i’ve just seen a comment in a post, in this very community, saying people trust signal because of missinformation (from what i could undertand).
if this is true, then i have a few questions:
-what menssaging app should i use for secure communications? i need an app that balances simplicity and security.
-how to explain it to my friends who use signal because i recomended?
-what this means for other apps in general?
You must log in or # to comment.
Using phone numbers is the only real criticism imo any service that uses phone numbers is fundamentally compromised.
They offer encrypted messaging, not anonimity. They offer a way to keep your conversations private. It’s not an opsec tool, it’s not a tool to be used by the military. It’s a platform for regular people that don’t want to get spyed on or don’t want their conversations to be used agains them when legislation changes.
"Nullum crimen sine lege, nulla poena sine lege’’
Still phone numbers are just really really bad. Like the worst thing you could possibly choose when it comes to verification.
deleted by creator
Why?
PRODUCT PITCH: Hey everyone, I have a great idea for a secure / private messaging service.
It’s hosted in the US, subject to its pervasive spying laws including national security letters.
Also I need all your phone numbers.
Also no you can’t host this yourself, I run the only server.
Everyone who uses signal and supports it, is falling for this pitch.
It’s always gonna be a moving target. Wife and I started using Telegram because it wasn’t monitored like Facebook Messenger (which I don’t have an account for) or WhatsApp. Now people are saying Telegram isn’t good enough, use Signal. It’s still good enough for us. I also have Signal. No one I know uses it, but I have it in case they wanna start using it.
Honestly though, iMessage is secure enough for most people. Basically texting through Apple servers.
But any security or privacy expert will tell you that you need to determine your own threat model. No one else can tell you what that is.
Just because you made one mistake doesn’t mean “It’s always gonna be a moving target”.
What’s the one mistake? Telegram? Or Signal?
The way I see it, the goalposts keep moving because Telegram was the private alternative to FB Messenger and WhatsApp. Then Signal was the private alternative to those, and Telegram. Now people are saying Signal is a problem (I’m guessing because of the cock up the US government had last year?). The goalposts keep moving, but Telegram is still fine for what I need. I keep both as alternatives to texting for people who want to reach me however they’re comfortable doing. I also have one called Session. I don’t use Twitter/X, Facebook/Instagram/WhatsApp, or Reddit. I have a Discord because I have a couple things that are only available up there, but it’s not a good way to reach me as I have notifications disabled on it.
Telegram never was the private alternative to anything, unless you took their advertisement at face value. It was always known to not use e2ee by default.
Signal is not a problem, the US gov things were very dumb users issues. It was not caused by Signal itself.
So the goalpost has not moved in years, Signal was and is still good, Telegram is only fine if you do not care about privacy.
using Telegram because it wasn’t monitored […]
That is an interesting statement regarding the fact its centralized and deletes accounts / channel all the time.
Telegram is a social network masquerading as a messaging app, not a “secure messaging” app.
telegram doesnt encrypt by default, its a hidden feature. i wouldnt be too sure about iMessage, i believe E2EE is a bare minimum for everyone.
-
Messages in iCloud are E2EE protected only if iCloud Backup is disabled or if iCloud Backup is enabled with Advanced Data Protection (ADP). Otherwise, Apple stores a copy of the encryption key, allowing Apple (or authorities with a court order) to access your messages.
-
Probably obvious, but messages sent over SMS (green bubbles) are not E2EE.
-
Telegram uses a proprietary encryption protocol called MTProto, so who knows if it can be trusted.
-
Like many said, signal is centralised and requires a phone number.
Meaning it’s not anonymous and the server owners can technically sell your metadata, not the content of the messages but who talks to who, what time, the length of the chat/call etc.
Either-way having to use a phone number to register an account, for me is not acceptable for several reasons besides privacy and metadata.
On top of that, the server side of signal isn’t free software (as in freedom), which means that the whole program requires non-free (as in freedom not beer) network services in order to work. Which isn’t acceptable for free software advocates.
Alternatives:
Simplex: If you don’t require voice calls there are more options available there are many text messages, but very few support calls, which for me is a critical feature.
In theory Simplex is the best, it’s e2ee, quantum resistant, each chat (message queue) is it’s own “account”, each “account” is just a private key, and you can switch servers with the tap of a bottom, it also supports private routing, which from what I understand is like some sort of onion routing between simplex servers.
Hosting your own server is also extremely easy, (tho note that running your own server can actually be detrimental to privacy depending on your threat model), supports calls, group chats and all the features I would ever need.
Unfortunately at least for me and my contacts, SimpleX it’s terribly buggy, specially on phone, literally tonight I missed the opportunity to be with a friend because I only saw the message one hour late.
Very often messages just stop being received until the app is restarted, usually I have my friend send me a message via other (centralised) app in order to warn me that he messaged me, I also do the same for him. After restarting the app it usually works fine for a while until it does it again. And needs restarting again.
On top of it, it’s taking more and more time to get the first message when in background even during normal operation, tho I blame Samsung for this one and not Simplex, and understand that Simplex doesn’t use push notifications for improved privacy, but it has become a real problem, what used to take 5 minutes now sometimes takes more than half an hour. Maybe my phone is overloaded, idk.
