-
Signal forks can have unexpected behaviours like retaining deleted messages and also they don’t get updated at the same rate that Signal get updated.
-
Every couple of years I hear a story about hackers disturbing signal with backdoors, which would be impossible or very hard to be done If they blocked third party clients. (Ex: 1)
-
The amount of people who use third party Signal clients are very few anyway.
I saw what WhatsApp did to forbid modification of it’s app which works in stopping a lot of distributions, why doesn’t Signal do the same?
There are already 2 third party forks I know of, Molly and Signal-JW.
They both use and access the main production Signal servers.
As I said, a compromise here would be to have a client security certification program, where no other clients outside it would be able to use Signal.
I could appreciate a client certification that is optional, like a list of approved clients on their website or something along those lines.
It should not be enforced by killing the client. I like security, but I enjoy software freedom more.
You mean running a trojan “as a mean of security”, similar to anticheats? Are you sure this is a good idea?
Or if by “program” you mean having some allowed clients as opposite to only the official one allowed, it’s a social thing, not a technical one. So it still won’t prevent anyone from connecting with another client.
I mean having a list of allowed clients.
As I said in my post, WhatsApp already enforce forbidding third party client and it seems to work well.
I don’t see why wouldn’t Signal improve the security of their users by implementing this, while upsetting the very few users who use third party clients.
How do you imagine this working?
It takes resources to run and maintain such things. Probably not something they feel they can or want to take on.