this post was submitted on 20 Sep 2024

37 points (75.3% liked)

Privacy

31279 readers

609 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

How good you feel good about your privacy using apps such as Signal? (lemmy.wtf)

submitted 1 day ago by chappedafloat@lemmy.wtf to c/privacy@lemmy.ml

87 comments fedilink hide all child comments

Convincing people to use apps such as Signal is hard work and most can't be convinced. But with those you manage to convince, do you feel happy to talk to them on Signal?

The problem is these people use Signal on Android/IOS which can't be trusted and IOS has recently been in the news for having a backdoor. And it has also been revealed that american feds are able to read everyone's push notifications and they do this as mass surveillance.

So not only do you have to convince people to use Signal which is an incredibly difficult challenge. You also have to convince them to go into settings to disable message and sender being included in the push notifications. And then there's the big question is the Android and IOS operating systems are doing mass surveillance anyway. And many people find it taking a lot of effort to type on the phone so they install Signal on the computer which is a mac or Windows OS.

So I don't think I feel comfortable sending messages in Signal but it's better than Whatsapp.

These were some thoughts to get the discussion started and set the context.

top 50 comments

sorted by: hot top controversial new old

[–] 211@sopuli.xyz 5 points 15 hours ago (1 children)

I don't know how the Play Store version does push notifications, but Molly, and I think the apk from their site, work just fine on degoogled phones without Google services.

I don't remember what name it has, but missing it breaks push notifications on most "normal" apps. Many FLOSS ones are coded to have their own methods that don't transmit data to Google, and it appears at least some versions of Signal do too.

My threat model doesn't include state level actors taking an active interest in me, so for my purposes Signal would be secure enough, if only I got people to adopt even it.

[–] JameUwU@lemmy.ml 1 points 5 hours ago* (last edited 5 hours ago)

APK and play Store versions are identical. Signal runs a check for GMS/GFS and if that Check returns true uses firebase. If not it uses WebSocket. Signal-FOSS on TwinHelix removes GMS/GSF dependencies though, and Molly-UP actually integrates a way for you to use your own push Server.

Edit: Also if you use MicroG without push notifications enabled default Signal is just broken last I checked.

[–] unskilled5117@feddit.org 34 points 1 day ago* (last edited 11 hours ago) (3 children)

You are just spreading misinformation! Cite your sources!

There is a strategy used, which allows the government to find out who an account belongs to. They ask the push providers (Apple/Google) for data on the push token from e.g. a messaging app. This way they associate the account from an app with an identity.

Nothing there about message content. It is still safely E2EE.

~~I don’t know how it works in your country, but in mine, phone numbers are already associated with identities, so nothing gained as the gov can just ask signal for the phone number of an account, instead of having to ask signal and the push provider to get the identity.~~ (Edit: apparently it’s hashed, so there seems to be a use for this.) Signal isn’t about Anonymity but Privacy. There is a difference.

If you have another vulnerability cite it!

[–] refalo@programming.dev 5 points 1 day ago* (last edited 1 day ago)

They ask the push providers (Apple/Google) for data on the push token from e.g. a messaging app. This way they associate the account from an app with an identity.

Very overlooked point. You can find privacy guides online but very few even suggest that FCM etc. might have privacy issues, let alone explain exactly why. It seems this has already been used by law enforcement in the past: https://www.wired.com/story/apple-google-push-notification-surveillance/

The Molly-FOSS fork of Signal (which aims to be even more secure/private) actually supports self-hosted push notifications using UnifiedPush.

I also found this comment:

As far as I know, FCM on Android can be configured to use a notification payload (which is piped through Google's servers). But for a release app this is discouraged, especially if you are privacy conscious. An app would normally use FCM to receive a trigger and look up the received message from the app's own backend. See here for more information.

[+] chappedafloat@lemmy.wtf -9 points 16 hours ago (2 children)

"spreading misinformation" is a phrase mostly used by feds when they see something they consider to be "wrong think" or not "politically correct". They use this anti-misinformation campaign to support their censorship and mass surveillance system.

When discussing advanced IT topics it would be more appropriate to just correct someone and say they are wrong because it's easy to be get a detail wrong in advanced it topics.

And I am mostly right, I just seem to have been wrong on the detail about Signal push notifications. I admit that I made a mistake on that but otherwise it is official that Apple and Google at least used to share push notification data with governments. This comes from the DOJ senator Wyden saying these corporations can secretly share this data with governments and can include the unencrypted text which is displayed in the notification.

I think this discussion has been very constructive because when we can correct each other and learn that is great.