Calls could be improved too, takes several tries for it to actually work, and it doesn’t help when the other person calls me back and I call them at the same time.
On top of it, the volume of a call seems very quiet compared to a normal phone call and it’s very hard to hear the other person, I’m guessing a simple compressor DSP could fix this.
Unfortunately also has been news of Simplex planning to enshittify the app with cryptocurrency, something that I politically and morally oppose.
Session:
I’ve used it for a month years ago, before I knew about SimpleX, whatever technical merits it may or may not have, (and from what I understand it’s privacy is still below SimpleX) it relies on some cryptocurrency network in the background, so I won’t use it. Self-hosting it also seemed to me no easy task, but I could be wrong.
Jami:
Never got it to work.
Matrix:
I haven’t tried Matrix yet, I think I read long ago that calls aren’t e2ee tho that may have changed now. I also read that Matrix leaks a lot of metadata which can be a problem. Maybe not if you self-host, but self-hosting comes with it’s own privacy problems. Maybe I should research it again and try to self-host it and see how it goes.
So as bad as Signal is, I can’t give you a working alternative, I put all with Simplex despite all the bugs but I don’t think most people are willing to go though it, however if you (and your contacts) have a high end phones maybe it works better. But it’s not something I can recommend.
Matrix very recently has had e2ee calling since at least last april
I don’t host a server currently, so I can’t fully recommend it without knowledge of the backend, but i’m liking the experience as a user
In regards to Signal, this is largely not true. Sealed sender has been signal’s metadata hiding protection for like 6 years or something. The only information signal has is your phone number, your account creation time, and the last time you contacted their servers.
They also have a server implementation on github, so it seems to be open source to me. (I could be missing something though)
You are right though, that it uses centralized servers and requires a phone number, which are sticking points for a lot of people.
Give me ssh access to their centralized server so I can verify this “sealed sender” idea is working.
Otherwise this is a “trust me bro” claim.
This doesn’t really make sense to me, what do you mean? Client-side you do different computation for sealed sender delivery/receipt. What’s your normal standard of trust that a hosted, open source project is running the same code that they’ve made public?
I think if they store any metadata that we don’t know about, the lie runs very very deep, like to conspiracy theory levels that don’t really make sense for a registered nonprofit: https://signal.org/bigbrother/
What’s your normal standard of trust that a hosted, open source project is running the same code that they’ve made public?
Its a centralized service, you have no idea what code they’re running. You can’t host your own.
Also they went a whole year one time without publishing any server code updates until they got a lot of backlash for it. Still, since its centralized, it can’t be trusted to be running what they say they are.
What about Delta Chat?
Delta Chat doesn’t support calls, same with Briar so I haven’t tried them since calls are as important as messages for me.
They do support it (Settings -> Advanced ->enable Debug calls or wait a few days for the latest release). Also chatmail servers provide turn/stun for calls if they couldn’t established as p2p.
Interesting, didn’t know this, nice, may be a gamechanger, but I couldn’t find information on either calls are e2ee or not.
Just looked at Session, and holy shit is that a massive downside…
From their own whitepaper:
Through the integration of a blockchain network, Session adds a financial requirement for anyone wishing to host a server on the network, and thus participate in Session’s message storage and routing architecture.
So you have to pay to self-host, and that’s somehow an upside???
This staking system provides a defence against Sybil attacks by limiting attackers based on the amount of financial resources they have available.
Which is a fine explanation in a world where everyone has a relatively equal amount of wealth. This is the epitome of dunning-kruger economics: a little knowledge is a dangerous thing.
Firstly, the need for attackers to buy or control Session Tokens to run Session Nodes creates a market feedback loop which increases the cost of acquiring sufficient tokens to run large portions of the network. That is, as the attacker buys or acquires more tokens and stakes them, removing them from the circulating supply, the supply of the Session Token is decreased while the demand from the attacker must be sustained. This causes the price of any remaining Session Tokens to increase, creating an increasing price feedback loop which correlates with the scale of the attack
So the more nodes a single entity holds, the harder it becomes for other entities to buy nodes and break the monopoly? Did you take 3 seconds to think this through???
Secondly, the staking system binds an attacker to their stake, meaning if they are found to be performing active attacks, the underlying value of their stake is likely to decline as users lose trust in the protocol, or could be slashed by the network, increasing the sunk cost for the attacker.
“Assuming every user is a perfectly rational actor, malicious actors would be shunned. This is somehow due to the economic incentive, and not just how humans operate when they’re assumed to be perfectly rational.”
Also: malicious actors when they find out they might lose their money if they get caught: “welp, I better not do that then. Thanks laissez-faire capitalism!”
Jesus christ fucked on a pike, these dipshits really drank the crypto kool-aid, huh?
No one can break the encryption, so even though it routes through AWS sometimes it’s still completely E2EE with quantum resistant encryption that not even the feds could break
the only way it can be “hacked” is with phishing
I’ll start by saying that i don’t use signal.
if this is true
There are some concerns that other people in the comments explained. It’s up to you to decide if the trade off is good enough for you. There’s no silver bullet for this.
