[cpbotha]

Signal servers only know who talked to whom, but otherwise are physically not able to see even a smattering of the contents of the communication.

Correction: The signal servers don't even have that bit of metadata. See [1], they only store the last time that a user connected to the server.

[1] https://en.wikipedia.org/wiki/Signal_(software)#Servers

[est31]

> The signal servers don't even have that bit of metadata. See [1], they only store the last time that a user connected to the server.

Note that it's what they claim at least. It's not verifiable client side, and to be honest, it's hard to come up with a scalable protocol where this is the case, but you should still not repeat their claim as a matter of fact while in reality we only have their word that the code actually matches what's deployed. And even if they don't store anything, AWS could still provide interested entities access to the infrastructure to capture what Signal doesn't want to capture. Yes, features like sealed sender are awesome and are an important step, but the service still gets ip addresses, which do provide hints about the sender. Again, likely Signal doesn't store ip addresses but people with access to their infrastructure could.

Furthermore, Signal's encryption doesn't help against people storing all of Signal's traffic and waiting until attacks on crypto algorithms become practical (quantum computers, theoretical progress on attacks). Some secrets become irrelevant with time, others increase in value. The best defense is never having the message leave your country's network in the first place.

And there's the DOS problem. What happens if the american president decides that the EU should be cut off from all US network connections? The EU parliament members can't even organize a good response to this because they use an american service...

[tadzik_]

Signal app is also canonically distributed by Google Play/Apple Store, which are US entities under US law. When push comes to shove, an app update may get distributed to select individuals that will happily gather and send all their conversation histories and more.

As an EU citizen, I'm half puzzled and half horrified at how happy the EU institutions are to rely on foreign products: especially coming from a country that has a history of being trigger-happy and cutting people off in the name of a "trade war".

[rawfan]

I compiled Signal for iOS and monitored the sent data through a proxy. Both behave identical. There could be a hidden switch in the distributed binaries that triggers other behavior, but I really doubt it. For Android, there are reproducible builds so you can actually check the code is the same. For iOS reproducible builds are harder but should still be possible.

[squiggleblaz]

Can I verify that the build installed on my Android phone[] is identical to the one that I compiled? For instance, if I mount the device in Linux I can only see /mnt/sdcard, not /, so I can't copy the binaries off.

[] i.e. the build installed on my phone, not the build available no Google's server to download.

[pergadad]

What's the alternative? Private closed-source apps like Threema?

This also is not for official communication , it's just for any case where staff would currently use WhatsApp or similar spyware.

[dependenttypes]

I do not think that anyone suggest to use proprietary alternatives. Instead it seems that the posters in this thread would be more happy if the EU was more independent from the US by for example hosting their own signal servers and forking the client.

[jeltz]

Matrix, which is already used by the French government.

[imtringued]

Under your threat model no internet connected smartphone is safe. Google can just push any arbitrary software to run on your phone and this includes spyware created by governments.

[m4rtink]

Can one really trust they don't store more if they physicaly have the information at one point in time ? Or possibly their upstream connectivity provider could do that metadata scrapping.

[josh2600]

I will link to this each and every time this comes up:

https://signal.org/bigbrother/eastern-virginia-grand-jury/

Signal turned over everything they had on this user (which was two time stamps: user creation and last access), and fought the gag order to be able to publish the subpoena and the response. Signal would have to be pretty stupid to lie to a federal court.

Think what you want, but Signal doesn’t have any metadata to turn over.

[DrScientist]

If I worked for the intelligence agencies I would be capturing all the info going in and out of the signal servers at the infrastructure level.

Even if I couldn't break the encryption I'd have timing and connectivity data.

So, if I were a user, I would always operate on the assumption that info would leak.

[Forbo]

In this threat model, the only defense you would have would be an overlay network resistant to correlation attacks where all nodes are involved in routing traffic (like I2P), or a mixnet like Katzenpost.

Getting people to use Tor for everything is hard enough, good luck getting people to use stuff even more obscure.

[hans_castorp]

And how often where the silenced by US law and weren't even allowed to mention such a thing? We will never know.

[mcv]

Even so, by EU rules, I'd expect them to be required to store the data in the EU.