@danileonis@lemmy.ml
link
223d

Just use Element (Matrix).

@yogthos@lemmy.ml
link
19
edit-2
1M

What it ultimately comes down to is that truly secure systems cannot be based on trust. The article does a good job outlining all the ways the users have to trust Whisper Systems without any ability to do independent external verification regarding what the server is doing with the data available to it.

Even if we assumed that Signal works as advertised the fact that it’s tied to your phone number is incredibly dangerous. Obviously if this information was shared with the government it will disclose your identity as the article notes. This information can then be trivially correlated with all the other information the government has on you and your social network. Given that Signal is advertised as a tool for activists, that means it creates a way to do mass tracking of activists.

Being centralized is another huge problem given that the service could simply be shut down at any time on government order. If you’re at a protest and rely on Signal it could just stop working.

edit: as people have pointed out, it turns out you can use third party clients

Finally, since the client is a binary distributed by Whisper, it’s not possible to verify that the client and server use the published protocol independently. Since alternative clients aren’t allowed to connect to the server, we can’t test the protocol and have to rely on trust.

poVoq
link
11
edit-2
1M

I don’t think you can have messaging without some level of trust, but I agree that the Signal Foundation isn’t very trustworthy.

As for the communication protocol… there are some 3rd party clients that connect to the Signal servers (Axelotl, signald etc.) which have not been banned from connecting for quite some time now. Not sure why, but at least that shows that the protocol in general works as intended. Together with reproducible builds for the official client this at least makes it likely that the unmodified official client works as advertised (although there could still be some caveats in the shared libraries).

But who knows what the server does and supply chain attacks that substitute the official client for a modified one are still easily possible when Signal controls all distribution channels (they will tell you this is to prevent supply chain attacks, but only those of most 3rd parties, not those originating from within Signal & Google/Apple).

@yogthos@lemmy.ml
link
51M

I mean trust specifically in the context of the technology. Things need to be independently verifiable. And thanks for correction regarding the clients, I was under the impression that you could only use the official app with their server. If you can use an open source client that addresses my concern regarding verification.

At the very least we can know that the protocol works as advertised. Since it’s E2E, I think it’s probably reasonable to assume that at least the messages themselves are secure.

@Eli@lemmy.ml
link
51M

Truly secure systems: i like that one.

@null_radix@lemmy.ml
link
51M

Finally, since the client is a binary distributed by Whisper, it’s not possible to verify that the client and server use the published protocol independently

you can use Signal-Foss and use their builds or build it yourself.

@yogthos@lemmy.ml
link
31M

That does address that concern.

Dreeg Ocedam
link
31M

Finally, since the client is a binary distributed by Whisper, it’s not possible to verify that the client and server use the published protocol independently.

What are you talking about? The official client is open source and has reproducible builds.

@yogthos@lemmy.ml
link
11M

Yeah, others corrected me. My understanding was that you had to use the client from the app store to talk to the official server.

@KLISHDFSDF@lemmy.ml
link
21M

This is FUD that some people keep on spreading. You can build your own client https://signal.org/blog/reproducible-android/

There’s even these 3rd party clients that have existed for some time now and haven’t been blocked:

@k_o_t@lemmy.ml
mod
link
15
edit-2
1M

4h ago

40+ comments

uh oh

Dessalines
creator
link
91M

Haha thanks. Its impossible for it not to be controversial, for some reason I’ve found signal fans to be more fanatical in their loyalty to it than most advocates of other privacy apps.

Dreeg Ocedam
link
81M

I’ve found signal fans to be more fanatical in their loyalty to it than most advocates of other privacy apps

It’s because all criticism I’ve seen of Signal is at best circumstantial, and have nothing concrete despite the app being open source, with reproducible builds, under a ton of international scrutiny. I have read part of their code. I have understood the protocol itself for some of my classes.

It’s one of the rare FLOSS project that is actually good enough in terms of UX to actually reach popular adoption. We shouldn’t shoot it down.

On the side there are some concerning security issues with Matrix which I detail here. Signal is much much more attentive to the security of their implementation.

Dessalines
creator
link
141M

Frankly, these are the exact same defenses you hear of companies like apple, who also run centralized services, yet their userbases are utterly convinced of their privacy.

You can’t just say things like “the evidence against them is circurmstancial”, for centralized services. It all boils down to “gut feelings”, rather than the reproducibility requirements that the self hosted solutions must pass. Don’t trust these companies by default, and never take a pretty ui or branding polish as a stand in for trust.

Phone number ids, and centralized, us based services wouldn’t be acceptable for any privacy oriented chat app. Signal also shouldn’t get a pass.

@Helix@feddit.de
link
21M

uh oh

It’s a good article :) hope you don’t have to delete comments, but by the looks of it, they’re very civil.

@k_o_t@lemmy.ml
mod
link
41M

yeah, i didn’t mean that anything bad is going on, just that it’s a somewhat controversial topic and heated debate is taking place hehe

@tinyhole@lemmy.ml
link
11
edit-2
1M

I’ve got to be honest with you. I went into this hesitant but you make some convincing arguments.

While for activism I agree with your recommendations. More generally it’s mostly a social network and thus UX thing. I recently moved from whatsapp to signal because my social network was willing to do so and the UX was similar to whatsapp.

It believe element and thus matrix is almost ready to do the same.

The future of the internet is federated and p2p or none at all.

Dessalines
creator
link
21M

👏

@Helix@feddit.de
link
91M

Signal’s use luckily never caught on by the general public of China ( or the Hong Kong Administrative region ), whose government prefers autonomy, rather than letting US tech control its communication platforms

Pretty useless tangent. Even for the US of A, Signal isn’t the best communications platform. And China has its own problems with WeChat/QQ, which is basically run by the state. At least they don’t export it like the US does…

Dreeg Ocedam
link
9
edit-2
1M

It also has several questionable endorsements and users, such as Jack Dorsey ( Twitter’s founder ), Elon Musk, and Mark Zuckerberg ( Facebook’s founder ).

