i’ve just seen a comment in a post, in this very community, saying people trust signal because of missinformation (from what i could undertand).
if this is true, then i have a few questions:
-what menssaging app should i use for secure communications? i need an app that balances simplicity and security.
-how to explain it to my friends who use signal because i recomended?
-what this means for other apps in general?
You must log in or # to comment.
It’s fine as long as you don’t do something silly like invite a journalist to your top secret government group chat.
Or use a third party client that doesn’t have as much scrutiny on the source code and will Leak your message s
man imagine trusting in an israeli signal fork lmao
Given what you’ve said, Signal is still what you want and is good for it.
There are two main issues people have with Signal:
First is that it requires a phone number to sign up. That makes some people who want it to be truly anonymous unhappy. It’s not meant to be anonymous, though. It’s meant to be private. Those aren’t the same thing.
Second is that it runs on AWS. This isn’t a problem in the sense that it’s possible for it to still retain privacy while running on AWS. Some people don’t like it because they view the dependence on the infrastructure of an American company to be a risk to availability. They also believe that it would exacerbate a security flaw if one were found.
Personally, I know these risks and still find it to be the best balance between privacy, security, and ease of use.
Second is that it runs on AWS. This isn’t a problem in the sense that it’s possible for it to still retain privacy while running on AWS. Some people don’t like it because they view the dependence on the infrastructure of an American company to be a risk to availability. They also believe that it would exacerbate a security flaw if one were found.
Let’s not pretend the hypervisor doesn’t have full access to the VMs memory and execution. The only thing protecting the Signal server is Intel SGX.
I don’t think Signal trusts the AWS server either, that’s the point of E2EE encryption.
I’m not claiming the contents of the messages are at risk here. You’re social graph and metadata though is another story.
not to shit on you specifically but I see this over and over, folks asking how to be “secure”. secure against what?
if you’re into this, you need to set up a “threat model” i.e. what are your threat vectors and then you build your defenses against that model. a defense against blanket surveillance doesn’t handle targeted threats. a successful defense against your government doesn’t preclude other nation-state actors getting at you.
like, if your threat vector is e.g. your SO “inspecting” your phone, you set up a passcode and you’re safe against that threat. but, if there’s a toddler going around smashing stuff, your defense isn’t valid. defense against that vector is placing your phone high up. but that defense isn’t effective against SO.
I am sure any messenger recommended here can be successfully red-teamed, be it design flaws, operator error, the famous wrench comic, or whathaveyou. but that doesn’t mean it’s ineffective in your specific case.
There is none. Theres like 0.1% of people who complain about it who have a valid point.
And those points are always meaningless in light of the alternative’s drawbacks.
Even the alternatives like Briar acknowledge on their FAQ that Signal has pros
Being tied to US infrastructure isn’t a valid concern?
What then is the difference between it and Whatsapp? Both claim to use the Signal secure protocol but you can never confirm that since their codebases are closed source and proprietary.
Signal is open source. GitHub
One is run by an advertising company that has been proven in court to be a bad actor and a strong motive to log and track anything they can
The other is a non-profit without any real motive to sell you out, or any history of doing so
Thats good enough for me and most others unless you’re an extreme “trust no one” level of paranoia
Its in usa, and its big. The chance that its compromised by cia is 100%.
Considering that all other alternatives are either
- extremely difficult if not impossible for non-technical users to leverage, or
- much, much worse, up to even eagerly giving out your data
I consider Signal to be the best option out there. It’s not perfect, but nothing is. It simply is the best general option out there, by far, for a general audience.
Yes, you can be totally secure, untraceable, and ultimately unfindable. But being cut into pieces, with each separate piece entombed in its own barrel of concrete, and each barrel dropped into a different oceanic trench, tends to be a bit beyond what I consider to be reasonable to achieve that.
everyone around here talking about the CIA and nation states as part of their threat model…
bro… you’re worried about the CIA and mossad, and you think spinning up your own chat servers (simplex, matrix, etc.) as an amateur sysadmin is going to be MORE secure?
XD you think the CIA can’t crack your closet server? Bruh, get real.
PRODUCT PITCH: Hey everyone, I have a great idea for a secure / private messaging service.
It’s hosted in the US, subject to its pervasive spying laws including national security letters.
Also I need all your phone numbers.
Also no you can’t host this yourself, I run the only server.
Everyone who uses signal and supports it, is falling for this pitch.
There is no problem
Signal does have your phone number, which is a problem.
On the other hand, the only information linked to that phone number is, “the person with this phone number uses signal”. AFAIK your phone number is not linked to your contacts, your message content, etc.
So in practice, the fact that Signal has your phone number is probably only a problem insofar as you don’t want anybody to know that you use Signal.
But to be fair, why have that issue if you don’t have to. Signal is actually good, still, but there are even better alternatives.
Well, it’s 100% linked to your contacts in one way or another because when you install it Signal will happily alert you to which ones of your contacts are already using Signal. I can’t see how they could manage that without slurping up your contact information.
AFAIK the client slurps up your contacts, but the E2E encryption ensures that the Signal server cannot actually see those.
Signal is the best “easy” alternative. And DIY leaves many holes for rookie errors.
Do explain what makes it better than SimpleX Chat?
