this post was submitted on 17 Sep 2023
129 points (82.1% liked)

Privacy

31934 readers
781 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] u_tamtam@programming.dev 61 points 1 year ago (30 children)

A truly better signal is one that's not using a centralized service.

[–] CaptainAlchemy@lemmy.one 32 points 1 year ago (3 children)

I don't see an issue as signal is designed not to trust the server. Signal also uses sealed sender and Perfect Forward Secrecy, which is something almost all e2ee messengers lack. What it means in practice is signal leaks very little if any metadata, if you leak metadata you give away details about who your talking to and for how long, etc. Examples might include talking with a suicide hotline, or a doctor, maybe a customer service agent at a company and for how long. Those details will give a lot away about you, even if the messages or calls themselves are encrypted. Matrix is not recommended for communication because it fails to properly hide metadata and actively trusts the servers. When you make a call on signal, as long as both users have "Always Relay Calls" set to disabled, your calls will be peer to peer instead of trusting a central server to facilitate the connection and trusting a middle man. What this means is since the connection is peer to peer you can leak your IP address to the user you're talking to, however a VPN fixes this issue.

[–] u_tamtam@programming.dev 12 points 1 year ago (3 children)

Thanks for taking the time to reply. There are multiple issues with centralization.

  • A prime one is that the entity that you (have no choice but to) trust today will eventually turn against you at some point down the road. In the case of Signal, the writing is on the wall already: using a 3rd party client is against Signal's ToS, and Signal has been seen pushing controversial features like crypto payments that, as a user of their captive ecosystem, you have no choice but to engage with.

  • Signal is an entity that's incorporated in a jurisdiction and might be compelled by law not to provide service for certain users, or to degrade its encryption to comply with the local regulator. Using a centralized service like Signal makes you an easily identifiable/prime target in such a scenario.

  • No matter what Signal says, nobody but themselves can verify what code runs on their servers, and what amount of logging/data processing goes there. Because every account checks in through them, because every message is routed through them, there is no technical barrier to knowing who's who, who's talking to whom and when, with the nature of the communication (text, video, image, …) from which a lot can be inferred. As far as I understand the American law, any agency could tap into that, either directly, or via Amazon on which the whole thing is running. I am not paranoid enough to believe that 3 letter agencies belong to one's typical threat model, but with SGX contact discovery from phone number and sealed senders, Signal kindah panders to those? Either way, those are unverifiable mitigations to problems that decentralized systems do not have.

I could go on and on, but the first one is the main one IMO: we are past the need to trust anybody with our instant messaging and put a fundamental aspect of our lives at the mercy of (geo)political and societal woes. That's practically a solved problem in the opensource world, and we can make it ethical and sustainable by just opting out of the dominative model of monopolistic and centralized systems.

[–] CaptainAlchemy@lemmy.one 4 points 1 year ago* (last edited 1 year ago) (1 children)

A prime one is that the entity that you (have no choice but to) trust today will eventually turn against you at some point down the road.

  • How does that change with federation, you always trust someone. Why should I trust the shady person running software on their basement, even if you self host, you are trusting the developers not to ship bad or poorly written code.

using a 3rd party client is against Signal's ToS

As far as it being against signals tos, molly exists and had not received any problems from the signal foundation to my knowledge, discord has the same clause and they don't seem to give a rats ass. Sure they could enforce it but they don't, and personally with how matrix clients are handled they have mixed security, fluffychat has security issues ranging from outdated SDK versions to quite literally ddosing homeservers because of a non-existent rate limit.

pushing controversial features like crypto payments

The crypto stuff wasn't great but you know what's cool? You don't have to use it. Simple as that. You don't have to engage with it and you and I both know that. It's buried in settings and you have to find it yourself.

Signal is an entity that's incorporated in a jurisdiction and might be compelled by law or to degrade its encryption to comply with the local regulator.

