>>killsw+f3
Signal does a pretty good job at minimizing the metadata it has access to. For example, the app can tell you who of your contacts has Signal installed but the Signal service itself never gets to see your contacts (https://signal.org/blog/private-contact-discovery/).

>>drdrey+J5
Determinism.

https://tests.reproducible-builds.org/debian/reproducible.ht...

We're making great strides into software being completely deterministic. The Bitcoin project for many years has had completely deterministic binaries and a ceremony process for GPG signing the output with many individual parties.

>>shawnz+C6
See Reflections on Trusting Trust [1]

[1]: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_Ref...

>>raspyb+d5
I never realized signal code was available open source... so in theory one could “build” then load the software via developer tools (assuming you have an iOS dev account).

https://github.com/signalapp/Signal-iOS

Are there any “certs”/keys you would need to talk to your contacts?

>>pera+(OP)
To paraphrase Lenin, there are years where no one has Signal, then weeks where everyone gets Signal.

https://twitter.com/benlorber8/status/1268596748198596608?s=...

>>RL_Qui+X5
See my other comment about determinism: https://news.ycombinator.com/item?id=23424925

Trying to get a bit-to-bit equivalent of a binary lifted from the app store sounds challenging to say the least.

>>shawnz+C6
For countering subverted compilers you can use diverse double-compiling (DDC), see https://dwheeler.com/trusting-trust/

>>drdrey+Zb
Yes, this is more difficult than it sounds - but GP linked to the reproducible builds project which has gotten there already for a lot of software.

See also Guix, which provides tools to challenge servers providing binary packages to see if they match a locally-built version: https://guix.gnu.org/manual/en/html_node/Invoking-guix-chall...

>>Shamel+yf
Family members of mine were at the town center to show support for BLM. The town police spokesperson was interviewed on the local news and there is video of the police response at the mall.

https://boston.cbslocal.com/2020/06/01/police-respond-to-nat...

>>atoav+8d
It's been a massive battery drain for me as I have no Google services. It's a known bug. You can't really turn off that drain either in favor of getting messages later.

https://github.com/signalapp/Signal-Android/issues/6898

https://github.com/signalapp/Signal-Android/issues/9194

Other apps like Threema or Telegram might delay messages sometimes, but at least they keep my device operational. If I'm punished for opting out of Google's spying, I at least want to choose the punishment.

>>RL_Qui+X5
There is https://signal.org/blog/reproducible-android/ but it is not complete.

>>loyukf+ff
In Korea I think the de facto IM is Kakao, LINE is only third (after FB messager) [0][1].

[0]: https://www.statista.com/statistics/898254/south-korea-most-...

[1]: https://www.quora.com/Which-is-the-most-popular-messaging-ap...

>>canjob+if
One is for their private contact discovery system[1] and two because they were trying to promote Signal as a default messenger with iMessage like automatic encryption upgrading. A goal to enable people to adopt it even if all their friends weren’t converted yet.

[1] https://www.signal.org/blog/private-contact-discovery/

Of course, this feature is Android only as iOS doesn’t allow default alternatives.

>>canjob+if
https://news.ycombinator.com/item?id=22328856

>>ViViDb+aj
It was just release on iOS, Android has had it for a while

https://support.signal.org/hc/en-us/articles/360007062012-Ne...

>>AnonC+ul
Signal is not only used by protesters[0][1] so discovering that a phone number is connected to a Signal account by no means implies that the phone is used by a protester.

[0]: https://www.militarytimes.com/flashpoints/2020/01/23/deploye...

[1]: https://www.theguardian.com/politics/2019/dec/17/tories-swit...

>>goneho+gn
iCloud contacts, which is how Apple phones store and sync this metadata for you, is not end to end encrypted, and is available to Apple and the military intelligence community without a warrant.

https://sneak.berlin/20200604/if-zoom-is-wrong-so-is-apple/

>>Taylor+hk
> While I assume Signal is very good at keeping your neighbors and the like out of your business, I feel like the NSA must have some ways of getting in to signal if they want.

'You have to go back in history, at least to the time when the devs dropped sms encryption and even earlier.

The main developer, in a matter of weeks, had turned from someone harassed by the TSA into a receipient of a major government grant ($13 mln). Then he received lucrative contracts with the “greatest” bastion of privacy, Facebook and affiliates. You don’t get that by accident. You get that by providing your own significant part of the bargain.'

https://forum.f-droid.org/t/we-can-include-signal-in-f-droid...

