Signal knows who you're talking to (2023)
sanesecurityguy.comSignal is in an impossible position. On one hand, it needs to appeal to the crowds currently using WhatsApp and happily syncing their entire contact list to Facebook/Meta, so that they can be profiled and a social graph can be built. That crowd needs it to be super simple and "just work". If it doesn't do that, people will criticize it for being difficult to use.
On the other hand, it needs to provide ultimate security, even though there is always a compromise between security and convenience. If it doesn't, geeks will criticize it for not being secure enough.
I this case, Signal could give users the option to protect their privacy by giving users the option to disable/mask/randomize timings on delivery receipts. I think there's a way to do it.
Thanks to this leak, surveillance states don't need to work around sealed sender stuff, though. They can just mass collect the Signal data and figure out IP patterns over time. Without proxying your traffic through ever-changing proxy networks such as Tor, it's only a matter of gathering data. Especially if someone accidentally hits the call button, which arranges a peer to peer setup immediately identifying the two parties.
Signal is still the best general purpose messenger out there if you value privacy and security. My government uses it as a communication mechanism between people and embassies in places with terrorist presence.
It looks like SimpleX has some protocol advantages but reading the reviews, the app doesn't seem good enough for the general population. It's probably because they value privacy above usability, but with problems like "messages don't get delivered if the other party doesn't open their app for a few days", that app isn't going to work for the people I talk to. I also can't really find who's paying for SimpleX, all I can find is anonymous donation links and a company listing in the UK (the country known for forcing Apple's hand in disabling E2EE backups). Probably fine, but once again, no messenger is perfect.
Signal would have had a better time if it had opened the idea that they don't have to be the ultimate authority and intermediate message broker..
Messaging your friends? What about your family?
One of you a nerd? Have one of those people stand up a server and federate it.
If Signal remains the "authority" here, then there can be mechanisms for spam reports across federated lines, distributed blacklisting and an appeal process.
That would alleviate their burden significantly, it would retire the notion that they have to always have perfect security and it would be in-keeping with their idea that "we don't want to have the information that could expose users". The easiest way to not have information at all is to not even relay it.
That's actually done already in XMPP (Jabber). Federativity, voice calls, E2EE, direct and offline file exchange, no sms verification and other bs, max privacy and convenience.
Sure, XMPP could go a lot further with a central body which set a minimum set of XEPs to standardise and maintained a blacklist of bad hosts though.
Signal could have helped a lot here (so could others, to be honest).
IMHO it's a very feasible position to just let those geeks keep criticising while meaningfully raising the bar on privacy for the average user. There will always be geeks who complain, but also plenty of them that see that perfect doesn't have to be the enemy of the good.
Aren’t YOU the one saying perfect (“complaining geeks”) is the enemy of the good-enough (“raising the privacy bar for everyone, but not really that much”)?
I’d go as far as to say good-enough is the enemy of the better.
Yes, I am saying that perfect is the enemy of good enough. I think that if Signal were to keep chasing the complaining geeks, it would cease to be good enough. In the sense that it would be far less widely used, and thus not raise the privacy bar of society even a little bit. Which is why I advocate for not worrying about the complaints too much, i.e. to not let perfect be the enemy of good.
(Obviously there's always room for improvement, but even if there wasn't, the complaining still wouldn't stop.)
This seems like a good place to drop Blue Sky's RFC on contact list sharing. Basically, they're got a way that you can share your contact list without sharing your contact list.
Through the magic of cryptography, there's now (maybe) a way to "encrypt" your contact list, upload it, the server can then find your contacts without decrypting it, and connect you with them.
That's not remotely technically accurate a way to describe what is happening under the hood, but the point is, you can share your contact list without sharing your contact list.
This magic is in RFC status from Blue Sky here: https://docs.bsky.app/blog/contact-import-rfc
Signal solved this years ago: https://signal.org/blog/private-contact-discovery/
Signal doesn't share your contact list. WhatsApp does, and this will not get "fixed", because it is done on purpose. It's the reason why Facebook paid $19 billion or so to buy WhatsApp, and from what I understand it's the main reason why Facebook/Meta keeps maintaining and developing the app.
That contact list is a huge deal if you consider how, connected to other data leaked by people using Facebook, Facebook Messenger, Instagram or other Facebook properties, it lets Meta know so much about you. For example, do some of your contacts use Messenger with location information? Do they often travel to the same location, which is a school? You likely have kid(s) in the same school as they do. It's scary if you consider the implications.
>there is always a compromise between security and convenience
This is the eternal struggle. You can only hope that Whatsapp will mess up bad enough to outweigh the gigantic convenience it offers to users
Sounds like 2 apps to me, maybe they should split it into Signal and SignalUltraSafeTM, for the paranoid, but more inconvenient, with some interoperability between them.
What if people on SignalUltraSafeTM want to talk to people on regular Signal?
Telegram solved this already though, they allow users to register using either their phone number or a unique username. But Telegram has a huge spam problem. Which is likely the real reason Signal requires a phone number.
