Meredith Whittaker reaffirms that Signal would leave UK if forced by privacy bill::Meredith Whittaker, the president of the Signal Foundation, the organization that maintains the Signal messaging app, spoke about the U.K.'s controversial new privacy bill at TC Disrupt 2023.

  • @[email protected]
    link
    fedilink
    English
    21
    edit-2
    1 year ago

    Just to be clear, the referenced keys are not for your conversations, but for your contacts, groups, settings, and profile: https://signal.org/blog/secure-value-recovery/ Your conversations are fully e2ee and those keys are stored only on your devices.

    Also the “disable your pin” advice you’ve been given is misleading. You should not disable your pin; instead, you should use a secure alphanumeric pin. Disabling your PIN means you cannot enable Registration Lock, which makes you vulnerable to account hijacking attacks, e.g., by SMS interception or simjacking.

    • @[email protected]
      link
      fedilink
      English
      61 year ago

      Oh. Well yea, the keys not relating to my conversations does flip everything on its head again. So back on its feet?

      Are there other keys for your conversations in signal?

      Do you use signal?

      • @[email protected]
        link
        fedilink
        English
        71 year ago

        I do, yes. Signal’s not perfect, but it’s very good, especially for everyday conversations. Compared to comparable secure alternatives, it’s more user friendly and in many cases it’s more consistently secured (specifically thinking of Matrix here).

        There are keys for your conversations on every device you have linked to Signal, but not on the Signal servers. Each device gets its own set of keys, which are discarded and updated with new derived keys as you send and receives messages. Your phone is the one in charge of handing the initial keys out to other devices and in charge of revoking them. The server has a message queue for each device, but not the keys. (The messages are deleted from the queue after being delivered to the device or after 30 days, at which point that device is unlinked.)

        I also found this article that discusses the data that ends up getting stored on Signal’s servers.

        One big vulnerability for Signal is that it trusts your local machine too much, especially on Desktop but also, to an extent, on mobile. If you have malware on your system, if you don’t encrypt your drives, or if someone is able to guess your password, then someone can get full access to your conversation history. On desktop, the database with all your conversations is stored in an encrypted database, but the key to decrypt the database is stored in plaintext. That key could be secured in the system keychain, which would make it resistant to being read by malware, but it isn’t. It could be encrypted locally with a user-provided PIN or password… but it isn’t. And I have seen enough of people struggling to contribute code to Signal that I suspect if someone contributed a PR to fix that, it wouldn’t get merged.

        That all said, if someone stole your laptop, even if they got access to past conversations you can cut them off from future conversations by unlinking the device from your phone. And if someone cloned your Signal data and tried to connect as you, then it would be pretty obvious that something was going on when you logged in on your own laptop, since it would get very glitchy, and as soon as you unlinked and re-linked it would cut off the attacker’s access.

        This whole vulnerability makes Signal’s resistance to a proper, securely encrypted, user-managed cross-platform backup system even more frustrating. It feels, honestly, like security theater. But even so, I prefer the current state over having the backup in Signal’s cloud, regardless of whether SGX is involved; I want to manage my own backup. Like other proponents of a proper backup system, I believe that the user should be in charge of determining if a conversation should be ephemeral, and Signal provides a tool to do that - disappearing messages.

        The other big vulnerability Signal has is not being anonymous, largely thanks to being linked to a phone number. Anyone you chat with has your number, and anyone who has your number can check to see if you’re on Signal (though you can at least disable the latter option). Things like Sealed Sender help protect your identity and the identities of your contacts from outside observers, but they aren’t perfect. This lack of anonymity is the main reason given for not trusting Signal when your threat model involves state surveillance, but as a counterpoint to that - as recently as 2021, Edward Snowden endorsed Signal and said he uses it every day. If Snowden trusts it to secure his conversations, I’m not worried about it for my own.

        • @[email protected]
          link
          fedilink
          English
          41 year ago

          Okay, thanks for taking the time to write all of this down and explain it to me, I feel like I understand signal a lot better now.

          And I feel better knowing that the keys to the conversation are regularly replaced in the app and that there are plenty of steps to take to make it more secure anyway.

          Man, that was a really interesting reply hah, I’ve read through it like three times… I’ll be checking out the links you sent also.