Since when does Zuckerberg endorses Signal?

The best way to describe federation, is to think of email

The best way to do private/secure messenging is to do it similarly to the least private and secure messaging protocol in use?

Phone # Identifiers

This entire section completely ignores that Signal isn’t designed to talk to random people. It’s designed to talk to your friends/family/coworkers, who most likely already have your phone number. It makes it super easy to migrate. There’s no way my grandma would be able to add me on briar…

It also completely ignores the work that is being put into adding username that would allow you to talk to people without having to give them your phone number.

It also completely ignores Signal’s history. Initially it started as a way to encrypt SMS, so phone number were not an option anyway.

Signals database, which we must assume is compromised due to its centralized and US domiciled nature […] Message senders and recipients

Except that they don’t have the message senders thanks to sealed sender

Recently, signal has been attempting to integrate a cryptocurrency called MobileCoin, into the app itself. What a messaging platform has to do with an obscure cryptocurrency is a little vague; but there is probably some money driving this. Since Marlinspike doesn’t allow 3rd party clients, it is impossible to avoid these types of unwanted “features”.

Payment in Signal has been a major request since the migration from WhatsApp. In multiple countries WhatsApp has a payment feature that is hugely popular. At least they try to improve on such feature by using crypto to make it private, while not using proof of work which destroys the environment. And it’s not like they have actually shipped it. It’s only in the beta channel in a few countries…

Signal’s use luckily never caught on by the general public of China ( or the Hong Kong Administrative region ), whose government prefers autonomy, rather than letting US tech control its communication platforms

Yeah, it’s obviously because of that, and Chinese apps are a heaven of privacy and zero state censorship.

Dessalines
creator
link
6
edit-2
1M

Since when does Zuckerberg endorses Signal?

He uses signal, I don’t think he’s publicly endorsed it. Read over that sentence again.

The best way to do private/secure messenging is to do it similarly to the least private and secure messaging protocol in use?

I’m just describing how it works, this seems overly combative. Encryption is a different topic than federation. Emails and phone calls are federated, yet insecure.

This entire section completely ignores that Signal isn’t designed to talk to random people. It’s designed to talk to your friends/family/coworkers, who most likely already have your phone number. It makes it super easy to migrate. There’s no way my grandma would be able to add me on briar…

That “ease of migration” comes at a cost: namely that signal’s centralized server now knows your identity. And yes while briar isn’t quite user friendly yet, its just as easy to share a user_id string as it is a phone number. With matrix or XMPP I can share my ID with a link.

sealed sender

I don’t know enough about this to comment, but signal still has to know who to send the message to. That means that the server must decrypt the recipient at some point.

Payment in Signal has been a major request since the migration from WhatsApp. In multiple countries WhatsApp has a payment feature that is hugely popular.

I’d argue that most people don’t want a cryptocurrency bundled in their chat apps. This is a really strange thing to defend.

For the last one, its telling that you deleted half my sentence. The full sentence is this:

Signal’s use luckily never caught on by the general public of China ( or the Hong Kong Administrative region ), whose government prefers autonomy, rather than letting US tech control its communication platforms, as most of the rest of the world naively allows.

Many countries have now realized their mistake in letting US tech companies control their social media platforms, and are trying to adopt the PRC model of home-grown chat apps. A great example is India, where Facebook and Youtube ( 2 US tech companies ), are the most popular social media apps. This was a glaring mistake allowing these US surveillance giants to so completely own the social media landscape of India.

@KLISHDFSDF@lemmy.ml
link
51M

I don’t know enough about this to comment, but signal still has to know who to send the message to. That means that the server must decrypt the recipient at some point.

Then you shouldn’t be spreading FUD about it.

Dreeg Ocedam
link
4
edit-2
1M

He uses signal, I don’t think he’s publicly endorsed it.

That’s not what in you essay. Also, this is a fact that I doubt a lot since he owns WhatsApp. The story about that was when there was the huge Facebook data leak, allegedly, his phone number was in it, and it was possible to see that he was registered on Signal. At the time I tried to fact check this but couldn’t find anything that convinced me 100% of the veracity of this fact. I haven’t checked again so there may be some more convincing evidence available today.

Also, him being registered on it wouldn’t necessarily mean he is a user of Signal. He could have just registered to see what the competition looked like.

And if it were true that Marc Zuckerberg used Signal everyday, I would take it as a very strong confirmation that Signal is trustworthy. A quick way to test whether a conspiracy is true or not it to check if it would affect the rich and powerful.

Anyway, rich people endorsing Signal doesn’t mean anything. I hate Elon Musk too, but he just jumped on the bandwagon when it was already leaving and Signal was already gaining in popularity. A broken clock is right twice a day.

its just as easy to share a user_id string as it is a phone number

It’s not. I can dictate my phone number. I can’t do it for a cryptographic user id.

With matrix or XMPP I can share my ID with a link

With Signal I don’t have to because my phone number is already in their address book. When username arrive in Signal, a similar feature will likely be available anyway (though this is speculation, I don’t really know what it will look like and I don’t have the motivation to look at their WIP github branches).

sealed sender

I don’t know enough about this to comment, but signal still has to know who to send the message to. That means that the server must decrypt the recipient at some point.

It still is much less valuable than what you claim in your essay. They might be able to track you via your IP but that’s much less efficient and can be easily prevented via a VPN or using the builtin censorship circumvention proxy. Cryptography ensures that the rest cannot leak.

I’d argue that most people don’t want a cryptocurrency bundled in their chat apps. This is a really strange thing to defend.

If it is transparent and the use of crypto is hidden to the user while still preserving their privacy, it could be amazing. There’s no reason not to try, the beta version of the app is there exactly for this.

