top | item 22402962

(no title)

cpbotha | 6 years ago

Signal servers only know who talked to whom, but otherwise are physically not able to see even a smattering of the contents of the communication.

Correction: The signal servers don't even have that bit of metadata. See [1], they only store the last time that a user connected to the server.

[1] https://en.wikipedia.org/wiki/Signal_(software)#Servers

discuss

est31|6 years ago

> The signal servers don't even have that bit of metadata. See [1], they only store the last time that a user connected to the server.

Note that it's what they claim at least. It's not verifiable client side, and to be honest, it's hard to come up with a scalable protocol where this is the case, but you should still not repeat their claim as a matter of fact while in reality we only have their word that the code actually matches what's deployed. And even if they don't store anything, AWS could still provide interested entities access to the infrastructure to capture what Signal doesn't want to capture. Yes, features like sealed sender are awesome and are an important step, but the service still gets ip addresses, which do provide hints about the sender. Again, likely Signal doesn't store ip addresses but people with access to their infrastructure could.

Furthermore, Signal's encryption doesn't help against people storing all of Signal's traffic and waiting until attacks on crypto algorithms become practical (quantum computers, theoretical progress on attacks). Some secrets become irrelevant with time, others increase in value. The best defense is never having the message leave your country's network in the first place.

And there's the DOS problem. What happens if the american president decides that the EU should be cut off from all US network connections? The EU parliament members can't even organize a good response to this because they use an american service...

tadzik_|6 years ago

Signal app is also canonically distributed by Google Play/Apple Store, which are US entities under US law. When push comes to shove, an app update may get distributed to select individuals that will happily gather and send all their conversation histories and more.

As an EU citizen, I'm half puzzled and half horrified at how happy the EU institutions are to rely on foreign products: especially coming from a country that has a history of being trigger-happy and cutting people off in the name of a "trade war".

rawfan|6 years ago

I compiled Signal for iOS and monitored the sent data through a proxy. Both behave identical. There could be a hidden switch in the distributed binaries that triggers other behavior, but I really doubt it. For Android, there are reproducible builds so you can actually check the code is the same. For iOS reproducible builds are harder but should still be possible.

pergadad|6 years ago

What's the alternative? Private closed-source apps like Threema?

This also is not for official communication , it's just for any case where staff would currently use WhatsApp or similar spyware.

imtringued|6 years ago

Under your threat model no internet connected smartphone is safe. Google can just push any arbitrary software to run on your phone and this includes spyware created by governments.

m4rtink|6 years ago

Can one really trust they don't store more if they physicaly have the information at one point in time ? Or possibly their upstream connectivity provider could do that metadata scrapping.

josh2600|6 years ago

I will link to this each and every time this comes up:

https://signal.org/bigbrother/eastern-virginia-grand-jury/

Signal turned over everything they had on this user (which was two time stamps: user creation and last access), and fought the gag order to be able to publish the subpoena and the response. Signal would have to be pretty stupid to lie to a federal court.

Think what you want, but Signal doesn’t have any metadata to turn over.

mcv|6 years ago

Even so, by EU rules, I'd expect them to be required to store the data in the EU.