  • I've always used integrity as a metric as to how trustworthy a service is, and in terms of signals e2ee, they've never lied about it, it's been proven in court multiple times not having any data on their users, no government can compel anyone or any company for things they don't have. Signal had everything to lose by lying about their encryption and nothing to gain, so why would they? Why would any company take a huge chance at a death blow just because? Signal is a non profit so they don't have any incentive to degrade it, they would be dead tomorrow if they got caught.

Using a centralized service like Signal makes you an easily identifiable/prime target in such a scenario.

Signal is not an anonymity tool, and has never been advertised as such, if you need anonymity, signal is not a good choice. You can make it more anonymous by using a burner phone but that's a different topic.

No matter what Signal says, nobody but themselves can verify what code runs on their servers

  • You can't really confirm what any software can or cannot do, even if it runs on your system. Open source software is bound to the same principals of code, it will do exactly what you tell it to do, even if it is not intended (a 0-day, bug, etc.). Thousands of people constantly are monitoring the Linux kernel and it is still found to have tons of 0 days baked in due to it running a fuck ton on ring zero. You can't just inspect code and know exactly what it's doing, unless it's a hello world program it gets quite complicated. Verified safety numbers also make sure that no man-in-the-middle attacks can take place, making conversations even more trustworthy and still not trusting any server.

As far as I understand the American law, any agency could tap into that, either directly, or via Amazon on which the whole thing is running.

If everything is encrypted, what could Amazon tap? You do realize sealed sender and PFS take away any trust from the server correct? It's all encrypted, your aren't trusting the server at all, it's completely trust-less, and unless you think Amazon or governments can at this very moment tap any encrypted data and decrypt it, I would recommend taking a walk outside and realize that no one, NO ONE can decrypt current encrypted standards.

Unless you can point me to a reputable article showing in great detail that signal is lying about their e2ee claims then I'll rest my case. Signal has been proven time and time again to not have any data on their users except the minimum required for the service to work, that's called integrity.

Also there will always be someone you trust on the internet, nothing will change that unless we completely rethink how the internet works.

Edit: added quotes Edit 2: added extra info

load more comments (1 replies)
load more comments (2 replies)
load more comments (2 replies)
[–] gibson@sopuli.xyz 24 points 1 year ago (2 children)

Yes and no. decentralization is great for a lot of reasons but it does come with downsides. I don't know about you, but i convinced my family and friends to use and keep Signal for years now and i don't think i would have had such luck with Matrix/Element, let alone a p2p app.

I'm glad decentralized options exist and think they deserve more funding and love, however.

[–] msage@programming.dev 3 points 1 year ago

My family uses Matrix, and if some don't, I don't talk to them online.

[–] u_tamtam@programming.dev 3 points 1 year ago

I managed to convince my family to use XMPP. Since about 2015. It's been great, and apparently is getting better since more are joining :)

load more comments (28 replies)
[–] jet@hackertalks.com 45 points 1 year ago (18 children)

Yes. You're right. When you make a post you probably should give a body to it rather than just a link to a project. Why do you think it's a better signal? Otherwise people aren't going to find it super useful

load more comments (18 replies)
[–] eruchitanda@lemmy.world 23 points 1 year ago

Molly added multi-device support, including secondary *Android* devices - phones, tablets, etc.

[–] 01189998819991197253@infosec.pub 19 points 1 year ago (1 children)

I don't understand. What makes Molly more trustworthy than Signal, if they both use the same central sever? The website doesn't really provide much data.

[–] possiblylinux127@lemmy.zip 8 points 1 year ago

It has a completely Foss option and reenables pin codes

It also has a F-droid repo which makes it much easier for me to use

[–] AllNewTypeFace@leminal.space 19 points 1 year ago (4 children)

Now if someone could make a desktop app (perhaps using Qt or some similar cross-platform toolkit) that isn’t Electron bloatware, for all the people who don’t have a few spare CPU cores and gigabytes of RAM to spend on a messaging client.

