Status of Signal on the Librem 5

Can folks give a current (second half of 2024) usability update on Signal use on the Librem 5?

Specifically, does the official Android app via Waydroid allow voice and video calls, or is it just working for messaging?

Which Signal capabilities function using the Linux desktop app natively in Pure OS? I regularly run the Signal Desktop for Linux on my old Debian laptop, and it works great for video or voice calls.

Welcome to the forums!
No one else is chiming in, so I guess I will. Signal Desktop on the L5 for me is stable, but clunky enough to be barely usable. Certainly not the rapid and fluid messaging app we all dream of, but it does work. Switching rotation on and then using landscape mode with the handset it really the only viable approach.

While Signal does everything I need and (surprisingly) reaches most of my friend group, I’m considering exploring a better supported client in the matrix vein, and working on convincing my associates to use it… I don’t know that the Librem 5 will ever be a large enough market to sway Signal’s dev team.

My 2 cent’s worth.

For me it the desktop app works fine in vertical layout. I just needed to hide unnecessary tabs on the left and drag the chats list fully to the left side. Potentially going to settings for adjusting UI scale is required once. But otherwise it nearly works as on any other desktop.

I just wish we had official arm64 builds for the desktop app and they would improve layout for mobile form factor more.

I also use Signal desktop in vertical mode, with left menu collapsed (I had to attach a mouse to do that). There are some inconveniences. Mainly sending attachments. But I primarily use Signal for text and voice calls. These work both fine on Signal Desktop on L5. Unfortunately, I still use my old Android as the primary Signal device. But I leave the Android phone mostly at home on my desk. The Librem 5 is my daily phone.

I had Signal Desktop on an L5 for a while, but my understanding was that the guy who (unofficially) published Signal for Desktop flatpat for arm64 linux included a note with the download that after learning all he did to set that up, he no longer uses Signal.

For me it seemed that Signal interoperated with PureOS Store/gnome in a manner that caused it so Signal was doing constant automatic updates despite the rest of my L5 only doing updates on command.

Coupled with the fact that Signal tries so hard to require Android or iOS, which are for most users going to be unrooted on one side or the other, this has over time made me wonder if Signal is a government honeypot in the sense that it prefers systems with government backdoors even if their claims of open-sourcey-ness and of E2E encryption are technically true.

Most recently I sent some Signal text messages using Waydroid on L5. It’s bad and I don’t like using Waydroid. I am actively polluting my phone with spyware just to communicate “securely” with friends, and Signal is the motivating factor, in my opinion.

Other notes:

• Signal uses the name “thoughtcrime” inside its code implementation if I recall. Why does it refer to itself in this way?
• Downloading the source code of Signal requires downloading from GitHub, which is owned by Microsoft, a government contractor
• Compiling the source code of Signal requires running the gradle build system to automatically download dependencies, which includes Google as a possible source of dependencies to check, so if you download and build this source code it is possible Google may be informed that you did so. I am not well versed in exactly how much metadata is collected by Google in this case, or whether they can perfectly identify that it is Signal you are compiling
• The Signal Android app builds against Google Firebase Messaging, so that when you send a message to someone on Signal Android another communication is sent in parallel over Google Firebase, informing the Google ecosystem that you sent a Signal message although Signal devs say the metadata message sent through the Google system does not include the contents of your encrypted Signal message
• The Signal devs reportedly have issued DMCA takedowns or other actions against Signal forks, citing that a fork is in violation of the Terms of Service of their Signal Server(s) and that any fork should run on its own server; however if I understand correctly the server side code of Signal is also not shared and not open source – resulting in a catch22 so all users are on the main Signal server
• I read somewhere that Signal was originally funded by the CIA, but it’s worthwhile to do your own research

Edit:

My post might be misinformation. Maybe everything I said here is a lie, and someone will say my post is dangerous and should be removed. Purism forums don’t really seem to operate like that but the similar Signal forums might. If I am just spreading lies, and false fears, because I got annoyed at some devs for not making a Phosh app, then what will you do about it? Can you conjure the Signal devs to come here and post their beautiful truths to prove me wrong? Or if I am not so important, can you cite trustworthy online sources indicating how truly wrong I am?

Maybe something from the Signal forums.

If you don’t want to use the Signal desktop app, there’s also Flare which even utilizes a third party implementation of the Signal protocol using Rust. So all of that can be compiled without going to the original source code of Signal.

But seriously your notes here are a joke and let me go into detail why:

• Even if the source code is distributed via Github which is owned by Mcrosoft. You don’t need to go there. Just pick any mirror or fork from the internet to access the source code. Git is a decentralized tool for distribution. The remote does not matter.
• You don’t need to use any dependencies from Google to compile Signal. Just comment them out or replace them with alternatives. The reason why software should be open-source is to do exactly something like that. Nobody is preventing that.
• Signal is using push notifications which for obvious reasons goes through Google servers because they are one of the biggest providers for this kind of functionality. You don’t need to use it though. But anyway, ever wondered why the notifications on Android from Signal don’t show the exact content of the received message in comparison to most other messengers? It’s because they don’t send the content through that for obvious reasons.

In the end I don’t care whether you trust a software like Signal or not. I personally don’t see a technical reason for that. But I can assure you there are people working on alternatives to run on open systems like PureOS.

Also I think the automatic updates for Signal (or any other flatpak) on the Librem 5 can be disabled via the software store. It’s the whole idea of flatpaks to provide the latest stable release of a specific application and especially for security focused tools it makes a lot of sense to update them on regular basis. Because they could fix an issue in their implementation or make changes to the underlying protocol.

