Hacker News new | ask | show | jobs
by _6hmp 1403 days ago
I don't think this is true, do you have a source?

They store registered users phone numbers and allow discovery by making a request with a hashed version of the phone numbers on your contact list. They add an extra layer to allow attestation of the software doing this using Intel's secure enclave. They give many examples of responding to warrants with only whether the number has been registered and the timestamp of registration, which they explain is the only information they hold.

Private Contact Discovery: https://signal.org/blog/private-contact-discovery/
1 comments
autoexec 1403 days ago
Your 2017 blog post is outdated.

See:

https://community.signalusers.org/t/can-signal-please-update...

and

https://community.signalusers.org/t/dont-want-pin-dont-want-...

See here for a discussion on how Intel's 'secure' enclave won't save you: https://community.signalusers.org/t/proper-secure-value-secu...

link
dcow 1403 days ago
There's a horrible conflation of concepts here. A pretty big one.

When people talk about cloud services, they generally mean part of an application that runs on the cloud that participates as a trusted actor in the application's trust model.

What people in the linked thread are realizing is that "signal has a server" and they are confused because they thought signal didn't have a server, or something.

So, what's important about Signals servers is that, outside of initial key exchange which is verified by two parties out of band, they are not a trusted entity, ever. When you send a message it goes through signals servers. When you sync your profile picture with other devices, same thing. The data transits signals servers. This is made possible because of cryptography. By encrypting the data in a way that is indecipherable by 3rd parties (Signal's servers included) your data is isomorphic to random noise. So, the only thing Signal needs to do is route the random noise to the right place. If it doesn't do that, it's a denial of service and about the only attack you're vulnerable to if you use Signal. Otherwise, the receiver gets the exact random noise that you sent, but only they can make sense of it because of the miracle of cryptography.

If you're really doing to throw a fit because Signal syncs a profile picture between your devices using the same level of crypto as is used for messaging then you're honestly crazy.

No. Signal did not "not have a cloud" and now they "have a cloud". Not by any reasonable interpretation of the events.

link
autoexec 1403 days ago
Signal has a "cloud" a server where they collect and store your name, your phone number, your photo, and list of every person you've contacted using Signal. That data isn't some ephemeral encrypted string that is only present when you "sync your profile picture" or when you send a message. It is collected and stored on their server where it will sit for at least as long as you have an account.

The justification for it was so that you could get a new device and have Signal download all of your info from your Signal's server down to your device. The data collection first takes place as soon as you set a pin or opt out of setting one (at which point a pin is assigned for you automatically).

The data is encrypted, but that does not make it impossible for signal or for 3rd parties to access it. see: https://community.signalusers.org/t/proper-secure-value-secu...

If you're a whistleblower or an activist, a list of every person you've been contacting using Signal is a highly sensitive data. No matter how you want to spin it, Signal is hosting that highly sensitive user data on their servers where Signal and 3rd parties alike could possibly gain access to them.

link
dcow 1403 days ago
You should assume every bit of information sent on the internet is archived in a massive warehouse somewhere, because it is.

Thus, we have to trust the cryptography itself. Sending an encrypted message to a peer is no different from sending an encrypted message to yourself (other than the use of symmetric vs asymmetric crypto). The fact that you send a message to yourself which is stored persistently on signal's server doesn't change anything (and it's even opt in AFAIU). Sure, there are concerns about the implementation, but until someone can decrypt the blobs in storage (the crypto is broken) I don't see reason for outrage.

Pretty simply, if you don't trust the crypto then you have a very different threat model to pretty much everyone else. If you don't trust crypto you can't use the internet because you can't use TLS. You're relegated to networks where you trust every single node (where you don't need crypto) and other such stuff. Most of us trust the crypto because it's really the only practical option. I don't see the problem.

link
autoexec 1403 days ago
> You should assume every bit of information sent on the internet is archived in a massive warehouse somewhere, because it is.

Leaving aside the whataboutism here, you shouldn't assume that when you're using a secure messaging app that claims to be designed to never collect or store user data. Signal makes that claim at the start of their privacy policy and it is a lie. It started out true, but they begain colleting data and they refuse to update their policy.

> Thus, we have to trust the cryptography itself.

No one is suggesting we can't trust cryptography. The fact is that doesn't matter how strong your algprythm is when you're encrypting that data with a 4 digit number. You can 100% "trust the cryptography" and still acknollege that it won't take very long for someone to brute-force your pin and get your data plain text.

> Sending an encrypted message to a peer is no different from sending an encrypted message to yourself... (and it's even opt in AFAIU).

This has nothing to do with "sending data to yourself" and everything to do with Singal collecting data from you and storing it for itself. There is a massive difference between encrypting something yourself and sending that data to yourself and someone else copying data from you, encryping it, and saving it for themselves.

This data collection is also not opt in. At all. You can opt out of setting a pin, but if you do one will be automatically generated for you and your data still gets silently uploaded to Singal servers to be stored. The community spent months begging for Signal to add a way to opt out of this data collection, but they were ignored.

See:

https://community.signalusers.org/t/dont-want-pin-dont-want-...

https://community.signalusers.org/t/mandatory-pin-without-cl...

> Pretty simply, if you don't trust the crypto then you have a very different threat model

"The crypto" isn't the problem here. The problem is Signal collecting sensitive user data and permanently storing it on their servers in a manner that could allow it to be accessed by third parties and then not clearly disclosing that to their users and refusing to update their privacy policy to reflect the change.

link
dcow 1403 days ago
Signal can't possibly read the data. How is that for itself? Only you can decrypt it! Signal doesn't have your data. They have garbage bits of effectively random noise.

You can prove it to yourself. Go take one of Signal's servers and try to find someone else's data there. You won't.

Why would Signal update their privacy policy to reflect the desire of misguided fear mongers? I certainly wouldn't do that if I were them.

link
_6hmp 1402 days ago
I just wanted to thank you for the information and the ensuing thread. Very interesting.
link