Many countries have now realized their mistake in letting US tech companies control their social media platforms, and are trying to adopt the PRC model of home-grown chat apps. A great example is India, where Facebook and Youtube ( 2 US tech companies ), are the most popular social media apps. This was a glaring mistake allowing these US surveillance giants to so completely own the social media landscape of India.

While I do wish my country (France) and other EU countries would do more in terms of regarding our concerning digital dependency on the US, I don’t see how the PRC is any better. They don’t have FB and other platforms which in some way is a good thing, however they have massive state surveillance in all of their internet platforms, and secure communication methods are banned.

Dessalines
creator
link
41M

If you live in France, why would you want a US company to own and control your communications? That was the main thrust of the article, which you never addressed.

Dreeg Ocedam
link
01M

With Signal I don’t really have to trust anyone regarding the confidentiality of the messages. The App is FLOSS, has been audited and is under a high level of scrutiny. The protocol itself is recognised as the golden standard regarding E2EE for asynchronous messaging by the cryptography community. I’m a student in cybersecurity/embedded systems. I understand the underlying double ratchet protocol, which I have studied and I am working on right now.

I don’t really need to trust anyone regarding confidentiality when I use Signal. If there were a service comparable to Signal in terms of ease of use, features and security but french, I’d use it. There’s olvid but it’s not FLOSS and has much worse UX, and Matrix/XMPP are less secure while being much harder to use (I do use matrix on a self-hosted server by some people I know).

I’m much more concerned about the Google and Huawei crap that I can’t remove from my phone and that I know is siphoning data for advertisement currently than some grand conspiracy that would be fooling the entire cyber-security community, with no concrete motive.

Non of your points are really any concrete proof of Signal being backdoored.

Dessalines
creator
link
101M

The App is FLOSS,

As I noted in my article, remember when signal went a whole year without publishing their server source code updates?

Non of your points are really any concrete proof of Signal being backdoored.

I also addressed this, in the NSL section. It is illegal for signal to tell you that, otherwise they all face heavy prison time. Your default position then is to “trust” US services… not a good idea from a privacy standpoint given the history of surveillance disclosures.

Dreeg Ocedam
link
11M

As I noted in my article, remember when signal went a whole year without publishing their server source code updates?

It was only the server side, which anyway we can’t attest is what is actually running on their servers, and there were some other repositories that contained up to date code. This was still concerning.

Your default position then is to “trust” US services…

This is not my default position. It is an informed choice based on the scrutiny and recognition that signal has worldwide.

@jazzfes@lemmy.ml
link
5
edit-2
1M

So if we don’t know what runs on the server side, how do we know then that this is not used to map user networks, i.e. who communicates with who? From an activist POV wouldn’t that be a significant risk?

Also, even if you trust the company today, given that it is US based, it is subject to the gag orders the US government agencies hand out. So that makes it still a problem, no?

Dreeg Ocedam
link
-11M

I don’t know what runs on matrix.org either unless I self-host, which I don’t do, because it’s way too time consuming and is much less reliable.

And Signal has mechanisms to prevent mapping user networks such as Sealed sender, which matrix and XMPP don’t have.

@jazzfes@lemmy.ml
link
51M

Self hosting of the synapse server is pretty well documented. There even is an ansible script to speed it up.

I self hosted early on and it wasn’t particularly time consuming.

Again, the specific issue with Signal is that it is located in the US, which has pretty authoritarian practices against exactly the type of organisation that runs Signal. This potentially makes Signal problematic even if the people running it have the best intentions.

Is this context the use of phone numbers is questionable too, in my opinion at least. The given rational is that it makes it easier for users to sign up, but that’s really not true. Email is used by pretty much everyone and doesn’t rely on phone numbers. I’m sure someone thinking half a day about user IDs that aren’t carrying inherent privacy risk will likely come up with something.

I had my parents using matrix for years without issue in a quite advanced age and they had no issues desite not using phone numbers…

Dreeg Ocedam
link
1
edit-2
1M

Self hosting of the synapse server is pretty well documented. There even is an ansible script to speed it up.

I know. But I don’t have a server, don’t really want to pay for one. I also know that Matrix is very resource hungry. I know some sysadmin stuff, and it is time consuming, especially when it’s down and you don’t know why and you need it running because you have some important document that you need quickly etc…

Then there is the matter of security. I’m not going to be able to quickly react to issues, I’m not going to update it on time, and as soon as it crashes all the people that I would have managed to make migrate would immediately go back to whatever we used previously.

All that for a really mediocre UX and overall security compared to Signal. No thanks.

@jazzfes@lemmy.ml
link
11M

Got to ask now: are you working for Signal? It really sounds like it…

Re sysadmin and self hosting it really depends on the scope. You can follow basic security recommendations, which you will set up once, and which will protect you from bots and scripts. What about targeted attacks? Not sure, but if you host for yourself or family and friends only, I wouldn’t take this as my threat model.

I have a Nextcloud server running for about 4 years now with close to zero downtime. During those years I had perhaps two instances where I did larger upgrades which took me perhaps an hour on two weekends to prepare (basically backing stuff up, dealing with the excitement, reading up) and then maybe one evening to execute.

I’m sure hosting for millions of people who might end up sending lawyers your way is difficult. Running something like matrix yourself for friends and family simply isn’t and it removes all the security and privacy risk that comes with trusting an US based organisation that had its share of controversies, and more importantly is subject to the questionable laws and enforcement practices.

Anyone who had installed linux and is happy to work with a console would be capable of learning how to self host in a reasonable amount of time.

@chiefstorm@lemmy.ml
link
0
edit-2
1M

I appreciate and admire your motivation @dessalines@lemmy.ml

However, Signal is like the one application that’s user friendly and is NOT compromised

I don’t trust the US, but I do trust Moxie Marlinspike to be a privacy advocate, he has spent his entire career being an advocate for privacy.

