If you can read and understand the code, sure. Otherwise you’re still just extending trust to someone perhaps less reputable than even the corporations who are dying to sell you out. For example, the back door some mysterious contributor slipped into xz recently.
My recommendation is to live life as if privacy on the internet did not exist, because it doesn’t.
Never trust a third party to keep your shit private. Especially if privacy is their main selling point.
Yeah it is possible he's accurately, but misleadingly, calling it a bug because it was not meant to be deployed to production (yet). I do not think that's how he wants or expects people to take it when he calls it a "bug", though.
you don't get entire functional UI elements accurately populated with appropriate data out of a "bug". at best its a feature that was being tested internally and never would have made it past that, at worst its something that went live early.
Human Shield is a fun little linguistic trick that turns innocent human beings with lives and internality similar to your own into prop objects wielded by an inhuman enemy. This makes it way easier to justify mowing them down in service of your geopolitical goals. Every time that phrase is used it is a sign that someone is probably trying to justify something inhumane; usually something that would be considered a war crime if done against the ones using it.
“I smelled weed” is the classic cop trick to skirt around probable cause.
"()()" is an ambigram, which wikipedia describes as "visual palindromes", for whatever that's worth.
The only thing that has successfully managed to thwart the FBI in their attempts to break into a phone was Apple’s hardware based encryption. To such an extent that they took legal and legislative actions to try and circumvent it. The specifics of how the encryption works is irrelevant to this argument, and you are more than welcome to consider that point conceded.
I’m not claiming iPhones are superior. I don’t care about dumb OS wars, just don’t put things on your phone expecting that they can’t be retrieved. That’s the only point I’m trying to make here.
And the keys absolutely would give them access since those keys are used to sign Apple software which runs with enough privileges to access the encryption keys stored in the “Secure Enclave”. Anything you entrust to a company’s software is only as secure as the company wants to make it, and the only company to publicly resist granting that acces is Apple (so far)
Telegram had credibility. It was being used by journalists to protect sources.
You can extend trust to individuals but do not apply that to companies or organizations if you care at all about what they’re doing with what you give them. Not everyone has some mythical tech privacy wizard on call to give them perfect advice every time they open an account on an app or website.
Even client side encryption is not infallible. The algorithm you use will eventually be crackable and probably sooner than you think. Nothing lasts forever.
The most foolproof way to ensure something remains private is to not put it on the internet at all.