Yesterday we plumbed the depths and reviewed the two worst apps when it comes to private messengers on your cellphone and today we continue our search for the ultimate private communication tool. Over the next couple of days we will write reviews about the best options for your cellphone, and explain why they are the best and how to use them. One great option is Signal.
With a startup company called Whisper Systems, security researcher Moxie Marlinspike and roboticist Stuart Anderson created TextSecure and RedPhone in 2010. Whisper Systems was acquired by Twitter in November of 2011 "primarily so that Mr. Marlinspike (Moxie) could help the then-startup improve its security".
TextSecure was released by Twitter as free, open-source software in December 2011 followed by RedPhone in July 2012, both under the GPLv3 license. In order to continue the development of TextSecure and RedPhone as a collaborative open-source project, Marlinspike later left Twitter.
I was an early adopter of both RedPhone and TextSecure, the latter being a full replacement for my SMS app as it could send and receive standard SMS. If the other side had TextSecure installed, the messages were free and encrypted over the TextSecure servers. It was easy to operate and an easy sell for every Android user to install. The app worked! RedPhone on the other hand was choppy and I couldn't persuade anyone to drop Skype or other calling services. It simply didn't work as well. At least not whenever I tried it. Fast forward now to today's version.
In March 2015 Signal was created, unifying RedPhone and TextSecure as an iOS app. At this stage the SMS app was removed which meant all communications had to go Signal to Signal user or Signal to TextSecure user. The Android Version was released later.
Signal was the first true end-to-end encrypted chat and calling software on iOS which was also compatible with Android. The iOS version was amazing and fully open-source!
There are some aspects of Signal which I dislike but some of those might just be my paranoid, tinfoil hat thinking.
The first issue which raises a little red flag is funding. The project has received financial support from, among others, the Freedom of the Press Foundation, the Knight Foundation, the Shuttleworth Foundation, and the Open Technology Fund. This last one is a U.S. government program which has also funded other privacy projects such as the anonymity software Tor and the encrypted instant messaging application Cryptocat.
Even TOR and Cryptocat have been funded by some U.S. government program. I understand that if you are a non-profit organization and you offer something which is free and open-source, you take what you can get in terms of funding. Still, I just always feel uncomfortable when I read about U.S. Government funding. On the other hand Edward Snowden has stated that we can trust everything from Open Whisper Systems. With this type of endorsement, I will therefore let the funding issue slide.
The next thing is the use of a cellphone number. You don't sign up with a username, PIN, email or anything else, but with your cellphone number. In other words, we have the same problem here as we have with WhatsApp and Telegram: your login is your username.
Now since Signal is open-source and can be seen and verified by everyone, this cellphone issue wouldn't appear to be a setback. Whilst all communications are fully encrypted, I still dislike this aspect of Signal. However, the big point which makes Signal one of the best options around is the fact that your messages are not stored permanently on the servers but get deleted once they have been delivered.
My final gripe would be the fact that Google services are needed. Usually you can install an application via APK on a BlackBerry or on a CyanogenMod powered cellphone without the need of Google services. Such is not the case here! Signal have explained that only the push gets submitted to Google and no text whatsoever touches the Google servers. However, I still feel uncomfortable installing any kind of Google service on my cellphone. Why should I be forced to do so with Signal? Well, this is an important issue and as such Moxie has addressed this in his comments which are now below:
"First, I'm concerned primarily with the security of our users, and am interested in targeting a demographic that does not know what a checksum or signature is. You might call them "newbies," but personally I think we're doing a good job if these are the bulk of our users.
It may be an unpopular opinion, but I think the two worst security moves that an average user can make are rooting their device, or ticking the "allow 3rd party APKs" box in Android's settings. As bad as Google is, I believe that these actions make users susceptible to something that is much worse.
We are reluctant to distribute raw APKs for a few additional reasons:
1) No upgrade channel. Timely and automatic updates are perhaps the most effective security feature we could ask for, and not having them would be a real blow for the project.
2) No app scanning. The nice thing about market is the server-side APK scanning and signature validation they do. If you start distributing APKs around the internet, it's a reversion back to the PC security model and all of the malware problems that came with it.
3) No crash reporting. We are able to react very quickly to crash bugs through exception reports.
4) No stats. We are largely dependent on Play for knowing how many users we have, what types of devices they're running, and what version of Android they have. This allows us to make decisions about where to prioritize development and which platforms we should be supporting.
5) Avoiding Play alone is not a privacy win. Many people seem to be under the impression that avoiding Play prevents their device from phoning home to Google, but that's not the case. On 2.2+, if you have the GSF on your device, it will phone home whether you have a Play account registered or not.
So that's where we are. I believe that the decision not to distribute prebuilt APKs achieves the following balance:
1) It does not encourage the average user to tick "allow 3rd party APKs" in Android settings.
2) It allows "power" users who can appropriately manage the risks to install TextSecure without Play by building from source.
The thesis essentially being, if you aren't able to build TextSecure from source, you probably aren't capable of managing the risks associated with 3rd party sources."
As you can see from the above explanation, 2.2+ will phone home anyway irrespective of your having a Play account or not.
Coming back to some of the other positive aspects. If you run an out-of the-box Android phone, you will love Signal. On iOS you will surely love it as well! Signal offers Chats, and Group Chats with the Groups and members in the Groups not being stored on Signal servers. Signal uses Curve25519, AES-256, and HMAC-SHA256 as their encryption algorithms. The best part is, all of this happens on your phone. The entire encryption is done on your phone and Signal has no key or knowledge about any of your communications. Signal allows sending of high-quality group messages, text, pictures, and video messages. In addition, Signal does have one privacy feature that you don't usually see with a messaging app: an option to "enable screen security."
Usually when you switch apps a screenshot is taken and some users might prefer not to have this stored on their device. There is a no-screenshot option which is turned off by default, adding to the secure cross-platform communication ability.
Other security features are best described by Signal themselves:
"The Axolotl ratchet in Signal is the most advanced cryptographic ratchet available. Axolotl ensures that new AES keys are used for every single message, and it provides Signal with both forward secrecy and future secrecy properties. The Signal protocol also features enhanced deniability properties that improve on those provided by OTR, except unlike OTR all of these features work well in an asynchronous mobile environment."
Another killer feature is calling. Here, Signal have really nailed it, with the quality of the encrypted call being crystal clear. I've never had a call drop or had a choppy connection. When a call is established both parties see two words displayed on the screen, and each can verify with the other if they see the same. If so, the call is fully encrypted. End-to-End without any eavesdropping.
Interestingly enough, Moxies services were needed to make WhatsApp end-to-end encrypted using parts of the Signal encryption. We highlighted this yesterday with the problem being WhatsApp do not encrypt every message.
If you are using iOS or Android, Signal is a hard to beat, killer app when it comes to privacy. The chat and group chat features are working just as advertised and it's pure end-to-end, own-device encrypted. With a call function which is second to none, Signal is a perfect solution when it comes to privacy. The only concerns we have are the forcing of the Google service, plus also the option of no username.
Part 3: we will be reviewing Threema.