Is it still viable to use Signal for privacy in 2026? It’s centralized, and has had many suspicious occurrences in the past.(Unopen source server code, careless whisper exploit which is still active as far as I know, and the whole mobile coin situation.)
Thoughts?
One of the most sus things about Signal is the cult following it has. I really can’t think of any other chat app that will have people coming out of the woodwork advocating for it while telling you not to use anything else. There’s absolutely nothing special about Signal that would warrant this. It’s at best a mediocre user experience, it still handles a lot of things like switching devices really poorly. It’s open source in name only. There’s just no reason why it should be this popular on its own merits.
I think you’re missing historical context. There are more options now, but when Signal came out (or became Signal, after TextSecure), it was the only tool to offer such strong cryptographic properties with its then novel double ratchet algorithm. Compared to OTR and, much worse, all the other crap that was not E2E encrypted at all, it was the first really credible option on a mass scale.
The crypto was reviewed by well-considered experts, and came out looking strong.
Telegram fought for years trying to say they were just as good and in fact better, which is entirely disingenuous considering it’s not an encrypted messaging app.
These things contributed to what you call the cult following. Which wouldn’t be negative (a cult film has a cult following) if not intended to mean “a cult like Scientology”.
But that’s precisely what makes the whole thing cultish in a negative sense. A decade ago you could make the argument that Signal was doing something special, but that hasn’t been the case for a long time. The continued adherence to the app is utterly irrational today.