Privacy

31874 readers

537 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

Dessalines - Why not Signal? (dessalines.github.io)

submitted 3 years ago by dessalines@lemmy.ml to c/privacy@lemmy.ml

120 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] yogthos@lemmy.ml 20 points 3 years ago* (last edited 3 years ago) (4 children)

What it ultimately comes down to is that truly secure systems cannot be based on trust. The article does a good job outlining all the ways the users have to trust Whisper Systems without any ability to do independent external verification.

Even if we assumed that Signal works as advertised the fact that it's tied to your phone number is incredibly dangerous. Obviously if this information was shared with the government it will disclose your identity as the article notes. This information can then be trivially correlated with all the other information the government has on you and your social network. Given that Signal is advertised as a tool for activists, that means it creates a way to do mass tracking of activists.

Being centralized is another huge problem given that the service could simply be shut down at any time on government order. If you're at a protest and rely on Signal it could just stop working.

edit: as people have pointed out, it turns out you can use third party clients

~~Finally, since the client is a binary distributed by Whisper, it's not possible to verify that the client and server use the published protocol independently. Since alternative clients aren't allowed to connect to the server, we can't test the protocol and have to rely on trust.~~

[–] poVoq@lemmy.ml 11 points 3 years ago* (last edited 3 years ago) (1 children)

I don't think you can have messaging without some level of trust, but I agree that the Signal Foundation isn't very trustworthy.

As for the communication protocol... there are some 3rd party clients that connect to the Signal servers (Axelotl, signald etc.) which have not been banned from connecting for quite some time now. Not sure why, but at least that shows that the protocol in general works as intended. Together with reproducible builds for the official client this at least makes it likely that the unmodified official client works as advertised (although there could still be some caveats in the shared libraries).

But who knows what the server does and supply chain attacks that substitute the official client for a modified one are still easily possible when Signal controls all distribution channels (they will tell you this is to prevent supply chain attacks, but only those of most 3rd parties, not those originating from within Signal & Google/Apple).

[–] yogthos@lemmy.ml 5 points 3 years ago

I mean trust specifically in the context of the technology. Things need to be independently verifiable. And thanks for correction regarding the clients, I was under the impression that you could only use the official app with their server. If you can use an open source client that addresses my concern regarding verification.

At the very least we can know that the protocol works as advertised. Since it's E2E, I think it's probably reasonable to assume that at least the messages themselves are secure.

[–] null_radix@lemmy.ml 5 points 3 years ago (1 children)

Finally, since the client is a binary distributed by Whisper, it’s not possible to verify that the client and server use the published protocol independently

you can use Signal-Foss and use their builds or build it yourself.

[–] yogthos@lemmy.ml 3 points 3 years ago

That does address that concern.

[–] Eli@lemmy.ml 5 points 3 years ago

Truly secure systems: i like that one.

[–] dreeg_ocedam@lemmy.ml 4 points 3 years ago (1 children)

Finally, since the client is a binary distributed by Whisper, it’s not possible to verify that the client and server use the published protocol independently.

What are you talking about? The official client is open source and has reproducible builds.

[–] yogthos@lemmy.ml 2 points 3 years ago (1 children)

Yeah, others corrected me. My understanding was that you had to use the client from the app store to talk to the official server.

[–] KLISHDFSDF@lemmy.ml 2 points 3 years ago

This is FUD that some people keep on spreading. You can build your own client https://signal.org/blog/reproducible-android/

There's even these 3rd party clients that have existed for some time now and haven't been blocked: