Now the government has an incentive to contribute to the open source project to ensure that its communications are secure.
You're right that it could "weaken" signal because more people are trying to attack it which means a flaw is more likely to be found. But it can also strengthen Signal because the need for it to be strong and improve faster is higher. More people looking at it (especially with a government interest) means there are more trying to patch those flaws as well.
Additionally, it can add to the popularity of Signal. Which again adds to both edges laid out above.
Honestly I can't see this as anything but good. It is __GOOD__ when the government's interests align with that of the public.
1. IF the government comes to rely heavily on the security of signal, THEN the government will want to make signal as secure as possible.
2. The approach the government may take to make signal stronger could be to regulate signal. For instance the government might require background checks on everyone authorized to push out signal updates.
3. Such regulation is likely to have the unintended effect of making signal less secure by causing the designers of signal to abandon the project.
Now this is a pessimistic take. An optimistic take could be that the tool the US government uses to strengthen signal is to fund developers and give out grants for security research on signal. As another poster pointed out the US government funds TOR.
This is against the interest of the DoD. It may be in the interest of other agencies, but not the DoD. The DoD's interest is that __all__ communications of their soldiers. Because it matters if a soldier texts their buddy back home "blah blah I'm taking a shit in this shack outside the base. You should see what it's like out here blah blah." That has security issues for them. Soldiers are going to text their buddies, significant others, and family by any means that they can. So your choice is 1) through a secure channel or 2) through an insecure channel. DoD is obviously in favor of option 1. Increased regulation, such as your suggesting, is counter productive and only encourages option 2.
> 3. ...
The code is open source. Moxie is also pretty adamant about keeping it open source. DoD also has an invested interest in keeping it open source.
> As another poster pointed out the US government funds TOR.
This user was me?
Since the conversation is exactly the same as the one we were having the other day on another thread I am literally going to reference that thread[0]. I think the pessimism comes from "anti-government" thinking, but also a lack of understanding how agencies work. You can probably tell from my chat history that I'm not super pro strong gov and pro privacy. But these agencies have differing agendas and this has to be understood. The intelligence community has a split incentive when it comes to Tor/Signal/encryption. The part that handles protecting their spies is pro Tor and wants other users on it because they don't want spies found because only spies connect to Tor nodes (or only spies/pedos/terrorists even). Conversely, those in charge of finding spies (or spies and pedos) don't like Tor (and that's why they'll claim that only spies/pedos/terrorists use Tor/encryption. It is pushing __their__ agenda).
It really comes down to "what agenda makes their life easier?" So it should be no surprise that a defense agency is... in favor of defense. It should also not be a surprise that agencies in charge of attacking (let's avoid debate about who they are attacking) is... anti defenses. Those that are in charge of protecting kings are pro castles because it is easier to defend your king behind a castle. Those in charge of killing kings are anti castle because it is harder to kill a king behind a castle. These people may work for the same king, but they don't really talk to each other that often.
I actually think the government will start taking a more pro encryption stance in the future (we've seen some of it already), especially as tensions rise. Those that worry about foreign interference have an incentive to protect everyone's communications from foreign adversaries. It is harder to manipulate those that you have no information on. Anti encryption sentiment comes from when we are in a stronger position and less worried about being attacked. Now as we're transitioning into a period where we're becoming more concerned about defense we have a much higher incentive (before it was ambivalence) to improve defenses.
Tor is designed to benefit from an arms race by spy agencies.
If your spy agency controls the vast majority of the Tor nodes, you can see what everybody is doing with Tor, and nobody else can. Whereas if somebody else's spy agency controls the vast majority of the Tor nodes, they get that power.
When you're both working hard to get more Tor nodes, the Tor network is made better for everybody and unless you achieve that vast majority control you get no benefit for your effort, still, never give up.
Suppose the Russians have 100 Tor nodes, the Americans have 100 Tor nodes, the Chinese have 100 Tor nodes and random good Samaritans run 100 more. Nobody can snoop on Tor, it works really well with 400 nodes. The Americans buy 200 more nodes. The Russians don't like that and nor do the Chinese! They each buy 200 more nodes too. Now there are 1000 Tor nodes, it works even better, and nothing changed for user security.
Now the government has an incentive to contribute to the open source project to ensure that its communications are secure.
You're right that it could "weaken" signal because more people are trying to attack it which means a flaw is more likely to be found. But it can also strengthen Signal because the need for it to be strong and improve faster is higher. More people looking at it (especially with a government interest) means there are more trying to patch those flaws as well.
Additionally, it can add to the popularity of Signal. Which again adds to both edges laid out above.
Honestly I can't see this as anything but good. It is __GOOD__ when the government's interests align with that of the public.