• ☆ Yσɠƚԋσʂ ☆
    link
    fedilink
    arrow-up
    22
    arrow-down
    1
    ·
    edit-2
    3 years ago

    What it ultimately comes down to is that truly secure systems cannot be based on trust. The article does a good job outlining all the ways the users have to trust Whisper Systems without any ability to do independent external verification regarding what the server is doing with the data available to it.

    Even if we assumed that Signal works as advertised the fact that it’s tied to your phone number is incredibly dangerous. Obviously if this information was shared with the government it will disclose your identity as the article notes. This information can then be trivially correlated with all the other information the government has on you and your social network. Given that Signal is advertised as a tool for activists, that means it creates a way to do mass tracking of activists.

    Being centralized is another huge problem given that the service could simply be shut down at any time on government order. If you’re at a protest and rely on Signal it could just stop working.

    edit: as people have pointed out, it turns out you can use third party clients

    Finally, since the client is a binary distributed by Whisper, it’s not possible to verify that the client and server use the published protocol independently. Since alternative clients aren’t allowed to connect to the server, we can’t test the protocol and have to rely on trust.

      • ☆ Yσɠƚԋσʂ ☆
        link
        fedilink
        arrow-up
        5
        ·
        3 years ago

        I mean trust specifically in the context of the technology. Things need to be independently verifiable. And thanks for correction regarding the clients, I was under the impression that you could only use the official app with their server. If you can use an open source client that addresses my concern regarding verification.

        At the very least we can know that the protocol works as advertised. Since it’s E2E, I think it’s probably reasonable to assume that at least the messages themselves are secure.

    • null_radix
      link
      fedilink
      arrow-up
      5
      ·
      3 years ago

      Finally, since the client is a binary distributed by Whisper, it’s not possible to verify that the client and server use the published protocol independently

      you can use Signal-Foss and use their builds or build it yourself.

  • k_o_tM
    link
    fedilink
    arrow-up
    16
    ·
    edit-2
    3 years ago

    4h ago

    40+ comments

    uh oh

    edit: seriously tho, 👌 writeup

    • DessalinesOPA
      link
      fedilink
      arrow-up
      11
      ·
      3 years ago

      Haha thanks. Its impossible for it not to be controversial, for some reason I’ve found signal fans to be more fanatical in their loyalty to it than most advocates of other privacy apps.

        • DessalinesOPA
          link
          fedilink
          arrow-up
          18
          arrow-down
          2
          ·
          3 years ago

          Frankly, these are the exact same defenses you hear of companies like apple, who also run centralized services, yet their userbases are utterly convinced of their privacy.

          You can’t just say things like “the evidence against them is circurmstancial”, for centralized services. It all boils down to “gut feelings”, rather than the reproducibility requirements that the self hosted solutions must pass. Don’t trust these companies by default, and never take a pretty ui or branding polish as a stand in for trust.

          Phone number ids, and centralized, us based services wouldn’t be acceptable for any privacy oriented chat app. Signal also shouldn’t get a pass.

    • Helix 🧬@feddit.de
      link
      fedilink
      arrow-up
      3
      ·
      3 years ago

      uh oh

      It’s a good article :) hope you don’t have to delete comments, but by the looks of it, they’re very civil.

      • k_o_tM
        link
        fedilink
        arrow-up
        5
        ·
        3 years ago

        yeah, i didn’t mean that anything bad is going on, just that it’s a somewhat controversial topic and heated debate is taking place hehe

  • tinyhole
    link
    fedilink
    arrow-up
    13
    ·
    edit-2
    3 years ago

    I’ve got to be honest with you. I went into this hesitant but you make some convincing arguments.

    While for activism I agree with your recommendations. More generally it’s mostly a social network and thus UX thing. I recently moved from whatsapp to signal because my social network was willing to do so and the UX was similar to whatsapp.

    It believe element and thus matrix is almost ready to do the same.

    The future of the internet is federated and p2p or none at all.

