zlacker

[return to "Signal app downloads spike as US protesters seek message encryption"]
1. aeroph+Z4[view] [source] 2020-06-05 02:52:17
>>pera+(OP)
Honest question for those in the know: If I wanted to run my own personal “analysis” to verify the security of Signal, where would I start? Is it even possible? Just curious if there was a way to “know” rather than “trust”.
◧◩
2. raspyb+d5[view] [source] 2020-06-05 02:53:44
>>aeroph+Z4
Learn cryptography to a high level then read the source code?
◧◩◪
3. drdrey+J5[view] [source] 2020-06-05 02:58:51
>>raspyb+d5
How do you know that the binary you run actually corresponds to the source code you read?

EDIT: and would you then also review every commit to make sure nothing bad gets introduced? No, at some point you have to place trust in the vendor, the developers, independent audits, etc.

◧◩◪◨
4. shawnz+C6[view] [source] 2020-06-05 03:05:55
>>drdrey+J5
How do you know the compiler actually compiles the source code to the binary you expect without injecting backdoors? How do you know that the hardware actually follows the instructions in the binary as they are specified?

How do you know you're not living in a computer simulation in which the operators can access your data without any backdoors whatsoever?

◧◩◪◨⬒
5. ta1771+D9[view] [source] 2020-06-05 03:34:28
>>shawnz+C6
Build it yourself.
[go to top]