> Probably because all conversations (1-to-1 and group chats) are E2EE.
They are in WhatsApp, too. At least Facebook still claims that after the Snowden leaks :) And: Did you verify this? Did you check the source code at signal's android/ios client repo? Did you also verify that no untrusted third party receives your backed up private keys?
I'm not trying to troll here. I'm trying to point out that babbling about crypto is easy. Verifying it, and actually caring about it is another thing. Most users are probably also the wrong audience for early adoption of TOX.
How is using Google for domain fronting for the purpose of censorship circumvention "trusting Google"? They don't get to see the message content (just like Facebook doesn't see the content for WhatsApp).
> Did you also verify that no untrusted third party receives your backed up private keys?
Private keys are not backed up in either service, as far as I know.
> Did you check the source code at signal's android/ios client repo?
Given the lack of reproducible builds on iOS/the app store, any source code audit is pointless if the app vendor is included in your threat model.
