zlacker

[parent] [thread] 1 comments
1. sfifs+(OP)[view] [source] 2020-06-05 03:56:42
Whenever key management is centralized, there is basically no security from the legal authority in the jurisdiction that the messaging vendor is located in. The vendor can always push you an MITM key. They can even show you the "correct" recipient key when you physically verify but use a different one for the actual message transfer and this would be a trivial easy to obfuscate switch in the program binary.

E2E with centralized key management is primarily to protect you from casual/private threats (vendor employees, snoopers in your or your recipients network) not from legal authority.

replies(1): >>TheSpi+f5
2. TheSpi+f5[view] [source] 2020-06-05 05:08:21
>>sfifs+(OP)
The Signal Foundation is based in Mountain View and both Moxie Marlinspike and Brian Acton are US nationals...

What’s stopping some US government agency from forcing them to insert code that causes the Signal app to a indicate it is behaving correctly but isn’t?

And don’t say “laws”.

If your threat model includes advanced persistent threats all bets are off.

[go to top]