top | item 24495433

(no title)

galadran | 5 years ago

The associated paper [1] summarises the information revealed by Signal succinctly:

The Signal messenger is primarily focused on user privacy, and thus exposes almost no information about users through the contact discovery service. The only information available about registered users is their ability to receive voice and video calls. It is also possible to retrieve the encrypted profile picture of registered users through a separate API call,if they have set any. However, user name and avatar can only be decrypted if the user has consented to this explicitly for the user requesting the information and has exchanged at least one message with them.

So Signal comes out excellently from this, yet is mentioned in the title. However, the paper does find that Telegram reveals to the world, in real time, exactly how many Telegram users have a particular phone number in their address book...

Can we change the title from the (click baiting) university press release to one which more accurately reflects the content of the paper?

[1] https://encrypto.de/papers/HWSDS21.pdf

discuss

ignoramous|5 years ago

From TFA, here's the damning telegram bit:

For Telegram, the researchers found that its contact discovery service exposes sensitive information even about owners of phone numbers who are not registered with the service.

For Signal, TFA makes it clear that correlation defeats Signal's privacy measures:

Interestingly, 40% of Signal users, which can be assumed to be more privacy concerned in general, are also using WhatsApp, and every other of those Signal users has a public profile picture on WhatsApp. Tracking such data over time enables attackers to build accurate behavior models. When the data is matched across social networks and public data sources, third parties can also build detailed profiles, for example to scam users.

...

More privacy-concerned messengers like Signal transfer only short cryptographic hash values of phone numbers or rely on trusted hardware.

However, the research team shows that with new and optimized attack strategies, the low entropy of phone numbers enables attackers to deduce corresponding phone numbers from cryptographic hashes within milliseconds.

It is hard to say how Signal can improve upon these attacks other than to not use phone numbers at all.

forgotmypw17|5 years ago

Here is a really fucked up Telegram mis-feature I discovered recently:

If Alice and Bob are in the same chat

and

Bob has Alice's number stored in their phone's contacts list

and

Bob refers to Alice in the chat (using @Alice)

then

Telegram will disclose to all the chat participants whatever name Bob has stored for Alice in their contacts (instead of the name Alice specified in their Telegram profile)

godelski|5 years ago

There was a weird forum and twitter post[0] awhile back that maybe addresses this? Talking about additional ways to add contacts Moxie said

> there would be no phone number involved. Maybe not even a username involved! Nothing to add to an address book.

I know Moxie shows up on HN, maybe he could explain more? I'm very interested in this feature and I think HN would love to know more and if it helps solve the above issue (presumably it could).

[0] https://community.signalusers.org/t/moxie-about-usernames/15...

TimSchumann|5 years ago

> It is hard to say how Signal can improve upon these attacks other than to not use phone numbers at all.

I think it would be wonderful if you could use signal without a phone number.

I wonder if there is a technical reason they don’t implement this, as it sure seems like it would only have benefits for users privacy and security.

Abishek_Muthian|5 years ago

Telegram treats every single person on the contact list as your buddy and advertises it when they sign up by default.

e.g. If you had stored a plumber number 10 years ago, you'll receive a notification telling that the plumber is on Telegram now. Of course likewise, if you start using Telegram today everyone who has your contact and uses Telegram will receive the notification; be prepared for some awkward conversations with people whom you have forgotten.

•Telegram's latency seems to be low when compared to WhatsApp(Although part of which could be optimised code, data center proximity should account more and if so how a supposed renegade group of techies with no revenue afford better data center facilities than their Billion$ competitors?).

•Their feature update notifications seems to create a sense of consumer focussed entity when compared to the competitors.

•The bot API has made the platform extensible than others (Messenger restricted several features of their API after Privacy fiasco).

That's all, I don't buy the argument of Telegram USP as security and marketing it for one seems to be disingenuous at best and malicious at worst IMO.

EGreg|5 years ago

I have spent a great deal of time thinking about contact discovery and how to make it private or infeasible to do at scale.

If a service X knows the mapping between a user id and some useful info it can display (eg the name or photo) then whatever you do to get that user id, you can then display that useful info if it would be shown to any user of the service. Such as Facebook showing the profile pic and name (that’s why the real names policy is DUMB for privacy). So people resort to effectively usernames. This means you can id the user across sites and then later try to scrape info associated with that username across sites.

The solution is to remove all info, including usernames, unless the person has shared it with you (eg friended you and shared some info like a username with friends). Most of us on forums don’t give a crap who answering, just their reputation. For strangers, why have avatars or usernames at all? Why have anything?

Otherwise you will have to rate limit scrapers and stuff like that, playing a cat and mouse game against sybil accounts.

dang|5 years ago

Ok, we've changed the URL to that from https://www.tu-darmstadt.de/universitaet/aktuelles_meldungen..., and the title accordingly. Thanks!

DyslexicAtheist|5 years ago

I think Signal's necessity of tying the user to the phone number is where it could be improved. Signal could take a lesson from Wireapp which allows setting up a pseudonym so when connecting to another user I do not automatically have to share my phone number with them. ... e.g. if I want to make my phone number not be a problem, then I need a burner (or get burned). which is another step for the user. Depends on the threat-model if this is an issue I suppose.

Telegram so far never had an independent audit of its crypto or maybe I'm wrong?

bigiain|5 years ago

I'm pretty sure Moxie knew the upsides and downsides to using telephone numbers - and explicitly chose the alternative that maximised network effects over the one that maximised privacy. I suspect now there's (probably?) a large enough Signal network too self-sustain, and they can (and are) condsider allowing non-phone-number users to exists on their platform.

I'm not sure they made the compromises and decisions the way I would have preferred them, but their e2e secure messenger platform is way more ubiquitous than mine (which I never wrote), so in spite of that, I reckon they've done more to "make the world a better place" than I have...

(I do still get mad everytime Signal tells me "Some random or friend who's phone number you saved sometime in the last decade or so is now using Signal!" I'm 99% certain none of those people knew I was going to see that message when they installed/configured their "super private e2e encrypted messenger app!!!")

mahemm|5 years ago

This is the exact sort of thing that allows people to think that things like Telegram are acceptable equivalents to Signal instead of disastrously poor imitators. It's a shame the discourse around secure messengers has become so polluted.

jk700|5 years ago

In the paper they were still able to cover 100% of US numbers for Signal and discover all of its users, but less than 0.02% for Telegram and discover only 908 of its users due to simple rate limits, how is Signal better at this exactly? On top of that the paper purposely chose unrealistic threat models and assumptions about privacy, as if letting other people know your phone number is somehow acceptable for privacy in the first place (it isn't and never was).

Dahoon|5 years ago

How is user discovery of Telegram at 0.02% worse than Signal at 100%? It isn't like they could possible get it any higher and Telegram's couldn't get much lower. People who know what they are talking about have been critical of Signals use of phone numbers since the start but Signal have always brushed it off as irrelevant.

drummer|5 years ago

Yeah definitely agree; they probably inluded Signal for the clickbait.