|
Just like WhatsApp, Signal is de facto a closed system, also uses only phone numbers for registration, uses the same encryption, and is also headquartered in the United States of America (USA). Co-founder Matthew Rosenfeld (a.k.a. “Moxie Marlinspike”) resigned as CEO (external) in January 2022 and is (as of 03/2023) only still on the board. Current CEO at Signal is his former WhatsApp co-founder Brian Acton.
At this point extra again the hint: If a wrong or outdated information is found, please let me know! >> Contact <<
Hash values from phone numbers are not a security feature, because phone numbers can be determined from the hash values without any problems (keyword “rainbow table” (external)). Signal also sends a registration SMS to each individual user. In plain text, the number may not be transmitted to Signal, that may be true - but at the latest during registration, it is known and thus they know every number of all users. Even internal phone numbers or secret numbers of companies, authorities and organizations with security tasks (BOS) or women’s shelters that use Signal. This is all fine - of course not!
Tip: For the registration at Signal it is not necessary to enter your actually used mobile number. You can use an extra SIM card with a different mobile number - or an unused landline number (also works with the phone number of a public phone booth!). In this case, the confirmation SMS with the verification code is read out over the phone.
Sources: netzwelt.de (external) / vice.com (external; English)
Critical voices and reactions to Signal Payments:
One can easily take Signal from the Aurora Store or download it directly as APK from the Signal website (external), which then runs quite smoothly on google-free devices.
Alternatively, you can also use Signal forks like Langis, Molly (external) and Signal FOSS (external) via an additional F-Droid repo. Replicas/forks are prohibited from using Signal servers according to Mr. Rosenfeld (Moxie), but perhaps Signal has not yet established a system that actively detects and blocks this. With each fork, there is also the question of whether and how the code for the cryptocurrency was taken out and whether Signal then still allows client access to the quasi-proprietary servers.
Signal itself does not want the original app to be made available via F-Droid.
Source: Github (external)
Signal has always been hailed as the security-conscious alternative to WhatsApp and co. because it’s open source. But the company got “caught” in the fact that the server code that was in use didn’t match the public code for almost a year. Here are the published versions of the server code until (as of) 07/14/2021 from which it can be seen that even in the past many versions (external) were repeatedly not published:
The reason will be the integration of the cryptocurrency (MobileCoin), which is already completely (pre)mined.
But:
Notes on the license (“AGPL”):
The license applies only to anyone who ever uses signal code published under this license. The original authors of the code may change the license at any time. Licenses are generally only the terms of use for everyone else who does not hold the copyright or relevant usage rights to the code itself. See also Contributor License Agreement (CLA) (external). Also unreleased software (in this case parts of the server software that have an update) is their property. Presumably that’s why there are no allowed merge requests from others on GitHub.
Report:
https://androidpolice.com/2021/04/06/it-looks-like-signal-isnt-as-open-source-as-you-thought-it-was-anymore/ (external; English)
Mr. Rosenfeld (“Moxie”) has called OpenSignal a “product” and forbidden them to address the official Signal servers or have anything with Signal in the name:
I’m not OK with LibreSignal using our servers, and I’m not OK with LibreSignal using the name “Signal.” You’re free to use our source code for whatever you would like under the terms of the license, but you’re not entitled to use our name or the service that we run.
If you think running servers is difficult and expensive (you’re right), ask yourself why you feel entitled for us to run them for your product.
In response to the question about the federation of servers:
It is unlikely that we will ever federate with any servers outside of our control again, it makes changes really difficult.
Source: https://github.com/LibreSignal/LibreSignal/issues/37#issuecomment-217211165 (external; Englisch; 05.05.2016)
Encryption includes authentication, because without authentication the best encryption is useless. But Signal has (apparently) a weak one:
_“… Unfortunately, Signal’s default authentication scheme is weak. It is arguably worse than X.509’s CA system as used on the web, which is notoriously bad. It relies on a single CA, which is controlled by Signal who also controls the messaging infrastructure. This places Signal in an optimal position to perform a machine-in-the-middle attack on their users like the one described in GCHQ’s Ghost proposal. But, Signal has rightfully earned a trustworthy reputation. …”
Source: sequioa-pgp.org (external; Englisch)
I understand that PGP and authentication are great and important ideas, but unfortunately they no longer have a place in the modern world. Moxie Marlinspike
Source: searched
Encrypted database
Next time someone asks for “encrypted database because Signal” do give them… > iOS: https://blog.elcomsoft.com/2019/08/how-to-extract-and-decrypt-signal-conversation-history-from-the-iphone/ (external) > Android: https://www.cellebrite.com/en/blog/cellebrites-new-solution-for-decrypting-the-signal-app/ (external)
Secure data recovery
Also the “secure value recovery (SVR)” this is in the criticism: blog.cryptographyengineering.com
here are no German terms of use and no German privacy policy. Do the English version have legal validity in Germany? Regardless, Signal writes in the introductory words to the GDPR (external):
In Signal messages and calls cannot be viewed by us, or by third parties, as they are always end-to-end encrypted, private to us secure.
“are secure to us” is not a typo on my part - it’s not content that’s interesting here, but the metadata that accumulates (security =/= privacy).
