Basically just the title, delete this if it’s not the right community.
I hate iphones and apple stuff for obvious reasons. But I am forced to use it to some degree. I just want to get a community consensus on any problems with signal being shared, seen, monitored, or sent to apple servers or icloud while being used on an iphone.
There’s a lot of reasons why I think Signal on an iPhone may not be as private as on a FOSS Android ROM.
First thing is that you are probably getting your notifications from an Apple server. While Apple cannot see the message content, it os possible that they are still collecting some metadata, as when is the user receiving messages, etc.
Second, the usage of keyboard. I cannot prove that Apple is keylogging your every keyboard stroke, but I don’t think anyone can disprove it either. On Android, we always ask users to use a FOSS keyboard, as some keyboard apps look at the screen and read messages to “provide better text prediction”.
Last is app usage metadata. Apple is still storing all the information about how many times you unlock the phone and how much you use Signal, how many times you open the app in a day, when and (maybe even) why you open the app. Which photos you are sharing through your photos app with Signal, such information is also valuable.
I would say most of your conversations are private, as Signal’s developers are very knowledgeable and they know what they are doing.
But if you have a skeptical mind like I do, or even like most people here do, I would not trust them a bit because of their proprietary code. You cannot be completely sure what they are doing. You just have to trust Apple, which most of here don’t.
As long as you can trust Apple, sure
And signal, considering its a centralized US company that has your phone number.
Surprised no one else has chimes in with this yet - but what is your threat model? Are you conducting terrorist activities? Good luck. Are you wanting private messaging between you and your friends - it’s probably fine - definitely better than texting. I will temper this with just keep in mind anything you send to someone could be screenshot, their partner could see it etc. You need to figure out who your potential adversary is before deciding if a communication channel is “safe”. First ask yourself “safe from what?”.
Terms like “safe” and “private” are not binary.
Are the contents of your Signal conversations on an iPhone private with regard to mass surveillance conducted by governments and ISPs? Probably. Apple uses security and privacy as marketing points, and there are a whole lot of people looking for vulnerabilities in its products who are incentivized to disclose them (possibly with a delay for patches). Signal itself takes steps to prevent data leaks to less secure parts of the OS and other apps.
Would your conversations remain private in the face of a targeted attack against your device by a nation state willing to spend a significant amount of time and money when you’re using Signal on an iPhone that’s presumably used for purposes other than secure conversations with a small set of people you know? Almost certainly not.
It is always the same issues in fact. You should consider your threat model before all. Then, consider the Signal app, then your iPhone supposed to be updated, trusted, with ADP enabled, biometric lock with erasure after 10 failures, etc. Then consider your ISP, then your country. Etc, etc. You should also compare the contexts. Is an iPhone “better” than a low or middle ranges Android-powered smartphones? For sure, yes. Is it better than high-range expansive smartphones with Android ? Or Pixel ones? Not that sure. And compared to GrapheneOS or /e/? Pretty sure not that much. You can also compare messaging solutions. Is Signal better than WhatApp? Of course yes. But what about XMPP and Matrix for example?
And what are your use cases? Remember your threat model. If you are an activist, a journalist or a whistleblower your needs may be different than a “commons citizen worried about its privacy.
In few words, the only pain point I see is the fact than iOS is proprietary and runs non libre source code and Apple devices than APN. But Android devices are not so much different. It does not mean the solution is not private or efficient, if we succeed in defining a definition of “private or efficient”.
In a nutshell, it could be considered as good. But not perfect.
iOS fails to include a libre software license text file, like AGPL. We do not control it, anti-libre software.
deleted by creator
on an iPhone
Lol. No
