From 1551c3446ceee6d53a2c920e56a3a75d9031b9c8 Mon Sep 17 00:00:00 2001
From: qorg11 <qorg@vxempire.xyz>
Date: Sat, 24 Oct 2020 17:31:10 +0200
Subject: [PATCH] Added more info to the signal article

---
 wip/signal.html | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/wip/signal.html b/wip/signal.html
index 80d301a..4daeaf4 100644
--- a/wip/signal.html
+++ b/wip/signal.html
@@ -16,12 +16,51 @@
     <p>You cannot create an account in Signal without giving it your phone number.</p>
     <h3 >Signal is not completly Peer-To-Peer</h1>
     <p>Signal claims to be a Peer-To-Peer messenger. But this is not true because Signal stores <strong>your phone number</strong> in the servers.<a href="#fn1" class="footnote-ref" ><sup>1</sup></a></p>
+    <h1>Signal has the decryption keys of their messages</h1>
+    <p>
+      The Signal legal terms<sup>3</sup> claims they have the
+      decryption keys:
+      <i>
+	"Additional technical information is stored on our servers,
+	including randomly generated authentication tokens, keys, push
+	tokens, and other material that is necessary to establish
+	calls and transmit messages. Signal limits this additional
+	technical information to the minimum required to operate the
+	Services."
+      </i>
+      It also says it would give info to the government and law
+      enforcement agencies:
+    <i>
+      Third Parties. We work with third parties to provide some of our
+      Services. For example, our Third-Party Providers send a
+      verification code to your phone number when you register for our
+      Services. These providers are bound by their Privacy Policies to
+      safeguard that information. If you use other Third-Party
+      Services like YouTube, Spotify, Giphy, etc. in connection with
+      our Services, their Terms and Privacy Policies govern your use
+      of those services.
+    </i>
+    Please note the "Services like youtube, spotify, giphy". Those
+    sites are in the Signal source code<sup>4</sup>, so they can spy
+    on you.
+
+    Then, we have this:
+    <i>
+      Other instances where Signal may need to share your data
+
+    To meet any applicable law, regulation, legal process or enforceable governmental request.
+    To enforce applicable Terms, including investigation of potential violations.
+    To detect, prevent, or otherwise address fraud, security, or technical issues.
+    To protect against harm to the rights, property, or safety of Signal, our users, or the public as required or permitted by law.
+    </i>
     <h3 >Further reading</h1>
     <p><a href="https://kill-9.xyz/harmful/software/signal">Signal considered harmful</a></p>
     <h1 >References</h1>
     <section class="footnotes" role="doc-endnotes">
       <p>1: <a href="https://blog.0day.rocks/a-look-into-signals-encrypted-profiles-5491908186c1">A Look Into Signal’s Encrypted Profiles</a></p>
       <p>2: <a href="https://github.com/signalapp/Signal-Android/issues/127">Request: Google Play signed download alternative</a></p>
+      <p>3: <a href="https://signal.org/legal/">https://signal.org/legal/</a></p>
+      <p>4: <a href="https://signal.org/blog/signal-and-giphy-update/">https://signal.org/blog/signal-and-giphy-update/</a></p>
     </section>
   </body>
 </html>