[plusquamperfekt]

> I tend to repeat the 'central server' and 'a phone number is not an address and not public information, it certainly is no identity' criticism.

Your phone number is not your identity in Signal. If you change SIM cards then your friends won't notice and the app works as before.

Signal is based on asym encryption - your private key effectively encodes your identity in combination with your public key.

> And only if the first client is Android?

There is no point in dwelling on that. Android and its syblings are the only potentially secure popular smartphone OSs. Apple and Microsoft OSs are fundamentally flawed in that regard.

[tptacek]

Approximately zero is the number of software security experts that would agree with that assessment of Android's security versus that of iOS.

There are a lot of totally fine reasons (shakes fist) that OWS would start with Android; they might all have Android phones, they might have ideological problems with app store review, it might have just been an easier platform to build for. But yours isn't one of the valid reasons.

[giovannibajo1]

Do you happen to have a reference to any kind of freely available technical publication (blog post, etc) that goes through some core points to reach this conclusion? I read many things around for years and I agree with the general statement, but I failed to find a recap that can be used to explain the core points of differences to people not familiar with the matter.

[plusquamperfekt]

Huh? Apple and MS have a record of communicating in sharing data with US government - plus as companies providing closed source software they are likely to introduce backdoors ... also something you might have heard of since Snowden.

[tptacek]

I'm making an engineering point, and you're making a conspiracy-theoretic point.

[mapgrep]

Engineering and corporate behavior aren't really orthogonal topics, are they, when the actual engineering you want to inspect is unavailable (closed source) and you have to rely on observed behavior and trust?

If Apple actually did have a history of, say, pushing customized "iOS update" binary blobs at USG targets that undermined all the security features they describe in their white papers and in their (other) marketing, that would actually be entirely relevant to claims about the security of iOS, would it not? Even without such on-device updates, a system like iMessage can potentially be thwarted if Apple itself decides to cooperate with MiTMing, at least in certain scenarios.

(Btw I'm not actually endorsing OPs point that Apple is too close with the U.S. government. That does not seem accurate given the public heat brought down on Apple by entities like the FBI recently. But if it were Microsoft, there would be a point there.)

[tptacek]

I think Apple has gone through a lot of trouble to avoid being forced to compromise iMessage, but I am not recommending iMessage. iMessage is orthogonal to Apple's platform security, which is simply better than Android's.

That's all I'm saying.

[jacquesm]

Closed source it may be but what's stopping you from reverse assembly? After all even in 'open source' you still don't know what you run unless you built it yourself. And even then you have to trust your toolchain.

[wtracy]

And the Android build shipped with your phone is provided by your telecom provider, which presumably cooperates with your favorite Three Letter Agency.

So, you flash the phone with your own build? Most phones on the market rely on proprietary drivers only available as binary blobs. Even if you find a phone that has all Free drivers, can you replace the bootloader with your own trusted binary? Even the bootloader isn't nearly as dangerous as the baseband processor, and I don't know of a single phone with a Free baseband OS.

Sorry, as much of a fan as FOSS as I am, with your threat model, every phone on the market is equally bad. This might change once we're able to eliminate baseband processors from smart phones, but even then I wouldn't hold my breath.

[darklajid]

We had a similar exchange earlier.

If the phone number isn't my identity - what is the phone number for? I don't need a phone number to generate my key, do I? It seems, as far as I can follow from the outside, that phone numbers are used as namespace. Maybe 'identity' goes too far, but so far I understand that the number you register with is your - erm - user id?

Help me out. If that's totally wrong, if I "didn't get it", I'd be glad to learn more. But .. then again: Why require a phone number (-> No standalone client on the desktop)?

Thomas basically destroyed that security argument already, and I'd actually prefer a niche OS (FxOS, but I'm getting more and more into SailfishOS demos atm).