[–] unskilled5117@feddit.org 9 points 11 hours ago* (last edited 11 hours ago) (1 children)

Misinformation is the inadvertent spread of false information without intent to harm, while disinformation is false information designed to mislead others and is deliberately spread with the intent to confuse fact and fiction. Source

This is more than a simple mistake and I am right to call it misinformation. I appreciate that you seem open to discussion about you being wrong. Nevertheless your post is still not edited to correct the proven wrong statements. You can use strikethrough so no context is lost, like I did in the comment you are replying to, where I was wrong.

You made a post with huge claims, basically saying that signal is unsecure and messages can be read by the goverment. This is such a big claim that it should have been researched by you beforehand and you should have provided sources. You don’t get to hide behind “discussions” because in a discussion you actually provide sources if you make claims. Especially if you are trying to start one, to give the readers a chance to read up on the topic.

You “getting a detail wrong“ has a huge impact. Some people will stumble upon this post, read that signal is supposedly insecure and might believe it and even spread that. It hurts the adoption of a secure encrypted messenger. It is not a small detail, but the foundation of your whole post.

And I am mostly right, I just seem to have been wrong on the detail about Signal push notifications. […] This comes from the DOJ senator Wyden saying these corporations can secretly share this data with governments and can include the unencrypted text which is displayed in the notification.

No, you are mostly wrong about the claims you make! Again your post made the connection to signal. Push notifications for Signal NEVER contain sensitive unencrypted data & do not reveal the contents of any Signal messages or calls–not to Apple, not to Google, not to anyone but you & the people you're talking to. Source

"spreading misinformation" is a phrase mostly used by feds when they see something they consider to be "wrong think" or not "politically correct". They use this anti-misinformation campaign to support their censorship and mass surveillance system.

I don‘t appreciate you, trying to frame my correction of your blatant misinformation as trying to censor you. Don‘t try to play the victim.

load more comments (1 replies)

[–] douglasg14b@lemmy.world 4 points 7 hours ago

"spreading misinformation" is a phrase mostly used by feds when they see something they consider to be "wrong think" or not "politically correct". They use this anti-misinformation campaign to support their censorship and mass surveillance system.

Immediately jumping to discredit and dismiss instead of engage by way of over generalization and accusation is not a good look my man.

[–] andylicious1337@lemmy.world 6 points 1 day ago (2 children)

good points altough the number is note saved. the hash of the phonenumber is hashed so Signal could not hand out your number, just the hash.

[–] LambdaRX@sh.itjust.works 2 points 16 hours ago

So how can Signal send verifying sms?

load more comments (1 replies)

[–] shortwavesurfer@lemmy.zip 23 points 1 day ago (2 children)

The way I see it, any step is better than no step at all.

[–] otter@lemmy.ca 2 points 1 day ago

Yep, none of us got to where we are all at once. We learned about things over time, and made changes over time.

It's a process just like any other type of personal development/ habit building

[–] Kualk@lemm.ee -3 points 1 day ago* (last edited 1 day ago) (1 children)

There are no shades of grey in encrypted communications.

Your messages are either plain text or not to 3rd party.

Sometimes it appears to be encrypted, but there loopholes that make it possible to significantly reduce decryption costs. It is plain text to those who put the loopholes, like specially crafted constants in the algorithm.

[–] EngineerGaming@feddit.nl 10 points 1 day ago

There are indeed shades of grey. Not only the presence of encryption itself matters, but the metadata, as well as details of the implementation. For example, Signal has all the messages encrypted - but it has the capability to know the identities of everyone and to build their social graph due to centralization.

[–] mox@lemmy.sdf.org 11 points 1 day ago* (last edited 1 day ago) (1 children)

Signal is not my tool of choice, so I'll answer from a more general perspective:

Having multiple friends and social groups on an e2ee chat system for the past few years feels great. Knowing that our words aren't being recorded and exploited by half a dozen companies, we no longer feel the need to self-censor. The depth and value of our online conversations have grown noticeably.

Yes, there is more work to do, both at the endpoints and in the protocols. No, not all of us have flipped all the switches to maximize our privacy yet. That's okay. Migrating is a gradual process. We do it together, helping each other along the way, rather than trying to force it all at once. Every step an improvement.

[–] JubilantJaguar@lemmy.world 6 points 1 day ago

This is exactly my take. It basically holds for Signal too.

The question of self-censorship is too often overlooked IMO. The knowledge that nobody is reading your messages except their intended recipients is empowering and liberating. No one is filling a database with information about you and your friends, because they can't. You can say exactly what you would say at the dinner table and not think twice about it.