[–] possiblylinux127@lemmy.zip 4 points 1 year ago

You got to be careful as signal as sent S&D letters

[–] 10EXP@sh.itjust.works 3 points 1 year ago

There’s Flare, a Signal client written in GTK4. It still has some features missing iirc, check their wiki for that.

load more comments (2 replies)
[–] Decentralizr@lemmy.world 7 points 1 year ago

This is actually more than welcome. I never understood why you could have your signal on your phone and ipad, but not on two phones. Applaud molly to do so!

[–] LiveLGNProsper@lemmy.world 7 points 1 year ago (13 children)

What is the difference between regular signal app I am on iOS so doesn’t matter just curious?

[–] CaptainAlchemy@lemmy.one 12 points 1 year ago (2 children)

Molly is only available on Android, as far as differences it is a hardened fork of signal with an encrypted database, what that means in practice is even if someone was actively probing your phone to try to gain access to messages they wouldn't be able to due to the encryption. It's very useful if you are an active target or you don't trust your phone os to play nice. I personally use it myself and really like it but in general it's not terribly different.

[–] skullgiver@popplesburger.hilciferous.nl 5 points 1 year ago* (last edited 11 months ago) (1 children)

[This comment has been deleted by an automated system]

[–] CaptainAlchemy@lemmy.one 2 points 1 year ago* (last edited 1 year ago) (1 children)

It's only encrypted in a BFU state, (before first unlock). Police can probe your phone for data using a tool by cellebrite without root. GrapheneOS includes a auto rebooting feature to place it back in a BFU state but other phones will lack this feature. Using Molly's database lock allows you to not trust the OS itself by encrypting it.

edit: corrected cellbrite to cellebrite

load more comments (1 replies)
[–] LiveLGNProsper@lemmy.world 4 points 1 year ago* (last edited 1 year ago) (2 children)

Yeah I realize it is android only and that makes sense that is exactly what I was looking for surprised signal doesn’t encrypt the database honestly.

[–] jet@hackertalks.com 8 points 1 year ago (1 children)

They used to. Then they removed it. And Molly forked and put it back in.

load more comments (1 replies)
[–] CaptainAlchemy@lemmy.one 6 points 1 year ago (1 children)

The main issue with encrypting the database using Molly's setup is you'll miss notifications and calls until you unlock, this might be able to be fixed using a different database encryption setup but as it stands it would be inconvenient for many.

load more comments (1 replies)
load more comments (12 replies)
[–] Chobbes@lemmy.world 4 points 1 year ago* (last edited 1 year ago) (3 children)

The RAM shredding feature seems kind of silly to me, but I don't know the details. Ideally the operating system should clear pages before giving them to other applications... While I can see the appeal in also doing it in the application, it seems kinda wasteful, and I wouldn't trust the application to do a good job of that anyway. If the point is to prevent the app itself from leaking private keys on a buffer overflow or whatever... I guess I can see the value of that, but I'd rather see mitigations for the buffer overflows highlighted instead. I guess this just makes me a little suspicious of the actual value provided by the app.

[–] Chobbes@lemmy.world 3 points 1 year ago

Okay, I got curious and looked into it... These are the relevant files for the "RAM shredding"

I'm not an Android dev, but at first glance it looks like all this does is try to allocate all of the free memory in the system, and walks through the pages and uses rand() to fill in all of the bytes. Technically it's possible for the pages returned by malloc to contain old data, but only if it was allocated by your process in the first place (maybe that's not the case on Android?)... So I guess the idea is that if Molly itself is compromised and an attacker is able to allocate memory in the Molly process they could conceivably get an old page from memory and that page might contain secrets from the Molly app itself... But at that point, surely you're fucked anyway, and the attacker can presumably read all of the currently allocated memory which is certainly far more of a security concern anyway? I just don't think it's worth the cycles.

load more comments (2 replies)
load more comments
view more: next ›