I'm not sure why it works so poorly after years of existence, but unfortunately I'm losing hope that it'll be fixed. I sometimes feel like the Signal team doesn't use their product, or they would have noticed this. Meanwhile, yes, Matrix took years to add encryption, but it works much better than Signal, even with quite a few small bugs.
I'm not sure which Matrix client you use, but clients like Riot don't even let you opt out of sending read receipts unless you edit `/etc/riot/config.json` to enable experiments and then go into the settings to disable read receipts. Problems like this (and issues like this ) give me the impression that Riot isn't designed for people who need privacy.
(Yes, there are other Matrix clients , but my understanding is that Riot is the flagship interface.)
Hopefully none of that changes now that they've been acquired by zoom.
Keybase claims that it is, but it's a lie that nobody verified: https://security.stackexchange.com/questions/222055/how-can-...
If you did not delete the Signal directory on your phone then there should be some old backups with your messages there. These will be encrypted so you will need to original password to unencrypt them.
Also KaiOS and the like are making chat feasible even on feature phones.
Don't get me wrong, RCS will be a fine enough fallback (once it's E2E), but standardized chat is the dream.
Is there a plan for RCS to be E2E? Given that RCS went under the GSMA umbrella in 2008, and it's 2020 and adoption is minimal, I don't have any hopes for a future update that supports E2E to come out any time sooner than 2040, with handsets supporting it in 2050, and all endpoints supporting it in 2065; Google will have released about 30 more messangers by then, of course.
For an example of where this works really well, look at how all of their adaptive UI efforts feed into each other:
* The enhancements to multiwindow that were built for foldables became Android's desktop mode, to the point that it was built specifically as a test environment and now underpins DeX etc
* Desktop mode's only hardware requirement is a display output, suggesting in addition that Android apps as a whole are no longer bound to specific 1:1 relationships of UI and form factor. (This is, imo, a much bigger deal than we're making it out to be, and opens up possibilities ranging from hybrid game consoles to mobile content creation to better takes at mobile-powered VR.)
* The existence of a base OS implementation and the fact that it's controlled by the system launcher, a component the user can rip and replace, pretty much ensures that custom ROM communities are already toying with this
* Android supports PWAs - installable, natively-scalable webapps - meaning that when desktop mode inevitably stops being feature-flagged there will be examples of convergent apps that work on day 1
* Desktop support for Android apps enhances those same apps when used on ChromeOS
* Flutter, the toolkit built for Fuchsia - an OS designed from the ground up with this sort of scalability in mind - is capable of targeting all of the above
I think what Google needs to do is to seperate the messaging protocol from the messaging software. The protocol needs network effects. The software doesn't. That's why shutting down Google Inbox didn't kill email and it's why any new experiments with email software can benefit from the network effects that email protocols already have.
If the one thing so far that's led the feds to threaten this is that they wanted to build a modern protocol for cross-service messaging, then there's no sane reason we couldn't have asked for that exact thing as a spec.
Google is adding an implementation into Messages, and it's honestly not a critical problem if OS vendors are supporting it at that level, but there's still too much we don't know about it imo. Will that be supported by iOS, if and when it supports RCS at all? Will it work for third-party clients, if and when Android gets APIs?
I'm not sure how much optimism I have that this will be anything other than a fragmented mess in the short term.
Which basically means, instead of having a federated mess as designed to replace the federated mess of SMS and MMS, we'll get a Google mess, maybe. But if Google was any good at making messenger apps, maybe enough people would use one of them that it wouldn't be killed.
Also how XMPP could have been that spec, if Google hadn't decided when launching (the first version of) Hangouts to go full Ayn Rand while doing it.
If Signal introduces a new feature, it knows that all users’ devices will support that feature, because its own software is the only game in town.
[Yes, you could manually compile it and update it... which is what I did for the first year I used signal, until it expired on me with no warning while I was away on a trip and had no way to update it.]
Oooooh, I've got some bad news for you.
That was a couple months ago. Maybe it has improved massively since then? I guess I'll try it again later this year.
But, also this experience may not have been possible before may (when they released a big update with e2ee by default).
So like three weeks.
> That was a couple months ago.
And in a sibling comment I also confirmed the issues before the new encryption stuff, but no issues after (not with the encryption part at least).
Have you checked if yours is up to date?
I can use e.g. KDE Connect when my phone is on to send SMS messages from my desktop, but then they won't appear in Signal, unfortunately.
During the past month I've seen more errors and hiccups. Like delays. I assume that's just a scaling issue.
But I do have election apps. They just eat away resources.
Check out its network traffic sometime.
For Push, whatever app you use needs to have a push server that talks through to Apple/Google if you use their push. For Riot, that server is run by the New Vector (vector.im), the outfit which makes Riot.
The network traffic should make this very clear.
I just fired up Riot 1.6.2, the latest available from the site.
It makes three connections, one each to matrix.org, vector.im, and riot.im on startup.
Even after removing application settings and preferences, it connects to all three of those on startup, just sitting at the login screen, not signed in to anything. I didn't opt in, and I didn't look anything up; it was automatic (and silent!) on a blank install.
