Yes, because you only exchange public keys, never private ones. If there was an actual issue with it, it’s open source, and I think they’d make it properly secure. The private keys never leave the device afaik. However, as you say, there’s potential flaws, and hopefully they’d be fixed and disclosed.
Maybe Whatsapp is different in that regard, but I doubt something so highly regarded as signal, with all the modern cryptography available, is very vulnerable, and even if it is, I doubt it’s feasible to decrypt every message of every user (computationally wise).
I also believe there’s perfect forward secrecy, so even if a later key is cracked, earlier ones are still safe
The problem there comes from use case and advances of AI.
Risking oversimplifying again…
Humans are a creature of habit and pattern. Therefore if you know when a conversation between 2 individuals begins, and you also know if they talked before, and where they are from… You can quite accurately predict what is being said.
And the length of what has been said.
Then you have some limitations with short message encryption consistency…
Well that’s the thing: I don’t need to dig deeper. Whatsapp being what it is, they have no incentive to provide true cryptography and shut themselves out of their patrons’ conversations. They live on collecting private data like all the other sumbitches, so it would run contrary to their business plan. Not to mention, it might run afoul of some of the newest Nazi America laws on communications interception.
So I know “end-to-end cryptography” in the mouths of social media companies (and US social media companies at that) is only marketing speak. I’m not interested in the technical aspect of how they backdoored their protocol. All I need to know is that they did.
Interestingly, Signal doesn’t store anything except phone number you registered with, the date and time you joined the service, and the date you last logged on.
True, but you’d think the evolving cipher would help with that, but yes, very short messages are an issue. There’s only so many options, especially if it’s only a few characters.
AIs not actually that impressive… people keep throwing it around as the next big thing / a buzzword, but there are so many flaws in it. Sure, maybe very standard / common message threads and conversations could be decoded, but the more varied humans are, the harder it becomes.
There’s a proper review of the Signal protocol from 2016, updated last in July 2019, coming to this conclusion:
And soooo many times we send a good old “hi” or “yo” exactly when we refresh the keys…
I’m using AI at it’s basest meaning.
You could also say “Machine Learning pattern recognition model” instead.
This is where AI/Machine learning flips the board.
It is harder for us, who are used to dealing with focused data models.
But if you train correctly an AI model, and feed it large enough volumes of data…
Then the more “varied humans become” the more those models can locate patterns and react to those in real time.
It’s the same with math:
If I give you a small sequence of numbers, you can easily find a pattern.
If I give you a large and complex sequence of numbers… the more varied they are, the harder it is for you to predict the next.
But if I keep on adding numbers… at some point there will be a pattern emerging from that chaos. But you will probably require a computer to identify it.
Except that’s not actually an issue, or it’s an issue every message. From the security review I linked earlier:
Not trying to be rude, but you mentioned knowledge / an NDA, yet also mention keys changing just occasionally… when they don’t, they change every message. In addition, a combination of asynchronous and synchronous cryptography is used with Signal, so you never share your decryption keys:
How familiar are you with the signal protocol? Is there anywhere I can learn more about these AI technologies? There is an email address for reporting vulnerabilities to signal btw, I hope you / whoever found a vulnerability sent proof of concept etc. and the details of it through to it: security@signal.org
actually, key request.
Not sure how Signal has been dealing with connection interruption and user re-pairing recently, but Whatsapp still has it’s mechanisms to keep “the conversation smooth” which might be used against it’s own security. (mechanism which was also present within Signal, but I might be outdated here)
your last quote of me in your message is exactly the sentence I should have phrased better. it was just a supersimplified point about the fact that there will be a handshake there at some point.
When you have to “start over” the entropy gets near zero, and that is also when we tend to use the most predictable messages as well
Outdatedly familiar now. More familiar with how Whatsapp does it.
I can’t find a good article right now (although I’m trying to reply here and do work meetings at the same time… )
But a very good starting point is to try and find the Indian article about the Bandersnatch hack.
They utilised packet analysis passed through an AI in order to achieve 98% (if I recall correctly) accuracy on what were the choices of each individual watching it on their network.
I wish. yet I definitely doubt that.
