[sterwill]

Which MITM attack has a government used to read your Signal messages? I've heard people allude to government breaks of Signal for years, but always without evidence. Surely some Signal messages have been recovered from devices in the government's possession, but that's not a protocol problem. Are you saying a government has successfully spoofed safety number change messages from your contacts?

[retrac]

I believe they're saying that if the government (or another party) can read your received SMS messages, then your Signal account isn't secure. It could be taken over by anyone who can receive the SMS verification code. Your contacts would be notified that you'd changed your keys, and your own device would be locked out. So it's not the most quiet attack. But people replace their phones and forget account details so it may pass unnoticed by some of your contacts, particularly if you have no other channel to reach your contacts.

The number of countries where the government would do that to your SMS but won't also just arrest you arbitrarily and seize your device and/or beat/threaten you, seems small. But I imagine there are some people in some places, who feel physically and/or legally secure from arbitrary government action against their devices proper, but not with their cellular service.

[gruez]

> So it's not the most quiet attack. But people replace their phones and forget account details so it may pass unnoticed by some of your contacts, particularly if you have no other channel to reach your contacts.

So in other words, such attacks aren't viable for dragnet surveillance and must be targeted. But if you have reason to believe that you'll be targeted by the government for surveillance, you'd be on the lookout for signs like "your safety number has changed"?

[batiudrami]

You can also make it so that your PIN is required to register your number on a new device.