That's completely unacceptable, and counts as telemetry to three separate parties, whether intentional or not.
The local app should not send any traffic whatsoever when launched and sitting at the login/signup screen. It should make a connection to the homeserver chosen to log in to, and that server alone.
I just filed it as a bug again: https://github.com/vector-im/riot-web/issues/13942
I never had a single one of those you listed here.
How is rotating photos properly not a priority for a messaging app? It's really annoying to have half your photos rotated sideways, and it screams "buggy app" to both participants of the conversation.
At this point I'd say you desperately look for something to complain about. Why don't you just not use it and check your PC? There is obviously something wrong with it.
How would you even take a photo in landscape using the desktop?
And I don't know what you mean by screen lock if it's not the lock screen. However, as I said: the photos are properly oriented within the app so whatever your issue is, it can't be that urgent...
Seriously... I do not understand how they keep investing in this gold-plating when the plumbing keeps getting clogged up.
EDIT: Those are two different people.
My 6 year old son just discovered the augmented-reality tricks in the LINE app (adding a mustache, hair, glasses, sound effects etc). He got my mother (68) to install it and now they use it pretty much for all their video conversations. This replaced FaceTime, despite FaceTime having better sound and picture quality (edit: and even some effects).
He's in the age (and COVID-19 environment) where he starts speaking to cousins and friends online. So I imagine LINE spreading pretty quickly in similar circles based on those features alone. That's the stuff that drives adoption, as silly as it might be.
That said, yes, the plumbing needs to be in working order, or no silly feature can cover over the leaks (or smell, if we're going with the metaphor).
Unfortunately not. If most of my friends and family favour mustaches and effects (which seems to be the case, I would imagine as a general rule), and I favour security (the minority, as a general rule?), then I won't be able to talk to them securely.
I use WhatsApp to people who don't care about security, and I can only be contacted by Signal for business stuff.
I was disappointed to see that a mobile number is needed and that this number is shown by default in groups. Mobile numbers are much more trackable then email addresses in my opinion. And I do not understand at all why others should be able to see them so easily.
So I now prefer Telegram because at least it hides numbers in groups by default.
And ultimately even if the people you are talking to and your messaging provider are 100% trustworthy and never make mistakes, they usually cannot resist a lawful government request for data. Signal just has virtual no data available to provide them; Telegram could give them entire chat histories, and could be required to provide access to in-progress chats.
To save time he mentions that owning a SIM card or a smartphone with a Contacts application that holds phone numbers is a portable social network by design.
Pushing his idea further it's much easier for anyone to learn the penetration of Signal by checking against existing phone numbers. I can't imagine someone with a 200+ phone numbers querying service to validate a phone number is registered with Signal.
And while nicknames sound perfect in theory they lack one specific thing — validation of authenticity of a speaker. By this i mean an impersonator can claim the username and pose as someone else. Given a lot of people use transparent nicknames on the internet, it can pose a threat. So even when the nicknames roll out as a feature of Signal, it's good to facilitate somehow that a party i'm in contact with is someone genuine. Checking against phone numbers can mitigate the risk of fraud.
To be even more explicit about it, in the hope you understand: the vast majority of people trust large companies (which is bad but frankly not insane) but absolutely do not trust random assholes/creeps on the Internet. The security model of Signal is saying you don't have to trust Signal, but you weirdly do have to trust all of the random people you interact with with your phone number.
And so, in the context of this thread, that explains why someone would claim Telegram is actually better than Signal, because what people do with Telegram is join massive group chats that are either 1) public, 2) have so many people in them that if you think what you say isn't going to be logged you are fooling yourself. So the value of end-to-end encryption in this context is essentially zero; but, being able to join some large group chat with a ton of strangers to talk about some open source project or whatever you are doing without any of those people now knowing your phone number--an identifier which is tied to a large number of "real world" concerns and is ridiculously difficult to change--is actually extremely valuable.
Honestly, even if you aren't quite in those sets, the tradeoff still isn't an obvious win for Signal. As an example, let's say you are in a group of people talking about a protest. Are you more concerned that the company relaying your messages will be served a warrant to monitor your chat activity (which generally has some requirement of probable cause for a specific action, and likely requires knowing about the existence of a chat in the first place) or that one of the people in your group chat is actually a traitor or even an undercover cop (which can get in a number of groups and pretend to be an ally while passively monitoring for things they want to shut down)? The latter is actually a much more realistic attacker model, and with Signal now that person has your phone number, which means you are screwed. Using Signal correctly here requires getting a burner phone, which is way more effort than is reasonable.
The use cases for the privacy and security model of Signal are thereby inherently limited to people you trust with your phone number. Like, it is sometimes difficult enough to get people to want to use text messages sometimes as they don't want to give out their phone number: Signal doesn't solve that, and so is confined to the subset of communication that people currently do over SMS(/iMessage) and can't really ever begin to carve into the market share of Telegram, or even Facebook.
And so, realistically, Signal does not, can not, and should not manage to displace Telegram, which I say with sadness as I am someone who has not and likely never will forgive Telegram for claiming security properties their system didn't have (like, I am not Telegram fan, and while I have the app I only use it a few times a year; that said, this is more than I am willing to tolerate Signal, due to a number of reasons that are mostly unrelated to anything in this comment).
