#Signal is a long way from perfect, but it has one key benefit: It is very easy for people to adopt. Download the app, follow a linear flow, start talking to existing contacts. In particular:
- It reuses an existing identifier (COI also does this, though doesn’t have a discovery protocol so you can’t tell which users will support the upgraded mode without trying to message them).
- The security of your communication does not depend on the instance you pick (you can’t pick an instance and you can’t choose to run one, which I consider a weakness, but most alternatives at least leak metadata to the person who runs your server and to the servers that you communicate with).
- It doesn’t ever fall back to an insecure mode. This eliminates downgrade attacks. OMEMO over XMPP and COI will both fall back to unencrypted modes and rely on UI patterns for users to detect this (remember how well the SSL padlock worked for this?)
- It reliably syncs keys across devices, so phone, tablet, and desktop clients can all see your messages and you can transparently move between them.
- Encrypted multi-party video chats just work. Now that chat links works you can just stick them in a calendar invitation and switch to using Signal for meetings instead of proprietary systems.
There’s a longer list of things that I would like them to fix, but that’s the set of things I need a chat program to support to be something I’d recommend to non-geeks. Being able to host your own server is nice. Needing to host your own server for security is a deal breaker.