In my last article of this series, we reviewed Threema, one of the messengers I personally love and use daily, as part of a series of articles about messaging services available today.
Over the next two weeks, we will write reviews about the best options for you and your cellphone examining their startup, evolution, compatibility, security, and versatility, and we will take a look at their key features, ease of use, and overall performance.
The subject of our attention today is Signal.
Beginning life as a startup company called Whisper Systems, security researcher Moxie Marlinspike and roboticist Stuart Anderson created TextSecure and RedPhone in 2010. Whisper Systems was acquired by Twitter in November of 2011 "primarily so that Mr. Marlinspike (Moxie) could help the then-startup improve its security".
TextSecure was subsequently released by Twitter as a free, open-source software in December 2011, followed by RedPhone in July 2012, both under the GPLv3 license. In order to continue the development of TextSecure and RedPhone as a collaborative open-source project, Marlinspike later left Twitter.
I was an early adopter of both RedPhone and TextSecure, the latter being a full replacement for my SMS app as it could send and receive standard SMS. If the other side had TextSecure installed, the messages were free and encrypted over the TextSecure servers. It was easy to operate and an easy sell for every Android user to install. This app worked!
RedPhone, on the other hand, was choppy, and I couldn't persuade anyone to drop Skype or other calling services. It simply didn't work as well. At least not whenever I tried it.
Fast forward now to today's version:
March 2015 marked the launch of Signal, unifying RedPhone and TextSecure in a single iOS app. At this stage, if the SMS app was removed, this meant that all communication had to go Signal-to-Signal user, or Signal-to-TextSecure user, or vice versa. An Android version followed shortly after.
Signal was the first true end-to-end encrypted chat and calling software on iOS which was also compatible with Android. The iOS version was amazing and fully open-source.
There are some aspects of Signal which I disliked, but some of those might just be my paranoid tinfoil hat thinking.
The first issue which raised a small red flag was funding. The project has received financial support from, among others, the Freedom of the Press Foundation, the Knight Foundation, the Shuttleworth Foundation, and the Open Technology Fund. The last one is a U.S. government program which has also funded other privacy projects such as the anonymity software Tor and the encrypted instant messaging application Cryptocat.
I understand that if you are a non-profit organisation and you're offered something which is free and open-source, you take what you can get in terms of funding. Still, I just always feel uncomfortable when I read about U.S. Government funding. On the other hand, Edward Snowden has stated that we can trust everything from Open Whisper Systems (and he would know!). With this type of endorsement, I will, therefore, let the funding issue slide.
The next thing is the use of a cellphone number to sign up. You don't sign up with a username (you can set one up afterwards though), PIN, email address or anything else, but with your cellphone number. In other words, we have the same problem here as we have with WhatsApp and Telegram: your login is your telephone number (not great!). Now, since Signal is open-source and can be seen and verified by everyone, this cellphone issue wouldn't appear to be a setback; however, whilst all messages are fully encrypted, I still dislike this aspect of Signal.
You could make the point that this ensures that if someone has my cellphone number and wants to text you, all they need to do is become a Signal user and hit send. That is true, and I think you can see the issue there. However, if someone joins Signal and is already in your address book, Signal will notify you that this new user has joined. This latter point is a good and much appreciated feature.
However, at the end of all this, the most important factor to know is still that Signal is one of the better options around as messages are not stored permanently on the servers, but are deleted once they have been delivered.
Now that we got that out of the way, let's look at how Signal has changed and been improved over the years.
One major plus now is that you can now download Signal without Google Play Service or the PlayStore. Simply go to signal.org/android/apk
Sure, that doesn't help when it comes to iOS, and the same issues exist with Threema and others, but not much can be done within the covered gardens of Apple :-)
However, if you run an off-the-shelf Android phone, you will love Signal. Simply download it from the PlayStore or the app on the link given above, and I am sure you will love it on iOS as well (in fairness).
Signal offers individual and group chats, with no member details stored on Signal servers, crystal clear phone calls, and even video chats. This last option is not offered at present by Threema.
