this post was submitted on 15 Sep 2021
67 points (93.5% liked)

Privacy

31253 readers
960 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod
Yayannick@lemmy.ml
ranok@sopuli.xyz
67
Dessalines - Why not Signal? (dessalines.github.io)
submitted 3 years ago by dessalines@lemmy.ml to c/privacy@lemmy.ml
120 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[–] yogthos@lemmy.ml 20 points 3 years ago* (last edited 3 years ago) (4 children)

What it ultimately comes down to is that truly secure systems cannot be based on trust. The article does a good job outlining all the ways the users have to trust Whisper Systems without any ability to do independent external verification.

Even if we assumed that Signal works as advertised the fact that it's tied to your phone number is incredibly dangerous. Obviously if this information was shared with the government it will disclose your identity as the article notes. This information can then be trivially correlated with all the other information the government has on you and your social network. Given that Signal is advertised as a tool for activists, that means it creates a way to do mass tracking of activists.

Being centralized is another huge problem given that the service could simply be shut down at any time on government order. If you're at a protest and rely on Signal it could just stop working.

edit: as people have pointed out, it turns out you can use third party clients

~~Finally, since the client is a binary distributed by Whisper, it's not possible to verify that the client and server use the published protocol independently. Since alternative clients aren't allowed to connect to the server, we can't test the protocol and have to rely on trust.~~

[–] poVoq@lemmy.ml 11 points 3 years ago* (last edited 3 years ago) (1 children)

I don't think you can have messaging without some level of trust, but I agree that the Signal Foundation isn't very trustworthy.

As for the communication protocol... there are some 3rd party clients that connect to the Signal servers (Axelotl, signald etc.) which have not been banned from connecting for quite some time now. Not sure why, but at least that shows that the protocol in general works as intended. Together with reproducible builds for the official client this at least makes it likely that the unmodified official client works as advertised (although there could still be some caveats in the shared libraries).

But who knows what the server does and supply chain attacks that substitute the official client for a modified one are still easily possible when Signal controls all distribution channels (they will tell you this is to prevent supply chain attacks, but only those of most 3rd parties, not those originating from within Signal & Google/Apple).

[–] yogthos@lemmy.ml 5 points 3 years ago

I mean trust specifically in the context of the technology. Things need to be independently verifiable. And thanks for correction regarding the clients, I was under the impression that you could only use the official app with their server. If you can use an open source client that addresses my concern regarding verification.

At the very least we can know that the protocol works as advertised. Since it's E2E, I think it's probably reasonable to assume that at least the messages themselves are secure.

[–] null_radix@lemmy.ml 5 points 3 years ago (1 children)

Finally, since the client is a binary distributed by Whisper, it’s not possible to verify that the client and server use the published protocol independently

you can use Signal-Foss and use their builds or build it yourself.

load more comments (1 replies)
[–] Eli@lemmy.ml 5 points 3 years ago

Truly secure systems: i like that one.

[–] dreeg_ocedam@lemmy.ml 4 points 3 years ago (2 children)

Finally, since the client is a binary distributed by Whisper, it’s not possible to verify that the client and server use the published protocol independently.

What are you talking about? The official client is open source and has reproducible builds.

load more comments (2 replies)
[–] k_o_t@lemmy.ml 15 points 3 years ago* (last edited 3 years ago) (3 children)

4h ago

40+ comments

uh oh

edit: seriously tho, 👌 writeup

[–] dessalines@lemmy.ml 9 points 3 years ago (1 children)

Haha thanks. Its impossible for it not to be controversial, for some reason I've found signal fans to be more fanatical in their loyalty to it than most advocates of other privacy apps.

[–] dreeg_ocedam@lemmy.ml 8 points 3 years ago (1 children)

I’ve found signal fans to be more fanatical in their loyalty to it than most advocates of other privacy apps

It's because all criticism I've seen of Signal is at best circumstantial, and have nothing concrete despite the app being open source, with reproducible builds, under a ton of international scrutiny. I have read part of their code. I have understood the protocol itself for some of my classes.

It's one of the rare FLOSS project that is actually good enough in terms of UX to actually reach popular adoption. We shouldn't shoot it down.

On the side there are some concerning security issues with Matrix which I detail here. Signal is much much more attentive to the security of their implementation.

[–] dessalines@lemmy.ml 14 points 3 years ago

Frankly, these are the exact same defenses you hear of companies like apple, who also run centralized services, yet their userbases are utterly convinced of their privacy.

You can't just say things like "the evidence against them is circurmstancial", for centralized services. It all boils down to "gut feelings", rather than the reproducibility requirements that the self hosted solutions must pass. Don't trust these companies by default, and never take a pretty ui or branding polish as a stand in for trust.

Phone number ids, and centralized, us based services wouldn't be acceptable for any privacy oriented chat app. Signal also shouldn't get a pass.

load more comments (2 replies)
[–] tinyhole@lemmy.ml 11 points 3 years ago* (last edited 3 years ago) (1 children)

I've got to be honest with you. I went into this hesitant but you make some convincing arguments.