(And FWIW, I personally would not recommend usernames, and in fact would personally be much more angry about that than phone numbers for various reasons; if Signal decides to roll out unique choosable usernames I am honestly probably going to hate on it even stronger because of it: you are arguing a strawman here :/. But to claim that phone numbers are fundamentally better is awkward regardless, given how phone numbers aren't even a good security layer due to the prevalence of number porting. This is just one of the many devastating things that Moxie is wrong about.)
You're swiftly jumping to conclusions on a comment that only describes a point of view. Not my own perception of how the trust model should be established and the capabilities current messaging services provide.
>>... but, being able to join some large group chat with a ton of strangers to talk about some open source project or whatever you are doing without any of those people now knowing your phone number--an identifier which is tied to a large number of "real world" concerns and is ridiculously difficult to change--is actually extremely valuable.
As someone who suffered harassment by getting the p/n exposed at Whatsapp and being followed by the same person almost everywhere where's it serves as an id (Signal, Telegram) i wholly share your concerns. But it's a privacy matter that almost none of the current messaging platforms really offers bundled with solid UX and data transparency.
What am i trying to convey by how i comprehend Moxie's rhetoric is that Signal tries to be a Whatsapp alternative (given the latter really can access messages in a group conversation when a participant reports contact) by not harvesting the user data (cheers Telegram) and providing little bit more control over the conversation on both ends (self destructing messages). Signal has bigger focus on security right now however the use case is to be accessible to a wider audience. From that point of view Signal really stands out. And it helps me personally to, sort of, separate communication spaces.
>>Honestly, even if you aren't quite in those sets, the trade off still isn't an obvious win for Signal. As an example, let's say you are in a group of people talking about a protest.
Look, if you propose Signal needs to accommodate guerillas, rioters and protesters organize and act with impunity it's a privacy issue and Signal isn't serving this purpose.
If you look in the past main attack vectors on messengers are via exposed phone number, third-party insecure cloud backups or just physically accessing your device. Telegram addresses all of these while also allowing e2e encryption, just not by default for now because UX. At the same time many other popular messengers advertise "e2e by default" while being not secure at all and having mediocre UX (no desktop clients, no seamless sync, no usernames etc).
They're laying the groundwork to change this. Part of the purpose of the PINs rolled out last month is to enable centralizing some data to allow for other addressing schemes.
Telegram, messages in plaintext on the server? Encryption that isn't open? Yeah telegram is a bit of a non-starter if you have these kinds of concerns as far as I'm aware.
Signal’s use of phone numbers as IDs means they don’t have to have any of your contacts sent to their servers.
As shown in the article they have no metadata and nothing to reveal beyond your phone number and when you signed up.
These other apps send your social graph to their servers, track and store metadata, don’t have encryption on by default, roll their own cryptography, or some combination of all of these things.
The phone number obsession on HN seems dumb to me - a meaningless thing for people to repeat and complain about that doesn’t actually matter so they can sound like they know what they’re talking about.
I don’t get it.
The only real criticism I have for signal is that they’re not federated so they’re vulnerable to shutdown. I think that’s okay though because we have Matrix working on that problem and having both is probably a good thing.
It’s also a thoughtful and intentional choice: https://signal.org/blog/the-ecosystem-is-moving/
The response from Matrix: https://matrix.org/blog/2020/01/02/on-privacy-versus-freedom
Adversaries will attempt to social engineer customer service for your phone carrier into issuing them a new SIM or porting out the number, so they can receive verification SMS and phone calls.
Signal did the same thing. They invented their own cryptographic algorithms. https://en.wikipedia.org/wiki/Double_Ratchet_Algorithm
And the social graph IS sent to servers by Signal. It's protected only by hashing (trivial to circumvent) and by the Intel SGX technology (a bit harder to circumvent, but I doubt that the US govt can't do it).
Telegram's crypto is reportedly designed from scratch, with questionable choices such as SHA1 and MAC-then-encrypt.
Also, Telegram uses SHA256 now in the places relevant for security, so that point was resolved.
Am I wrong?
Signal’s cryptography has also gotten a ton of attention, I don’t think the same is true for competitors.
Well, if you're operating on that premise, which is to say, a premise of complete and total resignation and surrender, then from that starting point of course you haven't lost anything. I don't think anybody is joining you though in agreeing that that's a legitimate starting place to analyze privacy concerns associated with the phone number requirement.
If you're required to use ID to get a SIM (as K2L8M11N2 stated in the parent comment I replied to), then what I was saying follows - that the person is already tied to the phone number anyway.
In this context Signal revealing the only data they have (that a phone number signed up on X day) really doesn't matter or reveal anything new.
K2L8M11N2's other response to my comment is a helpful clarification, it's less about what can be compelled from Signal the company and more about what can be turned over if a user's device is compromised. In that context the name to number connection is more serious because they also have the content.
>If you're required to use ID to get a SIM (as K2L8M11N2 stated in the parent comment I replied to), then what I was saying follows
Yes, and this is what I was responding to. You want that "if" to be taken for granted as an unchallenged starting premise to your entire argument. And that amounts to a massive privacy concession. And the fact that I'm challenging that premise, and bringing up the privacy concerns that are associated with that "if", that is the thing that you're describing as uncharitable. Even though you don't appear to dispute that it is indeed a privacy concession. And it only follows if you don't contemplate alternatives to using a phone number, which is what I took to be their point about the problems associated with a phone number.
>and more about what can be turned over if a user's device is compromised. In that context the name to number connection is more serious because they also have the content.
That's going true in any context where your number can be revealed, which is why it has unique disadvantages that usernames wouldn't have, under any conceivable hypothetical scenario. I'm glad that you benefited from their clarification but that struck me as a truism about the nature of phone numbers versus the nature of usernames.
I don't want that 'if' to be anything. It was the premise, because the parent comment I was responding to was stating it as a fact for where they live.
My point is that signal revealing your phone number and when you signed up doesn't reveal anything new about you. The issue is the case K2L8M11N2 mentioned when they have compromised a device (and can now tie content to IDs via the phone number).
> "That's going true in any context where your number can be revealed...under any conceivable hypothetical scenario."
This is just false? Without access to the content on a compromised device a phone number alone doesn't reveal much (that's the entire point of the e2ee), if it limits the ability for Signal to hand over the social graph or any other metadata (which does reveal a lot) that seems like a win.
Obviously revealing the phone number still reveals more than a username would, and if you can get all the benefits of not having to upload your social graph to their servers or share metadata without having to use phone numbers that would be better - I think they're working on that.
People using apps that upload their social graph and collect their metadata so they don't have to use their phone number are probably making the wrong choice when considering the trade-offs.
The phone number is much more valuable to any authority than other metadata because they are more likely to have access to cell service than to messenger services.
In the context of the post, signal is much more vunerable than even basic things like email or web chats because police can effortlessly identify anyone in the group chat with a single request to cell company.
This is no excuse other than copying the leading app for no good reason.
Stop asking for phone numbers!
My mother has my phone number. A few of my closest friends and family have it. That's it. I have like 10 actual people on my phonebook. My phone provides immediate 24/7 access to me, and there are very few people who are close enough to me that I want to be able to reach me at any time.
Some Silicon Valley company with an inflated sense of importance is never on that list...
Moxie should know better, but this blog post repeatedly boasts about privacy while not addressing this at all. Getting basic encryption into the hands of the masses is a laudable goal. But when the popular threat model changes (eg pocket computer compromise incident to arrest at a protest - an "evil raid" attack), you either need to adapt or you've become an attractive nuisance.
Specifically I'm envisioning an attack where say ten protestors are arrested and found to have a shared contact, and then the police turn that phone number into a real world identity and go after that person for organizing.
Also the people doing shady things are generally hopping accounts regularly anyway.
Also, anyone who had communicated with you before the switch would see a “safety number changed” notification if the number became affiliated with a new device.
EDIT: Found the related docs, appears they had been edited since I lasted looked at them; for example, you can now disable PIN reminders:
And yes, “anyone who had communicated with you before the switch would see a ‘safety number changed’ notification if the number became affiliated with a new device” is correct, though so is my statement about new numbers adding the number. To be honest, I have caused the alerts to happen before, the other user had no idea what they meant, didn’t say anything, just clicked okay.
Telegram messages are encrypted at rest on Telegram's servers with the keys held by Telegram the company. 
MTProto is fully open-source. 
Here's a FAQ of Telegram's most frequent criticisms. 
I like Telegram, but not for security. Nobody should.
I use Telegram because it delights its users. When I have tried to bring friends and family to first Riot, then Signal, the experience I encountered was one of frustration, whether it was messages unexpectedly not syncing or delivering, the pain of cross-signing new devices for E2EE (RiotX), or the paucity of features. I have tried nearly every messenger that exists in an effort to seek out a usable compromise for laypeople and Telegram has been the only one to make that bar.
We use Matrix in my workplace because I can count on the employees being technical and patient enough to forgive having to input a multitude of varying passwords in succession just to get their session going.
> PINs will also help facilitate new features like addressing that isn’t based exclusively on phone numbers, since the system address book will no longer be a viable way to maintain your network of contacts.
Contact lists can be useful information for an attacker. If Signal doesn't have it, it can't be taken from them.
the only thing that phone numbers help with is discovability of signal users among your existing phone contact list.
that is something i explicitly do not want. ever.
telegram and wechat allow to block being found via phone numbers.
I own a cellphone number for an Eastern European provider and had been using Telegram solely for news reader purposes. None of the people i communicate knows the number.
Much to my surprise i learned that Telegram cooperates with local authorities, i would never found it out if not for COVID-19. The messages i got were addressing the precautions and regulations during the pandemic. While i appreciate the effort, i feel like it's a clear overreach on Telegram's part.
How do i know it was Telegram rather than the authorities themselves? The sender information clearly stated the sender was Telegram (same as a chatbox created to inform on What's new), i've got a push notification even though push notifications were app level turned off.
Can't imagine Signal compromising the trust of it's userbase by sending any sort of material that comes from the healthcare department of whatever country my phone number would be from.