Signal went a whole year without publishing server source code because they were being subtle about introducing mobilecoin crypto-asset support, and they didn’t want people to jump hog wild into mobilecoin. Now, they have released the server source code, so… unless they are not actually running that code, then this argument is invalid.

Not to mention their website makes it sound like they will introduce support for more privacy friendly crypto, such as Monero. Perhaps the mobilecoin was just a test implementation to begin with.

Dessalines
creator
link
91M

How do you feel about marlinspikes ruthlessly banning all third party clients and server implementations? Or his choice of phone # identifiers?

@chiefstorm@lemmy.ml
link
4
edit-2
1M

I appreciate your critique and well written essay, as well as your motivation. Thank you again for writing this, and I will heed your advice and be more skeptical of signal foundation. However, but I have followed Marlinspike for years, and was an early signal adopter, so I do have some trust that the project is not compromised.

comment from lobster also makes some good points here, and I tend to agree with this guy

This take comes up every so often, e.g. in some of the linked articles. I’m sympathetic to many of the concerns raised, but I’ve yet to see serious engagement with some of the deeper issues raised. For example: A significant number of security and privacy-enhancing technologies (PET) have received US military funding or other support. See: Tor from the Naval Research Lab, OpenBSD from DARPA. SELinux comes from the NSA. The Open Technology Fund has also support Ricochet, WireGuard, ? Delta.chat, and Briar (that the author recommends), etc. (link). Are all these tools suspect? As an aside, the EU also funds a significant number of PETs. While not as egregious as the US, the EU is no enemy of mass surveillance, either. One reason for Signal’s centralization is, in short, that it’s hard to update federated protocols, including their security features. E2E encryption in XMPP or email is still a pain, and far from usable for most people. I hope that e.g. Matrix can pull it off, but they face challenges that centralized services don’t. With a centralized service, you know that you can handle unforeseen security developments quickly. Shouldn’t this be a key priority for a security tool? Using phone numbers as identifiers has its benefits: you don’t need to store users’ contacts on your servers. A service like Wire, that does allow you to sign up without a phone number, has to store your full social graph on their end. Avoiding this sort of metadata is a hard problem — Signal has opted for minimizing the amount they store. It’s hard to overstate how much ease of use matters when it comes to gaining mass adoption for these tools. For a long time, privacy & security tools were super user-unfriendly, reserved only for a small technical elite (see PGP). If we want to combat mass surveillance, we need tools that the masses want to install (in my experience, it’s hard enough to convince activist groups to migrate off Discord or Slack — the alternatives need to be similarly easy to use).

How do you feel about the guy who donated 50 million to Signal? He probably has the most influence on the project second only to Marlinspike.

@tomtom@lemmy.ml
link
41M

Yes I do not see why we should trust any system which forbids self-hosting, especially when alternatives exist.

@KLISHDFSDF@lemmy.ml
link
31M

How do you feel about marlinspikes ruthlessly banning all third party clients

False.

There are a few 3rd party clients. They all identify themselves to the server that they’re 3rd party clients and they haven’t been banned.

Dessalines
creator
link
21M

Thanks for linking Libresignal, read over its readme.

But really 3rd party clients are beside the point: the main thrust of the article is about signal being a single, us domiciled, centralized service. They don’t let you self host a server, and you also have no way of verifying their server code. You just have to “trust them”.

Dreeg Ocedam
link
11M

Or his choice of phone # identifiers?

See my first comment: https://lemmy.ml/post/81033/comment/78905

How do you feel about marlinspikes ruthlessly banning all third party clients and server implementations

I do agree that it is somewhat of an issue, but there was only one instance of this happening, where a fork of Signal was about to be added to fdroid. It’s not like they haven’t justified themselves. Anyway the features of LibreSignal (no hard requirement on Google Play services), was implemented in the official app. There are still two third party clients that exist: Axolotl and signal-cli. They don’t want to deal with third party client that they can’t update and thus need to keep support for outdated versions of the protocols that would introduce a lot of complexity and risks introducing downgrade attacks.

It also allows them to roll out “quality of life” features faster such as stickers, video calls, groups v2, and more recently groups where only admins can post, which would be harder to keep backward compatible.

The openness of Signal has already been fruitful. The protocol has been implemented in many other platforms, such as Matrix, WhatsApp and even Messenger.

Dreeg Ocedam
link
21M

However, Signal is like the one application that’s user friendly and is NOT compromised, and you seem to be completely attacking it.

That’s what annoys me the most here. We have one FLOSS project that is very high quality, secure and gained significant popularity, and we start shooting it down ourselves…

Halce
link
41M

We have one FLOSS project that is very high quality, secure and gained significant popularity, and we start shooting it down ourselves…

This would be a truly problematic sentiment in some other cases. But the point here, is that unlike Matrix, Signal is not really ours.

Dreeg Ocedam
link
01M

What do you mean by that?

I know matrix, and it’s much lower overall quality, significantly less secure and popular, and is very unlikely to ever become popular until they really rethink their UX.

Halce
link
31M

What I mean is that Signal is more of a code dump rather than a truly free software project, it’s developed mostly internally, in that way Matrix is much more a true community project.

Dreeg Ocedam
link
31M

Fair point, but having a smaller team of highly competent devs (their job requirements are quite high if you look on their website) does allow them to innovate quicker and keep an overall high level of quality.

And it’s not like telegram were there code is completely unusable and the server is propretary. There are already a bunch of forks of Signal that exists (session being one of the main).

Halce
link
21M

Sure. Signal is a better choice than the clown that’s Telegram.

poVoq
link
5
edit-2
1M

Except that they don’t have the message senders thanks to sealed sender

Sealed sender is a nice idea, but due to Signal’s centralized server architecture it is sadly snake-oil. If Signal wants they can easily circumvent sealed sender with a simple timing correlation as they have 100% knowledge about when a client sends or receives a message.

