• Signal Fault

last modified April 18, 2019 by strypey

Signal is an online chat app developed by a US-based non-profit called Open Whisper Systems. Like most modern chat apps, it allows users to create a list of chat contacts and communicate with them using text, voice calls, and video calls. Unlike most of its corporate competitors, OWS release source code under free code licenses for both the Signal apps and the software they run on their servers (Telegram release source for their apps but not their server). But like Skype, FarceBook Messenger, Hangouts/ Ello, and FaceTime, Telegram, and many others, Signal is centralized, controlled by one organization that runs the servers, and insists on exclusive distribution of the apps people use to connect with them, so its impossible to confirm that the free code they release is actually the code they use in their service. Like these corporate datafarms+ you can't use the Signal software to communicate with users on any other service. Also, it is used mainly on Android and iOS, and requires users to own one of these devices and provide their phone number to set up an account.

The Core Us page has some research about voice/ video chat software for conferencing. The Slacking Off page contains some replacement suggestions aimed at team chat. Some of the tools listed there may also be useful as a replacement for these chat centralized services, depending on how you use them. Ideally, users on all chat apps will one day be able to connect and chat with each using an open standard like XMPP or Matrix, and there are already many apps and servers supporting these. There are also P2P chat apps like GNU Jami (formerly Ring), Tox, Briar, and Serval Mesh, which don't need any server. I (Strypey) haven't tested the others yet, but I was able to make a voice call with Jami using Bishop, my ancient 32-bit netbook. But I can't honestly recommend any of these yet as a drop-in replacement for the user-friendly chat apps most people are used to.

In the meantime, I tend to suggest Wire as an improvement on Signal. Like Signal, the Wire service provides E2EE (End-to-End Encryption), and their apps are user-friendly (at least compared to most free code chat apps), and easily usable by non-geek family and friends. Unlike Signal, you don't have to give Wire your phone number to set up an account and you don't need to own a mobile device to use it. The Wire Android app (and maybe the iThing app) do ask for a cell number if you use those to set up your account, but accounts can be set up using the web app or desktop apps. Unlike Signal, the company that develops Wire is Swiss-based, so it is bound by the EU's General Data Protection Regulations (or GDPR) but not subject to the 5 Eyes surveillance agencies, although their servers are hosted on AWS (Amazon Web Services), which is US-based.

Unlike OWS, who consider federated networks obsolete, Wire Swiss are working on allowing users to run their own federated Wire server, which can they will be able to use to talk to users on the main server run by the company, or other independent Wire servers. They are even open to using the XMPP standard for server-to-server federation. Like Signal, Wire release source code for both their apps and server software under a free code license and although both companies use the Electron framework for their desktop apps, which may have some non-free dependencies from its use of Chromium code (as well as no longer supporting 32-bit systems). Also, as of April 2019 the Wire app for Android still has a few proprietary dependencies that prevent it being built and distributed in F-Droid.

More About Signal

The Signal service is run under the direction of celebrity cypherpunk Moxie Marlinspike, under the funding umbrella of a US-based non-profit foundation called Open Whisper Systems (OWS). The technology behind Signal has its origins in proprietary software (TextSecure and RedPhone) written by Marlinspike's company Whisper Systems, which was acquired by Twitter. The source code for the end user apps was released under a free code license, and Marlinspike left Twitter and formed OWS to continue development.

What initially distinguished Signal from other centralized chat services was a protocol sometimes known as "Axylotyl" (although it's now officially the Signal protocol), that tries to prevent anyone (including Signal themselves) from spying on users' chat sessions using E2EE.  WhatsApp, FB Messenger, Ello, Telegram, and others now claim to offer E2EE using "Axylotl" too (either the full Signal Protocol or the Double Ratchet Algorithm component), but since the source code of their server software isn't available to be audited, it's hard to be sure. Because of this, under pressure from the software freedom community, OWS eventually released the source code for the Signal server software.

But the Signal Android app still depended on some proprietary code owned by Google, so a fork called LibreSignal was created to remove non-free dependencies. On May 6, 2016, a user asked for LibreSignal to be included in F-Droid, the free code app library for Android. This lead to an infamous debate on the F-Droid issue tracker, in which Moxie demanded that developers stop using the word "signal" in the names of any forks, and stop using them to connect to Signal's servers. On May 10, 2016, a couple of days after his last comment in the infamous F-Droid discussion thread, Moxie published a post on the Signal blog called 'The Ecosystem is Moving'.

In November that year, Moxie started experimenting with allowing Signal users' to access a GIF search system called GIPHY, which he acknowledges was an odd choice for a chat app whose elevator pitch is encryption and security:

"This is of some concern. While it might seem silly to worry about GIF search confidentiality, what you search for is in some sense the 'content' of your message. Instead of sending 'I’m excited,' you searched 'I’m excited'."

In 2018, software engineer Drew Devault (creator of web-based code forge sr.ht) published a blog post entitled 'I Don't Trust Signal', which addresses some of claims Moxie makes in both the F-Droid thread and the blog post. Drew's pretty much sums up my thoughts on the subject. Drew knows a lot more about the technical in and outs of this than I do, but the post is pretty readable by Jo Users.

Signal fans don't like Drew's post, and when presented with some of the many reasons why Signal isn't safe to use for sensitive communications by people who are potentially being targeted by governmental adversaries, they tend to claim that's not what Signal is meant for. But this is precisely the elevator pitch of Signal; that it's a secure, encrypted communication system, suitable for use by future Edward Snowdens. It's often pointed out that Snowden uses the app, and a glowing compliment from him appears with his face on the OWS website, although Snowden specifically stated in February 2019 that he doesn't do endorsements. As recently as mid-2017, people were publishing lists of "Basic security precautions" recommending the use Signal or WhatsApp "for non-profits and journalists in the United States" (emphasis mine)". This isn't just use confusion either. In another comment on the F-Droid thread, Moxie also claimed that:

"... all the dissidents, activists, NGOs, and journalists that I've met are not willing to put up with that. It's why they use Signal."

 Critical articles about Signal:

Fediverse debates about Signal

  • https://mastodon.nzoss.nz/@strypey/101368165804910431

Signal Court Documents

  • https://signal.org/bigbrother/eastern-virginia-grand-jury/
  • https://www.aclu.org/blog/national-security/secrecy/new-documents-reveal-government-effort-impose-secrecy-encryption