- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Kork or anyone..how secure is signal?
Posted on 1/11/21 at 4:23 pm
Posted on 1/11/21 at 4:23 pm
i'm opting out of pretty much all google/apple/amazon-controlled apps at this point where possible. i dont care what side of the political spectrum you fall on, what is happening is the scariest thing i've ever known.
i think signal uses PGP (or something like that) for peer-peer encryption but not sure what weaknesses there are besides google or apple sending your personal info to the FBI for downloading it so Morgan Freeman can get a hard copy of your profile to give to Batman.
thoughts? i've been lax and lazy with my privacy for far too long and even if somehow the genie can be put back in the bottle we are now seeing what willingly giving our 'digital DNA' away can be used for and its not to send us targeted ads for the latest playstation game. i always think twice before i do an internet search for anything these days.
i would just rather not have every random text message i've sent over a lifetime put into a hardbound book and used against me in the future.
i think signal uses PGP (or something like that) for peer-peer encryption but not sure what weaknesses there are besides google or apple sending your personal info to the FBI for downloading it so Morgan Freeman can get a hard copy of your profile to give to Batman.
thoughts? i've been lax and lazy with my privacy for far too long and even if somehow the genie can be put back in the bottle we are now seeing what willingly giving our 'digital DNA' away can be used for and its not to send us targeted ads for the latest playstation game. i always think twice before i do an internet search for anything these days.
i would just rather not have every random text message i've sent over a lifetime put into a hardbound book and used against me in the future.
This post was edited on 1/11/21 at 4:27 pm
9
Posted on 1/11/21 at 4:54 pm to CAD703X
quote:
While the encryption software in Signal might not be unique, the app still has privacy advantages over other messaging apps. Signal records no data about its users or the conversations taking place within the app.
This is in contrast to other apps, like Apple iMessage and WhatsApp, to name two examples, which often store significant amounts of metadata, such as who you spoke to and detailed time logs of when those conversations occurred.
In a recent blog post, Signal creator Matthew Rosenfeld (known online as Moxie Marlinspike) explains that the Federal government used a subpoena in 2016 to access Signal's user data.
But as Rosenfeld writes, "there wasn't (and still isn't) really anything to obtain. The only Signal user data we have, and the only data the US government obtained as a result, was the date of account creation and the date of last use – not user messages, groups, contacts, profile information, or anything else."
LINK
The business model also matters, they are a non profit, so as long as government grants pay the bills it should be fine.
quote:
How does the Signal app make money?
The signal is the trailblazer of secure messaging applications. The signal is another hard case, but for a different reason. The thing is - there is no real answer to "how does Signal make money?" - because it doesn't generate revenue. Signal's developer, Whisper Systems, doesn't operate as a business and stays afloat on government grants instead. While this stance is noble and deserves respect - there is no business angle to speak of.
Although, you might argue that this kind of project is very beneficial for reputation and can open up many different partnering opportunities.
LINK /
Posted on 1/11/21 at 7:03 pm to CAD703X
Apple iMessage is secure. Signal is also secure. Regular SMS is not.
It's somewhat binary in that it is either encrypted end-to-end or it is not. The caveat is who controls the keys, I guess but there's no evidence about that being an issue with iMessage or Signal.
It's somewhat binary in that it is either encrypted end-to-end or it is not. The caveat is who controls the keys, I guess but there's no evidence about that being an issue with iMessage or Signal.
Posted on 1/11/21 at 7:08 pm to TigerinATL
If they're getting government money, there is a government back door.
Posted on 1/11/21 at 7:43 pm to GrizzlyAlloy
FBI must get bored watching me text my drug dealer on there the same conversation every week or so
Posted on 1/11/21 at 8:06 pm to CAD703X
It is open source and have invited anyone to hack it for large payout. It's the best you are going to find. There is a reason egypt and few other countries banned it.
Posted on 1/11/21 at 9:55 pm to CAD703X
My understanding is that it's very secure, end-to-end encryption as long as those your are messaging are using Signal also. That's the major caveat. You gotta convince others to use it, or it just doesn't matter.
Another caveat: I use gboard for my keyboard and Google still collects data from that.
I tested it out and like it. The windows app is pretty cool but doesn't work with SMS so it's pretty limited unless, again, you can get random people to give up their app and use Signal. Considering I use Google Messages web app to text probably 90% of the time during the work week, not being able to SMS from Signal on Windows was a huge letdown.