And in the “Terms of Service” of the further:
Additional technical information is stored on our servers, including randomly generated authentication tokens, keys, push tokens, and other material that is necessary to establish calls and transmit messages.
… which keys are actually stored there?
In the “Privacy Policy” it is explicitly (but unnecessarily) pointed out that the phone number, the profile name and the profile picture are of course always end-to-end encrypted - but what was that again with the metadata in central systems?!
Apparently Google automatically gets that you use Signal:
PING contentproxy.signal.org (107.178.250.75) = Google
Sieht man auch gut so:
$ host contentproxy.signal.org
contentproxy.signal.org has address 107.178.250.75
$ host 107.178.250.75
75.250.178.107.in-addr.arpa domain name pointer 75.250.178.107.bc.googleusercontent.com.
Warum Signal auf Amazon Servern (AWS) läuft -dieser Part aber bei Google- erschließt sich nicht so ohne Weiteres. Vielleicht wollen sie nicht, dass AWS alle Zugriffsdaten abgreifen und korrelieren kann oder vielleicht sollen die “Verkehrsdaten” und die “Metadaten” nicht beim selben Dienstleister und getrennt voneinander sein?
Bei https://signal.org/blog/looking-back-on-the-front/ (extern) wird zumindest erklärt, warum keine eigenen Signal Server genutzt werden.
Das Sicherheitsmodell in Bezug auf Metadaten läßt sich verkürzt mit „vertraue dem zentralen Betreiber“ beschreiben, denn „The ecosystem is moving“ …
From Moxie (co-founder and CEO), building on an execution from 2016, there is a talk from 12/28/2019 with the topic “the ecosystem is moving” at the Chaos Computer Club (“CCC”). Here, advantages/disadvantages of centralized and decentralized systems are discussed. Of course, Signal is touted here as the solution.
However, the argumentation of Signal’s CEO for his product is controversial and often overrated. Many arguments listed there are true, but the “value of freedom” is ignored. In the end, (many) are not only concerned with technical security, but rather with future security.
Here are various sources/information on “The ecosystem is moving” (all English):
10.05.2016: Article Matthew Rosenfeld (alias Moxie Marlinspike) (external)
30.11.2016: Objections Daniel Gultsch (external)
28.12.2019: Lecture Matthew Rosenfeld (alias Moxie Marlinspike) (external; deleted)
Note: The talk is also no longer available at berlin-ak.ftp.media.ccc.de (external; deleted) - it can currently nevertheless be found In Youtube (external).
Dec 29, 2019: Reason Matthew Rosenfeld (aka Moxie Marlinspike) for taking the video offline:
I had asked for it not to be recorded (which is what I’ve been doing with talks for the past 5yrs or so). Seems like there was some confusion, and it was recorded/published, then removed. … I just prefer to present something as part of a conversation that’s happening in a place, rather than a webinar that I’m broadcasting forever to the world. I have less faith in the internet as a place where a conversation can happen, and the timelessness of it decontextualizes.
Quelle: https://nitter.net/moxie/status/1211443530335281153 (extern)
29.12.2019: Opinion from Jabber(XMPP) (external)
02.01.2020: Opinion from Matrix (external)
HOWEVER: all of this completely ignores one critical thing - the value of freedom. Freedom to select which server to use. Freedom to run your own server (perhaps invisibly in your app, in a P2P world). Freedom to pick which country your server runs in. Freedom to select how much metadata and history to keep. Freedom to choose which apps to use - while still having the freedom to talk to anyone you like (without them necessarily installing yet another app). Freedom to connect your own functionality - bots, bridges, integrations etc. Freedom to select which identifiers (if any) to use to register your account. Freedom to extend the protocol. Freedom to write your own client, or build whole new as-yet-unimagined systems on top.
It’s true that if you’re writing a messaging app optimised for privacy at any cost, Moxie’s approach is one way to do it. However, this ends up being a perversely closed world - a closed network, where unofficial clients are banned, with no platform to build on, no open standards, and you end up thoroughly putting all your eggs in one basket, trusting past, present & future Signal to retain its values, stay up and somehow dodge compromise & censorship… despite probably being the single highest value attack target on the ‘net.
Quite simply, that isn’t a world I want to live in.
We owe the entire success of the Internet (let alone the Web) to openness, interoperability and decentralisation. To declare that openness, interoperability and decentralisation is ‘too hard’ and not worth the effort when building a messaging solution is to throw away all the potential of the vibrancy, creativity and innovation that comes from an open network. Sure, you may end up with a super-private messaging app - but one that starts to smell alarmingly like a walled garden like Facebook’s Internet.org initiative, or an AOL keyword, or Google’s AMP.
So, we continue to gladly take up Moxie’s challenge to prove him wrong - to show that it’s both possible and imperative to create an open decentralised messaging platform which (if you use reputable apps and servers) can be as secure and metadata-protecting as Signal… and indeed more so, given you can run your server off the grid, and don’t need to register with a phone number, and in future may not even need a server at all.
Here are the headlines from a lengthy commentary “7 valid reasons why you should never trust Signal over the air, either“
Source: Comment in Heise-Forum (external)
Source: https://webbkoll.dataskydd.net/de/results?url=http%3A%2F%2Fsignal.org (external)
Signal as a messenger is certainly “safe” - however, one is dependent on a single provider.