this post was submitted on 05 Dec 2024
490 points (98.8% liked)

Technology

60052 readers
2814 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] jagged_circle@feddit.nl 1 points 2 weeks ago (1 children)

Even the US let's us use encrypted messaging apps

[–] UnderpantsWeevil@lemmy.world 2 points 2 weeks ago (1 children)

The PRISM leak demonstrated how much that's worth

[–] jagged_circle@feddit.nl 2 points 2 weeks ago (1 children)

Yes. Specifically the top secret slide that listed Signal and Tor as being "disastrous" to their dragnet surveillance systems

[–] UnderpantsWeevil@lemmy.world 3 points 2 weeks ago (1 children)

And I'm sure in the intervening ten years they haven't done anything about that

https://blog.dijit.sh/i-don-t-trust-signal/

Signal is not open source

Why would I say something so provably untrue? “Of course signal is open source, it’s on f-droid! (it’s not, actually1); there are even sources on github!” … I can already hear it coming.

How is it then dear reader, that they developed MobileCoin integrations for over a year without anyone knowing?

That would be because, they stopped updating sources. We can be reasonably sure that private & unpublished code was in production, otherwise they left some security vulnerabilities unpatched for a long time2. This throws into question the entire nature of what they consider “open source” to mean, they are clearly comfortable deploying non-public software.

It’s also vanishingly small amounts of people who will use the from-FOSS versions of the client, nearly everyone will be downloading it from Google Play or Apple’s App Store; and they have a long way to go when it comes to verified builds which seems to work when you google it and there’s a page; but in reality if you read the page you’d realise is not possible.

Which gives a false appearance in my opinion, and that is a large part of my issue honestly; that there is a surface level of “everything is by the book” but underlying it all is: nothing, really. Signal doesn’t give you any option to verify their claims

If I were in a situation to be signal, if there was a competing implementation that I could point my clients to (similar to how headscale is an implementation of tailscale’s control server); I’d certainly be a lot more comfortable, since then I could be in a situation where I can see all traffic to my server and jail/inspect all traffic coming from the binary distributed Signal client; thus it would allow for independent verification of the binary distributions delivered via Play or the iOS App Store.

As it stands the whole thing is built on trust and people believe that someone else will do the hard part of reverse engineering every version.

Which I don’t have to tell you is significantly more effort, requires much more advanced skills and might not even yield results even if there were concerning items yet to be discovered.

“Moxie says you can run your own server though!”3; I’d like to see where I can change the endpoint in the signal app that’s distributed via Play or App Store; my claim is purely that I can’t verify those and that few enough people run the custom compiled versions to be meaningful. If I was to be smart and want to hide a back door I’d only need one side of every conversation. – please note though, I’m not saying they do this, I’m just saying that they could do this and the only thing that says they don’t is “trust me”.

[–] laurelraven@lemmy.zip 1 points 2 weeks ago

That sounds pretty bad, but 1) the article is 3 and a half years old (not that big of a deal really, but an update on the current status would be useful at this point), and 2) I see plenty of commits to all five of their pubic facing repos.

I'm not saying they're wrong...I'm not going to presume to understand it better than them... But I'm not seeing how that translates to them hiding things from public view, or if they were that they're still doing so. If you're aware of something I'm missing there, I'm very much interested in hearing about it.

But yes, trust should not be implicit, it should be verified.