uncovered that the current leaders of Signal, an allegedly “secure” messaging app, are activists used by the US state department for regime change abroad 🥷
🥸 The US government spent $3M to build Signal’s encryption, and today the exact same encryption is implemented in WhatsApp, Facebook Messenger, Google Messages and even Skype. It looks almost as if big tech in the US is not allowed to build its own encryption protocols that would be independent of government interference 🐕🦺
🕵️♂️ An alarming number of important people I’ve spoken to remarked that their “private” Signal messages had been exploited against them in US courts or media. But whenever somebody raises doubt about their encryption, Signal’s typical response is “we are open source so anyone can verify that everything is all right”. That, however, is a trick 🤡
🕵️♂️ Unlike Telegram, Signal doesn’t allow researchers to make sure that their GitHub code is the same code that is used in the Signal app run on users’ iPhones. Signal refused to add reproducible builds for iOS, closing a GitHub request from the community. And WhatsApp doesn’t even publish the code of its apps, so all their talk about “privacy” is an even more obvious circus trick 💤
🛡 Telegram is the only massively popular messaging service that allows everyone to make sure that all of its apps indeed use the same open source code that is published on Github. For the past ten years, Telegram Secret Chats have remained the only popular method of communication that is verifiably private 💪
You still need a phone number to register an account as far as I could tell when I did the other day. You no longer need to share your number with any contacts and can set it so noone who has your number can look you up on signal. You can optionally set a unique alphanumeric 'username' instead to hand to people to look you up. But yea, Signal still requires you to give them and their authenticatian service (through sms code) your phone number.
Yes, XMPP, a long-standing protocol that's also not a walled garden, doesn't require a phone number or even a phone.
For android I use the Conversations client combined with Dino on computers. Currently logged in to a handful of devices synchronously. You can choose what server to make an account on; conversations.im I found to be reliable. Drawback is Signal doesn't let you bridge to it from anywhere outside of Signal. So I have accounts on both.
You mean "confidentiality", not privacy.
Just the metadata related to whether you personally, traceable to your full name and address, have a Signal account and how much you use it might be considered a privacy breach already, even if the content of the messages is confidential.