Signal uses Curve25519, AES-256, and HMAC-SHA256 as their encryption algorithms. The best part of all this is that it happens on your phone. The entire encryption is done on your phone, and Signal has no key to or knowledge about any of your communication. Signal allows sending of high-quality group messages, text, pictures, and video messages and retains none of it.
In addition, Signal does have one privacy feature that you don't usually see with a messaging app: an option to "enable screen security."
You can block contacts, however, you cannot block all users who you don't have stored in your address book. This feature would be greatly appreciated.
Typing indicator and delivery reports can be switched off. Unlike Threema, when you switch them off, you can't see the delivery report of the other end, so it's a bit of a double-edged sword. Messages can be set to disappear at any interval from 1 hour to 1 week, a feature we really love. And the message would be deleted on both devices, a great extra privacy feature.
When it comes to Metadata, Signal is doing a great job as well. The Signal service is designed to minimise the data retained about Signal users, so the only information Signal can produce in response to a government or law enforcement request are the date and time a user registered with Signal and the last date of a user's connectivity to the Signal service.
Signal servers don't store their users' contacts (such as the contacts themselves, a hash of the contacts, or any other derivative contact information), groups (such as how many groups a user is in, which groups a user is in, the membership lists of a user's groups), or any records of with whom a user has been communicating.
Another incredibly unique and useful development has been an internal encryption feature called Sealed Sender. Basically, this provides for a system of sender certificates and delivery tokens to encrypt the sender's contact information. The best analogy (and the one Signal themselves use) is to imagine being able to eliminate the 'from' address written on the outside of a conventional letter or package, thereby ensuring the sender's anonymity. For a fuller explanation and way more technical detail, check out https://signal.org/blog/sealed-sender/.
Signal also now offers a great feature with its desktop app, allowing you to link your cellphone to an actual desktop app. This works on Linux as well as on Mac and Windows.
A new security feature is screenshot protection. Usually when you switch apps a screenshot is taken and some users prefer not to have this stored on their device. There is a no-screenshot option which is turned off by default, adding to the secure cross-platform communication ability.
Other additional security features are best described by Signal themselves:
"The Axolotl ratchet in Signal is the most advanced cryptographic ratchet available. Axolotl ensures that new AES keys are used for every single message, and it provides Signal with both forward secrecy and future secrecy properties. The Signal protocol also features enhanced deniability properties that improve on those provided by OTR, except unlike OTR all of these features work well in an asynchronous mobile environment."
One killer feature is calling. Here, Signal have really nailed it with the quality of the encrypted call being crystal clear. I've never had a call drop or experienced a choppy connection. The same goes for video calls. The quality of this option of coursedepends on your internet speed, but if you have a stable connection, the video is matching that of FaceTime on iOS. Interestingly enough, Moxie's services were needed to create WhatsApp and Facebook messengers (as well as a few others), with their end-to-end encryption using parts of the Signal set-up.
The sad part here is that these messengers, unlike Signal, are not open source and owned by one of the biggest data miners in the world. Don't get me started, I will dissect WhatsApp and Facebook soon enough.
If you are using iOS or Android, Signal is hard to beat, it's a killer app when it comes to privacy. The chat and group chat features are working just as advertised and it's pure end-to-end, own-device encrypted. With a call and even video function which is second to none, Signal is a pretty cool messaging option.
We monitored the network traffic of the application, and Signal is connecting only to org.thoughtcrime.securesms (signals servers). There are no analytics or other connections listening to your device.
The only concern we have on that score is the usage of your telephone number. This is something everyone needs to decide by themselves as to whether you like to use it that way or not. Perhaps Signal can be your replacement for all your actual work contacts as they would have your telephone number anyway? Combine it with a chat application what hides these, say Threema, Riot, or even Status, and you have great all-round privacy on your phone.
Snowden is a big fan of Signal. That should give us all a lot of confidence. And, of course, Signal is fully open source, which is absolutely great!