> But Telegram has a huge spam problem. Which is likely the real reason Signal requires a phone number.
I was able to register with fake number I got for free on the internet. That clearly doesn't solve SPAM problem. If I know that, Signal certainly knows that.
There's not an unlimited amount of fake numbers available, that's the difference. The point is to limit your ability to register thousands of accounts.
Spam filtering is a game of numbers, every limit you impose to the ability of spammers to amplify their message reduces the likelihood a particular individual receives a spam message.
Did you have to supply your personal details to anybody in order to get that free number?
Not at all, but the downside is it works until someone takes over.
And then you have to pay for premium to prevent unknown users from spamming you!
Booooo you telegram
The paranoid crowd already has decentralised apps that you might not have heard of because… well.
Ultra paranoid group already despises Signal because of it's strict phone number requirement and moxie's stubborn and unreasonable stance on refusing anyone to self-host. Matrix is far better than Signal
If you're looking to protect yourself from metadata analysis, Matrix is not the protocol for you.
Matrix and XMPP are excellent protocols for decentralisation, but their E2EE implementation leaves all kinds of metadata exposed outside of the E2EE envelope.
You need to trust the server to not expose any of this information to anyone else (which is difficult to do when the police comes in with a warrant). If you use your own Matrix server(s) this isn't a direct problem, but then the communication links between you and the people you talk to would stand out immediately, so protection fails in other ways.
I'm not saying you should drop Matrix or anything, its decentralized nature and clear finances do have some trust advantages over Signal's occasional behaviour, but on a protocol level, an ultra paranoid person would probably be better off using (an audited client for) Signal.
What metadata exactly? Matrix only publishes the absolute required metadata for functioning of federation. Unless you can pin point exactly what metadata and how harmful that is, stop throwing that word around. Whoever is pushing this narrative of "metadata leak" in matrix needs to come up with actual facts
Speaking as project lead for Matrix, the protocol does currently expose more metadata to the server than it should. Specifically, the main issues are:
* no sealed-sender (but see the OP on why this is not a panacea)
* server can see which users are in which rooms
* plaintext room names & topics (so serverside search can work)
* aggregations (metadata around reactions, edits, replies, threads - ie who reacted to what and with what emoji)
We’ve been working away improving this - for instance MSC3414 defines a way to encrypt key/value events like the above, and an implementation landed this summer. Similarly per-room user ids are planned too. However, it’s not trivial to get right, and we are underresourced so the work is going slower than we’d like. Also, decentralisation at least means the metadata doesn’t pool in some centralised place (as signal’s traffic footprint does, for instance). If you run your own server, then the threat may be acceptable.
You can see the metadata outside of the e2ee envelope in Element. Things like message IDs in replies, room information, room IDs, in some cases emoji reactions, and other data will regularly find itself as part of the plaintext message. Of course there's still a HTTPS wrapper around those components, but the point is about E2EE.
Because Matrix wasn't encrypted from day 1 and because Matrix wanted to improve the general UX, especially for people not sending their notifications through Google and Apple, this metadata is still readable by the server(s) you connect to, so that they can serve users better. None of this is new and all of it is actively being worked on, but the Matrix ecosystem isn't exactly overflowing with funds at the moment so things take time.
Whether or not this kind of metadata being available to a participating server is a problem is up to you to decide. I use Matrix, I believe the federation upsides outweigh the protocol privacy downsides, so I don't think it's a problem for me.
However, the article discusses a privacy risk in Signal that is extremely niche and hardly a problem for 99% of people. It's more false advertising than an actual privacy risk, I'd reckon. What I want to make clear is that if you are part of the 1% where even the slightest metadata analysis poses a risk, Matrix is probably not the protocol for you.
I don't think there is any mainstream protocol that does fit the bill for someone like that. I'd start looking in the direction of Threema or TorChat if Signal isn't private enough.
I think Moxie's issue is with using their server for custom clients, but I'm curious if you have a link to him stating opposition to self-hosting?
Moxie thinks everyone in the world is a fucking normie and people shouldn't be running servers because he hates freedom and loves centralizing everything. It's rare when such a genius cryptographer has hatred towards decentralization
Wow, that's a pretty negative take.
Signals mission seems to be something along the lines of helping the most people increase their privacy. Better to help millions resist the dragnet of surveillance by ISPs, governments, and large organizations then to have perfect security for a few. This requires a very easy to use client (i.e. click on signal in the app store and launch), features users want (send receipts, typing notifications, emoji, video, calls, etc), and making wrong choices hard. Like say installing a random compatible with signal client from an untrustworthy source.
So Moxie is fine with people forking the open source client, but wants them to use their own servers.
Distributed/decentralization isn't some magic pixy dust that makes everything better.
So sure federation can work, but it's harder, and you run into things like XMPP. Are there secure XMPP servers out there, sure, but how do you tell? Which XMPP server supports which extension? How many people use XMPP for their chat/calls on a daily basis?
Seems kind of weird to pick on signal for doing things well and getting popular. Could it be more secure/private, sure. Could it do so AND be more popular, not so sure.
