"For people who have a *significant* need to operate out of the snooping ability of Google, then Signal is not an option: it relies on a friendly Google."
I don't think that it does. Signal has never been touted to thwart a adversary that's dedicated to the task of performing traffic analysis. I mean, it used to use _SMS_ to transport the cyphertext of encrypted messages. SMS! You know, that data transport mechanism that the NSA is reported to regard as "just metadata" that falls under the "business records" section of the third-party doctrine, can be retained forever, and can be sent off to Law Enforcement just because they ask nicely.
The only _official_ claim I've seen made about Signal that it protects the _contents_ of your messages from adversaries that don't have root on either or both of the conversing party's computers. This means that Signal protects you just as well from Google as it does from the NSA.
Really, if you don't trust Google enough to send securely encrypted messages through their data routing service, then why do you trust them enough to use an OS that they authored? The author of your OS has root on the computer that runs it. This is a fact. Therefore, if you don't trust the author of your OS you cannot trust the machine it runs on.
"Unsure who is paying his bills: Twitter, I think."
Twitter acquired Whisper Systems and made Marlinspike its head of cybersecurity in 2011. Marlinspike left Twitter in 2013 to found Open Whisper Systems. While it's _entirely_ possible that his small fortune made from the Twitter acquisition and paycheck from the Twitter job are still paying the bills, it's more likely that the Wikipedia article is correct and that OWS is funded by grants and donations: https://en.wikipedia.org/wiki/Open_Whisper_Systems#Funding
no subject
I don't think that it does. Signal has never been touted to thwart a adversary that's dedicated to the task of performing traffic analysis. I mean, it used to use _SMS_ to transport the cyphertext of encrypted messages. SMS! You know, that data transport mechanism that the NSA is reported to regard as "just metadata" that falls under the "business records" section of the third-party doctrine, can be retained forever, and can be sent off to Law Enforcement just because they ask nicely.
The only _official_ claim I've seen made about Signal that it protects the _contents_ of your messages from adversaries that don't have root on either or both of the conversing party's computers. This means that Signal protects you just as well from Google as it does from the NSA.
Really, if you don't trust Google enough to send securely encrypted messages through their data routing service, then why do you trust them enough to use an OS that they authored? The author of your OS has root on the computer that runs it. This is a fact. Therefore, if you don't trust the author of your OS you cannot trust the machine it runs on.
"Unsure who is paying his bills: Twitter, I think."
Twitter acquired Whisper Systems and made Marlinspike its head of cybersecurity in 2011. Marlinspike left Twitter in 2013 to found Open Whisper Systems. While it's _entirely_ possible that his small fortune made from the Twitter acquisition and paycheck from the Twitter job are still paying the bills, it's more likely that the Wikipedia article is correct and that OWS is funded by grants and donations: https://en.wikipedia.org/wiki/Open_Whisper_Systems#Funding