-what menssaging app should i use for secure communications? i need an app that balances simplicity and security.
Signal is ok. Same as matrix, delta chat, xmpp, simplex. Avoid telegram, messenger, whatsapp, instagram, snapshat, max…
-how to explain it to my friends who use signal because i recomended?
Most people mess up the concepts of anonymity with privacy.
-what this means for other apps in general?
There’s no silver bullet. All the apps have ups and downs. Most people don’t realize that if a state actor (I’m not talking about police but for example NSA, CIA, mossad, mi6) is after you, they will get you. Usually from a side channel, or from some stupid mistake you made years ago.
Did you ask the commenter what the issue was? Seems like the logical place to start.
You’d think so, but sometimes they just angrily rant with no clear point or references.
But that would mean that you shouldnt accept their claim, regardless of how conceivable the claim might appear to be. Otherwise, we loose our minds to common sense.
It was on the leaked palantir screneshot, indicating there are actively exploited zero days? Just a guess.
Those reports do NOT show active zero days in signal. The pieces of spyware talked about in those are capable of reading messages once already having compromised a device which isn’t insane as if you have access to read storage from a device arbitrarily, of course you can just read the messages. If you want to solve this, A: Use GrapheneOS or an iPhone on lockdown mode with data over USB disabled or B: Use Molly with local encryption.
Signal is the best “easy” alternative. And DIY leaves many holes for rookie errors.
Do explain what makes it better than SimpleX Chat?
It’s an easy alternative. It took me a decade to get my friends to download a second app
Would love to use SimpleX too, but the plan fell apart while trying to use it with family. Surprisingly many people fail to grasp the concept of anything other than a phone number, social media profile, or email address. It fell apart among my more tech-savvy friends because we missed calls and had delayed notifications despite SimpleX eating through the battery like no other messaging app.
No doubt, SimpleX is the concept of a messaging app done right and could be better than any other. It’s just the implementation that needs work. But I’d be happy to hear if there’s any optimizations I could try and revisit it.
My contact coulds find me by phone number. I changes my status on WhatsApp and half of the regular contacts decided to use Signal. If I want to use SimpleX I would have to invite them all and just hope they’ll adopt.
I don’t need my phone number to be private. I want my communication to be private.
You deciding to invite your contacts to Signal isn’t really Signal being better though.
Better at connecting with the people in my life, the people that I want to stay in touch with on a regular basis.
You, yes you, scrolling.
Here.
XMPP
I see you.
The problem is it isn’t Telegram, Whatsapp, or some other insecure platform that nefarious actors would rather privacy minded individuals use.
No, privacy minded individuals do not use a platform designed to harvest phone numbers lmfao.
I got around it by registering a new number with phreeli.
granted, this is not something most people can go and do, phone numbers are hard to separate from. however, you might agree that privacy minded individuals are more likely to find that workaround acceptable.
I do like Dessalines post regarding alternatives, I’ll have to do more research.
I moved some chats to Threema and im satisfied… they have family options so paying for one license is for 6 people
I checkedout the SimpleX website and the webdesign looks like “crypto rugpull”
deleted by creator
Something being easy to use has nothing to do with privacy or security. Apple, just like signal, also sold it’s products as secure, yet they also were forwarding all communications to the US government as part of the prism program.
Signal is not a stepping stone, it’s a honey pot. Best to avoid US services that require your identity entirely.
The difference between Apple and Signal is that Signal is open source, making the code available for anyone to audit and verify uts claims.
You have no idea what code their server is running, and its impossible to host your own signal since its a centralized service.
They went a whole year without publishing server code updates also, until they got a lot of backlash for it. Still, even publishing those is moot since its a centralized service.
i agree with everything you said about signal, but i’m uncomfortable with a lot of the alternatives. a cryptographer i follow has written about a couple of these: xmpp, matrix three or four times (linked in the introduction to the post), others
Look at Delta chat.
I saw a good response to the XMPP thing he wrote about I’ll get back to you Rizzler. The “encryption isn’t enabled by default” thing just isn’t true for the clients people actually use, for one.
why are you making a post instead of replying to a comment?
So i can open a discussion on this question (specificaly)
The problem is that you didn’t bring much, and it sounds like you’re trying to spread FUD yourself:
- didn’t quote the original comment
- didn’t elaborate on misinformation and how it could be a problem to signal
- the questions immediately assumed it (whatever it is) is true
Sorry if that’s the case, i’m just shocked to hear this, and i want help to clarify this question.
SimpleX Chat is an actual privacy focused app that’s easy to use and doesn’t harvest your phone number like Signal does https://simplex.chat/
Any concerns around the fact that SimpleX Chat is Made in the UK?
It is also vc backed and they don’t have a direct plan to sustainability
It’s open source, and it’s not tied to a single server the way Signal is. If the original people developing it started doing problematic things, it’s easy to fork. One of the worst parts about Signal is how it’s designed to lock you into using their official app and server making it effectively impossible to have a compatible fork.
