Signal Adds Cryptocurrency Support

According to Wired, Signal is adding support for the cryptocurrency MobileCoin, “a form of digital cash designed to work efficiently on mobile devices while protecting users’ privacy and even their anonymity.”

Moxie Marlinspike, the creator of Signal and CEO of the nonprofit that runs it, describes the new payments feature as an attempt to extend Signal’s privacy protections to payments with the same seamless experience that Signal has offered for encrypted conversations. “There’s a palpable difference in the feeling of what it’s like to communicate over Signal, knowing you’re not being watched or listened to, versus other communication platforms,” Marlinspike told WIRED in an interview. “I would like to get to a world where not only can you feel that when you talk to your therapist over Signal, but also when you pay your therapist for the session over Signal.”

I think this is an incredibly bad idea. It’s not just the bloating of what was a clean secure communications app. It’s not just that blockchain is just plain stupid. It’s not even that Signal is choosing to tie itself to a specific blockchain currency. It’s that adding a cryptocurrency to an end-to-end encrypted app muddies the morality of the product, and invites all sorts of government investigative and regulatory meddling: by the IRS, the SEC, FinCEN, and probably the FBI.

And I see no good reason to do this. Secure communications and secure transactions can be separate apps, even separate apps from the same organization. End-to-end encryption is already at risk. Signal is the best app we have out there. Combining it with a cryptocurrency means that the whole system dies if any part dies.

EDITED TO ADD: Commentary from Stephen Deihl:

I think I speak for many technologists when I say that any bolted-on cryptocurrency monetization scheme smells like a giant pile of rubbish and feels enormously user-exploitative. We’ve seen this before, after all Telegram tried the same thing in an ICO that imploded when SEC shut them down, and Facebook famously tried and failed to monetize WhatsApp through their decentralized-but-not-really digital money market fund project.

[…]

Signal is a still a great piece of software. Just do one thing and do it well, be the trusted de facto platform for private messaging that empowers dissidents, journalists and grandma all to communicate freely with the same guarantees of privacy. Don’t become a dodgy money transmitter business. This is not the way.

EDITED TO ADD (4/14): Moxie Marlinspike is on the advisory board for MobileCoin, which was designed for the purpose of providing a payment function in Signal.

Tags: , , ,

Posted on April 7, 2021 at 6:24 AM118 Comments

Comments

Harald K April 7, 2021 6:47 AM

This appears to not be a “real” blockchain currency in the sense you define it in the linked article (“just plain stupid”). It doesn’t seem to use mining.

But it does seem to be built on the assumption that participants have a duty to participate in obfuscating the origin and recipient of transfers, making it very likely to run afoul of money laundering laws. Maybe that’s why the repos are full of warning against using it in the United States.

(Although I believe people have a right to secure and private communication, I disagree with those who extrapolate from this that we have a right to anonymous property transfer. It’s totally in the public’s legitimate interest to keep track of who owns what, and to settle which transfers of ownership are legitimate, for instance by disallowing coerced ones.)

So I agree it’s not the best move. Also you’re also totally right on the “why the bundling” point. I guess the costs of scaling to its newfound popularity were high enough for them to bet on something like this.

Clive Robinson April 7, 2021 7:15 AM

@ Bruce, ALL,

WTF: Signal Adds…

Yes in deed.

As some know there is a lot of money to be made in stealing “electronic wallets” or even locking them up for ransomware.

Thus the advice is never conect “value storage” on an Internet Facing/Connected machine, it will be found and you will pay the price of the loss.

Likewise for financial transactions the advice is again avoid or be very cautious and carefull if doing it across the Internet.

As I’ve noted on several occasions the way Signal is designed, it is not secure. The same is true for all “Secure Communications Apps” that put the “user interface” on the same device as the “communications interface”. That is they have in effect put the insecure “communications Endpoint” interface in the security chain beyond the “security Endpoint” which means an attacker can bypass all the crypto and get at the plaintext user interface, or other interfaces such as the file system.