    • DessalinesOPA
      link
      fedilink
      arrow-up
      12
      arrow-down
      4
      ·
      edit-2
      3 years ago

      Since when does Zuckerberg endorses Signal?

      He uses signal, I don’t think he’s publicly endorsed it. Read over that sentence again.

      The best way to do private/secure messenging is to do it similarly to the least private and secure messaging protocol in use?

      I’m just describing how it works, this seems overly combative. Encryption is a different topic than federation. Emails and phone calls are federated, yet insecure.

      This entire section completely ignores that Signal isn’t designed to talk to random people. It’s designed to talk to your friends/family/coworkers, who most likely already have your phone number. It makes it super easy to migrate. There’s no way my grandma would be able to add me on briar…

      That “ease of migration” comes at a cost: namely that signal’s centralized server now knows your identity. And yes while briar isn’t quite user friendly yet, its just as easy to share a user_id string as it is a phone number. With matrix or XMPP I can share my ID with a link.

      sealed sender

      I don’t know enough about this to comment, but signal still has to know who to send the message to. That means that the server must decrypt the recipient at some point.

      Payment in Signal has been a major request since the migration from WhatsApp. In multiple countries WhatsApp has a payment feature that is hugely popular.

      I’d argue that most people don’t want a cryptocurrency bundled in their chat apps. This is a really strange thing to defend.

      For the last one, its telling that you deleted half my sentence. The full sentence is this:

      Signal’s use luckily never caught on by the general public of China ( or the Hong Kong Administrative region ), whose government prefers autonomy, rather than letting US tech control its communication platforms, as most of the rest of the world naively allows.

      Many countries have now realized their mistake in letting US tech companies control their social media platforms, and are trying to adopt the PRC model of home-grown chat apps. A great example is India, where Facebook and Youtube ( 2 US tech companies ), are the most popular social media apps. This was a glaring mistake allowing these US surveillance giants to so completely own the social media landscape of India.

      • ᗪᗩᗰᑎ
        link
        fedilink
        arrow-up
        9
        arrow-down
        3
        ·
        3 years ago

        I don’t know enough about this to comment, but signal still has to know who to send the message to. That means that the server must decrypt the recipient at some point.

        Then you shouldn’t be spreading FUD about it.

        • DessalinesOPA
          link
          fedilink
          arrow-up
          7
          arrow-down
          2
          ·
          3 years ago

          If you live in France, why would you want a US company to own and control your communications? That was the main thrust of the article, which you never addressed.

            • DessalinesOPA
              link
              fedilink
              arrow-up
              13
              arrow-down
              2
              ·
              3 years ago

              The App is FLOSS,

              As I noted in my article, remember when signal went a whole year without publishing their server source code updates?

              Non of your points are really any concrete proof of Signal being backdoored.

              I also addressed this, in the NSL section. It is illegal for signal to tell you that, otherwise they all face heavy prison time. Your default position then is to “trust” US services… not a good idea from a privacy standpoint given the history of surveillance disclosures.

              • chiefstorm
                link
                fedilink
                arrow-up
                6
                arrow-down
                3
                ·
                edit-2
                3 years ago

                I appreciate and admire your motivation @dessalines@lemmy.ml

                However, Signal is like the one application that’s user friendly and is NOT compromised, and you seem to be completely attacking it.

                I have reason to believe that Signal is NOT compromised. and the code is indeed Open Source and can be trusted.

                I don’t trust the US, but I do trust Moxie Marlinspike to be a privacy advocate, he has spent his entire career being an advocate for privacy.

                although Signal went a whole year without publishing server source code because they were being subtle about introducing mobilecoin crypto-asset support, and they didn’t want people to jump hog wild into mobilecoin. However, they now have released the server source code, therefore I do not think this is a valid argument.

                • DessalinesOPA
                  link
                  fedilink
                  arrow-up
                  10
                  arrow-down
                  2
                  ·
                  3 years ago

                  How do you feel about marlinspikes ruthlessly banning all third party clients and server implementations? Or his choice of phone # identifiers?

