Since 2016 decentralize.today been runing reviews of many of the most privacy friendly messengers around, asking (and attempting to answer) the question 'secure or not too secure?'. This year has been no exception and has allowed us to to feature a few messengers we've never looked into before.
That said, one messenger that gets a lot of press and that we've reviewed more than once in the past is Signal. It almost seems to get a little bit too much press, being pushed on to us with assurances that it's so so secure. But is it?
Origins
TextSecure
When Moxie Marlinspike and Stuart Andersen launched TextSecure back in 2010 the messenger was focused on securing normal SMS traffic and additionally securing TextSecure messengers going entirely over the internet. It was launched on Android first. In 2015, TextSecure was renamed as Signal and shortly after that it also launched its iOS version.
E2EE
The Signal Protocol (formerly known as the Axolotl-Protocol) was developed in 2013 by Trevor Perrin and Moxie Marlinspike and is pretty much the Gold Standard when it comes to encryption. I know some of my friends on Mastodon prefer Element or more decentralized applications and even if we all totally agree that self hosted is better, we all need to give it to Moxie as the encryption protocol is not just open-source but also second to none. It's Zero-Knowledge-Proof, what means not even Signal can see your messages, and not even see with whom you're communicating. Sealed Sender and Private-Contact-Discovery is unique to Signal and worth reading up on at both the links highlighted.
For further assuarnce, here is 'A Formal Security Analysis of the Signal Messaging Protocol - Extended Version, July 2019'.
https://eprint.iacr.org/2016/1013.pdf
All communications are E2EE (End-To-End-Encrypted), this is true for one-on-one chats as well as for Group Chats with Signal using The Forward Secrecy (PFS Perfect-forward-secrecy) .
So far so good!
Setup
'All that glitters is not gold' as my grandmother used to say. Signal is centralized, which means you need to trust the developer that the open-source software on github also matches the software that is on your phone and on the server.
The server setup is as important as the actual app. It means that when the server is down or Signal discontinue the service, the service is gone. You can't self-host Signal which is a shame but this all considered and of course Zero-Knowledge-Proof should make us forget about all of this, shouldn't it?
Signal is using Amazon's AWS servers and this is usually a BIG RED FLAG. Everything about Amazon is just about as invasive as it gets and that makes us very uneasy when it comes to the servers. Sure the Zero-Knowladge-Proof sounds great and technically it is not possible for Amazon to read your messages, yet it can read your IP address and other Metadata.
If you use a custom ROM without Google Play (perhaps GrapheneOS), Signal will make you aware during the first setup that you do not have Google Play installed but that's all there is to it. Messages arrive via push and we've never had an significent battery drain vs anyone who uses Google Play. In fact by not using Google, your phones battery will operate for much longer ;)
Privacy
In 2016, Signal got an subpoena about two Signal users' data.
"All message contents are end-to-end encrypted, so we don’t have that information either."
Signal has a real flaw when it comes to privacy, they use telephone numbers as the identifier. The good news is that they've started with something they call 'PIN', which is a digital personal identification number that you enter yourself and it will be used to sync and also to identify you in the future.
After entering your telephone number you will receive an confirmation code via SMS and once you've verified your number you can use Signal. On Android you also have the option to use Signal as your main SMS app, this allows all your SMS and your Signal messages to arrive in one place. Of course, normal SMSs will not be encrypted.
Your Telephone number as well as your address book (if you give Signal the permission to use it) will be uploaded to the AWS server (hashed - in other words encrypted and AWS can't see the actual address book). This is done to sync who in your address book and is using Signal. Signal will also send you a push notification if any of your contacts joins Signal at a later stage. We've not found an option to switch this off, but did read on the Signal Forum somewhere that we will have an option under privacy to switch this off in the future.
Signal is using Private-Contact-Discovery!
Even if the pins are already in place, the number is the identifier!
We recommend to verify the device with your contacts or chat partners if that is possible. Pass on the numbers or scan the QT code, this way you are sure you have the person you want to to talk to on the other end.
After you have verified the chat partner you will see a check and it says Verified under the name.
Now that we have this all out of the way, the big question you might ask is why would Signal give you an free messaging app, where they collect very little to almost no metadata and doesn't make a dime out of it? Well, Signal has a donor page.
Some of the donors are the Freedom of Press Foundation, Knight Foundation, Brian Acton (WhatsApp founder), Shuttleworth Foundation and the Open Technology Fund. The Open Technology Fund is known to finance Non-Profit-Organizations like the Tor-Project, WireGuard, Certbot, NoScript and even DeltaChat which we had reviewed in the past.
What's new, what's improved since 2019
Since our last review, Signal has come a long way, we have now a fullblown Signal app on iPadOS, which sadly only works as a secondary device after you register the app on an mobile phone first, the same goes for desktop apps on MacOS, Windows and Linux. The beauty here is that once you set up the secondary app on any of your devices you do not need the phone app anymore ;) But be aware that if you switch your phone back on you will receive all the messages you have received, and even answered on your secondary device, again on the phone.
Signal has a Video and Call function which is one-on-one call/video and a very good and clear app to use.
There is no group call, but hopefully we will see this in the future. We need to also add that Signal has no trackers preinstalled, no analytics or any privacy invasive trackers at all.
However, as mentioned, the server used by Signal is an AWS server owned by Amazon!
Another great feature with Signal is that it allows you to delete messages on both ends manually or after a given time.
The Group Chats are another good feature but we have experiencd missing messages on numerous occasions.
In August 2020 Signal added Message Requests, which is a great way to accept or not someone who is messaging you.
Another new addition is Group links!
It seems Signal is adding a lot more into their Groups offer and once that is all ready, they'll switch to pins to replace your telephone number as your identifier! This is a needed step if you want to call Signal a privacy resepcting messenger.
So here's some BREAKING NEWS...literally whilst editing this piece I received news from Signal that they are introducing fully encrypted Group calls as of right now...
So goodbye Zoom and hello Signal! RESULT!!!
Worth mentioning is MollyIM which is a hardened Fork of Signal and works on Android. It is FOSS and you can add it via F-Droid. MollyIM can be installed simultaneously to the original Signal app on Android (just not with the same telephone number).
mollyim
Overall, Signal does the job and it uses as little metadata as it needs. Signal is the easiest sell when getting someone to move over from WhatsApp or Facebook messenger. it is also the choice to get your mum or grandmother moving to a little bit of privacy - simply because it does the job, it's free and super easy to set up.
Yet, we prefer decentralized solutions and so as long as AWS is part of Signal we can never recommend it as a top choice.