> dragnet of surveillance by ISPs
Yet relying on them for even signing up. How ironic. Signal is good for normies seeking privacy but it's so bad if you look past that
Signal seems pretty good, not sure it could be better and have evolved so quickly and gained so many users. Sure it could be more resistant to traffic analysis. What do you use?
I've pondered writing a p2p client that uses the signal encryption (double ratchet) and bounces fixed size packets off 2-3 other clients before delivery. All packets would be the same size, including those for the upkeep of the DHT.
To help make traffic analysis more difficult forwarding would include a random delay, DHT traffic would be indistinguishable from message traffic, and chaff would be added to allow for plausible deniability. Your client would talk to at least 3x as many other peers with similar timings and frequencies.
However the inherent compromises of P2P like increased CPU, network, and battery usage combined with higher latency and startup time seems like the adoption would be lucky to hit 0.1% of signal and then it's less useful since using it would raise flags.
Signal is so valuable because it has good e2e, it's popular, and whoever you want to talk to is likely to have at least heard of signal if not already running it.
Moxie doesn't want to federate, that's the main issue I believe.
Unfortunately Matrix hasn't yet implemented any PQ encryption so you are subject to store and harvest attacks.
Signal have chosen to put themselves in an impossible position would be a better assessment of the situation. Their choices have made it impossible to appeal to either part of the aisle.
I mean you could always see where a letter was addressed, so knowing who your talking too seems like a reasonable compromise.
Sealed sender feels like a get out subpoena feature.
I read through this. I don't think Proton Mail is a good replacement for Signal (it's worse because Proton does log and share IP addresses of users with a court order).
One thing I dislike about Signal on its privacy posture is that the moment you register, anyone who already has Signal and has your phone number in their contacts list will get a message saying you're on Signal. This is a good way for others with bad intentions to know about your presence on the platform. The options to hide your phone number are available only after registering on Signal (after this broadcast has already happened) and when the user figures out that this is possible somewhere deep in the settings.
On registration Signal could ask whether to inform all random people who happen to have your number. But since unused/discarded phone numbers are recycled by carriers to other customers within a matter of weeks or months or years (depending on where you are), your presence on Signal may be sent to someone you've never ever known or has known you. Signal ought to remove this broadcast on registration. Telegram (and I guess WhatsApp) also suffer from the same issue.
That's false. You can set your phone number discovery to None and even your contacts cannot find you unless you explicitly message them or share your username
So...who's right? This comment or the parent comment? I don't use signal and these are contradictory to me. Just wanna know what's the actual policy.
udev4096 is correct. Discoverability via your phone number is optional and opt-in.
Why do you even need a phone number in the first place?
To curb abuse.
Number spoofing is trivial, and SIM cards can be bought retail for as little as 1€ in the EU and many countries around the world.
You can buy them in bulk on shady sites for as little as 5c per pop.
Most abuse happens on an industrial scale, and it's trivially easy and practically free to bypass this kind of "security" feature.
Right, but 1€ isn't free. So if you manage to spam 1M people and make less than $0.05 * 1M = $50,000 then you are losing money.
Thus no spam on signal.
And to curb privacy / anonimity.
Hardly an actual mitigation. Temp phone numbers are in abundance and a dedicated spammer can definitely overcome it
No system is perfect. It’s about making it time-consuming and financially expensive to the spammer.
What types of abuse it really curbs?
Those that depend on creating new accounts to replace blocked ones.
Getting a new phone number isn't expensive, but it's infinitely more expensive than zero. And if a service is willing to block the phone companies that offer the cheapest new numbers, the price rises again.
NSA will know.
The article confuses confidentiality with anonymity/pseudonymity.
Signal has always aimed to ensure confidentiality in the simplest way possible. People forget that there are anonymous systems or systems that do not require a telephone number but they are incredibly painful to set up. You either have to go through physical checks with QR code exchanges to validate participants or have some kind of web of trust (no one has fond memories of PGP key signing parties).
The same goes for decentralization. On paper, everyone wants decentralization. But when it comes to interconnecting hundreds of servers with different rules, moderation and legislation, and protocol versions, it becomes hell and no one wants to have to manage it (e.g. Mastodon).
There are objective reasons why these systems are not popular.
The other problem is that the very use of this type of software becomes a marker. I am convinced that the majority of Olvid users work for the French government, for example.
Iranian activists who are checked at the border or elsewhere with any uncommon communication application have already lost, regardless of the security of the application.
Crypto-punks are a niche group that can accept this type of usage constraint. My grandmother cannot, but she can use Signal and she will be one user among millions.
Precisely. It's a bit like the browser fingerprinting dilemma. The greater lengths to which you go to hide your fingerprint, the more unusual your total profile becomes.
May I humbly suggest the thing I've done for 25 years, when I need to pass sensitive data like a slate of passwords or API keys or confidential business logic... I just PGP encrypt a zip file and attach it to a normal email.
