I don’t know if I’m opening a can of worms here, and I’m still trying to backtrack a lot of history where I was tuning everything out. I keep seeing random swipes at Signal (or the representatives (?)), and I was wondering whether they are founded or just lies.Is it another situation like Lemmy where we just “take the technology and move on”? Thanks!
You must log in or register to comment.
my problem with signal is that they have a hard requirement to use a phone number for signup and that they don’t want to do anything about federation or messenger intercompatibility.
Their resoning is that they only trust themself to keep the meta data safe and so need you. Leaves a little bit of a sour tast in my mouth that they don’t even give their users the option to opt into federation.
they don’t want to do anything about federation or messenger intercompatibility.
Their reasoning is that they only trust themself to keep the meta data safe and so need you.
That’s not their reasoning. Their reasoning is that it’s much harder to evolve the protocol in a decentralized context than a centralized one. It’s not that they only trust themselves with your metadata, it’s that they can improve the protocol much faster in order to get rid of most metadata.
They have been able to deploy a ton of protocol updates with regards to minimizing the amount of metadata anyone has access to (including them), while other decentralized alternatives have essentially been stuck in limbo for a while:
- Secure Value recovery
- Groups V2
- Sealed sender
- Usernames
- Post quantum resistance
On the other hand, Matrix, XMPP and email are very leaky with regards to metadata. I’m not going into email because that’s pretty documented, but here it is for matrix:
- Message reactions are not encrypted
- Group membership are not encrypted (which lead to attacks)
- Profile pic and Name are public (visible by everyone even people with whom you don’t have any contact)
This is a good comparison of messengers here:
https://eylenburg.github.io/im_comparison.htm
Btw, an imprtant aspect of privacy is how metadata are handled/leaked. Signal trues to minimize metadata leak to near zero (there are some other messengers that do that, like simplex)
This comparison makes some questionnable choices. It puts the presence of a web client as green, when actually this breaks the thread model of end-to-end encryption.
Signal is an open-source privacy-focused end-to-end encrypted texting platform (so competing with SMS, WhatsApp, iMessage, Telegram, and similar). It’s developed by a donation-funded non-profit organization.
Signal is quite good compared to the competition, but it faces a lot of scrutiny because they make big promises about privacy and security so the people who care will really get into the details on that. Also IIRC there was a period when one of their competitors was trying to slander them more or less.
In general there’s nothing wrong with Signal and it’s quite a good option. If you really care about the privacy details you can always host your own instance (but that would require you to convince your friends to use your instance … it’s not federated).
The deal is that they run their program in a very transparent and wherever possible verifiable way.
More details here: https://lemmy.world/comment/14775870Hey signal is better than most of the mainstream bs. I use it myself and I’m confident that the messages themselves are secure. However, it had issues.
Since we cannot verify the software they run on the server is the software that is open source then we must assume it is not.
We know for a majority of cases a phone number = a real identity. Signal implements sealed sender but since signal is a centralised point they can correlate the sealed sender extraordinarily easily. We must therefore assume signal knows when and who is communicating (We can verify they don’t know what is being said) this therefore means signal could theoretically have a full social graph of real identities for every singe user.
This is of course after we remember signal received funding from BBG which is an organisation funded by the us government purely for the purpose of promoting american propaganda.
Also I believe they used to have federation but all evidence of this seems to have been wiped from the internet.
Signal can either adapt and prove themselves with more than a “trust me bro” or they can die. Just cos they are better than the alternatives does not mean we should not demand better.
Since we cannot verify the software they run on the server is the software that is open source then we must assume it is not.
But that’s like, the case for pretty much every messenger out there, outside of self-hosting, which will not be done by 99.99% of the general population.
great explanation!
we must assume it is not.
100% - Security is about capabilities, not intentions!
Don’t assume - verify!
Also I believe they used to have federation but all evidence of this seems to have been wiped from the internet.
They never had.
The talk about federation originated when the EU demanded interoperability from gatekeeper software i.e. Whatsapp. Signal said on day one they wouldn’t do from their end because it would mean lowering security.
There was LibreSignal once but it got shut down by Signal. It’s quite old. This was like 10 years ago.
I mean long before that with one of the 3rd party apps they used to federate their own server with signal iirc.
Well, that must be waaaaaaay back then. I’ve been using Signal for quite a while now, and I am not sure what you mean then.
Dr GPT found something on it. It was a federation between Silent Phone 2014-2015 (a secure messaging app developed by Silent Circle, a company co-founded by Phil Zimmermann, the creator of PGP) and TextSecure (the precursor to signal).
That really is ancient in terms of the internet! Thanks for checking.
If they encrypt meta data like they say they do (https://signal.org/blog/signal-is-expensive/), it should be very hard to use meta data the way you explained.
Whether they do can be looked up here (https://github.com/signalapp) by those who know what to look for.
As Signal uses reproducible builds (https://signal.org/blog/reproducible-android/), itcan be verified that the builds are made from the public source code.