                • jazzfes
                  link
                  fedilink
                  arrow-up
                  5
                  ·
                  edit-2
                  3 years ago

                  So if we don’t know what runs on the server side, how do we know then that this is not used to map user networks, i.e. who communicates with who? From an activist POV wouldn’t that be a significant risk?

                  Also, even if you trust the company today, given that it is US based, it is subject to the gag orders the US government agencies hand out. So that makes it still a problem, no?

    • poVoq
      link
      fedilink
      arrow-up
      9
      arrow-down
      2
      ·
      edit-2
      2 years ago

      deleted by creator

        • poVoq
          link
          fedilink
          arrow-up
          7
          arrow-down
          4
          ·
          edit-2
          2 years ago

          deleted by creator

                • DessalinesOPA
                  link
                  fedilink
                  arrow-up
                  8
                  arrow-down
                  1
                  ·
                  3 years ago

                  If that were the case, the sealed sender stuff would a complete lie, which would seem out of character for Signal.

                  It seems like your loyalty to signal isn’t based on any facts or history whatsoever. I go over the untrustworthy history of signal’s founders, but you’ve ignored all those points in your replies so far.

    • DessalinesOPA
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      3 years ago

      they don’t have the message senders thanks to sealed sender

      Reading over this again. The primary identifier in signal, is phone numbers. You think signal doesn’t store those, or use them to route messages?

        • DessalinesOPA
          link
          fedilink
          arrow-up
          4
          arrow-down
          1
          ·
          3 years ago

          How would the signal server know who to route the message to?

            • DessalinesOPA
              link
              fedilink
              arrow-up
              4
              arrow-down
              1
              ·
              edit-2
              3 years ago

              In a centralized database, this seems like it’d be trivial to get around. You’d only have to look at the client sent messages and correlate them to the receiving ones.

    • tomtom
      link
      fedilink
      arrow-up
      4
      ·
      3 years ago

      Federation increases censorship resistance. I do not think it necessarily decreases privacy, although having metadata strewn across multiple servers may be a risk. Still, I think the comparison with email is a bit of a strawn man argument, since it is not only the federated nature of email which makes it easy to surveil but also the fact it is unencrypted by default.

      Moreover, email these days is concentrating in the hands of a small number of providers (gmail, etc).

      XMPP seems a lot more distributed at this point in time.

  • Helix 🧬@feddit.de
    link
    fedilink
    arrow-up
    10
    ·
    3 years ago

    Signal’s use luckily never caught on by the general public of China ( or the Hong Kong Administrative region ), whose government prefers autonomy, rather than letting US tech control its communication platforms

    Pretty useless tangent. Even for the US of A, Signal isn’t the best communications platform. And China has its own problems with WeChat/QQ, which is basically run by the state. At least they don’t export it like the US does…

  • DessalinesOPA
    link
    fedilink
    arrow-up
    4
    ·
    3 years ago

    Sorry for the length, I’m writing this for a wider, non-tech audience, so I had to go into a describe a lot of terms.

  • ᗪᗩᗰᑎ
    link
    fedilink
    arrow-up
    10
    arrow-down
    6
    ·
    3 years ago

    A quick rebuttal of some points you made. Not going too in depth as I just want to provide my perspective:

