this post was submitted on 07 Oct 2022
25 points (100.0% liked)

Technology

34449 readers
399 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
 

Users of the Signal messaging app got hit by a hacker attack. We analyze what happened and why the attack demonstrates that Signal is reliable.

you are viewing a single comment's thread
view the rest of the comments
[–] linzilla@lemmy.ml 23 points 2 years ago* (last edited 2 years ago) (2 children)

Last October, Signal introduced closed-source server side code that cannot be audited. Not to mention Signal is running on Amazon servers. This year in January, the CEO stepped down from the company he founded. I believe it sends a very strong signal that Signal is not what it is portraying itself...

[–] electric_nan@lemmy.ml 4 points 2 years ago* (last edited 2 years ago) (1 children)

Lots of food for thought there, though I must say I'm not fully convinced, particularly by the alternatives. In my experience matrix and xmpp), there are things that keep me from recommending them to my friends. The writeup mentions client fragmentation, which causes problems with encryption. That is a huge problem in this context. Ease of use is another, which may be dismissed by someone tech savvy, but shouldn't be ignored in the broader context of activist communication.

On that note, self-hosting is a double-edged sword. Are most activists equipped with the knowledge/skills to implement and maintain a hardened secure server? Using somebody else's server requires trust.

Those points in mind, I also think we can't forget threat modeling. For as widespread as Signal is, there haven't been to my knowledge any confirmed reports or leaks indicating its compromise. In contrast, we have court documents that show very little information gained from subpoenas to Signal. My feeling is that Signal is a good option for a lot of people. Phone number identifier is not good, but you can mitigate by registering with another number. If your threat model includes federal agencies, then you should be worried about your device being compromised, in which case it doesn't matter which app you're using. Also, don't carry your phone to actions no matter what app you're using.

Edit: d'oh! Meant this to be a reply to the post below, that links to dessalines' github Signal takedown.

[–] linzilla@lemmy.ml 5 points 2 years ago* (last edited 2 years ago) (1 children)

Fragmentation offers tremendous opportunity to offset the tyranny of some agencies not bound by the rule of law. "Divide and conquer" works in tech too

[–] electric_nan@lemmy.ml 2 points 2 years ago

I'm confused by this statement. On the one hand you seem to say that fragmentation is good. On the other hand 'divide and conquer' suggests the negative consequences of such fragmentation.

[–] jonesv@lemmy.ml 4 points 2 years ago (1 children)

What's that closed-source server side? What does it do? Source?

[–] Sandra@idiomdrottning.org 3 points 2 years ago (1 children)

Here is their own marketing explanation. I remember this, because coincidentally, this was one the first times I heard of Signal. Not a good first impression 💁🏻‍♀️

[–] jonesv@lemmy.ml 2 points 2 years ago (1 children)

The whole point of end-to-end encryption is that you don't have to trust their server: it cannot read your messages. Then for metadata, the question is about what metadata they are receiving at all (if they don't receive it, then you don't care if the server is proprietary) and what they do with it (e.g. for the private contact discovery, the idea is that you can verify that the code receiving your contact list is doing what it should (it's open source), and you can verify that this code is the one running in the secure enclave.

You don't need the whole server to be open source: only the important parts.

[–] Sandra@idiomdrottning.org 3 points 2 years ago

For the purposes of security and encryption, you're right, and that's not why it looked bad.

For someone coming from open protocols like email, XMPP, atom, and Fedi, it was not a good first impression to see their system grown ever more owned-by-them.