This does nothing to address the anonymity issue, as you point out. But I'm really not sure that any set of measures I could take would truly keep me anonymous at this point in the race between governments and the well-funded organizations trying to evade them. I assume that no matter what I do to hide my identity, someone with enough money and motivation would be able to unmask it. To believe otherwise would be foolish.
The amount of times I have Signal dunked on for confusing confidentiality versus anonymity is just too high.
People don't learn to tell the difference.
A number of people take advantage of this to push unrealistic and inconsistent threat models. ‘I need an anonymous, decentralised solution that can resist the NSA so I can send my shopping list to my wife. I'm not going to consider hardware access or coercion because I'm a law-abiding citizen.’
Some people forget that many things have already been tested. Do you want a file-sharing network and forums that are completely anonymous, decentralised, and resistant to censorship? It exists: Freenet. It's so overrun with paedophiles that even the most fervent advocates of anonymity have fled.
> The article confuses confidentiality with anonymity/pseudonymity.
sure, but let's not pretend that the distinction is lost on Signal and serves to fuel their security theatre.
> My grandmother cannot, but she can use Signal and she will be one user among millions.
And she will not be better-off than on WhatsApp. Even assuming that Signal is a good actor today (and, surprise, it very much is *not*: using a 3rd party client is against their T&C, they have a history of pushing their crypto to your face, their marketing is based on blatant lies, …), she will be back to square one the day inevitably Signal flips.
The case I'm making here is for federation. I skipped the whole Signal stage. My family and friends (including grandmother) are now on XMPP instead. It has all the guarantees you might desire from Signal without the hanging sword of Damocles hanging over your head.
The critique of metadata being hard is fair, the claim that sealed sender is “totally useless” is not. It’s a small, incremental hardening step in a very messy design space, not a magic invisibility cloak, and judging it as the latter sets the bar unrealistically high for anything that still wants to be a drop-in WhatsApp replacement.
It's useless in the sense that it makes an anonymity promise to users that it cannot fulfill.
Just because it's not perfect, does not mean it useless.
A central signal message service receives millions of messages, I've seen claims of 40M active users a month. If each user sends 25 messages a day, that's 12,000 ish a second.
Drawing conclusions about who is talking to each other out of a 12,000 message per second stream is far from trivial since both signal users are just sending and receiving encrypted packets to a central service. Much depends on how much you believe about how signal handles things on the server size.
Not sure federation or pure p2p would improve things, especially since some fraction of the service could be malicious.
But it doesn't make the claims OP says are broken. Op makes several logical leaps and because each leap is a reasonable leap, he assumes it must be THE leap. Which isnt true and it's simple to come up with counterfactuals, and it's a common pitfall in analysis (he's confirming his bias)
I thought you can register Signal with a virtual number, then in settings simply hide the phone number, and create new chats with your username?
Also, what about Briar/Berty as alternative?
https://play.google.com/store/apps/details?id=org.briarproje...
I'm curious. What happens if you do that and immediately send messages to lots of people?
Will all if the messages be delivered promptly, or will most be delayed until the first few recipients have either replied or have reported your new account as spam? I don't know, I'm curious.
Signal appears to have the necessary information to compute spam prevalence per virtual number provider.
people often confuse privacy with anonymity, like in this article.
the question was if signal is secure and private, and the answer is about anonymity
is it secure and private - it is, is it anonymous - it's not, or at least, to some degree
Hm. I think, you are confusing general privacy with confidentiality. Observing who I am talking to definitely falls into the privacy domain.
Eg. you are talking to an HIV medical specialist. This inherently has privacy implications, if observable. Likewise, you wouldn't say DNS has no privacy implications.
Anonymity rather means, you don't/can't know who exactly you are talking to.
Some definitions of "private" also include "not knowing who I talk to".
"We kill people based on metadata"
General Michael Hayden, Director, NSA
> this feature is very technically complex, and totally useless
Now, to break your confidentiality, Signal would have to have a relatively complex system setup for trying to match up messages and deanonymize people. You could imagine many scenarios where a bad actor (agency) attempts to trick Signal into logging metadata. This now requires a lot more information, and if nothing else would give you a level of deniability.
I always thought sealed sender was something they implemented for their own sake. The less metadata they can see is better. As a user that means you have to trust them in what they say regarding the data they keep anyway.
Regarding sealed sender I don't think they ever fixed the statistical method of identifying sealed senders described in the "improving sealed sender" paper from 2019 (?), meaning it is pretty useless anyway if signal decided they wanted to identify senders.
The paper:
Improving Signal's Sealed Sender
https://www.ndss-symposium.org/ndss-paper/improving-signals-...
You can't have end to end encryption without ends. That said, I have managed to write encrypted end to end communication, using wireguard no less, that doesn't tell a third party server who is talking, or what they are saying.
This is single user talking to single user, though. I know it gets more complex when you have more users than that.
Signal is the only WhatsApp/Messenger alternative I've managed to get friends and family to actually move to.
I suppose this Sealed Sender issue is problematic for some people, but it's not enough for me to seriously consider jumping ship.
