I personally don't use Signal(though it may be better solution than WA,Telegram,etc). Every few months there is a wave when people starts finding other alternatives to these semi or partially closed sourced social media services.

I don't know what you answer when people ask you "why are you not on FB,Insta, etc?", but I usually divert the question by asking them why  #FB is better then  Insta, #Twitter etc. Its amusing to listen to people trying to convince that one thing is better than other, when both have same goals and objectives. This have now started to happen in open source community too.

Anyways, the problem here is same as people of  #China face. #Government has banned a service, which has made developers to think for a solution. Signal has introduced a #proxy service which is leaking the Ip's and Government can know whats happening under the hood. The way #TLS to #TLS proxy has been implemented by the project is to be blamed(being blamed by the experts). Further they have blocked all the other services and only  access is given  to #Signal. When one would make a proxy service why he/she should be limited to use only particular service.

The Nginx files tell us about this.(see the last deny command)

stream {
    map $ssl_preread_server_name $name {
        textsecure-service.whispersystems.org    signal-service;
    storage.signal.org            storage-service;
    cdn.signal.org                signal-cdn;
    cdn2.signal.org                signal-cdn2;
    api.directory.signal.org        directory;
    contentproxy.signal.org            content-proxy;
    uptime.signal.org            uptime;
    api.backup.signal.org                   backup;
        sfu.voip.signal.org                     sfu;
        updates.signal.org                      updates;
        updates2.signal.org                     updates2;
  [b]      default                    deny;[/b]

The people on the thread are pointing venerability to the developers. These people are experts in their work. They maintain the projects like #V2Fly maintains #V2Ray which helps to bypass the GFC. Its totally on the developers where to take the project, but if somethings can be fixed easily with help its nothing wrong in taking it. The hard core users of the project will not see alternatives as an option and will favor to use the option which projects has to offer.

You can see the repo here: https://web.archive.org/web/20210208074012/https://github.com/signalapp/Signal-TLS-Proxy

Look at this article: https://web.archive.org/web/20210208015243/https://www.bleepingcomputer.com/news/security/signal-ignores-proxy-censorship-vulnerability-bans-researchers/

You may want to read this tread too, where @hanswolters@federate.hopto.org has shown his concerns. https://federate.hopto.org/channel/hanswolters?mid=b64.aHR0cHM6Ly9mZWRlcmF0ZS5ob3B0by5vcmcvaXRlbS82YzA5NzRiNy03YTgxLTRkMmItODcyMS0wODUwMjhkMDA2ZDM

Now its good time to tell about #proxy and #VPN solutions  #YunoHost  has to offer.
There is #Wiregard.

#Squid3 proxy(It works, but will have to fix few things to bring good numbers on CI)

There is #ShadowSocks too.

I tried to implemented #V2ray on Shadowsocks. But was taking lot of time, so I kept it in todo list.

thank you for sharing this, this is sad to read this :(
i can't believe this is something else than a terribly bad way to handle a deep issue.
It will improve over time.

Sign in to participate in the conversation
La Quadrature du Net - Mastodon - Media Fédéré

Mamot.fr est une serveur Mastodon francophone, géré par La Quadrature du Net.