Dreeg Ocedam
link
-11M

How do they know when a specific client sends a message?

poVoq
link
41M

Because that client connects to their server to do so roll eyes

Dreeg Ocedam
link
-21M

And how do they identify this client specifically instead of any other client?

poVoq
link
61M

Of course they know which client connects when to their server and sends messages to them. Seal sender is only about cutting the direct relation between that sending event and the receiver. However they also know exactly when a client receives a message (just not directly from whom). Thus since they know exactly when clients send and receive messages it is trivial to run a timing attack for a few minutes and you know with 99.9% certainty who is talking to whom, even with seal sender.

Dreeg Ocedam
link
-11M

If that were the case, the sealed sender stuff would a complete lie, which would seem out of character for Signal.

Of course they know which client connects when to their server and sends messages to them.

Why ? The authentication can be done on the receiving side through cryptography. Why would it be required for the server to also authenticate the sender?

Dessalines
creator
link
51M

If that were the case, the sealed sender stuff would a complete lie, which would seem out of character for Signal.

It seems like your loyalty to signal isn’t based on any facts or history whatsoever. I go over the untrustworthy history of signal’s founders, but you’ve ignored all those points in your replies so far.

@KLISHDFSDF@lemmy.ml
link
21M

I go over the untrustworthy history of signal’s founders

The OTF also funds the following: Briar, Tor, Wireguard, Delta Chat, Bind9, CGIProxy, CertBot, K-9 Mail, Tails, NoScript, QubesOS, The Guardian Project

You going to say that Briar is a good alternative despite receiving funding from the CIA just like Signal? How about QubesOS or NoScript. Are they also no longer trustworthy because they’re funded by the OTF?

Dessalines
creator
link
31M

That honestly does make me question those projects a bit more, and should put some more scrutiny on them. Radio free asia is not looking out for open source, they’re trying to get a jump on coopting projects, because no one else is funding open source.

Dreeg Ocedam
link
-31M

It seems like your loyalty to signal isn’t based on any facts or history whatsoever.

See this comment

I go over the untrustworthy history of signal’s founders, but you’ve ignored all those points in your replies so far.

Regarding your radio free asia funding story, Whisper Systems was founded in 2010 according to Wikipedia, while the funding from the open tech fund started in 2013. There’s a lot of differences between Funding and FOunding. At that point it was already open sourced. It’s really far fetched to think that somehow, the US took control of it at that point.

You even ignore the point that Whisper System temporarily belonged to twitter, also a US company, which would have been a much simpler way for the US to seize control of the project than to go through some fund bla bla bla

Dessalines
creator
link
41M

Of course, I never said it was founded by radio free asia, just that it got its initial funding from them. The only thing thats up for debate there, is their continued involvement.

But based on them defending signal from critics as recently as a few years ago.

2ndly, open source doesn’t mean too much for centralized services that aren’t self hostable, and especially ones that delay their source code updates until the community wonders why there haven’t been any after a full year.

Dreeg Ocedam
link
-1
edit-2
1M

In this comment you say founded. I can accept that it’s a typo.

Dreeg Ocedam
link
-1
edit-2
1M

But based on them defending signal from critics as recently as a few years ago.

Link?

2ndly, open source doesn’t mean too much for centralized services that aren’t self hostable

There are forks that exists such as Session. Open Source is important

Dessalines
creator
link
41M

https://archive.is/Rz6Qa near the bottom.

The forks also aren’t federated, making them dead in the water imo.

Halce
link
21M

Whisper Systems was founded in 2010 according to Wikipedia, while the funding from the open tech fund started in 2013.

Interestingly, Singnal actually introduced its cryptographic protocol to the public only in 2013, when they got the funding (see even Wikipedia for that).

Dreeg Ocedam
link
11M

The app already had E2EE at that point, this only marks the release of the v2 of their protocol, which is now considered state of the art for asynchronous messaging.

poVoq
link
3
edit-2
1M

Its not a complete lie, as a similar system on a federated messenger where lots of different legal entities control the different client to server connections would really benefit from it (I hope someone will implement it for XMPP in the future), but due to the centralization of the Signal servers it is snake-oil as explained above.

I am not sure what you mean with “authenticate” in this context, but of course the signal servers receive TCP connection from a specific IP address at a specific point in time. If they also look at that TCP connection and authenticate the sender is mostly irrelevant, but I would guess they also do that to prevent network spam / flooding attacks.

Edit: I think a lot of the things Signal does are good so long as you trust them and assume not a single one of their employees (or one of those their servers run on, AFAIK previously Google and now AWS) is compromised by the NSA/FBI. I find that highly unlikely and thus have to assume Signal’s servers are run by a hostile actor and according to that such timing attacks are likely to happen.

Dreeg Ocedam
link
11M

If the only thing they have is an IP address it is much less info than the actual phone number of who sent the message. It can also be very easily prevented by using a VPN or the built-in anti censorship proxy.

poVoq
link
31M

If you use additional measures to protect yourself it becomes a bit more difficult to correlate the info, but they still also know when a specific client with a specific phone number connects to their network. So maybe they have to run that timing attack over a few hours, but the end result is the same.

Not to point out the obvious, but if someone uses a burner phone to initially setup their signal account, that is another big layer of privacy

@Echedenyan@lemmy.ml
link
31M

Burner phones which barely exist outside USA.

@chiefstorm@lemmy.ml
link
11M

Oh shit, well I had no idea. Hell, I know in China you used to easily get a burner number, but now it is restricted… Well listen, that certainly changes the conversation.

Do you know if there are any pay-as-you-go phone plans in Europe ?