Just saying it's not the most unfounded theory out there.

>>AnonC+8m
"Won't support" is wrong, this is explicitly on the roadmap, they've stated that multiple times. "Doesn't currently support" would be more accurate. For the technical aspects, secure cloud backups are going to be made possible with https://signal.org/blog/secure-value-recovery/.

>>znpy+wv
> Eh, you can't have everything.

why not? Wire[1] doesn't tie your identity to your phone number. OpenWhisper devs too are aware of Signal's limitation (it was even discussed here on HN recently).

[1] https://github.com/wireapp

>>AnonC+ul
This was allegedly used by the authorities in Hong Kong during protests there in 2019, but using Telegram. Telegram responded by introducing a new setting that hides your number from people that aren't in your own contacts.

https://telegram.org/blog/scheduled-reminders-themes#new-pri...

>>hjek+7m
The issue isn't somebody proving you have a Signal account, the issue is somebody identifying members in a specific group used to communicate about a protest. That way a state actor can find the phone number of a key organizer, persuade their phone provider to share their location, and take them out.

Here's a description of how it worked in Telegram before they added a setting to disable it last year: https://medium.com/adamant-im/telegrams-anonymity-hole-how-t...

>>0xADEA+ld
Matrix: https://matrix.org/

>>lordna+jn
There are some there: https://www.signal.org/

tptacek regularly endorses Signal (compared with alternatives) on HN.

>>AnonC+Ul
> Telegram's homegrown crypto has been dismissed by many people (including experts).

Only the expert's opinions are of any value IMO, and I've never seen anyone showing an attack on Telegram's encryption. Telegram themselves seem to claim that it's never broken. I often see vague criticism over the fact that they use their own protocol, but never anything more detailed than that.

https://core.telegram.org/techfaq#q-i-39m-a-security-expert-...

>>nickik+Yq
Can someone explain to me why MtProto is not considered proper encryption? Genuinely asking, not challenging.

At least since version 2.0 it seems it's using AES encryption: https://core.telegram.org/mtproto/description

>>jwr+ty
> Signal DOES NOT get your full contact list

The full contact list is uploaded to Signal servers by the phones. The only protection layer that users have is the questionable security of Intel's SGX.

It's still much better than what WhatsApp is doing, just not a black and white situation.

To add a point to your list: Signal does not have automatic cloud backup of messages, unlike WhatsApp. On WhatsApp, 30% of users have cloud backups enabled [1], meaning that you can basically assume that any reasonably sized group's messages can be accessed by people who have subpoena-power over Google (chance that there is no backup-enabled account in a group of n people is (1-0.3)^n... for 6 people it's already 12%).

[1]: https://telegra.ph/whatsapp-backdoor-01-16

>>est31+1D
Do you have a reference for the claim that your full contact list is uploaded to servers? That seems important since their privacy policy says that they only use hashes, and it can’t be dependent on SGX since it runs on non-Intel hardware:

https://signal.org/legal/#privacy-policy

>>siberi+fy
Phone numbers are used for contact discovery.

https://signal.org/blog/private-contact-discovery/

>>acdha+lG
The method is explained here: https://signal.org/blog/private-contact-discovery/

Yes, it's hashes of phone numbers instead of the phone numbers themselves, but that's a detail. Phone numbers are easy to brute-force especially for people the protesters are worried about, as well as easy to build rainbow tables for.

>>soziaw+Gu
Actually they do: https://telegram.org/faq#q-so-how-do-you-encrypt-data , but since group chats are using Telegram's servers the encryption is not client-to-client. Here is the actual specification of how does their srever-client encryption work: https://core.telegram.org/mtproto

>>cyphar+yJ
But with signal you can verify that person, its like the opposite of otr.

https://signal.org/blog/safety-number-updates/

>>josefr+zV
Step 0: Use off-the-grid network.

[0] https://apt.izzysoft.de/fdroid/index/apk/tk.giesecke.disaste...

>>jrochk+5T
You should actually be careful to say exactly this phrase: "I want a lawyer" and not a word more.

> [W]hen a suspect in an interrogation told detectives to “just give me a lawyer dog,” the Louisiana Supreme Court ruled that the suspect was, in fact, asking for a “lawyer dog,” and not invoking his constitutional right to counsel.

https://www.washingtonpost.com/news/true-crime/wp/2017/11/02...