Buy for me, getting others to use it is impossible. My brother and I use Signal to text each other but that's it for me.
Another caveat: I use gboard for my keyboard and Google still collects data from that.
I tested it out and like it. The windows app is pretty cool but doesn't work with SMS so it's pretty limited unless, again, you can get random people to give up their app and use Signal. Considering I use Google Messages web app to text probably 90% of the time during the work week, not being able to SMS from Signal on Windows was a huge letdown.
Buy for me, getting others to use it is impossible. My brother and I use Signal to text each other but that's it for me.
Posted on 1/11/21 at 10:22 pm to CAD703X
My family and I use it. Friends and cousin in intelligence say it is secure if used on both ends.
Posted on 1/12/21 at 7:45 am to CAD703X
I used to use Signal. If you're ok with missing messages, pictures not coming through and other headaches, go for it. I really hoped they would fix the issues over the time I used it, but nothing ever changed, so I ditched it.
Posted on 1/12/21 at 10:35 am to CAD703X
deleted
This post was edited on 1/12/21 at 10:51 am
Posted on 1/12/21 at 1:51 pm to CAD703X
The guy behind signal did an interview with Joe Rogan recently. Wack job.
#1572 - Moxie Marlinspike
#1572 - Moxie Marlinspike
This post was edited on 1/12/21 at 2:02 pm
Posted on 1/12/21 at 4:59 pm to BeepNode
Since Apple is closed, we have no way of knowing if there are backdoors. After Snowden exposed PRISM, is reasonable to assume there can be. Apple has provided no reason to trust them with the encryption.
Signal is open, so we can all see the guts and bugs. The encryption is local as well I believe, so no 3rd party trust issues there.
Signal is open, so we can all see the guts and bugs. The encryption is local as well I believe, so no 3rd party trust issues there.
Posted on 1/12/21 at 5:22 pm to CAD703X
Open source apps that claim to be secure are for the most part are. People can see the source code and see that it’s secure and not sending whacky data everywhere.
Posted on 1/13/21 at 1:10 am to MLU
quote:
Signal is open, so we can all see the guts and bugs.
So you download signal onto your android phone. Signal stores keys locally on the phone. Everything on the phone is also copied to google cloud infrastructure.
How do you know google, PRISM, or a rogue app hasn't taken a peek at your keys?
Think about it. You can buy a new android device and immediately have all your signal messages pulled down to it from the cloud. Do you know who at Google has access to your google cloud account? I would say Signal is very secure and I like their open source approach but we can't just stop there and act like security is all done.
This post was edited on 1/13/21 at 1:19 am
Posted on 1/16/21 at 5:15 pm to BeepNode
Well, first encrypt your phone.
I have never synced messages with Signal, but I recall reading that backups are stored locally and you will need your old device to sync messages to a new device. It's completely end-to-end encrypted if both users have Signal and they store none of your information or data.
I haven't seen anything that indicates the actual app or app data is stored on Google's cloud. They know that you installed the Signal app, but that's it unless you give Google permission to see more.
Everything security-related is stored on your (encrypted) phone.
I have never synced messages with Signal, but I recall reading that backups are stored locally and you will need your old device to sync messages to a new device. It's completely end-to-end encrypted if both users have Signal and they store none of your information or data.
I haven't seen anything that indicates the actual app or app data is stored on Google's cloud. They know that you installed the Signal app, but that's it unless you give Google permission to see more.
Everything security-related is stored on your (encrypted) phone.
Posted on 1/17/21 at 1:30 am to MLU
quote:
Well, first encrypt your phone.
It seems that google accesses your decrypted data to perform granular backups so in theory they would have access to anything they backup even if it is encrypted. Apple on the other hand is backing up your encrypted data so they can't get it unless they know your PIN, which is allegedly not captured.
They "key" is that Signal keys are not backed up to Google, but theres nothing really preventing it technically speaking. They choose not to - and would be detected by researchers if they did.
Plus, the Signal ratchet system is really solid. They must have changed some things in recent years because I was an early adopter of Signal and I dont remember needing to do anything special to get my Signal messages to another phone. Maybe I did and don't remember but I just tried it and it definitely requires having the keys on your phone and I would assume that if you lose your phone you still have access to your account but you start over on messages.
So yeah, Signal is pretty good.
This post was edited on 1/17/21 at 1:32 am
Page 1 of 1
Popular
Back to top
Follow TigerDroppings for LSU Football News