#signal server is now officially closed source, making it de facto a worse-looking telegram.
@danielinux @mmu_man That’s just not how it works.
While I agree that this is sad, something is not closed source just because the code is not public.
@danielinux @mmu_man To be more clear : there’s nothing in the (A)GPL (or any other common FLOSS licence) that requires the code to be public.
The only thing is that the code must be shared with users that ask for it.
The problem is not just an AGPL violation here, even though the license explicitly requires to show the code if you are providing a service on top of it. According to AGPL-3, if you are using the service you are the user. Good luck anyway submitting such a request to them at this point.
The actual problem is that #signal is no longer willing to publicly share the sources of their server platform, which is what #signalapp users criticized the most about others in the past, #telegram in particular.
AGPL applies to any third party using signal's server code. Since signal owns that code, i don't think they are bound by its terms. As far as i can tell, they did not accept any pull requests from outsiders either.
That is fair if the code is 100% owned by signal.
But, please follow me on this: since nobody is supposed to run #signal servers but themselves, you would agree that the AGPL label is used a mere marketing billboard. As @IngaLovinde correctly pointed out in this thread, it already did not guarantee that what you see is what you get as service.
Today all the doubts about the actual software running on the server side are gone. You can be sure that they won't share their sources, so you cannot know what they are running.
i agree with your ethical argument. i just wanted to object to the claim that this was an AGPL violation, because i think that's incorrect (as long there really are 0 contributions from outsiders w/o a CLA).
@guenther the original author did not claim a violation, they wrote that it "raises questions about the legality of this situation". The question being, in my interpretation, if the code has a centralized copyright or not. I have said in the past that AGPL alone is not enough to protect a project from suddenly changing direction.
Linux resisted acquisition from both Google and Microsoft for decades because of the combination of copyleft and its distributed authorship, which makes it impossible to buy it straight off Torvald's hands.
Everyone has a price, #signal was already very openly sponsored by google, helped whitewashing facebook and had to push people to google market by boycotting all other distribution channels, and demonize decentralization in return.
@danielinux
You can actually get a better signal client on fdroid: molly.im
@guenther