>>travis+s01
They're currently funded by donations [1] by individuals and organisations - among whom one of the WhatsApp cofounders, who made a significant investment using his WhatsApp money.

[1] https://signal.org/donate/

>>jhauri+uT
It's illegal in the vast majority of countries [1] including Germany, France. Attempting to build a safe secure communication system around phone numbers that is suitable for situations like this, relying on them as being somehow anonymous, is just a complete non-starter. Even if you don't have to register the phone number, the cell provider will still know your location history. I think it just shows how America-centric Signal is.

[1] https://privacyinternational.org/long-read/3018/timeline-sim...

>>AnonC+ul
Session is built to fix this problem https://getsession.org/

It does not require a number to setup an account and communicate.

>>fsflov+h21
By quite easy i mean, when you have global surveillance in place. All tor-nodes are public all tor-exits are public, if your system can track connections from one node to another node and then the exit-node everything is clear.

https://en.wikipedia.org/wiki/Global_surveillance#Infiltrati...

Edit: And that from netzpolitik (highly trusted german source) under 'A global passive adversary' that's the interesting part: https://netzpolitik.org/2017/secret-documents-reveal-german-...

>>pwdiss+gv
How about "I searched for the term "private messaging" in Google Play Store database and Signal was the top result."

https://play.google.com/store/search?q=private+messaging

>>jrochk+5T
> If the law enforcement is talking to you in the U.S., the only right answer is "I'd prefer to have a laywer here."

> Not a joke, for real.

Obligatory link to the fantastic "Don't Talk to the Police" lecture from the Regent University School of Law.

Watch the whole thing:

https://www.youtube.com/watch?v=d-7o9xYp7eE

>>sadfkl+IS
The build is reproducible: https://github.com/signalapp/Signal-Android/blob/master/Repr...

>>atoav+kd
I don't know if many people here don't know about the feature, but most browsers support pinning of tabs makes this relatively easy (especially in combination with Alt+<number> for switching to tab <number> from the left-hand side): https://support.mozilla.org/en-US/kb/pinned-tabs-keep-favori...

>>ardy42+y61
Here is a very succinct version: Shut The Fuck Up Friday https://www.youtube.com/watch?v=JTurSi0LhJs

(fair warning, this will autoplay the word 'Fuck' in the first 10 seconds)

>>salex8+591
It's already there, but there are only a few websites supported:

https://github.com/signalapp/Signal-Android/blob/0ef01cc620c...

If you opened a PR with the websites you're missing, I'm sure they'd be open to it.

I see sibling comments mentioning that they wouldn't want this feature (which is already there) because of its privacy implications, but I think that it basically works like gifs, with a proxy controlled by Signal.

>>im3w1l+wh1
https://duckduckgo.com/?q=facebook+whatsapp+covid+forwarding...

Pick any version of the story. Or read their blog post:

https://blog.whatsapp.com/Keeping-WhatsApp-Personal-and-Priv...

How do they know a message is forwarded? The encryption is meant to make identical plaintexts encrypt to different ciphertexts, so obviously they must be leaking the forwarding status in unencrypted parts of the message. And why is an encrypted service trying to combat misinformation to start with - isn't that a contradiction in terms? These things raise difficult questions. You'd hope that once a service decides to go fully encrypted, its staff would believe that what kind of information going over it or how accurate that is, isn't any longer their concern.

>>pera+(OP)
Really hope E2EE on RCS isn't just Google blowing smoke.

https://9to5google.com/2020/05/26/google-messages-end-to-end...

Clearly not a solution to the current crisis but would be beneficial in future situations.

>>vincen+gy1
It's called LegalShield. The website is here: https://www.legalshield.com

There are others. Do a search for "prepaid legal services". Most of them have similar prices (~$20 a month) and provide similar services (wills, traffic tickets, document review, etc). Like I said, if you get into serious trouble, you will have to pay for a lawyer. This is like insurance. In my opinion, if it helps you avoid saying something stupid to a cop, it's probably worth it.

>>nix23+HT
https://github.com/DrKLO/Telegram

https://github.com/telegramdesktop/tdesktop

>>AnonC+ul
Late post, but I'm just wondering why nobody has mentioned Briar Project. I think it's designed to remedy some of the issues mentioned here: https://briarproject.org/