i've just seen a comment in a post, in this very community, saying people trust signal because of missinformation (from what i could undertand).
if this is true, then i have a few questions:
-what menssaging app should i use for secure communications? i need an app that balances simplicity and security.
-how to explain it to my friends who use signal because i recomended?
-what this means for other apps in general?
It's fine as long as you don't do something silly like invite a journalist to your top secret government group chat.
Or use a third party client that doesn't have as much scrutiny on the source code and will Leak your message s
man imagine trusting in an israeli signal fork lmao
Would you say Molly is big/trustworthy enough for this to be negligible, or is it a huge risk?
Given what you've said, Signal is still what you want and is good for it.
There are two main issues people have with Signal:
First is that it requires a phone number to sign up. That makes some people who want it to be truly anonymous unhappy. It's not meant to be anonymous, though. It's meant to be private. Those aren't the same thing.
Second is that it runs on AWS. This isn't a problem in the sense that it's possible for it to still retain privacy while running on AWS. Some people don't like it because they view the dependence on the infrastructure of an American company to be a risk to availability. They also believe that it would exacerbate a security flaw if one were found.
Personally, I know these risks and still find it to be the best balance between privacy, security, and ease of use.
The usual conspiracy theory is that Signal is funded by the CIA and therefore a honey pot.
what menssaging app should i use for secure communications? i need an app that balances simplicity and security.
Signal. I can do almost everything that i.e. WhatsApp or Telegram offer, is as easy to use as those and the client is verifiably encrypted and secure.
how to explain it to my friends who use signal because i recomended?
Explain what exactly? Why they should use it?
what this means for other apps in general?
Please clarify the question.
Perfect is the enemy of good. Moving to Signal would be way better than getting analysis paralysis and staying with Whatsapp.
Maybe you should reply to that comment you've mentioned and ask them to explain why they're spreading FUD.
not to shit on you specifically but I see this over and over, folks asking how to be "secure". secure against what?
if you're into this, you need to set up a "threat model" i.e. what are your threat vectors and then you build your defenses against that model. a defense against blanket surveillance doesn't handle targeted threats. a successful defense against your government doesn't preclude other nation-state actors getting at you.
like, if your threat vector is e.g. your SO "inspecting" your phone, you set up a passcode and you're safe against that threat. but, if there's a toddler going around smashing stuff, your defense isn't valid. defense against that vector is placing your phone high up. but that defense isn't effective against SO.
I am sure any messenger recommended here can be successfully red-teamed, be it design flaws, operator error, the famous wrench comic, or whathaveyou. but that doesn't mean it's ineffective in your specific case.
There is none. Theres like 0.1% of people who complain about it who have a valid point.
And those points are always meaningless in light of the alternative's drawbacks.
There is no problem
Signal does have your phone number, which is a problem.
On the other hand, the only information linked to that phone number is, "the person with this phone number uses signal". AFAIK your phone number is not linked to your contacts, your message content, etc.
So in practice, the fact that Signal has your phone number is probably only a problem insofar as you don't want anybody to know that you use Signal.
But to be fair, why have that issue if you don't have to. Signal is actually good, still, but there are even better alternatives.
I have managed to get all my friendship group on signal and we use it daily. While it does have its flaws (mainly being centralised and US based), I try in life to not let perfect be the enemy of good. Until there's a stable and easy to use alternative I can point my friends to, I imagine we'll stay on Signal.
PRODUCT PITCH: Hey everyone, I have a great idea for a secure / private messaging service.
It's hosted in the US, subject to its pervasive spying laws including national security letters.
Also I need all your phone numbers.
Also no you can't host this yourself, I run the only server.
Everyone who uses signal and supports it, is falling for this pitch.
I am under the impression that Signal encrypts metadata so that is useless to sell. The only thing they can turn over to law enforcement after a lawful warrant is the phone number an account was opened with (and maybe the date that happened) and the date of the last time the account was used. That is all.
Signal is alright IMO.
There is no perfect service. Thats why smarter people than me analyze this and talk about it: https://www.messenger-matrix.de/messenger-matrix-en.html
I think deltachat is pretty cool. Decentralised, open source and quite easy to use and setup.For me it is something for friends willing to try out new stuff and as a fallback when signal fails.
Signal is the best "easy" alternative. And DIY leaves many holes for rookie errors.