So…

Now there is potentially a nice solid financial reason to break Signal’s illusion of security shall we “Open a book” on how long it is before ways to steel the crypto-currancy via Signal’s failings takes to occure?

bobby April 7, 2021 7:20 AM

Not necessarily an argument I fully buy, but as for the reasoning for the integration: if Signal is an app for free speech, we’ll at least according to the US Gov paying/donating can be a form of speech.

And also, if we’re being honest, all the big chat apps are adding payment in one way or another (WhatsApp, iMessage, etc.). That Signal would try to match that behavior in a privacy preserving way doesn’t surprise me.

More broadly I don’t know how I feel about the whole thing. They’ve done good work in the past and on the whole it seems they’ve thought through the decisions they made keeping in mind a specific vision (easy to use for the lay person, privacy preserving [though not necessarily anonymous], low friction messaging basically). It seems this has been in the works for a while so I can’t imagine they haven’t put a lot of thought into it. We’ll just have to wait and see how it plays out.

Richard April 7, 2021 7:24 AM

I have mixed feelings on this topic because I’m coming from an American perspective. I know that in chat payments are EXTREAMLY popular in other parts of the world on other messaging platforms, such as WhatsApp. And Brian Acton (co-founder of WhatsApp) is financially involved in Signal after leaving Facebook. So we have people who are looking beyond America’s boarders to see what other people are using messaging for & attempting to provide a solution. The ‘software bloat’ is something that concerns me greatly. The more complex a system is, the more potential insecurities there are. Just my two cents.

RogerBW April 7, 2021 7:36 AM

If someone were leaning on me to make the best-of-class anonymous communication platform more dangerous to use and subject to heavier regulation, this might be what I did to it.

Fork time?

Barney April 7, 2021 7:55 AM

There are some (many!) who’d claim allowing complete privacy for communication and not creating a backdoor for the feds “muddies” the morality of the app. Who’s to say you’re right and they’re wrong?

Having true privacy and freedom from censorship/surveillance includes all aspects of life, including economic activity and value transfer, as well as moving data around. As far as I can see any communication system that with those aims is incomplete without some form of cryptocurrency capability/integration. The idea of a separate app from the same organisation sounds reasonable but I think it fails all the same tests that prevented other secure, private messengers succeeding where Signal did. At this point it’s either in the main app or it’s not getting adopted (take a look at the Chinese messenger ecosystems for the extremes of how well this can work), and there’s a very reasonable argument that that is worth the complexity/security/regulatory risk trade-off.

tT may not be the mission you have in mind, but there are plenty of people who see it that way, and I think it’s fantastic to have a founder led project like Signal be able to take these decisions and move in this direction even if the majority of users don’t care or actively don’t want it.

Bufford April 7, 2021 8:21 AM

The addition of crypto-currency will increase pressure to crack the encryption as well as efforts to compromise a wider range of accounts.

Not good, IMO.

Bruce Schneier April 7, 2021 8:25 AM

@John Travise:

“Another out of touch old man shouting at clouds.”

Is that me, or Moxie?

I try not put as little as possible in the cloud.

SayIt April 7, 2021 8:29 AM

Signal is not secure. First, it is trivial for them to shutdown the use of Signal by particular parties they are following. That forces use of a less secure or insecure mode of communication. Second, phones are not secure, which means implanted software can eavesdrop on both ends of the communication before and after encryption/decryption. Yes, your conversations with your therapist are secure, unless you’re a person of interest. And it doesn’t take much to be one. You certainly don’t need to have committed any crimes at all.

wiredog April 7, 2021 9:05 AM

@SayIt
By the standards you laid out secure communication is impossible. It’s possible to shut down any communication line, and usually trivially so, forcing the use of another less-secure one. The PGP email only works if the switches don’t inspect for crypto going across the line and don’t shut it down when detected. And, yes, phones can be compromised. So can snail-mail. If you’re a reasonably high value target a microphone can be placed in your bedroom, and a parabolic mic can be used to eavesdrop from across the street.

Signal is secure enough for most purposes requiring security.

