• poVoq@slrpnk.net
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    20 days ago

    That’s no different from security through obscurity. If your system can’t support 3rd party clients properly, it is inherently insecure, especially in an e2ee context where you supposedly don’t have to trust the server. If a system claims to be e2ee, but tightly controls both clients and servers, that means they can rug-pull that e2ee at any point in time and even selectively target people with custom updates to break that e2ee. The only way to realistically protect yourself from that is using a 3rd party client (yes, I know, theoretically also reviewing every code change and using reproducible builds, but that’s not very realistic).

    Now admittedly, Signal has started to be less hostile to 3rd party clients like Molly, so it’s not as bad anymore as it used to be.