> Signal is the only WhatsApp/Messenger alternative I've managed to get friends and family to actually move to.
And what good did that achieve, practically? In effect, your friends and family:
- still use a centralised service with Signal (subject to enshittification/changing the deal overnight/acting as a single point of control and failure) - still use WhatsApp because they really have no choice: that's where everyone else is (and so, there is no avoiding Meta's data collection on them and indirectly, on you) - gained nothing compared to WhatsApp+E2EE (being centralised, both Signal and Meta can infer your social graph, the nature and volume of exchanges you have with your contacts, and hence the nature of your relationships, Signal only "pinky swears" it's not looking at it, and that's a very lame "guarantee").
I can't speak on the technical implementation differences between WhatsApp and Signal, but there's a huge trust difference. One platform is owned and run by a trillion-dollar corporation with a long history of privacy violations, data breaches, coverups, and security issues, and the other isn't. Whatever issues Signal Foundation has had, they certainly pale in comparison to Meta's. That's enough of a reason for anyone who cares about privacy and security to choose Signal over WhatsApp any day of the week.
This doesn't fly in light of recent history: first, Signal has some trust issues of its own (I mentioned a couple user-hostile acts in sibling comments), but that aside, do you remember how much praise WhasApp was getting in its early days? There is no guarantee the same can't happen to Signal (though it's pretty clear that it will become a major target for takeover and under significant scrutiny and influence would it ever grow past a certain point).
I repeat:
> Whatever issues Signal Foundation has had, they certainly pale in comparison to Meta's.
At this point I would trust a vibe-coded messenger app over anything produced by Meta. Security and privacy are completely opposed to Meta's business model and track record, regardless of how WhatsApp was once designed, and especially regardless of what their PR army claims. The idea that the same couldn't hypothetically happen to Signal is pure fantasy that's not worth entertaining in this discussion.
I repeat: when confronted to bad or evil, you should expand your options.
Meta sees your entire social graph by design, and stores the name and participants of groups you create. You (meaning: experts) can independently audit and through reproducible builds verify that Signal does not do this by design, while nothing about WhatsApp can be audited in the same way. Meta is also a plainly for-profit company with bad track record, while Signal often gets flak from (IMO mistaken) radical nerds but otherwise has a very good reputation.
The privacy fatalism in your comment here and in other comments is plainly incorrect.
What you say is barely different from what the opponents to generalized https were saying back in the days "true your ISP can see all your traffic, but they are the good guys, you are their customer after all".
With SSL, we no longer have to care, and that's much better that way. Signal has all the same means of (meta)data harvesting and analyzing as Meta. It can't be made different: this is built into their very centralised service. All I'm saying is that we should aim for better, and have guarantees baked into the protocol to avoid absolute metadata centralisation. Federation is a good start.
What do you mean signal “pinky swears” it’s not looking at it? It’s E2E encrypted and the code is open source - am I missing something? How would they possibly look at it?
ezst is referring to the metadata — who you're talking to, not the contents of the message
Precisely. The metadata and some basic packets analysis suffices to reveal if you are at home or at work, sending text or images, traveling/from approximately where to where or still, on the toilet or working, etc, all without breaking the glamorous post quantum ratchet encryption.
It doesn't sound like SimpleX solves this either [0]:
> There is still a risk that a server maliciously records all queues and messages (even though encrypted) sent via the same transport connection to gain a partial knowledge of the user’s communications graph and other meta-data.
[0]: https://github.com/simplex-chat/simplexmq/blob/master/protoc...
> SimpleX supports measures (managed transparently to the user at the agent level) to mitigate the trust placed in servers. These include rotating the queues in use between users, noise traffic, supporting overlay networks such as Tor, and isolating traffic to different queues to different transport connections (and Tor circuits, if Tor is used).
Also, most often the two parties use different receiving servers, and this aligns us more with the physicals letters analogy from the submitted article, except that each receiving server is more like a central post warehouse in a big city and not a small district branch.
I absolutely agree with the article.
Using phone numbers as IDs or a verification method is a horrible practice, not to mention that it forces you to use a phone in the first place.
Since a lot of people might not reach the conclusion at the bottom of the post:
Just use SimpleX.
Simplex is developed by a person who has a rather difficult view of the world. I would not recommend using it as long as this person is responsible for it.
https://xcancel.com/epoberezkin
This guy?
> Simplex is developed by a person who has a rather difficult view of the world. couldn't find it. what's his view of the world?
Antivax neo-Nazi.
Source on the "neo-Nazism"?
And you might want to tell us how this affects the privacy or security of SimpleX why you're at it.
Holding and openly expressing these abhorrent views probably encourages him to focus on security and privacy more than others.
But it does risk his app being associated with that and therefore discouraging everyday users. I wouldn't be surprised if it ends up as the next EncroChat.
Focusing on security and privacy is great, but I expected some downsides. I'm glad you decided to emphasize the dedication of the creator of SimpleX instead.
EncroChat was not open-source, so it was much easier to be infiltrated.