While for activism I agree with your recommendations in general it's mostly a social network and thus UX thing. I recently moved from whatsapp to signal because my social network was willing to do so and the UX was similar to whatsapp.

It believe element and thus matrix is almost ready to do the same.

The future of the internet is federated and p2p or none at all.

load more comments (1 replies)
[–] Helix@feddit.de 9 points 3 years ago

Signal’s use luckily never caught on by the general public of China ( or the Hong Kong Administrative region ), whose government prefers autonomy, rather than letting US tech control its communication platforms

Pretty useless tangent. Even for the US of A, Signal isn't the best communications platform. And China has its own problems with WeChat/QQ, which is basically run by the state. At least they don't export it like the US does…

[–] dreeg_ocedam@lemmy.ml 8 points 3 years ago* (last edited 3 years ago) (10 children)

It also has several questionable endorsements and users, such as Jack Dorsey ( Twitter’s founder ), Elon Musk, and Mark Zuckerberg ( Facebook’s founder ).

Since when does Zuckerberg endorses Signal?

The best way to describe federation, is to think of email

The best way to do private/secure messenging is to do it similarly to the least private and secure messaging protocol in use?

Phone # Identifiers

This entire section completely ignores that Signal isn't designed to talk to random people. It's designed to talk to your friends/family/coworkers, who most likely already have your phone number. It makes it super easy to migrate. There's no way my grandma would be able to add me on briar...

It also completely ignores the work that is being put into adding username that would allow you to talk to people without having to give them your phone number.

It also completely ignores Signal's history. Initially it started as a way to encrypt SMS, so phone number were not an option anyway.

Signals database, which we must assume is compromised due to its centralized and US domiciled nature [...] Message senders and recipients

Except that they don't have the message senders thanks to sealed sender

Recently, signal has been attempting to integrate a cryptocurrency called MobileCoin, into the app itself. What a messaging platform has to do with an obscure cryptocurrency is a little vague; but there is probably some money driving this. Since Marlinspike doesn’t allow 3rd party clients, it is impossible to avoid these types of unwanted “features”.

Payment in Signal has been a major request since the migration from WhatsApp. In multiple countries WhatsApp has a payment feature that is hugely popular. At least they try to improve on such feature by using crypto to make it private, while not using proof of work which destroys the environment. And it's not like they have actually shipped it. It's only in the beta channel in a few countries...

Signal’s use luckily never caught on by the general public of China ( or the Hong Kong Administrative region ), whose government prefers autonomy, rather than letting US tech control its communication platforms

Yeah, it's obviously because of that, and Chinese apps are a heaven of privacy and zero state censorship.

[–] dessalines@lemmy.ml 6 points 3 years ago* (last edited 3 years ago) (2 children)

Since when does Zuckerberg endorses Signal?

He uses signal, I don't think he's publicly endorsed it. Read over that sentence again.

The best way to do private/secure messenging is to do it similarly to the least private and secure messaging protocol in use?

I'm just describing how it works, this seems overly combative. Encryption is a different topic than federation. Emails and phone calls are federated, yet insecure.

This entire section completely ignores that Signal isn’t designed to talk to random people. It’s designed to talk to your friends/family/coworkers, who most likely already have your phone number. It makes it super easy to migrate. There’s no way my grandma would be able to add me on briar…

That "ease of migration" comes at a cost: namely that signal's centralized server now knows your identity. And yes while briar isn't quite user friendly yet, its just as easy to share a user_id string as it is a phone number. With matrix or XMPP I can share my ID with a link.

sealed sender

I don't know enough about this to comment, but signal still has to know who to send the message to. That means that the server must decrypt the recipient at some point.

Payment in Signal has been a major request since the migration from WhatsApp. In multiple countries WhatsApp has a payment feature that is hugely popular.

I'd argue that most people don't want a cryptocurrency bundled in their chat apps. This is a really strange thing to defend.

For the last one, its telling that you deleted half my sentence. The full sentence is this:

Signal's use luckily never caught on by the general public of China ( or the Hong Kong Administrative region ), whose government prefers autonomy, rather than letting US tech control its communication platforms, as most of the rest of the world naively allows.

Many countries have now realized their mistake in letting US tech companies control their social media platforms, and are trying to adopt the PRC model of home-grown chat apps. A great example is India, where Facebook and Youtube ( 2 US tech companies ), are the most popular social media apps. This was a glaring mistake allowing these US surveillance giants to so completely own the social media landscape of India.

[–] KLISHDFSDF@lemmy.ml 5 points 3 years ago

I don’t know enough about this to comment, but signal still has to know who to send the message to. That means that the server must decrypt the recipient at some point.

Then you shouldn't be spreading FUD about it.

[–] dreeg_ocedam@lemmy.ml 4 points 3 years ago* (last edited 3 years ago) (1 children)

He uses signal, I don’t think he’s publicly endorsed it.