Did you ask the commenter what the issue was? Seems like the logical place to start.
Like many said, signal is centralised and requires a phone number.
Meaning it's not anonymous and the server owners can technically sell your metadata, not the content of the messages but who talks to who, what time, the length of the chat/call etc.
Either-way having to use a phone number to register an account, for me is not acceptable for several reasons besides privacy and metadata.
On top of that, the server side of signal isn't free software (as in freedom), which means that the whole program requires non-free (as in freedom not beer) network services in order to work. Which isn't acceptable for free software advocates.
Alternatives:
Simplex: If you don't require voice calls there are more options available there are many text messages, but very few support calls, which for me is a critical feature.
In theory Simplex is the best, it's e2ee, quantum resistant, each chat (message queue) is it's own "account", each "account" is just a private key, and you can switch servers with the tap of a bottom, it also supports private routing, which from what I understand is like some sort of onion routing between simplex servers.
Hosting your own server is also extremely easy, (tho note that running your own server can actually be detrimental to privacy depending on your threat model), supports calls, group chats and all the features I would ever need.
Unfortunately at least for me and my contacts, SimpleX it's terribly buggy, specially on phone, literally tonight I missed the opportunity to be with a friend because I only saw the message one hour late.
Very often messages just stop being received until the app is restarted, usually I have my friend send me a message via other (centralised) app in order to warn me that he messaged me, I also do the same for him. After restarting the app it usually works fine for a while until it does it again. And needs restarting again.
On top of it, it's taking more and more time to get the first message when in background even during normal operation, tho I blame Samsung for this one and not Simplex, and understand that Simplex doesn't use push notifications for improved privacy, but it has become a real problem, what used to take 5 minutes now sometimes takes more than half an hour. Maybe my phone is overloaded, idk.
Calls could be improved too, takes several tries for it to actually work, and it doesn't help when the other person calls me back and I call them at the same time.
On top of it, the volume of a call seems very quiet compared to a normal phone call and it's very hard to hear the other person, I'm guessing a simple compressor DSP could fix this.
Unfortunately also has been news of Simplex planning to enshittify the app with cryptocurrency, something that I politically and morally oppose.
Session:
I've used it for a month years ago, before I knew about SimpleX, whatever technical merits it may or may not have, (and from what I understand it's privacy is still below SimpleX) it relies on some cryptocurrency network in the background, so I won't use it. Self-hosting it also seemed to me no easy task, but I could be wrong.
Jami:
Never got it to work.
Matrix:
I haven't tried Matrix yet, I think I read long ago that calls aren't e2ee tho that may have changed now. I also read that Matrix leaks a lot of metadata which can be a problem. Maybe not if you self-host, but self-hosting comes with it's own privacy problems. Maybe I should research it again and try to self-host it and see how it goes.
So as bad as Signal is, I can't give you a working alternative, I put all with Simplex despite all the bugs but I don't think most people are willing to go though it, however if you (and your contacts) have a high end phones maybe it works better. But it's not something I can recommend.
Just looked at Session, and holy shit is that a massive downside...
From their own whitepaper:
Through the integration of a blockchain network, Session adds a financial requirement for anyone wishing to host a server on the network, and thus participate in Session’s message storage and routing architecture.
So you have to pay to self-host, and that's somehow an upside???
This staking system provides a defence against Sybil attacks by limiting attackers based on the amount of financial resources they have available.
Which is a fine explanation in a world where everyone has a relatively equal amount of wealth. This is the epitome of dunning-kruger economics: a little knowledge is a dangerous thing.
Firstly, the need for attackers to buy or control Session Tokens to run Session Nodes creates a market feedback loop which increases the cost of acquiring sufficient tokens to run large portions of the network. That is, as the attacker buys or acquires more tokens and stakes them, removing them from the circulating supply, the supply of the Session Token is decreased while the demand from the attacker must be sustained. This causes the price of any remaining Session Tokens to increase, creating an increasing price feedback loop which correlates with the scale of the attack
So the more nodes a single entity holds, the harder it becomes for other entities to buy nodes and break the monopoly? Did you take 3 seconds to think this through???
Secondly, the staking system binds an attacker to their stake, meaning if they are found to be performing active attacks, the underlying value of their stake is likely to decline as users lose trust in the protocol, or could be slashed by the network, increasing the sunk cost for the attacker.