    • CIA Funding:
      • This is a non-issue. The OTF also funds: Briar, Tor, Wireguard, Delta Chat, Bind9, CGIProxy, CertBot, K-9 Mail, Tails, NoScript, QubesOS, The Guardian Project, and a host of other essential privacy tools/software. You’re telling me they’re all compromised just because they’re getting funded? I don’t buy it.
    • A Single, Centralized, US-based service
      • The Code is open source and Android has reproducible builds, iOS would have them too, but it’s impossible based on the way Apple’s build process works. Lastly, Signal’s devs/infra exist in the US, they have to exist somewhere, why not the country of origin? With the code being open/reproducible, you don’t have to trust them.
    • Phone # Identifiers
      • This is to make onboarding easier and minimize spam - I got my grandma to install it and find the rest of the family on Signal VERY easily. Trying to get her onboard with Matrix/Element or even Briar would have been a struggle. I like Briar, but its not ready for mainstream yet. I also like Element, but I don’t believe it’s quite a text/sms replacement like Signal is - in addition to leaking metadata.
    • Social network graphs
      • Here you mention metadata, so I’ll ask which other provider goes to the lengths that Signal does to minimize the collection of metadata? And please read over how Sealed sender works before you claim its easy to circumvent. You deride their implementation and claim how easy this is to collect without understanding what’s going on under the hood.
    • Abandonment of Open source
      • This is a stretch. Signal is a non-profit. They don’t have the same funding or staffing as their competitors and all their code is current. Yeah, they let it get out of sync for a while, they’re human, not robots. Don’t let perfect be the enemy of good.
    • Bundling a Cryptocurrency
      • What does a messaging platform have to do with crypto/payments? I don’t know, you should ask every other big player who is also trying to get in on the game hoping to siphon even more data from everyone’s purchases.

    I do want to close by saying that Signal is definitely not the end-all-be-all of secure messaging platforms, but it is currently the best for mass adoption. I’m keeping my eyes on Matrix, Sessions, and Briar, but can’t say they’re ready to “go mainstream” yet.

    • Helix 🧬@feddit.de
      link
      fedilink
      arrow-up
      8
      ·
      3 years ago

      The Code is open source

      the server code being not federated means you effectively can’t (or won’t) self host.

      Phone # Identifiers – This is to make onboarding easier and minimize spam

      Yeah but you could do that as verification and an additional means to find users, not the primary user ID. Threema has generated IDs, Matrix has usernames, Telegram has usernames. Why can’t Signal?

      Yeah, they let it get out of sync for a while

      Why, though?

      What does a messaging platform have to do with crypto/payments?

      Good question. Signal obviously didn’t ask about it and wants to become another WeChat/QQ clone where you can pay with your messaging application and circumvent taxes.

      Signal is definitely not the end-all-be-all of secure messaging platforms, but it is currently the best for mass adoption.

      I’d agree if you’d add “one of” between “currently” and “the”.

      • DessalinesOPA
        link
        fedilink
        arrow-up
        12
        ·
        3 years ago

        Also, its not that signal just got lazy with letting their code get out of sync. They chose not to publish updates for their server for a whole year, until the open source community got really angry, and then they finally relented. If I or any open source maintainer did that, we’d rightly be abandoned. Some here are giving signal a pass for it tho.

        • ᗪᗩᗰᑎ
          link
          fedilink
          arrow-up
          1
          arrow-down
          5
          ·
          3 years ago

          I think the difference is it’s not a federated platform so not many people really care about access to the server-side code. If I was hosting a lemmy instance I would obviously be frustrated if you withheld from all other instance admins as you’d be putting us at a disadvantage. Signal doesn’t allow federation so the consequences aren’t the same.

          and then they finally relented

          You’re embellishing the story for added emotional value. What if instead you wrote, “users were angry, the Signal devs were busy, but eventually got around to publishing the latest code”. You weren’t there so you can’t say that they didn’t want to - or had the time to - publish the server code. You’re implying malice when it doesn’t have to be. Why? Maybe it was on their backlog and it was a task that nobody ever got around to? I dunno, I’ve been in situations like that before and it just sucks to hear people implying the Signal devs are doing shady things when it may simply be that they’re human and not perfect. I’ve had times where our dev team was accused of being “lax” when we’re all running at 110% but just can’t get to that one thing that a small handful of people really want and are very vocal about.

          • DessalinesOPA
            link
            fedilink
            arrow-up
            7
            ·
            3 years ago

            I can tell you, publishing source code is as easy as typing git push. That they needed to “clean things up” at all in an ostensibly open source codebase is sus.

            • ᗪᗩᗰᑎ
              link
              fedilink
              arrow-up
              2
              ·
              3 years ago

              I’m going to disagree again.