Wayen April 7, 2021 9:45 AM

Let’s be honest. No one can say the truth about Signal without being labeled either a conspiracy theorist, an anti-semite, or both.

Anonymous April 7, 2021 9:56 AM

+1 “Secure communications and secure transactions can be separate apps, even separate apps from the same organization.”

Anonymous April 7, 2021 10:35 AM

Jesus. If users want to use cryptocurrencies, so be it. But implementing a completely new cryptocurrency into Signal is just a waste of time. Who asked for this? Certainly not the folks who are already using cryptocurrency.

Signal should do just one thing and do it well: provide secure, encrypted instant messaging platform, and nothing more.

Clive Robinson April 7, 2021 10:44 AM

@ Wiredog,

If you’re a reasonably high value target a microphone can be placed in your bedroom, and a parabolic mic can be used to eavesdrop from across the street.

You forgot the “spike mike” in the wall from the adjoining property…

Well over three decades ago I purchased a house that was,

1, On a very busy main road to the front.
2, A long garden to the rear.
3, A large school playingfield on the other side of the main road.
4, A large sports field at the bottom of the rear garden.

Which gave me atleast 600yards clear to the front and rear that I could easily observe in various ways not just via optics. The problems were the sides, detached properties in large grounds were not then in my price range…

Which is the main point realy “Privacy is easier when you are rich than when you are poor”.

name.withheld.for.obvious.reasons April 7, 2021 11:10 AM

@ Clive

Thus the advice is never conect “value storage” on an Internet Facing/Connected machine, it will be found and you will pay the price of the loss.

Yes, I functionally segregate systems and applications on their value to specific business activities. I have four layers of network segregation and isolation:
1. Public, where I am now
2. Research, document retrieval, information gathering, and other data
3. Business, specific business activities including banking and account management
4. R&D — Business specific intellectual property and programmatic development
5. Air-gapped hardware development tools, not even network cards or transmitters except for serial communications (IEEE 448, etc.)

Each layer has access controls about which specific applications or network aware programs can access another layer, the permission go from high to low and not the other way. So R&D (No. 4) can touch specific apps/data in research (No. 2) but research (No. 2) cannot reach into number 3 or 4. Pubic is considered hostile, even though it is two firewalls and routers deep and layers 2 – 4, yet another firewall, and logical layer two isolation.

Where would I put a Signal app, layer 1. Where would I put cryptocurrency, based on a threat model, layer 1. But as other have suggested, with the threat model you must consider that you’re a target for wallet theft. So I would have a very hard time integrating the application into the above model. I would need to provide for another layer with specific application rules. All the applications are audited and the traffic is logged between layers (a DMZ of sorts at each layer for logging).

Anonymous April 7, 2021 11:15 AM

Sometimes when I am reasonably … in another state of the elevator, I do use Signal to contact my … butter milk supplier. I do would like to pay him. Where is the problem? I do not get it.

mau April 7, 2021 11:32 AM

This, in addition to their “viral” announcement of any person in your phonebook having a Signal account, which is NOT GOOD if the person is using Signal to have a clean and safe line of communication to avoid stalkers/abusers.

I think they may now allow you to opt out by compiling your own client and setting a flag but that’s not acceptable for the average person they want to bring “privacy” to.

I really wish we could have civil libertarianism without the deregulationist pyramid scheming. I really do.

ex-signal-user April 7, 2021 12:10 PM

Mau, the “viral” announcement is exactly what turned me off signal and caused me to uninstall it within a week. Heck I had people I hadn’t spoken to in years congratulate me on finally getting signal… also the nagging doubt about whether or not my messages got through was getting to me (I believe that problem has been fixed).

Also, how you can make a secure messaging app rely on a GSM phone number is beyond belief (they are as far as I know changing it soon so you can use usernames, but the damage has been done from my point of view).

xcv April 7, 2021 1:07 PM

@ ex-signal-user

Mau, the “viral” announcement is exactly what turned me off signal and caused me to uninstall it within a week. Heck I had people I hadn’t spoken to in years congratulate me on finally getting signal…

Yeah, it sounds like a Communist Party trope.

also the nagging doubt about whether or not my messages got through was getting to me (I believe that problem has been fixed).