You can self-host SimpleX and it is open source, otherwise I have no idea what you mean by associated with his views. If the project is as promised, then why would you care about the views of the developer?
At first I was like, how difficult?
That is quite the Twitter timeline.
I came here to write just that. It is all over the place as well. I find it a bit disturbing with regard to how one defines struggle against power. What does those views mean with regards to the long term priorities of the software?
Oh, it's very simple: those views mean nothing. Unless you can point to the part of the source code where they are expressed and explain us how this part undermines the project's technological goals.
If you're so eager on encouraging cancel-culture, would you be so kind to elaborate on why exactly you want to cancel this programmer instead of just vaguely pointing in the direction of a closed platform?
Here is perhaps a simpler metric. If the creator of a security focused software is this awful at protecting their own anonymity- why would I trust them in the first place?
If they are revealing their identity so that we can vet their credentials, then it makes sense that they would want us to judge them based on their online persona.
If we believe all of this to be true - it’s not really cancel culture, it’s by design that the creator of SimpleX has implemented this filtering mechanism for their users.
False dychotomy — there are more options than "protecting anonymity" and "revealing identity so that credentials can be vetted". He just writes what he believes under his own name, it doesn't necessarily have anything to do with establishing his authority.
I don't know what you're mentioning, but let's not forget that whatever view he might have, it changes nothing in the technology he creates. It's open source, it's auditable, and the code does not have worldviews of its own.
Your comment promotes cancel-culture, and as filthy as it is in general, it's even more so in the technology world. Don't do it. Please.
As long as you are not auditing every bit of code you run yourself AND are sufficiently knowledgeable to detect even obfuscated malicious code, you need some basis of trust.
Evident world views far off reason, reality, compassion and pragmatic self-regulation, don't speak for a stable, predictable and reasonable personality.
If a person thinks some humans deserve less rights than others, how could you trust any update to not reflect this world view?
Additionally you may be becoming technologically dependent on a person whose actions may be detrimental to your safety or wellbeing in other parts of your life.
You may also just don't like to promote this person's work.
It's fair to inform others about the person behind the software they are running. Everybody can make their own informed choices.
And the appropriate basis of trust in the technology world would be source code audits, not scraping some individual's Twitter posts.
If the users' communications are encrypted — which they are — there is no way for the creator to "reflect his world view", whatever it might be, in the form of undermining the security or privacy for some part of the user base.
I like your point that if a developer is a vocal neo nazi then only people capable of regularly conducting their own thorough code reviews should rely on the products that they make. I agree with you that regular folks that can’t do code audits should not trust neo nazis with their private communications. It is good to know that we’re on the same page about not implicitly trusting the simplex code
This is not my point. Trusting someone else's code audit is infinitely more valuable than trusting any "vibe check", since it touches the actual subject matter.
How do you derive trust for the auditing?
Anyway, since we're talking concrete software, could you point to such code reviews from vibe-independent auditors for continuous verifiable simplex builds targeting common communication platforms?
If not, your point is moot for the subject at hand. Decisions have to be made on the basis of reality not cozy fantasies.
I am not sure I run a single piece of software where this is done. Sporadic audits tend to bring evidence of soundness and security, not continuous absence of malicious functionality.
> I am not sure I run a single piece of software where this is done.
And yet you run it. Have you vibe-checked every such software? Did that bring you enough information about individuals creating it? If not, if there are no readily available signs, have you vetted their own, private beliefs otherwise — in order to ensure they don't clash with your own?
What if Linus Torvalds turned out to be secretly a Nazi pedophile for the whole time? Would that make you stop using Linux?
You are moving the goalpost. There is no constructive discussion possible, if you can't concede weak arguments.
But yes, I vibe checked the software projects I use. They are mostly large enough, where single individual failings are of no consequence and unhinged people are usually removed from executive control through various means. But it's trust based on feelings and the information I got. Most people involved in these projects are mature and controlled enough to not mix politics with their work. It's not a good sign to not be in control of such impulses.
And I rather take a chance with the unknown bad, than rationalize the known. Luckily most people with a collectivist FOSS mindset don't turn out to be monsters. Who could have predicted that?!
Your turn.
I was just asking to know your thought process, but this discussion probably won't lead to anything anyway — in my view a person's stance on vaccines, gay rights, what have you, doesn't make you any worse developer. If the technology is sound — which I can vibe-check (by a glimpse on how the code is maintained, documented etc.) — I have no reason to peek into one's private views. Your opinion is different, I still don't fully understand it, but we'll just have to agree to disagree.
We are not talking private opinions, we're talking public ones. Lol.
If you fail to understand why human rights and state repression stances don't matter evaluating trust in secure and private communication means, we indeed don't need to discuss any further. It is a bit silly tho.
I like that you asked
>could you point to such code reviews from vibe-independent auditors for continuous verifiable simplex builds targeting common communication platforms?
and sandblast has written a lot of words that indicate “no”, so they’ve been pretty consistently arguing not to use simplex.