`Nothing to hide` isn't the point of my message but the willingness of Telegram to collaborate with 3rd parties be that for a good or bad cause is what concerned me. I already own a tool to get unsolicited messages — email.
there is a difference between enabling phonenumbers as an ID vs requiring them.
signal could easily support both. (i read somewhere that they plan to support alternatives to phone numbers in the future, just haven't made it a priority. well, i'll wait. edit: actually it's mentioned here: https://news.ycombinator.com/item?id=23435050 )
This is why I refuse to have Whatsapp and Signal, especially when you live in 3rd world country. It just take ONE SCREENSHOT of you saying something controversial in group chat, that screenshot goes viral to certain radical group, then your phone get spammed death threat.
Not to mention you can and will go to jail if those radical group sue you, thanks to draconian laws (UU ITE) here in Indonesia. You didn't get to jail because you said something that actually insulting someone, you get jailed because you are TRANSMITTING something that can be interpreted as an insult.
It is still very early stage and discoverability/groups are half backed (can't add people to group after creating it with 10 being the limit) but it solves the centralisation problem of signal.
This bill is so stupid in that tech companies can relatively easily move.
This is one of the reasons I've started to appreciate Matrix a lot more lately.
So like, as long as they add in the backdoor?
I think with sufficient funding for a legal department, Signal could work without the section 230 exemption. In practice, they don't have that money and would be forced out of business long before they were able to prove their case.
Time for a privacy focused app store!
The ordinary non technical user has no idea of how to manually verify the sha256 checksum of a APK they've downloaded from the "official" software developer of an app.
I guess this is what you're referring to:
"Given that these features are already functional once enabled, it may not be long before the sideload protections arrive for those who enrolled in the Advanced Protection Program."
Perhaps developers will one day be required to provide proof of ID to Apple or Google before being allowed to carry out the "dangerous" activity of installing unapproved software.
Can you give more details on this? I wasn't able to find anything with google-fu except this post, which is surprising.
Did you google it? You're simply wrong.
It is open-source as it was, I didn't dispute that, but they are liable for their users if this bill passes, and they will easily go bankrupt. If there's no commercial entity, then liability falls to the developers most likely--whose identity can be obscured since they're developing Signal hopefully.
They have a standard corporate structure--based in Delaware, registered as a Foreign entity in California.
If you've googled it, surely you're aware of the Signal Foundation, the 501(c)(3) parent organization of the LLC.
And while OWS/Signal Messenger did not have formal non-profit status prior to the Signal Foundation, it was never acting as a for-profit entity:
> in general, Open Whisper Systems is a project rather than a company, and the project's objective is not financial profit.
: https://news.ycombinator.com/item?id=7701666 (2014)
The Signal Foundation is responsible for all costs associated with the project--without it the project wouldn't function.
OWS was also largely a corporation, but it wasn't require for TextSecure to operate--a key difference.
> And while OWS/Signal Messenger did not have formal non-profit status prior to the Signal Foundation, it was never acting as a for-profit entity:
A corporation, non-profit or not, is still a corporation. Based on my knowledge of full-cycle accounting for non-profits, they tend to make more profit, they just pay less taxes.
Having a non-commercial parent doesn't mean your business is non-commercial, Signal Messenger LLC is the corp which is associated with Signal Messenger. Signal Messenger could offer private equity, since Signal Foundation is not the exclusive shareholder.
I have an M&A lawyer right here if you want me to ask him.
In any case, I doubt they have enough funding to do this in a standard donation-based non-profit, it seems like there's a non-profit which is used to funnel money to the commercial entity, Signal Messenger LLC.
It's a standard structure, I'm sure, but it's definitely not your standard non-profit.
I'm more concerned about the coloquial use of commerical in any case--does the corp make profits or not, not whether they pay tax or not. I'd say they're looking to transition into a fully non-commercial entity, but for the purposes of this thread they are still a corporation and can still be held liable for their users' actions--in this case the app can still operate without a formal legal entity, but it would be removed from app stores, I'm sure.
If the commercial entity fails or is held liable, we just need a distributed profile system, should be easy enough.
But it just feels cheap and detrimental to LARP as a tool for revolutionaries. I want a clear concept of privacy for a stable society to rely upon. That even the most trustworthy authority be kept out by design as a security principle. I don't want my messaging app to be opinionated, pick sides or declare themselves part of the ongoing "progress". Will they sing the same tune when it's other group taking the streets? Because everyone has a different idea of the kind of revolution that is needed, and certainly my phone should not have a say.
Cool, pick a new app.
It’s naive to think a small group will work against very powerful forces and against all odds and not be ideologically driven.
Your use of "ideologically driven" is confusing. Of course they should be driven, by their ideology on how a messaging app should be. But how could their opinion on the protest drive them? Just some weeks ago a whole different crew was taking the streets fighting for their own "freedom reasons". Some years ago there was the sad tiki parade.
It's like setting up a gun shop in Syria and claim your guns kill "the bad guys", whatever that means to the customer.
I'll choose the app that works best for me, and will call it out when someone feeds the meme that privacy is for rioters, unwittingly even.
Some people believe in first and fourth amendment rights.
