Signal: Safety number updates
whispersystems.orgEnabling the advisory mode by default seems like a mistake, at least with the current UI. It is so unobtrusive that it carries a very distinct implication of "we've looked into this for you, and you don't need to worry about it", which is not the case. The iconography of the shield also implies this - it says "Signal is protecting you".
The message probably needs to be more explicit: "Voltairine de Cleyre isn't using the same safety numbers anymore. Probably this contact just has a new phone or reinstalled Signal, but you might want to confirm the new safety numbers with them.". And the accompanying icon should be an ! or ? or something.
Yeah, while a security conscious user would probably be curious about this and investigate, I think an average user would just ignore it.
I've been talking with people who haven't noticed when I change the disappearing messages on/off, which has the same appearance and displays in the same place as these advisory messages, so clearly some people are already ignoring them.
"Your correspondent had been replaced by a man-in-the middle for you convenience. Have a nice day."
I agree on both points. Muted red text and a broken/unlocked padlock would convey the intent a lot more clearly.
One features that Threema has is that you can see that you have verified the other persons key. I think Signal should have that too. If the other person reinstalls you just drop down back to a lower trust level.
Threema does it with 3 dots red, orange ad green, but other versions of this might be experented with.
One of Signals worst problems is that it entirely relies on Google to not provide a malicious APK during initial installation of the app.
(Yes, it is open source, but most people don't have the knowledge or time to compile software themselves)
I still think Signal is one of the best secure messengers though.
i can't get Signal to work here in germany - it always fails to register to the network - despite getting an SMS, and i suspect foul play.
I had a problem with this before and figured out that it was due to reinstalling from Titanium Backup - could this apply to you? There are some other potential fixes posted here:
Android: http://support.whispersystems.org/hc/en-us/articles/21463462...
iOS: http://support.whispersystems.org/hc/en-us/articles/21313245...
I'll check this out!
The problem is non security minded users probably won't take the time to verify the numbers in the first place. They should look into a method that verifies identities without user interaction. Possibly by having signal store users public keys after they verify their phone numbers or better yet provide users with signed certificates for verification purposes.
Congratulations, you've invented the iMessage security model.
The cryptographers behind signal are very smart; they have thought about these things.
The signal model has the advantage of not having to trust a third party server. With iMessage, it's possible for the government to force Apple to add pubkeys to a user's identity (although the user will be notified).
I can't think of a way to do that automatically in a way that can't be MITM'd.
There was something weird going on when I set up Signal for my partner today. She had downloaded and installed Signal through the play store and we tried to scan and exchange safety numbers. My phone gave me the message that her version was outdated. The other way around gave her the same message.
When I updated my version it all worked out.
These changes seem to bring it much closer to the implementation in WhatsApp, although WhatsApp defaults to accepting modified fingerprints.
How do you view safety numbers on iOS?
Answer: tap (not long press) the name in the conversation header.