They make offering a secure and trustable app a lot better (by being verifyable) than other messengers.The point is we cannot trust they run the software they claim to run. Identifying a sender despite sealed sender is trivial if u have a centralised server.
Say I am the signal server and all the clients run the known/provable secure clients that are used. I as the signal server an subject to wiretap and gag orders so I can be obligated to run software that is not the published server software and into tell anyone. As a server I by definition have everyone’s IP address. A message with signal protocol has a sealed sender and a known identity recipient. As the signal server I can see when u send a message and from what IP and to which identity and what ip that identity is. I can then simply associate IPs and identities.
I trust the app I cannot trust the server. A reproducible build does not prove anything about the server it only proves the client.
Sure. If you want full control, you need to run your own server.
Matrix crosses my mind.
But using that is a different animal than installing an app from a store.
As far as security when communicating conveniently on mobile phone goes, Signal does a pretty good job. But you’re right that it’s important to realize what’s possible and what’s not possible.I use signal for communicating with normies who just wanna download an app. Just cos signal is better than most doesn’t mean we shouldn’t demand better. Why can’t we have both? With self hosted federated signal servers and no phone number requirement we can have our cake and eat it.
If we have a federated messager that some people self host, would that actually be more secure? i dont know much about how federation works, but i imagine that an intelligence agency could make an instance that would federate to the others, listen to the metadata of the exchanges in the network and rebuild a social graph like a centralized server could. Is this a non-issue?
Its actually less of an issue with federation. The way most federation works is that messages are only exchanged with servers that have a relevant party, ie if I’m on instance a and ur on instance b then our messages are only exchanged between instance a and b instance c would have no idea about any of it.
Its even better than that because with sealed sender the recipient server will know that u have received a message and from what instance but not which user on the instance.
oh, i see! that would be cool
Signal is great, you should use it.
Current problems with signal
- it’s centralized
- your encryption key is stored in the cloud
- It’s not federated
Details
-
Means it’s vulnerable to government pressure, it’s not wrench proof
-
means you can’t really trust it for sensitive things, like if you were running the french government communication systems it would be foolish to use signal. Signal uses the power of Intel SGX enclaves to keep your private key safe, so your trusting Intel not to sign something bad, your trusting sgx to not have exploits, etc.
-
Means it’s a walled garden, and not open to self hosting.
Signal is the best main stream e2e out there, but it’s not the last one we will ever see, something will replace it
Your encryption key can be stored encrypted in the cloud. This isn’t a fundamentally bad thing, but they should allow better protection than the short pins they allowed last time I checked.
Your encryption key is stored ON-DEVICE. Not in “the cloud”.
In fact, they just had a big hullabalu about the encryption key being stored in plain-text on their desktop client, which they’ve now resolved.
They now use https://www.electronjs.org/docs/latest/api/safe-storage on the desktop client.
Both on device and in the cloud.
https://signal.org/blog/secure-value-recovery/
That is why when you switch phones and register again with signal using your “pin”, you can send messages to your contacts without your verification number changing.
What the hell, that makes it completely useless?
Yup, it was really big news and everyone was up in arms when they introduced SVR.
You can “opt out” in the settings, your key is still stored in the cloud but with a random BIP32 encoding or somesuch, still not a great practice, and whoever you talk to probably didn’t opt out.
Signal is better then non e2e messengers, but its not the best architecture we could have. If your ok with Intel, and the Signal foundation being in a position to handover your keys to a TLA who then would have the capability to decrypt your messages - then its fine. So sexting is fine, probably prevents business intelligence, but if I was negotiating a MX US trade deal, I wouldn’t use signal to talk about my strategy.
If your running a government communication system, 1,2,3 (But especially point 2) - mean you can’t use signal.
What the hell.
Thanks for the info!
https://github.com/signalapp/SecureValueRecovery2
The method has changed since that blog post.
So you are correct about it being stored in the cloud - they also seem to take much better care of it there, but when it’s on someone elses server, your point stands - they can SAY they do anything. There’s no way to actually test that. So thanks for the correction.
Anytime, I love it when lemmy is a collaborative space!
There is not „your encryption key“ because there is not only one.
The cloud backup (protected by the pin) includes the contact list, NOT your messages. Those are encrypted on device with a key that is on device and can not be recovered by anyone from the cloud.
There is not „your encryption key“ because there is not only one.
It’s close enough, its the master key from which all other keys can be derived.
https://signal.org/blog/secure-value-recovery/
If someone loses their phone, the stretched_key, auth_key, and c1 variables can be regenerated at any time on the client as long as the user remembers their chosen passphrase.
It’s mostly minor shit, it’s better than the alternatives unless you self-host (which has a boatload of other issues).
The thing is I have yet to see any reasonable alternatives.
Threema is the closest but it’s not free-of-charge, so a non-starter for most of my friends.
The others are controlled by Russia (telegram) or Meta. What else even is viable?
I’m trying to move my family to Matrix with a self hosted server. It’s not easy though because of bugs in it.
- it wants a phone number
- it’s not GETTING a phone number
- it no longer exists as an option