Moxie, one of the original developers of the Signal protocol:
Tracking everyone is no longer inconceivable, and is in fact happening all the time. We know that Sprint alone responded to 8 million law enforcement requests for real time customer location just in 2008. They got so many requests that they built an automated system to handle them.
Combined with ballooning law enforcement budgets, this trend towards automation, which includes things like license plate scanners and domestically deployed drones, represents a significant shift in the way that law enforcement operates.
Police already abuse the immense power they have, but if everyone’s every action were being monitored, and everyone technically violates some obscure law at some time, then punishment becomes purely selective. Those in power will essentially have what they need to punish anyone they’d like, whenever they choose, as if there were no rules at all.
Even ignoring this obvious potential for new abuse, it’s also substantially closer to that dystopian reality of a world where law enforcement is 100% effective, eliminating the possibility to experience alternative ideas that might better suit us.
ACLU: For more than a decade now, Americans have repeatedly encountered illegal and unnecessary spying by local, state, and federal law enforcement on lawful and peaceful protesters.
EFF: Theft, damage, confiscation, or forced deletion of media can disrupt your ability to publish your experiences.
EFF: Here is a review of surveillance technology that police may be deploying against ongoing protests against racism and police brutality.
> feeds the meme that privacy is for rioters
Ok, I get it. You’re upset about the “rioters”. Choose your new app and carry on.
Guarding people's privacy and rights to a voice (during protests or otherwise) is a good use of the first and fourth amendments. But let's not confuse form and content. The protests are not advocating privacy, and I'm not even going to voice my opinions about them. There's a difference between backing the content of the protests, and defending the rights that incidentally enable them. The blogpost in question ended with "it’s your powerful voices that are out there organizing and advocating for change". I can only construe that as either explicitly siding with whatever ongoing protest there is, or an empty general statement (I assume it's the former though, but makes little difference to me).
I think my point got side-tracked by fault of my own. I don't require every single thing I use not to have ideologies attached, because it's simply impossible. And everyone has every right to voice their idiotic opinions, God knows I'm doing that. But it saddens me that more often than not people who could choose to be content-agnostic instead leverage their position to fight the good cause. And there's a thousand conflicting good causes.
Thanks for the links, btw.
What baffles me is the the incompatible feature matrix.
First of all, for some reason iOS users get the updates faster than the Android. I was exploring emoji reactions yesterday while my Android contact admitted the feature was not yet available for his device. I had to double check with Play Store to confirm.
I've found peace with the sync issues for the desktop client though, it got much more stable compare to 8 months ago. What still feels like a massive UX problem is inability to forward messages on the desktop. Given, i have lots of people coming from different places that do not know each other but share same interests it's just painstaking to copy/paste the same URL five time in a row.
And at the same time, there's no support for the Android tablets as secondary devices.
For a person deep in Apple ecosystem it felt weird to learn that Android users don't share the same experiences i do. That makes the sales pitch to try Signal way less appealing for the Android folk.
That's interesting, because i've been looking for a way to share core logic code across platform (mobile & desktop at least), and still haven't found something really user friendly. From my brief lookup (rust & gomobile are the ones i've looked at), it seems that most dev environment seem to support some kind of C-style interfacing, but it becomes much more clumsy as soon as you're trying to have it run on java.
Has anyone found a solution that he's comfortable with and would recommend ?
i had hoped some people here would chime in with this trick, but it doesn’t seem like it
The inconsistent features between iOS and Android are annoying.
Not having a backup is seen as a disadvantage by many but i literally feel it's for the best. There's plenty of scenarios when parties benefit from it.
Or losing your phone.
Or accidentally breaking it.
Or having it stolen.
A backup protects my data in these situations where a transfer utility does not.
Backups disabled by default would be a sensible approach, but is very much being childish not to let users access their own data.
That's weird? Do you mean this feature: https://signal.org/blog/reactions/?
I'm on Android, and it's been available to me for ages...
First I think it would be useful at protests, to preserve privacy (and whatever side of the political divide you are on, I hope we agree that covert government surveillance and tracking of people at a protest is wrong, here, in HK, or wherever).
But it would also be nice to have when outside the reach of cellular or wifi internet. Think camping, traveling, people living with intermittent power, or those who lost power in some sort of disaster or emergency.
I'm honestly not sure if this would be feasible, as I don't grok the signal protocol fully, but the signal protocol does support async messaging.
"PINs will also help facilitate new features like addressing that isn’t based exclusively on phone numbers, since the system address book will no longer be a viable way to maintain your network of contacts."
Thankfully they are moving away from this with the option to use a PIN instead pf phone #. Not sure when that rolls out, but I'm v. excited for it
I'm also trying to move my chats from SMS and Gchat to something encrypted, but am torn between WhatsApp and Signal. The former has more of a buy-in with my contacts already.
I realize WhatsApp is owned by Facebook, but isn't the whole point of e2e encryption that you don't have to trust the intermediate infrastructure? And if you enable the setting to warn if the key changes, there's no danger, right?
1) Do you trust facebook with messaging metadata? For example, do you want them to know that you messaged your friend Jane a specific number of times on specific dates, knowing that they can coorelate this information to facebook profiles, and will give up this information for ad, and law enforcement purposes.
