This article was posted here as well. Here’s the comment I left there:

This article seems either very naïve, or fairly disingenuous. Signal is not precariously installed on one box, and if that box goes down, the service dies. It is distributed. It’s running on many machines within AWS, and technologically, there’s no reason it couldn’t be in multiple regions of AWS, or even spread across multiple clouds (e.g. Azure, Google Cloud, Oracle, etc), to improve resiliency to outages. The only way in which it is “centralized” is that there’s one foundation in charge of the whole thing. Are there drawbacks to this? Yes. But self-hosted, distributed, mesh/relay chats also have drawbacks. Servers in the mesh go down, people don’t keep things updated, they don’t necessarily connect to every other instance creating disjointed pockets, etc.

Also, to say “we don’t need the internet” we need “mesh networks” is odd… The internet is a mesh. Hence “inter.” Anything else is just a smaller version of the same thing, again with some benefits and some drawbacks.

Fighting a (relatively) successful platform that champions privacy and security, seems like a bad thing to do, when those are the same primary goals of the platform you support. It would be better to discuss the merits and use cases of each, and beat the privacy and security drum together.

In my opinion, this article is just spreading FUD. Signal is not perfect, but it’s pretty good. And when there’s an outage, we know why, and we know there’s a team working on it. With a federatated service, it may be harder to take “the whole thing” down, but that doesn’t mean nodes don’t go down, service isn’t disrupted, etc. Scaring people away from a (usually) reliable, open platform, that has been audited, that actively advances security research and keeps it’s platform secure against emerging threats, is counter productive. It’s just going to keep people using SMS and WhatsApp.