+1
If anything is transited, I am to assume it is stored.
If not by Signal, then by whomever implements their protocols, or the network carrier/ISP…
The problem is not with the encryption… it’s the analog problem. The NSA figured this out a long time ago and stopped trying to halt crypto development… instead they focused on client compromise. Because our brains can’t do crypto, the data must sit decrypted on the client for our brains to accept it as input… so the plaintext messages and data are totally accessible to attackers who focus their efforts on the client… and Signal is no more secure than any other service in that regard… in fact, their new PIN recovery system adds more vulnerabilities on the server side than ever before… but reeling back to client vulnerabilities… about a year ago now someone did a proof of concept attack on me by sending me a malformed message that borked my mobile client, giving them full access to signal messages and also files on my phone… they emailed me a file from my downloads folder on my phone. wigged me out big time.
the problem escalates further when you run desktop clients (which i did) because those then give access to the files and networking capabilities of your desktop or laptop when they bork.
i have no real understanding as to why it’s 2021 and operating systems don’t just keep each and every application in it’s own little sandbox and perform all operations treating all software as hostile.
Because context-switching and memory waste is too much. It wouldn’t be if programmers weren’t sloppy and didn’t code multi-megabyte applications with 15 layers of library crap just to do hello world, but as CPU, RAM and disk storage increased, sloppiness is what they decided to put them to use for.
yeah… but like, what if the browser is vuln… the idea of an OSSOS handling security and isolation of apps seems like a more viable than relying on each application vendor to attempt to secure their own thing. of course it should still be secured, but a breech should not result in any more than that application’s data being compromised.
I just love when people mention things I can’t say…
Desktop clients are so beautifully fragile!
Mostly because even if they are secure, if someone can get a hold of your network (and for laptops all you need is something like a pineaple), it is fairly easy to inject a malicious file on your traffic exactly when you’ll think accepting a file is to be expected…
That’s exactly the reason why Chromebooks are so popular in hacking events.
That does get on my nerves…
“good dev is the one that uses ready things to go faster”… agh, I hate that posture so much!
Nice re-rail!
Although looks more like the title should’ve been: “cyborgs hate instagram”
For example, at work, I code applications mostly in Python to do stuff that I really shouldn’t use Python for, and I just buy bigger iron to run it on and make up for the inefficiency. But it’s better that way, because our test software suites are in a constant state of flux, they needs to be maintained easily, and I can throw code together really quickly and provide the functionalities my company needs in a jiffy.
For that sort of application, inefficient is better value than tight, efficient code.
But for general software that’s widely distributed, while I’m not advocating for a return to assembly or C and careful optimization everywhere, I wish coders where a little less lazy. There’s a healthy middle ground. What I can’t stand is when someone needs one trivial function in some library - like some date/time-to-string conversion function or something - and ends up linking against the entire fucking library just to use that function, instead of spending 10 minutes recoding the simple function they need.
I routinely find code where the dev has an object that returns time from Epoch…
Then they link a library just to convert from epoch to a funky datetime object… (instead of using a native conversion)
Then they link a second library to convert that funky object into a string…
Then they link another library to run ready-made regex replacements on that string…
Then they link another library with custom methods to convert the string into an integer…
Just to compare the string, now integer, with the integer result obtained from the same method from another Datetime object, derived from another time from epoch value…
All of that just to figure out which event is most recent…
When a simple “>” would suffice.
I wish I could say I’m joking and I never saw that code…
Sheesh! scratch that… I wish I could say I don’t see code like that every week!!
Except that doesn’t allow them to decrypt older messages, and Signal notifies other parties that the security number has changed… undelivered messages are also not resent, and are lost forever. I don’t see that really as a massive flaw then, since it’s no better or worse than any other phone number linked system.
The points about desktop / client security are definitely important, but that doesn’t mean that it’s Signal’s fault, since it just runs on top of a commercial OS.
I must say, ideally, if you want something you control, use PGP or some other secure, asymmetric encryption, separate hardware crypto keys, and whatever messaging platform you want.
it was just a supersimplified point about the fact that there will be a handshake there at some point.
