-
Signal forks can have unexpected behaviours like retaining deleted messages and also they don’t get updated at the same rate that Signal get updated.
-
Every couple of years I hear a story about hackers disturbing signal with backdoors, which would be impossible or very hard to be done If they blocked third party clients. (Ex: 1)
-
The amount of people who use third party Signal clients are very few anyway.
I saw what WhatsApp did to forbid modification of it’s app which works in stopping a lot of distributions, why doesn’t Signal do the same?
IIRC, they do forbid third-party clients from their network. You can build it from source, but you won’t be able to connect to production Signal servers.
Third-party clients would not necessarily be a bad thing. Signal has limited resources, and as such has to cut corners. I for one would love a native desktop client that’s not Electron bloatware.
There are already 2 third party forks I know of, Molly and Signal-JW.
They both use and access the main production Signal servers.
As I said, a compromise here would be to have a client security certification program, where no other clients outside it would be able to use Signal.
I could appreciate a client certification that is optional, like a list of approved clients on their website or something along those lines.
It should not be enforced by killing the client. I like security, but I enjoy software freedom more.
It takes resources to run and maintain such things. Probably not something they feel they can or want to take on.
You mean running a trojan “as a mean of security”, similar to anticheats? Are you sure this is a good idea?
Or if by “program” you mean having some allowed clients as opposite to only the official one allowed, it’s a social thing, not a technical one. So it still won’t prevent anyone from connecting with another client.
I mean having a list of allowed clients.
As I said in my post, WhatsApp already enforce forbidding third party client and it seems to work well.
I don’t see why wouldn’t Signal improve the security of their users by implementing this, while upsetting the very few users who use third party clients.
How do you imagine this working?