Hello Everyone,
This is something I’ve been thinking about in the wake of many users joining Signal, due to WhatsApp’s new privacy policy changes.
When it comes to the mobile client (in case of Android), we could verify its integrity by checking the source code & the APK’s integrity using reproducible builds (https://signal.org/blog/reproducible-android/).
When it comes to the server, it is possible that it could get compromised in many ways.
My question is, when it comes to privacy & security, does the server integrity matter if we are reasonably sure the client isn’t compromised in any way or doesn’t transmit anything that the server could access in a meaningful way.
And, this could apply to any service that has both FOSS client & server or just FOSS client.
Well, this is the story the Signal developers are promoting it: “even if our servers are compromised it wouldn’t matter”. But this is their framing and one that IMHO shifts your focus in the wrong direction.
Because according to all that is publicly known, it is pretty safe to assume that both servers and developers of Signal are already compromised by the CIA / NSA for years. Thus it is better to look at it from that perspective.
So for example, reproducible builds are nice in theory, but since they more or less prevent there to be actual widely used 3rd party builds and alternative distribution channels, it is trivial for Signal (in cooperation with Google) to secretly put a modified version on specific phones. Their official argument is that it is better to have a single point of failure (The Signal developers), then multiple 3rd parties that could get compromised. But IMHO since it can be assumed that they are already compromised to some extend, then I personally would rather trust a 3rd party with compiling and distributing the app.
There is also no way to know if the code that runs on the Signal servers is the same that they published and so far there seem to be no alternative Signal based servers, thus some of the arguments mentioned in this thread that the Signal Foundation can’t lock you is again only (and only maybe) true in theory.
But I agree that it is unlikely that Signal will ever be sold to an ad company if that is your main concern. However my main concern is that journalists and wistlebowers etc. should have secure communication channels and be able to communicate hidden in a mass of normal users and without specialized technical knowledge necessary. Looking at it from that perspective, Signal raises multiple red-flags which is especially concerning since it is marketed and recommended especially to this vulnerable group of users.
But, we could install a version of signal client that’s not compromised, which sends as little as possible, encrypted. So, a compromised server could deny the requests, because the client was modified or it couldn’t work with the encrypted content the way it expected. This would automatically raise red flags, because the app doesn’t work anymore. Has something like this happened?
And for the deploying modified versions to targeted devices. I know it’s possible through orders or compromised server, but has it happened? If so, any sources regarding that.
That really doesn’t matter, because a compromised server could get hoard a lot of info even assuming the message content is secure. I forget what video it was, but it was emphasizing linkability, what the western security orgs care about more than content, is linking your accounts to create a digital footprint.
Signal has everyone’s phone number (its mandatory), and connections between accounts (timestamped messages with sender and recipient info). You can pretty much link a phone number to your identity, your name and address, credit cards, so a compromised signal server is a centralized place with everyone’s social connections, message activity, names, and addresses.
But, signal has the concept of sealed sender (https://signal.org/blog/sealed-sender/), where signal doesn’t know who is sending the messages.
This is when the government asked for data from Signal, “The only Signal user data we have, and the only data the US government obtained as a result, was the date of account creation and the date of last use – not user messages, groups, contacts, profile information, or anything else.” (https://signal.org/blog/looking-back-as-the-world-moves-forward/)
With my phone number, they could tie it to other services, but not with the contacts in Signal itself.
This is something related to how groups are secured - https://signal.org/blog/signal-private-group-system/
Sealed sender does nothing against timing correlation. It’s really trivial correlate traffic over TCP connections and find out which pairs of IP addresses are communicating with each other.
Unsurprisingly, it’s ineffective against users that exchange messages very rarely and effective with users texting every day.
Signal does nothing to mitigate this problem.