In a police state with mass surveillance (we all know the big examples) you don't have this privilege. Whether or not you think about it consciously, you are constantly monitoring and policing what you say - and therefore ultimately, to some extent, what you think.

I've been in a couple of those places recently. I can tell you that just the banal act of using Signal there (sometimes over VPN) felt almost exhilarating, like jumping the prison walls.

In historical terms, free speech is a vanishing rare thing. It absolutely is not the norm and it bothers me that so many people in the West don't seem to know this. We should not take it for granted.

[–] kbal@fedia.io 9 points 1 day ago (2 children)

Yeah, Signal is good enough. If people use shitty operating systems like iOS or Google's version of Android that's another problem and not really one that it's my job to care about that much. What matters is the network effect and every user who moves moves from Whatsapp to Signal is one more person who gains the freedom to easily improve their digital lives further if they someday choose to do so without it costing them the ability to chat with all their friends.

[–] EngineerGaming@feddit.nl 5 points 1 day ago (1 children)

The problem I have with Signal is that it itself pushes people onto the "shitty operating systems". It does not allow registering from desktop, at least officially. There are workarounds, but they're cumbersome (especially for a non-technical person, whom Signal is supposed to appeal to), and the official client outright tells you go to use a phone first. And even then, apparently the desktop client is not even full-featured, and not the priority.

I know there are degoogled OSes (running Graphene myself), but you'd need to get lucky or choose a phone with this in mind, while a random given laptop is likely to be able to run Linux.

[–] kbal@fedia.io 2 points 1 day ago (1 children)

I would certainly advise everyone to choose a phone with that in mind.

The desktop client is not great, but it works. There certainly are things Signal could do better. Its phone-centric nature is ridiculous and I have no idea why they cling to it. But it's easier than trying to get everyone to use Matrix or whatever — mainly because more people have heard of it.

load more comments (1 replies)

[–] JubilantJaguar@lemmy.world 4 points 1 day ago (5 children)

This is the ideal scenario as I see it, in order of importance:

industry-standard E2E encryption using open-source software on the client (privacy)
distributed server network controlled by many entities (resilience)
open-source, open-standards, interoperable software on both client and server (user autonomy)

As I understand it, the goldilocks solution is therefore the Matrix stack. BUT! It's hard to set up and nobody uses it!

The best real-world option, with feasible UX and an existing critical mass of users, is therefore Signal. It only fully meets the first criterion, yes. But personally I give it a bit of credit for the second too, in that it belongs to a non-profit foundation with multiple stakeholders, somewhat like Wikimedia. Signal will do while we're waiting for a proper email-like open standard for secure messaging.

[–] toastal@lemmy.ml 2 points 20 hours ago* (last edited 16 hours ago)

There are several open protocols that meet your criteria that aren’t Matrix (with most of them using double-ratchet encryption similar to if not exactly like Signal). Due to server costs (Matrix eats a lot of RAM & storage), medium-sized entities usually bow out so the Matrix network largely consist of a few 1–10 user servers & massive centralization around Matrix.org & the hosted servers they provide. Since almost all the messages get synced to the Matrix.org server if just one Matrix.org user is in your room or whatever, all metadata will be synced to the mothership in Matrix.org that was originally funded by Israeli intelligence.

load more comments (4 replies)

[–] OlPatchy2Eyes@slrpnk.net 4 points 1 day ago (2 children)

Is there any reason to believe the message and sender can be read from the data sent to the push service? From my understanding, that should still be encrypted.

[–] merde@sh.itjust.works 5 points 1 day ago (1 children)

indeed they are ☞ President of @signalapp : https://mastodon.world/@Mer__edith/111563865413484025

PSA: We've received questions about push notifications. First: push notifications for Signal NEVER contain sensitive unencrypted data & do not reveal the contents of any Signal messages or calls–not to Apple, not to Google, not to anyone but you & the people you're talking to.

In Signal, push notifications simply act as a ping that tells the app to wake up. They don't reveal who sent the message or who is calling (not to Apple, Google, or anyone). Notifications are processed entirely on your device. This is different from many other apps.

What's the background here? Currently, in order to enable push notifications on the dominant mobile operating systems (iOS and Android) those building and maintaining apps like Signal need to use services offered by Apple and Google.

Apple simply doesn’t let you do it another way. And Google, well you could (and we've tried), but the cost to battery life is devastating for performance, rendering this a false option if you want to build a usable, practical, dependable app for people all over the world.*

So, while we do not love Big Tech choke points and the control that a handful of companies wield over the tech ecosystem, we do everything we can to ensure that in spite of this dynamic, if you use Signal your privacy is preserved.

