Signal is open source, you and anyone else can inspect the code. You can then build it from source and install on your android directly avoiding the play store.
Its end to end encrypted chat. They could store the encrypted messages sure. I think the biggest fear people should have with signal is the client side encryption.
Right! the keyword here is "Reproducible Builds". Basically once there is documentation about how to produce the release build, you can do it yourself and compare the resulting hash with the build distributed in the Store.
Generally speaking it does no come for free, but once you find a way (e.g. for iOS compiling with a specific Xcode version in a specific OS with some adjusted config) is kind of doable (except that Apple encrypts your build server side for DRM purposes, so you'll need a jailbroken phone to do something about it)
For Signal there is an open issue here for iOS [1]
and some documentation for Android [2]
This has nothing to do with the comment you replied to, as you have no idea what software is running on their server, so what would it even mean to reproduce it in the first place? The correct answer is merely "the server never received much in the first place so it doesn't matter as much if they stored all of it".
Ok, sure. But what do you propose? It's still a much better situation than what we have with Whatsapp. Is there something that the Signal Foundation could do to alleviate that concern you have? There's no technical solution in any technology for preventing the other side being compromised, as far as I can see.
That doesn't mean I blindly trust them, only that despite seeing potential for abuse I judge that they have more incentive to be telling the truth than not.
Also check the comment by user faitswulff where they mention how they have been subpoenaed "and could only supply account creation time and last connection time".
>>> You're still only as secure as the client on the other side of the conversation. If that one is compromised ... it could very well be sending all messages in clear text to a malicious party.
>> There's no technical solution in any technology for preventing the other side being compromised, as far as I can see.
I don't know Matrix, but I can guarantee that it doesn't solve the problem of a compromised client obtaining the messages willingly sent to it.
Yeah and since you have the possibility of dealing with state actors with deep pockets, you have to wonder if Android or iOS doesn't have the ability to copy your private keys and send those off somewhere for storage. Because of signal's popularity, it feels pretty possible to me.
If the NSA did have it backdoored somehow through the OS, it's a good bet they'd force LE agencies to use parallel construction to keep that information top secret.
That is why we really need open source hardware and OS's. A good (or even functional) open linux phone can't come fast enough.
Key authentication is not for the "paranoid" or simply those with "high risk profiles", otherwise every web browser in the universe wouldn't do it by default on every single connection to every single website. It is a normal, routine thing that is expected in all modern secure communications systems.
We've got certificate authorities to centralize trust for server public keys. And those require trusting organizations that lots of people don't want to trust. We don't have an equivalent system for individuals. There is no trivial push-button key verification process for peer-to-peer communications. Key signing parties suck and never worked. Key validation for things like Signal is nicely automated if you are physically near the other person. But beyond that it is tricky.
It is hard enough to get my parents to use a secure messenger. If I told them they needed to do a key verification process for every person they ever communicate with... they'd just go back to facebook messenger or sms.
I think it is completely reasonable for somebody to say "I don't care enough to worry about validating public keys" while also educating people like journalists about how to do that correctly.
Video calls alone won't stop a MITM attack. They would just send both video streams along, and record both sides.
Signal does have the capability to have a verification phrase displayed, which is generated from the session key. Reading that off can make the video more difficult to MITM, because then they'd have to morph the audio to match the phrase, and if it's done after the video is setup, morph the video as well. Not impossible, but difficult.
This is false. A video call will not prevent or detect MITM. You may be suggesting that a video call is used to authenticate the key, which is certainly a step in the right direction, but I don't think Signal supports this.
It will, because it will prove (or give you a lot of confidence) that the agent who sent you their public key is your legit correspondent.
This uses the fact that the client on each side is open source and inspectable, so that each side knows that they sent only the public key that they generated on their own device.
PS: to answer your last sentence, Signal allows you to flag specifically contacts that you managed to verify. Which is technically equivalent to say that you verified that the public key is theirs.
