This article is ahistoric and unnecessarily conspirational.
Signal and its predecessors like TextSecure have been run by different companies/organizations:
- Whisper Systems
- Open Whisper Systems
- Signal Technology Foundation (and its subsidiary Signal Messenger LLC)
Open Whisper Systems received about 3M USD total from the US government via the Open Technology Fund for the purpose of technology development … during 2013 to 2016. Source: archive of the OTF website: https://web.archive.org/web/20221015073552/https://www.opentech.fund/results/supported-projects/open-whisper-systems/
The Signal Foundation (founded 2018) was started by an 105M USD interest free loan from Brian Acton, known for co-founding WhatsApp and selling it to Facebook (now Meta).
So important key insights:
- It doesn’t seem like the Signal Foundation received US government funding. (Though I haven’t checked financial statements.)
- The US government funding seems to be a thing of the fairly distant past (2016). The article makes it sound like the funding was just pulled this year.
- The US government funding was small compared to Signal’s current annual budget. It was not small at the time, but now Signal regularly makes more from licensing its technology than it regularly received from the US government. According to ProPublica, Signals financial statements for 2022 indicate revenue of about 26M USD
Always knew this project was a honeypot since they need your phone number to function. Why would a foss app force you to use a phone number? I bet the cia and other three letter organizations spend money advertising signal on various platforms.
For a project like Signal, there are competing aspects of security:
-
privacy and anonymity: keep as little identifiable information around as possible. This can be a life or death thing under repressive governments.
-
safety and anti-abuse: reliably block bad actors such as spammers, and make it possible for users to reliably block specific people (e.g. a creepy stalker). This is really important for Signal to have a chance at mass appeal (which in turn makes it less suspicious to have Signal installed).
Phone number verification is the state of the art approach to make it more expensive for bad actors to create thousands of burner accounts, at the cost of preventing fully anonymous participation (depending on the difficulty of getting a prepaid SIM in your country).
Signal points out that sending verification SMS is actually one of its largest cost centers, currently accounting for 6M USD out of their 14M USD infrastructure budget: https://signal.org/blog/signal-is-expensive/
I’m sure they would be thrilled if there were cheaper anti-abuse measures.
-