It’s like you told a joke in bad taste, or communicated with a minor for immoral purposes or something like that. The other party didn’t “get it” when you sent the message.

Also, how you can make a secure messaging app rely on a GSM phone number is beyond belief (they are as far as I know changing it soon so you can use usernames, but the damage has been done from my point of view).

No shit. It’s a local police jurisdiction Stingray interception point.

Here’s How Much a StingRay Cell Phone Surveillance Tool Costs

I don’t know what the hell they’re after, but the the Feds have probable cause for a wiretapping warrant on your cell number as soon as you have something like that installed.

BjornW April 7, 2021 1:39 PM

Hi Bruce,

Do you still stand behind your words on the Signal homepage, now that Signal is adding support for the cryptocurrency MobileCoin and the rumors of conflict of interest by Moxi Marlinspike? I am referring to this quote:

“I am regularly impressed with the thought and care put into both the security and the usability of this app. It’s my first choice for an encrypted conversation.”

Thanks for your time (and the free sharing of your knowledge over the years)!

Erdem Memisyazici April 7, 2021 2:17 PM

Yea, let’s base a decentralized economy on the birthday paradox. 😂

Mr. Peed Off April 7, 2021 3:46 PM

Approximately 79% of cryptocurrency is now being mined by China (power is more economical when you own the generation). I suspect Winnie the Pooh’s picture will be on most of the new currency. Unfortunately, Winnie has a much different view of security than you or I.

Jed April 7, 2021 3:51 PM

Now that a dark cloud has appeared over Signal do we start considering other options – my apologies for going off topic but it seems to have slowed down enough to give it a boost.

We are, of course, entering a twilight zone but I offer three suggestions to start the ball rolling.

Session
Teleguard
Threema

onlytimewilltell April 7, 2021 4:06 PM

Why do you guys scream so much, are you lonely or something, needs some attention? It’s in beta, for testing (and debugging) & only in uk (probably never will allowed in us), maybe there is a bigger picture nobody sees. Sometimes to go around the ‘6’ you have to do some acrobatics.

JO April 7, 2021 4:15 PM

You used to have a contest to come up with the most ridiculous terror movie plot. I’m not sure why you quit that, but I can’t help but feel you are increasingly starting to sound like some of those movie plots. You seem less and less a proponent of true privacy and freedom, in favour of “security” bestowed upon us by the government.

The truth of the matter is, the people are taking their freedom back from the government using technology. Their attempts to stop it will end up looking the same as the silly keylength munition restrictions the US tried to enforce back in the late 90s. This is an irreversible trend, fighting it will be futile.

You say “And I see no good reason to do this.” I’m sure that’s true. However, the freedom to privately transact is just as paramount as the freedom to communicate. You could argue that transfer of value is indeed a form of communication. You may never understand it, but it will happen around you regardless.

Weather April 7, 2021 6:00 PM

They might be trying to increase the uptake of signal, there is apple pay that uses the phones RFID to pay for things.

xcv April 7, 2021 6:18 PM

@ Mr. Peed Off • April 7, 2021 3:46 PM

Approximately 79% of cryptocurrency is now being mined by China (power is more economical when you own the generation). I suspect Winnie the Pooh’s picture will be on most of the new currency. Unfortunately, Winnie has a much different view of security than you or I.

What a waste! Mine gold or oil: something useful for motive power or at least pretty to look. But cryptocurrency isn’t even that. Absolutely worthless, full of bit rot, copyright violation, child pornography, crypto-slander, crypto-libel, etc.

Bruce Schneier April 7, 2021 7:16 PM

Re JO:

“You say ‘And I see no good reason to do this.’ I’m sure that’s true. However, the freedom to privately transact is just as paramount as the freedom to communicate. You could argue that transfer of value is indeed a form of communication. You may never understand it, but it will happen around you regardless.”

You misunderstand me. I see no good reason to tie the two functions together in a single product, for the reasons I outlined above.

