>"I want to be clear: best practice, ideologically-pure end-to-end apps like Signal absolutely face the same ratchet. What I’m mostly trying to understand here is why Telegram and Blackberry get more publicy targeted."
IMHO it's mainly due to the popularity of the service/product. The concentration of bad actors and the vastness of the audience/userbase make the difference. If Signal was used in the same way, it would get the same attention.
There are claims that Signal has already been compromised by the Five Eyes Intel Agencies, albeit through bribery rather than the overt coercion we see here. The key change is that Signal can no longer guarantee end-to-end encryption based on a passphrase tied to the app itself, and known only to the user.
For a while I wanted Signal to get popular so I wouldn't have to use other less private and secure apps, but now... I use it with close friends and close family... and that's it. I don't even mention it to most... I fear that popularity would bring more attention to the app and, with it, political and legal issues.
No, although it used (not sure if it still does) to encourage people to enable backups. On Android I believe the default was Google Drive, so you'd have people send their chats to Google in plain text.
iMessages is another example of a secure service that lets users "break" encryption. As soon we enable cloud features for it to work across devices, the key is uploaded to iCloud, essentially making chats plain text to Apple.
The main "backdoor" to Signal is that having access to the phone can leak all of Signal's data. If the phone OS is backdoored, then Signal is already compromised. Anyway, the point is not to make it impossible to exfiltrate data, but to make it as hard as possible.
Yeah, I almost put in a sentence or two acknowledging that -- as well as the fact that Durov is far more unprotected by a state from a geopolitical point of view. Would the French police arrest Mark Zuckerberg or another Facebook employee? It's not hard and fast (Italian and Brazilian courts have both put warrants out for the arrest of executives at major foreign tech companies), but it surely factors into how much political capital one would burn to pursue the case.
I can't find a description of an arrest warrant, but the case I was thinking of was this one from 2010 where three Google execs were found guilty and given suspended jail sentenced by an Italian court. https://www.theguardian.com/technology/2010/feb/24/google-vi...
IMHO it's mainly due to the popularity of the service/product. The concentration of bad actors and the vastness of the audience/userbase make the difference. If Signal was used in the same way, it would get the same attention.