@Echedenyan@lemmy.ml
link
2
edit-2
1M

There are, but are linked to your personal ID which makes it not the same.

poVoq
link
2
edit-2
1M

Yes, but nearly all countries require you to register the SIM cards with your government ID.

Dreeg Ocedam
link
-21M

they still also know when a specific client with a specific phone number connects to their network

I don’t think so. I didn’t really fully understood how sealed sender worked until now and only trusted Signal to implement it properly. I’m currently reading this which explains how it works and it seems to provide similar guaranties to what I assumed. The server can only have the IP of the sender. There seem to be some issues, but it’s not as trivial as you seem to think it is. They may also have implemented the mitigations since.

@tomtom@lemmy.ml
link
31M

Federation increases censorship resistance. I do not think it necessarily decreases privacy, although having metadata strewn across multiple servers may be a risk. Still, I think the comparison with email is a bit of a strawn man argument, since it is not only the federated nature of email which makes it easy to surveil but also the fact it is unencrypted by default.

Moreover, email these days is concentrating in the hands of a small number of providers (gmail, etc).

XMPP seems a lot more distributed at this point in time.

Dreeg Ocedam
link
21M

Federation makes it much harder to keep metadata private, though you could technically achieve the level of privacy found in Signal, it’s not easy.

In practice, Signal is a lot better at protecting your metadata than Matrix and XMPP.

Now that matrix has a lot of different clients and implementation, of would be super hard for them to implement something like Sealed Sender, which Signal was able to deploy very easily. I find it very unlikely that matrix will end up fixing its privacy issues. While Signal will be able to evolve and fix them. They are currently working on usernames for example.

Dessalines
creator
link
31M

they don’t have the message senders thanks to sealed sender

Reading over this again. The primary identifier in signal, is phone numbers. You think signal doesn’t store those, or use them to route messages?

Dreeg Ocedam
link
-11M

It doesn’t necessarily mean that the phone number is sent with every API call. The real authentication of who sent the message happens on the receiver’s device when they decrypt it.

Dessalines
creator
link
31M

How would the signal server know who to route the message to?

Dreeg Ocedam
link
01M

They know who the receiver is. They don’t need to know who sent the message. They only have to route it to the receiver.

Dessalines
creator
link
3
edit-2
1M

In a centralized database, this seems like it’d be trivial to get around. You’d only have to look at the client sent messages and correlate them to the receiving ones.

Dreeg Ocedam
link
-11M

It’s more complex than that. The client doesn’t authenticate itself to the server. It only shows a certificate that says “I have a right to send messages to this person”. This certificate is anonymous and was initially generated by the receiver, and then sent via the encrypted session.

More details here.

The server could still correlate the IP, which is much less valuable and can be hidden through VPNs or even the built-in censorship circumvention proxy.

poVoq
link
41M

Why no mentioning of XMPP (other then Jitsi, which sort of is XMPP)? It is at least as good if not better then Matrix.

@tomtom@lemmy.ml
link
41M

the decentralized nature of XMPP is a huge plus for me.

I guess Matrix also has that, in theory, but from what I have seen the matrix.org homeserver still effectively functions as a central point to track metadata.

I guess the issue with XMPP is that people can send unencrypted messages to you, perhaps with deanonymizing information?

Dessalines
creator
link
21M

Mainly preference, I don’t prefer it because it isn’t encrypted by default.

I could add a section on XMPP I spose.

poVoq
link
41M

Neither is Matrix if you use some 3rd party clients. With the most popular XMPP clients e2ee is enabled by default.

Dessalines
creator
link
41M

Sorry for the length, I’m writing this for a wider, non-tech audience, so I had to go into a describe a lot of terms.

@Helix@feddit.de
link
11M

ever heard of footnotes? :D

Appreciate the write-up. Linked it on my sparse wiki page about Signal.

@je_vv@lemmy.ml
link
31M

I see Jami missing, though Briar is mentioned. Any particular reason for missing Jami? Perhaps because it doesn’t use the double ratchet popularized by Signal? It does e3ee by default, and supports voice and video calls besides chats…

@Sammo@lemmy.ml
link
21M

Thanks for the nice article!

Dessalines
creator
link
31M

No probs!

@Sammo@lemmy.ml
link
61M

Also a few interesting things: I saw a lot of people saying that Signal isn’t keeping metadata, and a few articles from4 years ago claiming that. I took a look at the signal ToS and Privacy Policy which states quite the opposite: „SIGNAL DOES NOT WARRANT […] THAT OUR SERVICES WILL BE […] SECURE, OR SAFE”, „For the purpose of operating our Services, you agree to our data practices as described in our Privacy Policy, as well as the transfer of your encrypted information and metadata to the United States and other countries where we have or use facilities, service providers or partners.“ and „Other instances where Signal may need to share your data

To meet any applicable law, regulation, legal process or enforceable governmental request.“

Dreeg Ocedam
link
1
edit-2
1M

Yes, the government can force them to give them encrypted garbage, and they will comply. They will also give the metadata with it, but there are multiple mechanisms in the APP (client-side) to make sure that the server can’t even access most of the metadata, because it’s either not sent or encrypted.

Lets look at how they’ve behaved when forced to comply with the law - https://signal.org/bigbrother/central-california-grand-jury/

You’ll see that the only info they can provide is:

  • The day you signed up
  • The last day one of your clients pinged their servers (this is needed to purge abandoned clients)

So what their ToS means is pretty much that they will operate within the realm of reality. Who out there IS providing a warranty of security/safety? And if they fail to ensure your safety/security, how do you go about “redeeming” your warranty? I think you’re reading too much into it.

Halce
link
21M

The same way you could (and in my opinion should) be wary of Briar too, not yet, perhaps, for technical reasons at least, but in regards to the sources of their funding (see the bottom section of https://briarproject.org/about-us) - OTF

Dessalines
creator
link
41M

That is definitely sus, and makes me scrutinize briar a little bit more. Its probably okay for now, because unlike signal, its decentralized, and the f droid builds are from source.