              I know how easy it is to type “git push”. I’ve worked where we had 200+ things that were that “simple” but just weren’t prioritized because of our small team. Also had to do thorough code reviews before we synced to our public repo. There’s a hundred non-malicious reasons they delayed - including that they didn’t yet want to make the monero stuff public yet. It’s not uncommon to keep things from the public until they’re ready, in case you decide to scrap the project and remove it last minute before you sync to your public repo and have people question something that is no longer valid/important. I guess I try to look at it from a more human perspective than immediately trying to tarnish people’s intentions.

              • DessalinesOPA
                link
                fedilink
                arrow-up
                2
                ·
                3 years ago

                That simply means that development isn’t out in the open. Why would you not push branches and do code reviews out in the open for an ostensibly open source project?

                • ᗪᗩᗰᑎ
                  link
                  fedilink
                  arrow-up
                  1
                  arrow-down
                  2
                  ·
                  3 years ago

                  That simply means that development isn’t out in the open

                  Correct. FOSS doesn’t mean they have to develop it out in the open, only that they have to release the code for everyone else’s benefit.

                  Why would you not push branches and do code reviews out in the open for an ostensibly open source project

                  Because open source simply means the code is available. You’re not forced to interact with anyone else just because something is open source.

      • ᗪᗩᗰᑎ
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        3 years ago

        the server code being not federated means you effectively can’t (or won’t) self host.

        Agreed. I hope they change their minds on this, although I’m not holding my breath.

        Yeah but you could do that as verification and an additional means to find users, not the primary user ID. Threema has generated IDs, Matrix has usernames, Telegram has usernames. Why can’t Signal?

        Agree. The devs have stated that this is coming this year. We’ll see if they can roll it out before the year ends.

        Yeah, they let it get out of sync for a while

        Why, though?

        Honestly, don’t know and don’t care. I suspect because they didn’t want to yet make public their crypto stuff, but I’m not going to assume malice here without evidence.

        Good question. Signal obviously didn’t ask about it and wants to become another WeChat/QQ clone where you can pay with your messaging application and circumvent taxes.

        Whatsapp also lets you pay - although I believe its only in India. Telegram also attempted to include crypto. Why wouldn’t we want a private way to pay instead of letting Facebook/Google/etc, take over? I fully support them making sending money easier and more private.

        I’d agree if you’d add “one of” between “currently” and “the”.

        I’ll agree that it’s “one of” the best. Which one would you throw in your top 3?

    • altair222@beehaw.org
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      3 years ago

      "Signals database, which we must assume is compromised due to its centralized and US domiciled nature, has a few important pieces of data;

      Message dates and times
      Message senders and recipients (via phone number identifiers)"
      

      I have a problem with the article’s claims on metadata too, hasn’t there been too many transparency reports and subpeonas that prove that they literally have nothing to offer to the government except the last time someone used signal and the date of joining?

      • null_radix
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        3 years ago

        Bind9

        Damnit! guys and gals, the CIA is hinding in bind9

  • Sammo
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    3 years ago

    Thanks for the nice article!

      • Sammo
        link
        fedilink
        arrow-up
        9
        ·
        3 years ago

        Also a few interesting things: I saw a lot of people saying that Signal isn’t keeping metadata, and a few articles from4 years ago claiming that. I took a look at the signal ToS and Privacy Policy which states quite the opposite: „SIGNAL DOES NOT WARRANT […] THAT OUR SERVICES WILL BE […] SECURE, OR SAFE”, „For the purpose of operating our Services, you agree to our data practices as described in our Privacy Policy, as well as the transfer of your encrypted information and metadata to the United States and other countries where we have or use facilities, service providers or partners.“ and „Other instances where Signal may need to share your data

        To meet any applicable law, regulation, legal process or enforceable governmental request.“

        • ᗪᗩᗰᑎ
          link
          fedilink
          arrow-up
          3
          arrow-down
          2
          ·
          3 years ago

          Lets look at how they’ve behaved when forced to comply with the law - https://signal.org/bigbrother/central-california-grand-jury/

          You’ll see that the only info they can provide is:

          • The day you signed up
          • The last day one of your clients pinged their servers (this is needed to purge abandoned clients)

          So what their ToS means is pretty much that they will operate within the realm of reality. Who out there IS providing a warranty of security/safety? And if they fail to ensure your safety/security, how do you go about “redeeming” your warranty? I think you’re reading too much into it.

