So what's going on with Signal's new architecture that retains all user data? It seems like a total reversal of their previous stance and one that dramatically changes their threat model. Their new security properties rely entirely on SGX, which is barely secure against motivated home users, much less nation state adversaries.

@th As much as I hate to admit it, @sir could be right on this one: They're into cryptography LARPing and we haven't noticed until it was too late.

@wasamasa @sir Whisper Systems seems to have always made reasonable decisions in the past regarding Signal, so it is really puzzling why they want to open themselves up to so much risk. "Moxie: Blink twice if you're being coerced!"

@th @wasamasa no, no they have not, they have always made shitty decisions in their own self-interest against the needs of the users

@sir @th @wasamasa gahhh which service do we like now?!? kind of feel like Wire has been fine, minus the unencrypted metadata and lack of federation that they hinted at years ago...

@schlink @th @wasamasa I have no good suggestions. OTR and PGP, probably.

Check out Briar, if you haven't already. It's been under development for quite a while, and is really getting quite usable, I think.

@schlink @th @wasamasa

@pettter @sir @schlink @th @wasamasa Wish I could use that, but with no desktop version it's a dealbreaker of rnow.

@qbi @schlink @sir @th @wasamasa intersting, lots of blockchain related repositories on their GitHub. not sure how to feel about that.

@grainloom @qbi @schlink @th @wasamasa negatively. Anyone involved in blockchain for any reason can be immediately dismissed

@sir @grainloom @qbi @schlink @th @wasamasa

depending on your definition, a git repo can be classified as a blockchain famboni.
@xj9 @schlink @sir @grainloom @qbi @wasamasa @th That kind of definition of blockchain is only ever used sarcastically or as a strawman. Merkle trees had a name before the word blockchain was, ehum, coined, for a specific use for them.

@qbi @sir @th @wasamasa yep, I had spotted that one a few days ago. Another one I saw mentioned recently is syphon, "a privacy centric matrix client - now in open alpha"

not sure how y'all feel about matrix and their E2EE these days though... assuming not great?

@schlink @qbi @th @wasamasa I don't like matrix in general, I have no comments on their E2EE

@lain @wasamasa @qbi @schlink @th nice article, thanks for sharing. Aside: for the love of god please get rid of your scrolljacking script

@lain @wasamasa @qbi @schlink @th it actually seems to be a CSS property set by the after dark theme

@qbi @schlink @sir @th @wasamasa what are your thoughts on e2e encryption of

@polychrome @th I've been feeling iffy about Signal since they killed federation (and, by extension, CyanogenMod, kinda).

@pettter @polychrome @th moxie? reasonable? nope. dogmatic maybe. but not reasonable

@pettter @polychrome @th If only we could leverage this to get more folks using XMPP+OMEMO... :thinking_fidget:

@drwho @pettter @th I wish I could, but for some reason most of my IRL contacts use an iPhone - so no reliable XMPP/OMEMO for them.

@polychrome @drwho @pettter @th Yikes! And Apple the control freak would likely ban those apps if they ever got into the App Store.

@joeo10 @drwho @pettter @th Apple isn't banning them, there are XMPP applications with OMEMO support on the iOS App Store - it's just that most of them have serious reliability issues compared to the offerings on Android and the desktop.

@drwho I mean, go nuts, if you know a good server you can point them towards.. Also what
@polychrome said...

I'm partial towards spreading the Briar gospel, myself. It's really getting towards a usability threshold.


@pettter @polychrome @th There's no shortage of public XMPP servers, to be sure.

@th What architecture? BTW I've been suspecting for a while now that Signal does not care about user privacy... There are a bunch of red flags. Also, I suspect they keep all messages (even if encrypted) kind of like Matrix does. You can fetch messages that are ages old on any linked client even if all other devices are turned off. 🤔

@th That's interesting. Where can I read more details about it?

@setthemfree @th It is also a question for me. The photo appears to be from 34th CCC (2018).

@th @setthemfree i would be interested in an actual third party audit of this by actual cryptographers. maybe even an academic peer reviewed paper attempting to break it

@th Could you tell me the name of that talk?

@th Moxie said publicly just this morning that they retain no user data.

@pettter @th

Well sure, is there a link to evidence showing that user data is being stored?

I'm all ears if so.

@TheGibson @th that seems… odd, given the long and detailed blogpost about how they're going to securely store some of their users' data - so that users aren't totally reliant on their device being immortal, and other such perfectly worthy features.

Maybe he meant they retain no unencrypted user data? Or they retain no user messages?

The UI patterns around this worry me as well. Previously, making an encrypted backup got you a key and 'please write down somewhere safe'.

This they have made pop up insistently above the interface, impossible to dismiss. Numeric by default. Then egging you for it afterwards to 'help you memorise it'.

The intention is clearly not to encourage a paper key or password utility. While some of their previous decisions could be seen as 'hiding the footguns from the end users', this is clearly the opposite…

@th is there a source for the claim that they retain "all user data", and the practical effects of that?
Sign in to participate in the conversation
(void *) social site