So, I stated many of my same concerns that were listed above on Signal forums some time back. And they parroted what you’re saying – that I shouldn’t worry about the message metadata being exposed to Google, because there is an option to turn it off. Then they deleted/hid my post, so that I would not cause fear or uncertainty or doubt among the users in a manner their moderators feel is unwarranted that they feel cover topics “everyone already knows.”

Then, when I opened a new thread and asked a simpler question: how to disable the submission of Google metadata, at that point I was told that no such setting exists. It can only be disabled by running on an entirely different phone device where the Google ecosystem (Play store, etc) is entirely not present/removed.

We do not have to speculate. Last time I tried running Signal flatpak on a Librem 5, there was some obscure PureOS store setting to disable the automatic updates, exactly as you have described.

But I’ve seen note of “the power of defaults” in Purism marketing before. Maybe here (An Epiphany regarding Purebrowser – Purism).

Why does the Librem 5 strive to be how I would want by default, but for some reason Signal gets a pass? I fall back to the issue that if something walks like a duck and quacks like a duck, it’s probably a duck. It’s as if I was trying to live a duck free life and you’re telling me my concerns are “a joke” because we all have guns and can kill any duck, so if I want no ducks to exist in my environment I could simply go shoot every duck and eventually they will stop existing. My problem is that I don’t want to spend a lifetime chasing down ducks.

It’s possible that we’re both correct. But why am I a joke to you? I tried Flare and some of those others and they’re annoying. Signal deprecates stuff and is always breaking them. How is that automatic updates in the name of security? They’re just changing random things. Maybe it’s gotten better over the last year but it’s really annoying. I think people who tried Flare for a while might appreciate my general sense of frustration even if the frustration is born from a mosaic of problems which – as you accurately stated – almost always have some kind of workaround.

Also, why is Signal going against the principles of free-as-in-freedom software and saying programs like Flare are in violation of their Terms of Service a joke to you? (source: Please add LibreSignal to f-droid · Issue #37 · LibreSignal/LibreSignal · GitHub)
The guy literally says something to the effect that user modified software has no place in this world! What? Why are we on the Purism forums if the people who we’re supposed to trust with our most intimate messages believe that user modifiable software has no place in this world??

Sent from my Librem 5

The reason why I call your points a joke is simply because you just argue out of the beliefs instead of actual evidence.

Sane defaults for a privacy and security concerning application like a web browser or a messaging application is to always be updated. I doubt there’s any IT security expert that will question this. For the same reason applications like the Tor browser update on startup, okay? This is not something malicious as you imply here.

Also just because LibreSignal does violate some ToS does not automatically mean Flare does the same thing. For example they refer to the usage of their name “Signal” as violation as well as using their own servers, producing cost. Obviously LibreSignal or Flare could technically function with their own infrastructure too. So if anything this is a legal issue - not a technical one.

Sure, I’m aware that some third party Signal client would be pretty useless when not using the same servers as most users on Android. But that’s a problem of the protocol. If Signal was designed in a federal or decentralized way, that would be a none-issue and some ToS conflict wouldn’t really matter.

Does any of this proof Signal has worse security for the end-user in terms of integrity or confidentiality? No, not at all. It just sucks in terms of availability and customization.

I personally don’t like to use Signal a ton. Because in my opinion it’s not optimal. But looking at most messenger applications out there, it’s likely the best option under the popular ones. In the end it’s still a centralized application. If that’s really your problem with it, I agree with you. But I still don’t like when people make up other problems which aren’t technical issues at all.

Maybe give Matrix a shot if you are looking for federated alternatives. But from my experience their E2E-encryption is still a mess at times, making your messages disappear or being unreadable on sender’s/recipient’s end.

I think that placing these two quotes together creates a juxtaposition that matches my exasperation.

Maybe. I heard some eerie things about their encryption protocol having a cheat code master key to decrypt it all, defeating the entire point of any of it, (It made the app easier to use.) But I don’t have a citation for this at the moment, so it’s just nonsense hearsay. Never mind me.

It seems much easier to simply assume Big Brother Is Watching Me and move along. As long as I take suggestions from an internet forum and continue to do what I am told on the technology, this would surely continue to be the case in my life. And maybe that’s okay. What did they ever do to hurt me?

… other than feeding all of my life’s data into a giant AI and then training the AI to manipulate me, so that I became whoever they think I am now.

This is quite unlikely, as there was an independent audit recently:

well, there is probably no cheat code master key but there are other reasons to avoid Matrix: why not matrix? – Telegraph

So in short summary:

• Moderation is pretty much power creep (you can only get more permissions but never less which can be abused).
• Deletions are not guaranteed (you can only ask for deletions but not enforce it)
• File sharing isn’t E2E encrypted (the files could be scanned, accessed by third parties and file hosting of your server could be abused)

The second point pretty much applies to all decentralized messaging protocols. Because you can only control your own peer. Only thing you could do is connect to the other peer as new unknown entity and ask for that deleted message. If you receive the original content, you are at least aware of the instance ignoring your deletion requests.

The problem about file sharing can actually be solved by using decentralized file hosting. So you could use i2p, Torrent or GNUnet FS for that. The GNUnet Messenger for example relies on GNUnet FS and files get encrypted so you can’t access them without a shared secret only known to chat room members.

Moderation is pretty hard to decentralize. Because it’s a hierarchy and decentralization is by design breaking all hierarchies. If that’s the argument against it, you are using the wrong tool for the job.