    • tomtom
      link
      fedilink
      arrow-up
      4
      ·
      3 years ago

      the decentralized nature of XMPP is a huge plus for me.

      I guess Matrix also has that, in theory, but from what I have seen the matrix.org homeserver still effectively functions as a central point to track metadata.

      I guess the issue with XMPP is that people can send unencrypted messages to you, perhaps with deanonymizing information?

    • DessalinesOPA
      link
      fedilink
      arrow-up
      3
      ·
      3 years ago

      Mainly preference, I don’t prefer it because it isn’t encrypted by default.

      I could add a section on XMPP I spose.

  • roastpotatothief
    link
    fedilink
    arrow-up
    3
    ·
    3 years ago

    matrix, jitsi, etc, are very different types if platform from signal. if you just want signal but without all the problems, it’s Wire.

    but if you want my opinion - the only thing that matters is bridging. none of these small networks can succeed unless they can bridge to the others and to email. bridging is subverting the network effect to combine the small players and help them destroy the big players.

      • roastpotatothief
        link
        fedilink
        arrow-up
        1
        ·
        3 years ago

        I didn’t know about any of that. TBH this subject comes up a lot on lemmy and you’re the first to mention those things.

        I’ve not noticed any bugginess or lack-of-support type problems.

        TBH those complaints don’t even sound that bad! compared against the problems the other messaging apps (inc signal) have.

    • n0n@kallutatud.info
      link
      fedilink
      arrow-up
      1
      ·
      3 years ago

      That linked article talks about how crypto in browser is easily subverted. You don’t have to use matrix with a browser client and most people I know use standalone clients.

        • n0n@kallutatud.info
          link
          fedilink
          arrow-up
          1
          ·
          3 years ago

          True, the element.io site offers the browser client first, which I find wrong. On the other hand some of Signal’s choices were justified by “helping adoption” so I guess that falls under the same category.

          Currently I can’t find a way to see which client another user is using in the Element mobile app. Not sure if that is even possible. So I guess for really sensitive matters you have to make sure your collaborators know how to stay safe. And of course if your use-case really required a web-client you could just self-host it.

            • n0n@kallutatud.info
              link
              fedilink
              arrow-up
              1
              ·
              3 years ago

              I completely agree with you. But in every field I’ve worked in getting actual good security implemented is usually diametrically opposed to end-user convenience.

              As a side note what Element did with the verification icon-strings was pretty neat.

  • Halce
    link
    fedilink
    arrow-up
    4
    arrow-down
    2
    ·
    3 years ago

    The same way you could (and in my opinion should) be wary of Briar too, not yet, perhaps, for technical reasons at least, but in regards to the sources of their funding (see the bottom section of https://briarproject.org/about-us) - OTF

    • DessalinesOPA
      link
      fedilink
      arrow-up
      4
      ·
      3 years ago

      That is definitely sus, and makes me scrutinize briar a little bit more. Its probably okay for now, because unlike signal, its decentralized, and the f droid builds are from source.

  • IngrownMink4
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    3 years ago

    And what do you think of Molly? Do you recommend it to replace Signal or is it preferable not to use Signal or any of its forks?

    • DessalinesOPA
      link
      fedilink
      arrow-up
      3
      ·
      3 years ago

      Federated / P2P is a must IMO for any messaging service, so that rules out any signal or fork, even if its self hostable, which I assume molly is.

      • IngrownMink4
        link
        fedilink
        arrow-up
        2
        ·
        3 years ago

        Okay, I will keep that in mind. I thought Molly was the ideal alternative to replace Signal. I will try to use more Element or Briar.