Granted, the part
The globally recommended app by privacy and security experts, Signal, is now being downloaded massively and tops the Danish Google Play Store
is a little ironic, but you gotta push this winning tide and then work from that.
Granted, the part
The globally recommended app by privacy and security experts, Signal, is now being downloaded massively and tops the Danish Google Play Store
is a little ironic, but you gotta push this winning tide and then work from that.
you can question signal just as much as you want, but you’d better come with actual arguments rather than just conspiracy, because signal has counters to pretty much every claim that non-experts try to make
signal was built and is run by one of the worlds foremost security researchers and privacy activists
it uses standard encryption that is used in huge numbers of things. if there were a problem with any part of that, the world would have a much bigger problem than individual communications. the US government does not behave in a way that suggests these algorithms are compromised
it has been repeatedly audited by 3rd parties
the fact that it’s US-based is barely worth mentioning… why is that a problem? are you sure it’s not solely a knee-jerk reaction?
it’s free (so you’re not supporting the US economy), the client - and server, though that’s not important because E2EE - is FOSS (so it’s auditable and extendable by anyone: AFAIK they also ensure repeatable builds), the encryption is basically as good as it gets (they even have various protections for quantum computing), their architecture means they can’t even see metadata like senders… so, again, in this case what are you giving up by having it US-based? perhaps a little bit of soft power, perhaps an acknowledgment that in this 1 case the US produced a good product counter to their governments interests
because telegram is not for security or privacy conscious people, despite their marketing: they actively muddy the waters and make people less safe
their encryption is custom, written by mathematicians not cryptographers so doesn’t include features like perfect forward secrecy, replay protection, etc
and their default chat mode isn’t even e2ee - only secret chats use their custom encryption, and nobody actually uses them!
there are numerous sources documenting these problems, and plenty more
it’s okay to like telegram: i like it as a chat app, and i use it for the features it provides… but it’s not okay to say in a privacy and security context that they’re even remotely comparable
Weren’t it Signal devs who made e2e for WhatsApp? So what’s the point of switching?
Signal punished their spec and WhatsApp re-implemented it, yes but critically only the messaging parts rather than all the other privacy parts
the reasons to switch basically start with WhatsApp is owned by Meta, and given that these things become more important:
meta says whatsapp is secure exactly for this reason: people think “why switch?” when it’s really about the metadata for them… they are experts and building a profile with scraps of metadata
writing a secure application is about more than technically rock-solid encryption and protocol
So both are the US companies susceptible to backdoors and other USA shenanigans.
Valid point, however I doubt that most(or any) of the people installing Signal now do it from f-droid or alternatives, so for them there’s no difference, they receive whatever Google/Apple give them which may be quite different from what’s in the source code.
If they can then Signal can as well, right? Or more likely Google and Apple will. Same for your next points.
I mean not using anything Meta is good just because we know Meta is bad. But as I understand it any US company will have to store and provide metadata, logs, etc when the government agencies tell them to. With that context I don’t see much difference between using Signal or WhatsApp apart from the “Meta bad”(which in itself is a valid reason).
that’s pretty much the major difference here: Signal is provably not back-doored:
i don’t disagree: it’d be better if we all had the time, skill, and energy to invest into auditing our own systems… but realistically nobody does, let alone people that don’t really care about privacy
with that in mind, it’s all about getting as close as possible… given signals reputation, you can be pretty sure the source code has a lot of eyes on it, and that if there were back doors found it would be news
and given reproducible builds, as i said earlier, you can (or rather, i certainly do) assume that if there were a mismatch between the binaries and the source you’d also hear about it
of course, that doesn’t stop targeted attacks by nation states, but that’s never what we talk about in personal security and privacy situations… it’s just not the threat model that most (i’d wager any) of us should be thinking about because that is not just a full time job: that is an entire teams full time job… we just aren’t being directly targeted like that, and if we are then tbh it’s all over. we protect against general surveillance… we can’t protect against zero days, physical device access, etc
kinda… again, reproducible builds: either of them could technically put code in their app that sends private keys to their servers somehow, but if you break it down it’s far more likely to be caught in signal than in whatsapp
i’m not sure what you mean by this… sure, apple or google could send you an update to ios/android to extract data from apps, but again that seems much more likely a very large-scale attack… you can protect against this by running graphene etc which does similar reproducible builds, but in that case we aren’t talking about the app: signal is absolutely the app you would rely on if you’re going that far… you just wouldn’t ensure your hardware and OS integrity and then just skip the app integrity lol
or perhaps you mean that google or apple could send you specifically a binary of signal that’s been modified? but that’s actually not really likely because apps are signed by developers: apple and google can’t actually send you something that the developer hasn’t “approved”… sure, they control the OS so they can circumvent all the restrictions, but again that’s a massive attack, and really far beyond what’s reasonable to consider for most people (and again, that applies to both whatsapp and signal so it’s not really a point in favour of whatsapp)
absolutely correct… the point of privacy like signal does is that they hand everything over and it’s useless: the information signal themselves can extract, even by modifying their code is completely worthless. they have your IP address, phone number, some timestamps, and encrypted blobs (AFAIK they don’t store a lot of that, but that’s not provable so we should assume that it’s stored either accidentally or because of coercion)… they can see when you messaged, but not even things like who you messaged
if signals infra and private keys etc were literally handed over to the US government right now and they specifically wanted to target you personally, it’s highly unlikely they would be able to do anything particularly useful with any of that before it’s noticed, and then you can stop using signal before they actually intercept new communications (and old communications are protected, assuming you wipe the app and all its stored info before they can send you a poisoned update)
and with all of this, it doesn’t really matter where signal is based: US, China, Russia, Guam, Switzerland, Iran: doesn’t matter… the structure is built in such a way that if Signal the organisation is coerced, it’s either:
it’s about your threat model: you can’t worry about massive scale, and you can’t worry about being individually targeted… unless that is part of your threat model, in which case signal is still part of your solution (along with auditing and validating every part of the chain from hardware to OS to the apps which all require reproducibility or building from your audited source) and whatsapp fundamentally is not
Small sidenote, but Moxie is no longer running Signal. (He’s doing Confer now.)