That's not what in you essay. Also, this is a fact that I doubt a lot since he owns WhatsApp. The story about that was when there was the huge Facebook data leak, allegedly, his phone number was in it, and it was possible to see that he was registered on Signal. At the time I tried to fact check this but couldn't find anything that convinced me 100% of the veracity of this fact. I haven't checked again so there may be some more convincing evidence available today.

Also, him being registered on it wouldn't necessarily mean he is a user of Signal. He could have just registered to see what the competition looked like.

And if it were true that Marc Zuckerberg used Signal everyday, I would take it as a very strong confirmation that Signal is trustworthy. A quick way to test whether a conspiracy is true or not it to check if it would affect the rich and powerful.

Anyway, rich people endorsing Signal doesn't mean anything. I hate Elon Musk too, but he just jumped on the bandwagon when it was already leaving and Signal was already gaining in popularity. A broken clock is right twice a day.

its just as easy to share a user_id string as it is a phone number

It's not. I can dictate my phone number. I can't do it for a cryptographic user id.

With matrix or XMPP I can share my ID with a link

With Signal I don't have to because my phone number is already in their address book. When username arrive in Signal, a similar feature will likely be available anyway (though this is speculation, I don't really know what it will look like and I don't have the motivation to look at their WIP github branches).

sealed sender

I don't know enough about this to comment, but signal still has to know who to send the message to. That means that the server must decrypt the recipient at some point.

It still is much less valuable than what you claim in your essay. They might be able to track you via your IP but that's much less efficient and can be easily prevented via a VPN or using the builtin censorship circumvention proxy. Cryptography ensures that the rest cannot leak.

I'd argue that most people don't want a cryptocurrency bundled in their chat apps. This is a really strange thing to defend.

If it is transparent and the use of crypto is hidden to the user while still preserving their privacy, it could be amazing. There's no reason not to try, the beta version of the app is there exactly for this.

Many countries have now realized their mistake in letting US tech companies control their social media platforms, and are trying to adopt the PRC model of home-grown chat apps. A great example is India, where Facebook and Youtube ( 2 US tech companies ), are the most popular social media apps. This was a glaring mistake allowing these US surveillance giants to so completely own the social media landscape of India.

While I do wish my country (France) and other EU countries would do more ~~in terms of~~ regarding our concerning digital dependency on the US, I don't see how the PRC is any better. They don't have FB and other platforms which in some way is a good thing, however they have massive state surveillance in all of their internet platforms, and secure communication methods are banned.

[–] dessalines@lemmy.ml 4 points 3 years ago (21 children)

If you live in France, why would you want a US company to own and control your communications? That was the main thrust of the article, which you never addressed.

load more comments (21 replies)
[–] poVoq@lemmy.ml 5 points 3 years ago* (last edited 3 years ago) (24 children)

Except that they don’t have the message senders thanks to sealed sender

Sealed sender is a nice idea, but due to Signal's centralized server architecture it is sadly snake-oil. If Signal wants they can easily circumvent sealed sender with a simple timing correlation as they have 100% knowledge about when a client sends or receives a message.

load more comments (24 replies)
load more comments (8 replies)
[–] dessalines@lemmy.ml 4 points 3 years ago (1 children)

Sorry for the length, I'm writing this for a wider, non-tech audience, so I had to go into a describe a lot of terms.

load more comments (1 replies)
[–] poVoq@lemmy.ml 4 points 3 years ago (3 children)

Why no mentioning of XMPP (other then Jitsi, which sort of is XMPP)? It is at least as good if not better then Matrix.

[–] tomtom@lemmy.ml 4 points 3 years ago

the decentralized nature of XMPP is a huge plus for me.

I guess Matrix also has that, in theory, but from what I have seen the matrix.org homeserver still effectively functions as a central point to track metadata.

I guess the issue with XMPP is that people can send unencrypted messages to you, perhaps with deanonymizing information?

load more comments (2 replies)
[–] Sammo@lemmy.ml 4 points 3 years ago (1 children)

Thanks for the nice article!

[–] dessalines@lemmy.ml 6 points 3 years ago (1 children)

No probs!

[–] Sammo@lemmy.ml 9 points 3 years ago (2 children)

Also a few interesting things: I saw a lot of people saying that Signal isn’t keeping metadata, and a few articles from4 years ago claiming that. I took a look at the signal ToS and Privacy Policy which states quite the opposite: „SIGNAL DOES NOT WARRANT […] THAT OUR SERVICES WILL BE […] SECURE, OR SAFE”, „For the purpose of operating our Services, you agree to our data practices as described in our Privacy Policy, as well as the transfer of your encrypted information and metadata to the United States and other countries where we have or use facilities, service providers or partners.“ and „Other instances where Signal may need to share your data

To meet any applicable law, regulation, legal process or enforceable governmental request.“

load more comments (2 replies)
[–] je_vv@lemmy.ml 3 points 3 years ago

I see Jami missing, though Briar is mentioned. Any particular reason for missing Jami? Perhaps because it doesn't use the double ratchet popularized by Signal? It does e3ee by default, and supports voice and video calls besides chats...

load more comments
view more: next ›