At the risk of laboring the point, I'm talking about the piece of code embedded in the Signal application, that tries to talk to the Play Services. Not the Play Services themselves. This piece of code is definitely running whenever Signal is launched, "even if you don't have the Play Services on your phone". It probably does nothing significant when the Play Services are not present but still, it's there and (a small) part of it runs.
Now you have several options:
- you trust Google and trust this code not to do anything when the Play Services are not running
- you don't trust Google on this, but you don't care neither
- you don't trust Google and care, but you are willing to take the risk
- you don't trust Google and care, and are worried, or are not willing to run any proprietary code out of principle: you need to adapt Signal's code or dish the app entirely
> It probably does nothing significant when the Play Services are not present
Right, that's the part I care about. I think there are two possible situations:
- Signal's own open source code can detect the absence of Play Services and not call out to Google's proprietary code in the first place. Great, no problem there.
- Google's proprietary code attempts to use Play Services and doesn't do anything when it's not present. In that case I do indeed trust Google enough that I wouldn't expect it to actually do anything else, i.e. the first option you mention.
Now you have several options:
- you trust Google and trust this code not to do anything when the Play Services are not running
- you don't trust Google on this, but you don't care neither
- you don't trust Google and care, but you are willing to take the risk
- you don't trust Google and care, and are worried, or are not willing to run any proprietary code out of principle: you need to adapt Signal's code or dish the app entirely