"Assuming every user is a perfectly rational actor, malicious actors would be shunned. This is somehow due to the economic incentive, and not just how humans operate when they're assumed to be perfectly rational."
Also: malicious actors when they find out they might lose their money if they get caught: "welp, I better not do that then. Thanks laissez-faire capitalism!"
Jesus christ fucked on a pike, these dipshits really drank the crypto kool-aid, huh?
i agree with everything you said about signal, but i'm uncomfortable with a lot of the alternatives. a cryptographer i follow has written about a couple of these: xmpp, matrix three or four times (linked in the introduction to the post), others
i'm concerned that they require phone numbers and host on AWS, and don't have a clear monetization scheme. but for now it seems reasonably secure.
The signal protocol is end-to-end encrypted, not even signal themselves knows what is being sent to what.
https://en.wikipedia.org/wiki/Signal_%28software%29?wprov=sfla1
This is long, but answers your questions: Why Not Signal?
-how to explain it to my friends who use signal because i recomended?
Okay it doesn’t answer that one. But also, whether they should use Signal or not depends on their threat models. Many people don’t see the US police state as a threat.
I'm put off by the centralized server. I'd want to self host without having to build a special client, something like nextcloud. That the company chose to prevent that gives me a bad impression. So I haven't been using it so far.
I've played with GNU Jami a little but it was flaky when I tried it last year. Maybe it's better now.
You can't have it both ways. It's hard enough to get people to switch to signal, or least also use it next to other messengers. Now imagine they'd have to connect to multiple servers to talk to multiple people. Possibly everyone connection details. Even if that's done in the background, you have to somehow get the connection registered once, discovered if you will.
Anything and everything you send through their server is end-to-end encrypted. Some people hate on the phone number being required to create an account, but it's also the reason it works at all: anyone in your contacts who also has signal you can talk to. Phone numbers are an international standard. If course this also has downsides...
Finally what you're asking for exists. NextCloud has "talk". Which is essentially a messenger app, it's built in. Go use it. I have a NextCloud instance and I don't use it either. What's the point of having an app I can only use to talk with people so close to me that they're in my NextCloud with an account already?
No one can break the encryption, so even though it routes through AWS sometimes it's still completely E2EE with quantum resistant encryption that not even the feds could break
the only way it can be "hacked" is with phishing
SimpleX Chat is an actual privacy focused app that's easy to use and doesn't harvest your phone number like Signal does https://simplex.chat/
Using phone numbers is the only real criticism imo any service that uses phone numbers is fundamentally compromised.
Nothing, it's good. There's FUD to get you not robust it
There was one instance of the white house using signal on the down low to evade records retention and then got caught because they accidentally invited a journalist to the houthi bombing group chat, bit that's a user error
And they didn’t use a trusted Signal app, it was an Israeli clone app IIRC
I'll start by saying that i don't use signal.
if this is true
There are some concerns that other people in the comments explained. It's up to you to decide if the trade off is good enough for you. There's no silver bullet for this.
-what menssaging app should i use for secure communications? i need an app that balances simplicity and security.
Signal is ok. Same as matrix, delta chat, xmpp, simplex. Avoid telegram, messenger, whatsapp, instagram, snapshat, max...
-how to explain it to my friends who use signal because i recomended?
Most people mess up the concepts of anonymity with privacy.
-what this means for other apps in general?
There's no silver bullet. All the apps have ups and downs. Most people don't realize that if a state actor (I'm not talking about police but for example NSA, CIA, mossad, mi6) is after you, they will get you. Usually from a side channel, or from some stupid mistake you made years ago.
Signal is great, but it is centralized. Session messenger is a great example of decentralizes e2ee messaging.
It was on the leaked Paragon Solutions selfie (containing the Graphite surveillance tool), indicating there are actively exploited zero days? Just a guess.
Edit: https://open.substack.com/pub/ahmedeldin/p/the-israeli-spyware-firm-that-accidentally
Those reports do NOT show active zero days in signal. The pieces of spyware talked about in those are capable of reading messages once already having compromised a device which isn't insane as if you have access to read storage from a device arbitrarily, of course you can just read the messages. If you want to solve this, A: Use GrapheneOS or an iPhone on lockdown mode with data over USB disabled or B: Use Molly with local encryption.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)