top | item 26716710

(no title)

It looks like they are, but there might be a minor issue in verifying the content: https://github.com/signalapp/Signal-Android/issues/10476

But despite best efforts by the community to verify builds, Google and Apple can be forced to upload a malicious app to a particular user, meaning they aren't using the same app at all.

discuss

greysonp|4 years ago

> But despite best efforts by the community to verify builds, Google and Apple can be forced to upload a malicious app to a particular user, meaning they aren't using the same app at all.

Hi there! Signal-Android developer here. App signing verification is done at the OS-level, and Google does not have our signing key, so they wouldn't be able to give an existing user a different APK and have it successfully install.

ndiscussion|4 years ago

Is that really true? Couldn't Google forcibly turn off the code-signing requirement on an individual's phone?

They've been known to reset passwords remotely in the past: https://www.theverge.com/2016/3/30/11330892/fbi-google-andro...

morelisp|4 years ago

If your threat model includes the ability to force Apple to do X, then Signal is irrelevant.

ndiscussion|4 years ago

That's probably a good point, I'm using GrapheneOS which is not identifiable to Google/Apple and can't be singled out for updates.