@Echedenyan@lemmy.ml
link
11M

distributed*

matrix, jitsi, etc, are very different types if platform from signal. if you just want signal but without all the problems, it’s Wire.

but if you want my opinion - the only thing that matters is bridging. none of these small networks can succeed unless they can bridge to the others and to email. bridging is subverting the network effect to combine the small players and help them destroy the big players.

@Echedenyan@lemmy.ml
link
41M

Are you really recommending Wire after years of not taking care of their users?

I stopped making reports and using it 2 years ago when they changed parent company, upgraded their ToS to notify they could cancel or ban the service for countries which don’t generate profit for them or under law and because they started ignoring bug reports sending by email an automatic reply that they “were dedicated to the enterprise edition and delaying the personal edition support”.

I didn’t know about any of that. TBH this subject comes up a lot on lemmy and you’re the first to mention those things.

I’ve not noticed any bugginess or lack-of-support type problems.

TBH those complaints don’t even sound that bad! compared against the problems the other messaging apps (inc signal) have.

IngrownMink4
link
1
edit-2
1M

And what do you think of Molly? Do you recommend it to replace Signal or is it preferable not to use Signal or any of its forks?

Dessalines
creator
link
31M

Federated / P2P is a must IMO for any messaging service, so that rules out any signal or fork, even if its self hostable, which I assume molly is.

IngrownMink4
link
21M

Okay, I will keep that in mind. I thought Molly was the ideal alternative to replace Signal. I will try to use more Element or Briar.

poVoq
link
21M

No fixed account and really easy multi-server connection clients like with IRC kinda works also.

Dreeg Ocedam
link
11M

Another issue is that you suggest using Matrix or XMPP, which take security much less seriously. XMPP is not encrypted by default, and Matrix has some serious issues regarding its trust model.

poVoq
link
7
edit-2
1M

XMPP is not encrypted by default

This is not really true, the most popular clients are enabling e2ee by default and it is literally a single click on a padlock sign on the others that support OMEMO e2ee.

@n0n
admin
link
11M

That linked article talks about how crypto in browser is easily subverted. You don’t have to use matrix with a browser client and most people I know use standalone clients.

Dreeg Ocedam
link
11M

You don’t have to use matrix with a browser client

But the presence of a browser client seriously undermines the security of the whole platform. People don’t know that they should not use the browser client. If it were a third party client it wouldn’t undermine the seriousness of Matrix, but the browser client is an official one, which shows that Matrix takes security much less seriously than Signal.

@n0n
admin
link
11M

True, the element.io site offers the browser client first, which I find wrong. On the other hand some of Signal’s choices were justified by “helping adoption” so I guess that falls under the same category.

Currently I can’t find a way to see which client another user is using in the Element mobile app. Not sure if that is even possible. So I guess for really sensitive matters you have to make sure your collaborators know how to stay safe. And of course if your use-case really required a web-client you could just self-host it.

Dreeg Ocedam
link
11M

So I guess for really sensitive matters you have to make sure your collaborators know how to stay safe

This is a really bad idea. The software you use should be usable safely without any knowledge of security if you want it to be really effective outside of security conscious people. And even security conscious people make mistakes.

And of course if your use-case really required a web-client you could just self-host it

That’s not an option for 99.99% of the population.

@n0n
admin
link
11M

I completely agree with you. But in every field I’ve worked in getting actual good security implemented is usually diametrically opposed to end-user convenience.

As a side note what Element did with the verification icon-strings was pretty neat.

@KLISHDFSDF@lemmy.ml
link
01M

A quick rebuttal of some points you made. Not going too in depth as I just want to provide my perspective:

  • CIA Funding:
    • This is a non-issue. The OTF also funds: Briar, Tor, Wireguard, Delta Chat, Bind9, CGIProxy, CertBot, K-9 Mail, Tails, NoScript, QubesOS, The Guardian Project, and a host of other essential privacy tools/software. You’re telling me they’re all compromised just because they’re getting funded? I don’t buy it.
  • A Single, Centralized, US-based service
    • The Code is open source and Android has reproducible builds, iOS would have them too, but it’s impossible based on the way Apple’s build process works. Lastly, Signal’s devs/infra exist in the US, they have to exist somewhere, why not the country of origin? With the code being open/reproducible, you don’t have to trust them.
  • Phone # Identifiers
    • This is to make onboarding easier and minimize spam - I got my grandma to install it and find the rest of the family on Signal VERY easily. Trying to get her onboard with Matrix/Element or even Briar would have been a struggle. I like Briar, but its not ready for mainstream yet. I also like Element, but I don’t believe it’s quite a text/sms replacement like Signal is - in addition to leaking metadata.
  • Social network graphs
    • Here you mention metadata, so I’ll ask which other provider goes to the lengths that Signal does to minimize the collection of metadata? And please read over how Sealed sender works before you claim its easy to circumvent. You deride their implementation and claim how easy this is to collect without understanding what’s going on under the hood.
  • Abandonment of Open source
    • This is a stretch. Signal is a non-profit. They don’t have the same funding or staffing as their competitors and all their code is current. Yeah, they let it get out of sync for a while, they’re human, not robots. Don’t let perfect be the enemy of good.
  • Bundling a Cryptocurrency
    • What does a messaging platform have to do with crypto/payments? I don’t know, you should ask every other big player who is also trying to get in on the game hoping to siphon even more data from everyone’s purchases.

I do want to close by saying that Signal is definitely not the end-all-be-all of secure messaging platforms, but it is currently the best for mass adoption. I’m keeping my eyes on Matrix, Sessions, and Briar, but can’t say they’re ready to “go mainstream” yet.