I do think it is a valid concern. Over the years, various sources reported that intelligence agencies mostly use metadata (who's talking to whom, i.e. the social network) in their analysis because message content is harder to parse and understand (and, outside of email traffic, harder to obtain in the first place).
Metadata can be as damning as the actual message data, and in a lot of places you don't want the authorities to know that you are even communicating at all.
While this is a great way to build trust, there is obviously no way to confirm the App Store version is the same as one built from their public source. In fact, due to the way Apple optimizes apps for each device, this becomes even harder. Furthermore, just because you compile it from source and put it on your phone does not mean that you can reasonably stay aware of or understand all the internal workings that happen inside the app.
I know that developers can post LLVM bitcode to the App Store instead of a binary, which allows Apple to recompile it for architectural changes. I'd be surprised if Apple optimized per device. Creating separate builds with optimizations for different iPhone models would make more sense. Do you have more details on that?
> Furthermore, just because you compile it from source and put it on your phone does not mean that you can reasonably stay aware of or understand all the internal workings that happen inside the app.
Can you elaborate on this? That's exactly what I'd expect of an app I compiled from source.
Are you going to read every commit and fully explore the entire app to know your messages and encryption are being handled securely? And keep doing this every time you update? If so, you have more time than I do. :-)
The software on the server doesn't matter, as long as the encryption is solid on the device. That's the whole point, the devices handles all encryption/decryption so the server can't understand any of the data coming and going. The reason they don't store the data is because it would be pointless. The Github repos contain the device source code which, for most platforms, can be verified.
It doesn't matter if it's not. Security should depend completely on the clients. Public-key crypto allows private communication through insecure channels.
No, it does. In some cases (think dictatorship) - you not only want the secret police to not read your messages - you don't want them to know at all, who are you talking to(and how often and when!).
Otherwise you might all go to jail (or worse), if they are after one contact of yours. And then you can try to feel save, that they don't know your encryption password.
Well, if a government goes authorian, than it does not matter much, what service you use, if you have to assume your phone has spyware on it.
If the main danger is, police scanning the phone for compromised material (without a police spyware on it), then there are some ways to deal with it technically, by using services that don't leave a trace. Telegram for example has a "secret chat" function, which won't save the messages, meaning someone scanning your phone later, won't find them.
(which I head is also a main reason for many people to join telegram, because so they can chat with their affairs and not have their wifes read it)
Then there are simply private tabs of chrome or ff, from where you can use chat-services without trace. (if the chat services are not cooperating with the police, or are decentralised by default, I think in that scenario I would use matrix)
Anyway, you live in kashmir?
I know mainly of the conflict by reading Shalimar the Clown, from Rushdie. Just curious about your opinion, if you know the book. I heard it was not well received in Kashmir itself?
I think it was very well written, but I don't know how accurate it is.
Yeah. Just last year I had to teach neighbours and such to use a launcher like Evie which lets you hide apps. Many were stopped during random street checks and that saved their Turkey. Heh.
8 months or so ago I was stooped because it looked like I was "recording a video" on my phone when actually I was. Took a slow turn, double press power button and pickachu face that I wasnt. Still a couple guys around helped or I was history.
No. I havent read Rushdie. It has that whole demon verse thing around him, he isnt liked
The problem with telegram as with WhatsApp and signal is phone numbers. India has had this network analyzer on isp level for like 6-7 years, called "netra". So all unencrypted traffic goes through it. Same for all encrypted traffic. This is the reason why I stopped using tor, because my traffic would show up uniquely than rest and that gets them suspicious quickly.
There is a lot of text written on the conflict which actually is more than 500 years old. Kashmir has been under foreign oppressive occupation for over 500 years constantly and even today is under 3 nations. Its not like the occupation wont affect the people.
I am trying to get people I know on matrix because there is no PII, waiting for dendrite to come out of beta so that I can set up my own server and such.