*(Note, if you are among the small number of people that run alt Android-based operating systems that don't include Google libraries, we implement the battery-destroying push option, and hope you have ways to navigate.)

[–] OlPatchy2Eyes@slrpnk.net 2 points 20 hours ago

Thanks, wish I'd found this earlier.

[–] Kualk@lemm.ee 1 points 1 day ago* (last edited 1 day ago) (7 children)

Signal runs a service. Even if its source code is open source there’s no guarantee that that’s the code running on the server.

I don’t know the protocol, but I am concerned of man in the middle and how safe it is from man in the middle. In this case signal servers must be considered to be man in the middle.

The only system to trust is peer to peer with proven track record of sending encrypted data over public channels.

That’s PGP and Delta Chat utilizing PGP.

load more comments (7 replies)

[–] c0smokram3r@midwest.social 18 points 1 day ago (1 children)

Took years to get all the ppl I care about on signal & now the effort was definitely worth the reward.

Why don’t you feel comfortable on signal? Honestly it’s worked out for the best in my use case bc I have ppl that use android, iOS, windows, Linux & macOS, so it’s great to not have to deal with shit media quality or messages not going through bc of all the different operating systems. It’s E2EE so I’m not too worried about mass surveillance within my signal groups.

Also, iOS back door? I must have missed that. Haven’t seen any news about that.

[–] Lemongrab@lemmy.one 3 points 1 day ago* (last edited 1 day ago) (1 children)

This maybe be what they are referring to: https://9to5mac.com/2023/12/27/most-sophisticated-iphone-attack-chain-ever-seen/

[–] unskilled5117@feddit.org 7 points 1 day ago* (last edited 1 day ago) (3 children)

That is an iMessage exploit, nothing to do with push notifications. He might be referring to this, which allows associating an account with an identity, but it’s not what he is claiming (content decryption) either. So as long as no sources are provided he is just spreading FUD

load more comments (3 replies)

[–] davel@lemmy.ml 8 points 1 day ago (7 children)

“Feel,” “happy,” “comfortable”… Privacy doesn’t care about your feelings.

And it has also been revealed that american feds are able to read everyone’s push notifications and they do this as mass surveillance.

Speaking of the feds, it was they who funded the creation of Signal, which is one of the reasons it ought not be trusted.

[–] autonomoususer@lemmy.world 21 points 1 day ago (17 children)

They funded encryption too. Why don't you stop using that?

[–] SomeAmateur@sh.itjust.works 11 points 1 day ago* (last edited 1 day ago) (1 children)

Wait until they find out who started the internet. Or who runs GPS satellites

[–] antmzo220@lemmy.ml 2 points 11 hours ago* (last edited 11 hours ago) (1 children)

Wait until they find out who started the internet. Or who runs GPS satellites

And they never spy on people or track them using the Internet or GPS signals?

Why did you think this was a good argument for supporting privacy?

[–] SomeAmateur@sh.itjust.works 2 points 11 hours ago* (last edited 11 hours ago)

People think that govt developed = bad. It's a consideration for sure but if anything govt developed is so hopelessly and inherently compromised then many of the measures discussed here are useless for privacy already because they almost all run through internet, a govt created system. Even TOR. But yet here we are anyway because they are still useful systems.

Governments pour tons of time money and effort into secure communication, and not for profit, and we can still take advantage of that advancement with some caution.

load more comments (16 replies)

load more comments (6 replies)

[–] autonomoususer@lemmy.world 5 points 1 day ago

Got to start somewhere.

[–] Kintarian@lemmy.world 4 points 1 day ago (3 children)

I figure it's best to assume that there is no privacy on the internet.

I've been in IT to close to 40 years and I don't say anything online that I wouldn't say in public.

[–] kbal@fedia.io 11 points 1 day ago

Be paranoid in your estimation of how much privacy you have, but diligent in your efforts to get more of it for everyone.

[–] autonomoususer@lemmy.world 6 points 1 day ago* (last edited 1 day ago) (6 children)

Will people read this and stop using the internet or stop caring about privacy?

load more comments (6 replies)

[–] JubilantJaguar@lemmy.world 4 points 1 day ago

Cynicism is a self-fulfilling prophesy. If everything's bad then there's no reason to care, and if nobody cares then everything will be bad.

For things to get better, or not get worse, cynics depend on others to care about those things. To me that feels terribly like freeloading.

load more comments