I’ve recommended it to my clients for years, but it now seems that the European Community is recommending Signal as well. In some ways it’s a bit late, but at least now people are reacting to the various breaches and concerns at What’s App and Telegram.
Open source software is not immune to bugs and exploits, but its very nature makes it more proof against them as there are many eyes watching all the time. In addition, the open nature of the projects (Mozilla, Open Whisper, GNU, etc.) often means that the priority is the user, not the bottom line. In the case of an app that is supposed to support private conversation, that means your privacy is number one, not sitting back behind marketing and profitability.
I know some of my clients think they have nothing to hide, but there are real costs to failing to protect privacy from corporations and governments. In particular, as the case of Jamal Kashoggi illustrates, people can be put at very real risk by the use of poor encryption. If you are an NGO that works with activists in other countries or other threatened populations, you owe it to them to take privacy and security very seriously.
It’s not all about encryption though. An encrypted path is good, but not enough if you don’t adequately protect the end device where you are viewing them, or if you keep backups somewhere. Using a platform like
I sometimes look at the murders of activists around the world (sometimes in networks I am distantly part of) and I wonder if data compromises contributed in any way to their deaths. I have no way to know, but it helps make me remember that this stuff matters.