@hipsterelectron

"sovereign—but somehow still compliant with regulations"

If your not a corp you can have sovereignty, which is impossible with Signal.

"decentralized—but the server owns your identity".

I agree that there is room for improvement, but isn't it the same with most of the Fediverse, which we also describe as decentralized?

@hipsterelectron

"if your encryption is secure then why do you need to inspect network traffic?"

That's a good question, and it sounds like Element wants to branch out into a security vendor role, maybe they should just focus on the messaging platform, but I wouldn't argue against the concept of "layered defense" in general

@hipsterelectron

If I understood your point about auditing, you say that businesses should use unencrypted communications. But if a business has a data breach and we find out they haven't encrypted they're databases, I'd call that irresponsible. It seems to me the best way is to use encrypted platforms while making sure that the necessary people have the encryption keys to do auditing.

@hipsterelectron

"i have an extension of libsignal that avoids a central server dependency"

I think that's great, but unfortunately Signal won't let us use it to talk to our friends who use Signal.

""bridges" (your messages aren't encrypted)"

Yes, its a choice and I don't see this as a negative point. Matrix isn't a walled garden platform and it gives you that flexibility. You can choose to stick with encrypted messages if you prefer.

@hipsterelectron

"when keys are rotated that they have precise instructions for what to do ... bc signal understands that PEOPLE WILL FUCKING DIE IF YOU DON'T PROTECT THEM!"

However Signal unfortunately doesn't have any instructions for checking safety numbers the first time you contact someone, so if they understand that people will die they are neglecting responsibility.