This makes sense. Trusting a stranger’s code is bad but trusting a stranger’s opinions about code is good.
Unless you mean that only users personally capable of walking through the code line by line and their immediate friends and family should run code written by neo nazis
You want to audit every update? Are you going to pay for it? Is this relevant for the app discussed?
Because until there are other means of forming trust available, everyone only got the vibe check. Some perfect world scenario ain't gonna cut it.
I'll try from another angle:
If I wanted to make a honeypot that undermines users' privacy and anonymity, I would make sure to be as nice to everyone as possible. The "vibe check" is irrelevant, the false positives are far too common.
Yes, the vibe check can fail too, but that's no argument to ignore crazy.
You do you. As I said, we all should be able to make informed choices as we please.
In an ideal world yes, what you say is true.
However, human being human beings, they find it very hard to sequester their beliefs, emotions from their work. It's a common human failing. Often they are not even aware of it.
Having politically or socially divisive beliefs publicly also makes such a person a target of coercion and encouragement to yield to a "harmless" temptation by way of appropriate 3 letter like agencies.
To ensure that this does not happen will require maintaining a paranoid level of vigilance on the code all the time. That is a lot of work, very expensive and is unlikely to happen. Perhaps not fair to his creation, but that's just how it goes.
My comment is at a high level. This is the first time I heard of Simplex chat, so I don't even know what views its developer has.
Any ultra-secure messaging app will inevitably attract the drug dealers which will inevitably attract the police trying to infiltrate it.
You are much more secure blending in the vast masses using WhatsApp than on a ultra-targeted ultra-small app like SimpleX.
i don’t think that’s the right take
black markets and opposition members i’ve used / talked with focus on disposability not security
the premise of their communications is always “the platform is bugged” and in case of opposition members “the government can always just beat you and trick you into unlocking your phone”
deals happen on messenger all the time and burning messages / rotating phones and accounts is very common. for opposition members, messaging apps are purely for benign communication and actual discussion happens in person or in truly destructible formats or it’s not recorded at all
periodically anon burner message apps appear on app stores and rotate out pretty fast once they start getting too much attention
the idea of a perfectly secure app for communication is currently mostly a fantasy; if a malicious actor wants to get your info and communication they will. this doesn’t mean give up completely and be insecure but instead just be in a position to ditch the app when it becomes necessary, if you need that level of security
it’s better people be trained to understand the reality of what can be done with the communication methods they use and how they can be punked so they can make informed decisions — i’m fine with signal’s goals and efforts but i’m not a fan of signal advocates treating security and privacy like another round of the OS wars, that teaches people the wrong lesson and makes it harder to convince ppl privacy and security are a problem we need to take seriously not just for criminals but for everyone. privacy and security benefit us all or it benefits no one
The "police trying to infiltrate it" means nothing unless they can do so successfully. We know that it's vastly easier to undermine users' privacy on WhatsApp than on SimpleX.
So where exactly is that "much more security" you're touting?
There are few stories of drug smuggling gangs being caught because they used WhatsApp.
There are many about how they were caught because the used ultra-secure "phones for criminals".
SimpleX is not a phone and its model of distribution and being open-source makes it much harder to infiltrate than these projects you're hinting at.
There are already drug dealers on whatsapp
The only reason drug dealers aren't getting busted on WhatsApp is nobody cares enough. They wouldn't care either way.
First question after Moxie Marlinspike talk at the CCC conference was: "When will Signal not base itself on a mobile phone number, I am an activist from Iran"
> First question after Moxie Marlinspike talk at the CCC conference was: "When will Signal not base itself on a mobile phone number, I am an activist from Iran"
Not meant to be pedantic, but the question about phone numbers appears to be the last question after the talk, asked at 38:05 in the video. (The first question, at 30:50, is about post quantum security.) I also don’t think the asker mentions being from Iran.
That was not the first question, the first question was about post-quantum security. Care to time stamp it or do we have to sit through all of the Q&A to find your claim?
Not OP, but I’ve referenced the time stamps in my sibling comment.
Also, “Be kind. Don't be snarky.” (https://news.ycombinator.com/newsguidelines.html)
I saw your comment and just finished listening to it, to those that can't be bothered to, he boils it down to: they don't want you to lose all of your social network if you lose your device. Imagine having to re-discover every user you've communicated with because you no longer have their identifiers, which I think is a fair argument to make.
Also, now that we know the timestamp, we know this user spread two pieces of misinformation in 28 words: Iran was never mentioned and it was not the first question in the QA. I think some snark is well justified here.
> they don't want you to lose all of your social network if you lose your device. Imagine having to re-discover every user you've communicated with because you no longer have their identifiers, which I think is a fair argument to make.
Other networks solved this by not blocking backup.
Take it up with him then. I live in one of those countries where I can purchase a SIM card for like €2 without needing an ID, so I can't say I'm personally invested in this phone number discussion one way or the other.
Your reaction to a simple statement was strange. For someone who proclaimed how little they cared even more.
what was his answer?