2) Do you trust Signal's infrastructure to be reliable when you need it?
3) What is you're threat model? For me, I want to be kept out of all ad-related data sets, and I want to have conversations with friends without having to think about a paper trail.
4) Do you care that you will have to convince people to install yet another messaging app?
5) Do you trust that Signal and WhatsApp have correctly integrated the underlying crypto protocol? I assume that you would, considering its history. Still, I would trust signal more in this regard.
6) Do you think that Facebook or Signal is more likely to cut a privacy corner in support of a ease-of-use feature? Do you care?
For my friends, the answer is that I use signal. Everyone who doesn't use signal falls back to getting SMS, or phone calls. The problem here is that SMS and phone calls are both huge privacy holes. For my threat model, I don't care, but you might.
The important distinction here is that WhatsApp uploads your entire contact book to Facebook. They have up-to-date information on your entire real-life social graph (including people who are not on Facebook and/or never shared their phone with Facebook) and the groups you belong to. If you don't believe me, request a copy of your data in WhatsApp and see for yourself.
So, by using WhatsApp, you are basically snitching on your friends and uploading their data.
Think about the implications — one day, you or one of your friends will add a phone number to Facebook (of course, "for security purposes only, to recover your account". From that moment, Facebook will be able to link an online identity to an offline one, and mine a trove of data: friends, groups, locations.
If you want a different way of looking at it, Facebook paid $19 billion for WhatsApp. That's how much it was worth to them. You don't spend 19 billion dollars just to watch e2e encrypted messages fly by.
I admire the way WhatsApp markets itself as the "encrypted" communications app, somehow hiding the whole problem with groups and contacts as insignificant. Another frequently seen spin is on Signal: that it "only hashes" the phone numbers and that it's "effectively the same thing". Good PR moves, both.
There are specifically two points that make me not confident in WhatsApp keeping my messages secure:
* I don't have time to dig out a good source for it right now, but I remember seeing a credible claim that they already have in-place a mechanism to instruct the client app send back cleartext messages to a server. If they do not, it would be trivial to add it in an update.
* The client will keep nagging you to enable cloud backups of message history. If you our your counterparty does this, message history is stored in cleartext on one of the major cloud providers. Are you confident that the person you're talking to hasn't enabled this, maybe even by mistake?
If the client app is open source. There's no way to know FB isn't just copying your keys or doing something else nasty. That whole spiel on their site about how E2EE protects you/makes the world a better place/yada yada is completely moot since they use a closed-source client.
Even if you turn it on and you're not afraid of the server swapping the key when you send a message (which is fair enough), do all your contacts also have it turned on? And would they tell you immediately and out of band (otherwise the attacker can suppress or change the message) that they saw your key change?
But an even bigger reason I don't have whatsapp is because of Facebook. Metadata has already been mentioned by others so I won't repeat that.
* Message sync is like non-existent. Messages on my phone or laptop aren't kept in sync at all. Delete one one place, they don't delete in both.
* Let me edit messages, like every other message platform. I also want to be able to delete messages from the group. When I delete it deletes locally but not for the group, not even between my own devices I don't think. This sucks because deleting the message implies to anyone who has used a message system that the messages are deleted from everyone, but they aren't. Oof.
* When you set messages to expire, you can't make them expire. It only applies to future messages. I want to set this at the conversation level, not on a weird message-by-message basis with no way to change it globally after.
* I want to be able to sign in without using a cell phone number. Let me sign up with anything else, don't tie it to a cell phone line that can be hijacked.
* Let me add emoji responses to messages. Like every other message platform.
* Bonus, be peer-to-peer somehow. Dunno, like Blockchain magic it or something. Don't make me rely on some server somewhere. Just makes me feel uneasy that there's a middle man with all my messages.
How unrealistic is all this? (=
"...Today, we are launching the Signal Foundation, an emerging 501(c)(3) nonprofit created and made possible by Brian Acton, the co-founder of WhatsApp, to support, accelerate, and broaden Signal’s mission of making private communication accessible and ubiquitous. In case you missed it, Brian left WhatsApp and Facebook last year, and has been thinking about how to best focus his future time and energy on building nonprofit technology for public good.
Starting with an initial $50,000,000 in funding, we can now increase the size of our team, our capacity, and our ambitions. This means reduced uncertainty on the path to sustainability, and the strengthening of our long-term goals and values. Perhaps most significantly, the addition of Brian brings an incredibly talented engineer and visionary with decades of experience building successful products to our team."
At the moment Signal really thrives at replacing texts (ephemeral one-to-one chats), while riot excels at team communication.
* It's "Custodial E2EE"
* Needs a phone number
(I'm not going to bother with his complaints about the crappiness of the desktop client or convenience of the design because those are non-sequiturs to the security of the app)
I asked him to define "Custodial E2EE". His words: "They have ownership of my keys, use phone number auth to access them and I cant expatriate them"
I managed to suppress my xkcd-386 instinct and go to bed, but my intuition is still that he's quite wrong about that. I may or may not resume my arguement with him; I got the impression that his disagrements were rooted in a Matrix fanboyism, but I'd like to be equipped to refute such arguments in the future.
