Most active commenters
  • FourthProtocol(6)
  • tptacek(4)

←back to thread

It looks like Signal isn't as open source as you thought it was anymore

(www.androidpolice.com)
242 points raybb | 12 comments | 06 Apr 21 18:04 UTC | HN request time: 0.236s | source | bottom
Show context
BugsJustFindMe ◴[06 Apr 21 21:12 UTC] No.26717442[source]
> While communication is guaranteed to be secure due to the end-to-end encryption implemented in the open-source client apps and the Signal protocol

So the client is open source and guarantees end-to-end encryption regardless of what the server does. Ok, then I honestly don't care. Why should I?

I use Signal for its safety characteristics, which as stated are apparently ensured by the client regardless of what the server does, not because of the server, and I continue to agree with Moxie that federation is a white whale that doesn't solve any regular person problems.

replies(5): >>26717530 #>>26717721 #>>26718332 #>>26718385 #>>26719831 #
DavidSJ ◴[06 Apr 21 21:41 UTC] No.26717721[source]
A few problems with this:

1) Much (most?) of the time, participants don't get to verify their safety numbers, and in those cases you are at least trusting the server to deliver your messages to the right client. There's a potential vector for man-in-the-middle attack (witting or unwitting) on the server side which shouldn't be dismissed here just because users are "supposed to" verify safety numbers.

2) Their behavior regarding server software might be predictive of their behavior regarding client software in the future. Given network effects, it might not be so easy to leave the Signal ecosystem in the future if your social network is on it, so it's worth knowing right now that it's possible that in the future the client software will also be closed-source.

replies(1): >>26717888 #
FourthProtocol ◴[06 Apr 21 21:57 UTC] No.26717888[source]
"..trusting the server to deliver your messages to the right client."

This is where I feel a little unsure about Signal. It wants access to my contacts, and so it is possible to poison my contacts to get a rogue recipient into Signal. I would like a Signal in which I have the option to manually add contacts. Ideally a hash or key exchange or something, maybe a la PGP...

replies(1): >>26718358 #
1. tptacek ◴[06 Apr 21 22:48 UTC] No.26718358[source]
PGP has one of the worst metadata stories in all of secure messaging.
replies(2): >>26722270 #>>26726414 #
2. FourthProtocol ◴[07 Apr 21 09:24 UTC] No.26722270[source]
True but not quite my point.
3. grep_name ◴[07 Apr 21 15:35 UTC] No.26726414[source]
Can you elaborate what you mean by this?
replies(1): >>26727206 #
4. FourthProtocol ◴[07 Apr 21 16:29 UTC] No.26727206[source]
He means that key exchange is frought with trust issues online. An exchange in meat-space is (can be!) 100% reliable, but doesn't scale. PGP is a posterchild for the impracticality of public key crypto.

The UK actually made it work in conjunction with identity federation through the Government Gateway, but then the Government Digital Service got hold of it and destroyed any chances of moving it forward.

Having seen it work I believe PKI can be practical at scale. And this is why I'd hoped a chat app might break some ground here.

replies(2): >>26727785 #>>26744362 #
5. tptacek ◴[07 Apr 21 17:13 UTC] No.26727785{3}[source]
No, this is not at all what I mean.
replies(1): >>26727949 #
6. FourthProtocol ◴[07 Apr 21 17:25 UTC] No.26727949{4}[source]
Then pray tell good sir.
replies(1): >>26728242 #
7. tptacek ◴[07 Apr 21 17:45 UTC] No.26728242{5}[source]
Metadata problems in messaging systems are about what data about the communication leaks.
replies(1): >>26729970 #
8. FourthProtocol ◴[07 Apr 21 19:35 UTC] No.26729970{6}[source]
Sorry, I suspect I'm missing something obvious. You specifically said PGP, which is an encryption program that provides cryptographic privacy and authentication for data communication.

And above you're saying it's about meta data problems in messaging systems. What is PGP's bad meta data story you were referring to?

replies(2): >>26730095 #>>26733221 #
9. tptacek ◴[07 Apr 21 19:45 UTC] No.26730095{7}[source]
We're into the weeds here on this thread but the search bar below will avail.
10. akerl_ ◴[07 Apr 21 23:59 UTC] No.26733221{7}[source]
A quick entry point might be found here: https://crypto.stackexchange.com/questions/42247/are-the-met...

Essentially, for most PGP workflows, PGP encrypts the body of the message but the entirety of the metadata (things like sender, recipient, subject line, basically anything you’d think of as “metadata”) are fully unencrypted.

replies(1): >>26783732 #
11. IncRnd ◴[08 Apr 21 22:00 UTC] No.26744362{3}[source]
> Having seen it work I believe PKI can be practical at scale. And this is why I'd hoped a chat app might break some ground here.

If you believe that this webpage was delivered securely to your computer, then PKI might be practical. Of course, there are a few implementation details with that PKI.

12. FourthProtocol ◴[12 Apr 21 19:10 UTC] No.26783732{8}[source]
This is not a problem with PGP. This is a problem with an application of PGP.