"Never"
It is, as far as I know, an unsolved problem how to implement full metadata transparency on a mobile device.
For example, Aztec, a privacy focused blockchain, requires recipients to download the entire block to determine if any private message is addressed to them (and BTW use techniques resembling Signal's double ratcheting in creating these identifiers) [1]
This is infeasible on mobile devices. At best, it allows the user to select a proxy server they trust to identify messages intended for them and forward a notification.
1 - https://www.taurushq.com/blog/enhancing-token-transaction-pr... (search for "synchronizer")
This is ultimately a usability issue. The Signal app has a feature called sealed sender. The assumption is that a feature actually does what it is intended to do. Signal makes no effort to inform the user about the limitations of this feature. My experience is that almost all Signal users that actually know about sealed sender think that it actually provides some practical benefit. Users that do not know the limitation of a tool are unlikely to use that tool properly.
This sort of thing is depressingly common in the world of encrypted messaging. It is really common for a user to not know about the requirement to do identity verification with E2EE for example.
The Molly fork of Signal solves some of these problems.
How does Signal make money to be able to afford their AWS subscription? Do corporate clients pay for it or something?
That MySudo service he mentions in the article sounds quite interesting as well. Has anyone given it a try?
If one person uses Molly but the other uses standard Signal. Do we have the same problem or is security still somewhat improved with regards to who’s communicating w who?
I think the primary concern addressed in the article is it's ability to connect directly through TOR, so the person using Molly would potentially have less metadata available for analysis.
So, as with all things privacy related, it depends on your level of paranoia, I suppose ;)
All you need is metadata. Once you know your targets, install spyware (on one of them) and enjoy access to Signal's unencrypted msgs on the phone.
Almost feels like another CryptoAG with Snowden recommending it so much when he knows that metadata is enough.
Fundamentally any centralised message relay system will have enough metadata to know something about participants and maybe even things like message frequency. If you truly want anonymous communication it has to be p2p.
Let's not forget one way Ross Ulbricht was caught was by correlating traffic from his home through Tor to posts appearing on SilkRoad.
That's not how they caught him. They caught him because he posted a StackOverflow question under his real name that contained a snippet of the code that was found in SilkRoad's source code.
That was another mistake.
> The server running Silk Road was imaged and forensically examined in late July. This was done surreptitiously by the hosting provider at the request of the FBI via local authorities and the Mutual Legal Assistance Treaty. They used the server’s ssh config to find the VPN server Ulbricht was logging in from and the VPN server’s last login record of IP addresses to locate a cafe near his home. The FBI was able to correlate the location based on Google’s records of the email account that was previously used to solicit users and help on the Bitcoin Talk forums, which he accessed from home the same day he logged into the VPN server.
https://www.comparitech.com/blog/vpn-privacy/staying-anonymo...
These are all spy-apps anyway. To me it always looked as if the US government is just a thin fake-coat over this operation. There is a reason they dislike people having secrets. No spy agency wants people to have secrets. Cops asking for an ID without a probable cause is another reason that then ties into the legal system. I feel that most governments overreach what they can do in general; they have a tendency to grow in what they claim is their concern when it really is not.
> These are all spy-apps anyway.
Do you have any evidence to back this claim? Specifically as it relates to Signal.
Whom you're talking to.
Briar is also an alternative.
I'm sorry but I don't think this guy did his homework correctly. You don't need a phone number anymore to use Signal. You still need one to register, but not to communicate with anyone. You can simply share your username for that. So you can just buy a prepaid card with cash, register, and then throw it away, and it will never be linked to your real identity. Signal is not perfect, but it's still the best we have.
IIRC there's like three developed countries in the world where one can buy a phone# without providing ID.
In the US one can buy a prepaid card wearing a mask and paying with cash.
Also I came across this service which purports to be anonymous: https://www.cape.co/ but has a ridiculous monthly fee.
Three?
Half of the eastern EU countries have no ID requirements.
Not to say they're not moving towards it, but it's not that dire yet.
Guess I IRId instead if IRCd
> You still need one to register
Case in point: recently, some Russian mobile service providers started blocking registration SMS for popular messengers, Signal included.
In earlier years there were also cases of mobile number spoofing in the country, where the control over the number was given to law enforcement who then use it as second factor authentication to break into different accounts.
That's how easy it is. The word "secure" and "mobile phone number" are the opposites of each other.
What about the possibility of the number being re-registered with someone else and them using it with Signal? They won't obtain your chats of course, but this workflow with a throwaway number doesn't really work for more than short term use?
You would need to throw the phone away too, and use it only for the prepaid SIM, otherwise its IMEI will be linked to anyone who can observe which are associated with which SIM registrations.
(2023) missing in title
I like the way SimpleXChat works. Good luck getting anyone to switch to it though. https://simplex.chat/
If they fix the android battery issue (due to how notifications work) it would be a lot easier to get people to switch.
I hope the PR gets merged soon.
I don't claim that the problem does not exist, but I haven't really felt it during my daily usage with relatives.
I do notice it but then again my phone is quite old at this point.