I can somewhat sympathize with the phone number argument, and I think it comes from a concern about metadata leaks or opsec. I think that concern ultimately stems from a wrong threat model, but I'm not sure how to refute that. I have however, come across a number of tutorials which cover how to register a Signal account without using your phone numbers, so I feel confident I can refute the argument that signal must have your phone number, even if I can't refute the underlying wrong thinking.
Regarding the "Custodial E2EE" argument, I'm not sure where to begin. Anyone have any suggestions?
On the second point, I think they are quite correct. Yes, this depends on your use-case, but I consider the ability to have multiple and disposable identities to be somewhat critical to any messaging system calling itself suitable for security-sensitive use. Unfortunately, Signal is designed explicitly to make multiple or disposable identities impractical. Above and beyond their desire to be a drop-in replacement for SMS, a reason for this is almost certainly to reduce spam, as the need for a valid phone number makes it difficult to register accounts en masse.
In general, this method to mitigating abuse means that Signal cannot practically be used anonymously, which somewhat conflicts with the popularity of Signal as a mechanism for e.g. contacting journalists.
In the vein of criticizing Signal, I would also throw out that it largely abandons the problem of key distribution, effectively implementing a TOFU model that is lightly enforced at that, with "safety number changes" being pretty much normal. It is possible to verify Signal identities out-of-band but not common, and the Signal app does not really provide much tooling to make it easier.
I wouldn't say that Signal is bad, it does a great job of implementing effectively the identity semantics of SMS (including the shortcomings) but with the addition of E2E encryption and TOFU. I would stop short anyone who claims Signal to be a "perfect" or "complete" solution for encrypted messaging as there are common use cases that it has actively decided not to address.
I'm also, to be honest, somewhat baffled that your starting position seems to be that no criticism of Signal could possibly be valid, when attributing the other's viewpoint to fanboyism. Don't take that too seriously, it just stood out to me on reading. :)
Touche. That wasn't my position, but re-reading what I posted, I agree that's it unnecessarily implies that position. Part of me wants to correct that, but I think I'll own my words and leave it there.
However, given the topic title it would have been nice to see some actual documentation on how signal actually works rather than just claims that it doesnt work like the others.
A level deeper than "how signal works" and more "how signal is made"
For example, I'd expect a "how signal works" article to explain why they even need when an account was registered and when it was last used.
"this phone number is using signal" is still a pretty large metadata leak.
Especially when state actors and probably a fair few non state actors can remotely compromise devices via the stuff in the baseband processor.
>Especially when state actors and probably a fair few non state actors can remotely compromise devices via the stuff in the baseband processor.
A more accurate phrasing would be "this phone number was used to activate signal". If you only care about messaging other Signal users, you only need to have a baseband connection exactly once, when you receive the text message to confirm the number. After that you can toss the sim card and put in a different number, or run without a sim card at all and just use WiFi.
You don't even need to have the sim card in the same phone you will use with Signal when you receive the confirmation text.
There have been mutiple baseband RCE exploits published in the literature and demonstrated at blackhat - and they dont include any that were put there intentionally.
If you are not using a sim smartphones are pretty useless.
Im a long way from convinced that centralised servers have any role to play in reasonably secure e2ee, they certainly are not a requirement for other services such as firechat used to use before they got shutdown and bridgefy is making use of.
> There have been mutiple baseband RCE exploits published in the literature and demonstrated at blackhat - and they dont include any that were put there intentionally.
You can't target a WiFi exploit against a phone number though, so that's irrelevant to the Signal situation.
>If you are not using a sim smartphones are pretty useless.
Maybe I spend too much time hanging around places with WiFi, but I almost never need to have a sim card. I don't even have data on my current plan.
If Antifa is designated as a terrorist organization, then we'll see all the counter-terrorism tools brought to bear against them. If the state can't break Signal encryption, then you'll see renewed energy for anti-encryption / anti-privacy policies.
Genuine question because antifa is a mixed bag - there isn’t really any consensus on whether what they do is good or bad. Seems to be all over the damn place.
 Plenty of sources, but first result for obvious keywords: https://abcnews.go.com/Politics/antifa-group-trump-designate...
Edit: The comment I replied to originally asked "There is no consensus on wether being against fascism is good or bad?"
It’s clear from the downvote brigading that this isn’t a thread for discussion.
I think a better analogy than ISIS would be "groups that say they uphold the ideals of Islam."
> And how was the "is there not a consensus on antifascism" question invalid?
It's not an invalid question, just a leading one.
But even reading the Wikipedia article, it describes such a broad range of ideologies and tactics that I think the only thing really unifying the term is literally being anti-fascist. This has been my personal experience as well - I know a lot of people who identify as antifa, but they vary wildly in how that manifests.
Not always, but sometimes. They don’t seem to have a designated modus operandi.
If you are aware of sources that indicate otherwise, would you mind sharing them?
It's impossible to designate Antifa as terrorist organization in practise because it's not an organization. It's a movement. It's also impossible to designate white nationalism or alt-right as terrorist organizations.
If they can name actual organizations and name people participating in the movement, it might work work against them, but they are not Antifa.