@Helix@feddit.de
link
61M

The Code is open source

the server code being not federated means you effectively can’t (or won’t) self host.

Phone # Identifiers – This is to make onboarding easier and minimize spam

Yeah but you could do that as verification and an additional means to find users, not the primary user ID. Threema has generated IDs, Matrix has usernames, Telegram has usernames. Why can’t Signal?

Yeah, they let it get out of sync for a while

Why, though?

What does a messaging platform have to do with crypto/payments?

Good question. Signal obviously didn’t ask about it and wants to become another WeChat/QQ clone where you can pay with your messaging application and circumvent taxes.

Signal is definitely not the end-all-be-all of secure messaging platforms, but it is currently the best for mass adoption.

I’d agree if you’d add “one of” between “currently” and “the”.

Dessalines
creator
link
101M

Also, its not that signal just got lazy with letting their code get out of sync. They chose not to publish updates for their server for a whole year, until the open source community got really angry, and then they finally relented. If I or any open source maintainer did that, we’d rightly be abandoned. Some here are giving signal a pass for it tho.

I think the difference is it’s not a federated platform so not many people really care about access to the server-side code. If I was hosting a lemmy instance I would obviously be frustrated if you withheld from all other instance admins as you’d be putting us at a disadvantage. Signal doesn’t allow federation so the consequences aren’t the same.

and then they finally relented

You’re embellishing the story for added emotional value. What if instead you wrote, “users were angry, the Signal devs were busy, but eventually got around to publishing the latest code”. You weren’t there so you can’t say that they didn’t want to - or had the time to - publish the server code. You’re implying malice when it doesn’t have to be. Why? Maybe it was on their backlog and it was a task that nobody ever got around to? I dunno, I’ve been in situations like that before and it just sucks to hear people implying the Signal devs are doing shady things when it may simply be that they’re human and not perfect. I’ve had times where our dev team was accused of being “lax” when we’re all running at 110% but just can’t get to that one thing that a small handful of people really want and are very vocal about.

Dessalines
creator
link
71M

I can tell you, publishing source code is as easy as typing git push. That they needed to “clean things up” at all in an ostensibly open source codebase is sus.

@KLISHDFSDF@lemmy.ml
link
11M

I’m going to disagree again.

I know how easy it is to type “git push”. I’ve worked where we had 200+ things that were that “simple” but just weren’t prioritized because of our small team. Also had to do thorough code reviews before we synced to our public repo. There’s a hundred non-malicious reasons they delayed - including that they didn’t yet want to make the monero stuff public yet. It’s not uncommon to keep things from the public until they’re ready, in case you decide to scrap the project and remove it last minute before you sync to your public repo and have people question something that is no longer valid/important. I guess I try to look at it from a more human perspective than immediately trying to tarnish people’s intentions.

Dessalines
creator
link
21M

That simply means that development isn’t out in the open. Why would you not push branches and do code reviews out in the open for an ostensibly open source project?

That simply means that development isn’t out in the open

Correct. FOSS doesn’t mean they have to develop it out in the open, only that they have to release the code for everyone else’s benefit.

Why would you not push branches and do code reviews out in the open for an ostensibly open source project

Because open source simply means the code is available. You’re not forced to interact with anyone else just because something is open source.

@KLISHDFSDF@lemmy.ml
link
11M

the server code being not federated means you effectively can’t (or won’t) self host.

Agreed. I hope they change their minds on this, although I’m not holding my breath.

Yeah but you could do that as verification and an additional means to find users, not the primary user ID. Threema has generated IDs, Matrix has usernames, Telegram has usernames. Why can’t Signal?

Agree. The devs have stated that this is coming this year. We’ll see if they can roll it out before the year ends.

Yeah, they let it get out of sync for a while

Why, though?

Honestly, don’t know and don’t care. I suspect because they didn’t want to yet make public their crypto stuff, but I’m not going to assume malice here without evidence.

Good question. Signal obviously didn’t ask about it and wants to become another WeChat/QQ clone where you can pay with your messaging application and circumvent taxes.

Whatsapp also lets you pay - although I believe its only in India. Telegram also attempted to include crypto. Why wouldn’t we want a private way to pay instead of letting Facebook/Google/etc, take over? I fully support them making sending money easier and more private.

I’d agree if you’d add “one of” between “currently” and “the”.

I’ll agree that it’s “one of” the best. Which one would you throw in your top 3?

@Helix@feddit.de
link
21M

I’ll agree that it’s “one of” the best. Which one would you throw in your top 3?

Matrix or XMPP. I made a messenger comparison matrix (in German) and they get the most green check marks for my criteria.

Dreeg Ocedam
link
11M

the server code being not federated means you effectively can’t (or won’t) self host.

This doesn’t matter if the app is designed to not require a trusted server

Threema has generated IDs, Matrix has usernames, Telegram has usernames. Why can’t Signal?

Because they originally worked by encrypting SMS, which required phones numbers. Internet messaging arrived later, and they are working on usernames in a similar way to how Telegram does it if I understand correctly.

Dreeg Ocedam
link
11M
  • CIA Funding:
    • This is a non-issue. The OTF also funds: Briar, Tor, Wireguard, Delta Chat, Bind9, CGIProxy, CertBot, K-9 Mail, Tails, NoScript, QubesOS, The Guardian Project, and a host of other essential privacy tools/software. You’re telling me they’re all compromised just because they’re getting funded? I don’t buy it.

Even if it were not the case, Signal was founded 3 years before it started receiving funding from the OTF.

@null_radix@lemmy.ml
link
21M

Bind9

Damnit! guys and gals, the CIA is hinding in bind9

Nour
link
-1
edit-2
1M

deleted by creator

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 user online
  • 4 user / day
  • 35 user / week
  • 134 user / month
  • 210 user / 6 month
  • 1 subscriber
  • 144 Post
  • 605 Comment
  • Modlog