Would love to use SimpleX too, but the plan fell apart while trying to use it with family. Surprisingly many people fail to grasp the concept of anything other than a phone number, social media profile, or email address. It fell apart among my more tech-savvy friends because we missed calls and had delayed notifications despite SimpleX eating through the battery like no other messaging app.
No doubt, SimpleX is the concept of a messaging app done right and could be better than any other. It’s just the implementation that needs work. But I’d be happy to hear if there’s any optimizations I could try and revisit it.
It’s an easy alternative. It took me a decade to get my friends to download a second app
My contact coulds find me by phone number. I changes my status on WhatsApp and half of the regular contacts decided to use Signal. If I want to use SimpleX I would have to invite them all and just hope they’ll adopt.
I don’t need my phone number to be private. I want my communication to be private.
You deciding to invite your contacts to Signal isn’t really Signal being better though.
Better at connecting with the people in my life, the people that I want to stay in touch with on a regular basis.
I have managed to get all my friendship group on signal and we use it daily. While it does have its flaws (mainly being centralised and US based), I try in life to not let perfect be the enemy of good. Until there’s a stable and easy to use alternative I can point my friends to, I imagine we’ll stay on Signal.
I am under the impression that Signal encrypts metadata so that is useless to sell. The only thing they can turn over to law enforcement after a lawful warrant is the phone number an account was opened with (and maybe the date that happened) and the date of the last time the account was used. That is all.
Don’t they also need to store who to send your messages? From a technical point of view?
Did you ask the commenter what the issue was? Seems like the logical place to start.
You’d think so, but sometimes they just angrily rant with no clear point or references.
But that would mean that you shouldnt accept their claim, regardless of how conceivable the claim might appear to be. Otherwise, we loose our minds to common sense.
i agree with everything you said about signal, but i’m uncomfortable with a lot of the alternatives. a cryptographer i follow has written about a couple of these: xmpp, matrix three or four times (linked in the introduction to the post), others
Look at Delta chat.
I saw a good response to the XMPP thing he wrote about I’ll get back to you Rizzler. The “encryption isn’t enabled by default” thing just isn’t true for the clients people actually use, for one.
I checkedout the SimpleX website and the webdesign looks like “crypto rugpull”
This is long, but answers your questions: Why Not Signal?
-how to explain it to my friends who use signal because i recomended?
Okay it doesn’t answer that one. But also, whether they should use Signal or not depends on their threat models. Many people don’t see the US police state as a threat.
Best answer/link and cause…
Using phone numbers is the only real criticism imo any service that uses phone numbers is fundamentally compromised.
They offer encrypted messaging, not anonimity. They offer a way to keep your conversations private. It’s not an opsec tool, it’s not a tool to be used by the military. It’s a platform for regular people that don’t want to get spyed on or don’t want their conversations to be used agains them when legislation changes.
"Nullum crimen sine lege, nulla poena sine lege’’
Still phone numbers are just really really bad. Like the worst thing you could possibly choose when it comes to verification.
Why?
I’m put off by the centralized server. I’d want to self host without having to build a special client, something like nextcloud. That the company chose to prevent that gives me a bad impression. So I haven’t been using it so far.
I’ve played with GNU Jami a little but it was flaky when I tried it last year. Maybe it’s better now.
You can’t have it both ways. It’s hard enough to get people to switch to signal, or least also use it next to other messengers. Now imagine they’d have to connect to multiple servers to talk to multiple people. Possibly everyone connection details. Even if that’s done in the background, you have to somehow get the connection registered once, discovered if you will.
Anything and everything you send through their server is end-to-end encrypted. Some people hate on the phone number being required to create an account, but it’s also the reason it works at all: anyone in your contacts who also has signal you can talk to. Phone numbers are an international standard. If course this also has downsides…
Finally what you’re asking for exists. NextCloud has “talk”. Which is essentially a messenger app, it’s built in. Go use it. I have a NextCloud instance and I don’t use it either. What’s the point of having an app I can only use to talk with people so close to me that they’re in my NextCloud with an account already?
You can’t have it both ways.
Of course I can. Jitsi Meet lets you do it both ways. I don’t know if Nextcloud has an official hosted server but they could if they wanted. I use it self-hosted and it works, the Talk app is just not very good. Jami uses a DHT instead of a centralized server which is another approach, though it might be part of its flakiness. Linphone (a regular VOIP client, not a secure chat thing) is set up by default to point to Linphone’s own SIP servers but you can change that in Settings. No reason Signal can’t do similar. Heck, even Lemmy works that way (you choose your server).
Signal is simply being evil and your defending them is unconvincing. I could opt to self-host Signal and build a special client for my users, at the cost of hassle for everyone but no serious technical drawbacks. Signal chooses to create that hassle because they want to funnel users through their servers, not incidentally collecting metadata about ALL the user conversations.
There’s actually a configurable Signal client called Amanda or something like that, though I haven’t tried it. Someone here mentioned it last time this came up.
Also, Signal’s own client isn’t on F-droid, which raises more potential questions. I haven’t cared enough to look into it.
Added: oh re Nextcloud, I see what you mean, account creation is an obstacle, though that could be handled like Hipchat used to. You could generate a randomized URL to invite someone to your private chat without their needing an account. Nextcloud has that too, though just for file access, not for chat for some reason. Come to think of it, Signal could also work that way: it shouldn’t need accounts at all.
When I’ve invited people to my Nextcloud I’ve just enrolled the account for them myself and told them “please log in with username X password Y”.