Bruce Schneier April 7, 2021 7:19 PM

Re BjornW;

“Do you still stand behind your words on the Signal homepage, now that Signal is adding support for the cryptocurrency MobileCoin and the rumors of conflict of interest by Moxi Marlinspike?”

I still think that Signal is the most secure texting app out there.

Clive Robinson April 7, 2021 7:55 PM

@ Weather, ALL,

They might be trying to increase the uptake of signal

The Internet has fairly well proved it’s self to be a “First to Market is the winner takes all of the market” despite what a course in economics will imply (due to the fact of the hidden assumption in economics of “distance costs”).

So from those behind it there is probably the thinking of “Signal has to grow or die”. And if it’s the latter all that they have sofar invested will be lost, or not reach the potential they are after. But tying themselves to a highly volatile trading/speculating crypto-currency is actually going to make Signal’s demise more likely.

there is apple pay that uses the phones RFID to pay for things.

But there is a big difference between a conventional fiat currency independent transaction system and a crypto-currency payment and reconciliation system and that’s “Risk” with a very large “R”.

By and large all crypto-currency systems are designed to be inherently unstable thus they tend to hyper inflation/deflation cycles as people with sufficient funds manipulate the system creating volitility to their advantage. The volitility in turn means that exchange and reconciliation systems carry bigger risk, therefore will charge significantly higher fees.

You have to only try and live in a country with hyper-inflation for a very short time to know what that does to a civil society. Then realise it has a reinforcing effect on the entire economy as more and more labour is devoted to try and shorten the time any one actually holds currency in their hand.

In fact providing a mechanism to speed up the aquire/divest cycle just facilitates hyper-inflation. It’s one of the reasons certain people carry out “High Frequency Trading” and will thus pay hansomly to have the shortest network path between them and the point of trade (yes even traders have to obay the laws of physics with respect to the delay caused by the speed of light).

So irrespective of if it’s Signal or some other secure messaging app making the movment of crypto-currency fast is not going to end well for the security of the app or it’s greater environment.

The reason is “cryptography-costs” in CPU cycles so both in work/power and delay/time. On a per bit basis the fastest form of cryptography is the stream cipher as the work of generating the key stream can be done well in advance and in most cases in parallel.

The problem with security is that it’s rather more than just hiding information via cryptography. So whilst you can hide information on a bit by bit basis other things have to be taken into account (CIA triade for old timers). For instance bitwise encryption is easily subject to active “bit flipping” attacks, because the cipher alphabet size is considerably smaller than the plaintext alphabet size. This has consequences at higher levels in the security stack especially where known message formats are used, especially when optomised to remove redundancy (ie made more efficient).

Thus with financial transactions and a highly volatile trading currency there will be a pull in two different directions. Firstly that of privacy from security which is what would be desired by ordinary users (otherwise why use a secure messaging app?[1]) which increases delay. Secondly to minimise transaction times/delay to reduce the effects of trading currency volitility which generally will act against security thus privacy.

We can see from the state of the current finance markets who will win in that game, and it will not be privacy.

But aside from the fact that security will decrease in time to reduce delay thus trading currency volitility effects, there is the ROI on “breaking the system” to consider.

At the moment very few have the resources or desire to break the security of secure messaging apps. That is the value of the messages are by and large of no value except to,

1, SigInt agencies of various forms (mostly funded by a nations wealth).
2, Information brokers, who mostly deal with bulk or industrial scale data collection.

As these are few and far between it is entirely possible that the privacy via the security has already been broken “by design” but is generally not known (Skype?).

Making messages have direct value as in financial transactions obviously attracts two other types of attacker,

3, Those looking to greatly polish their C.V.’s reputation.
4, Criminals.

The fact that they have succeeded will not be kept secret for very long at all thus there will be a significantly increased preasure to find more and more breaks in the security of the secure message app system and thus the increased loss of privacy.

There are other reasons not to get involved with high volitility trading currencies let alone “build them in” to your secure messaging app not least of which is legislation and regulation. But also and perhsps more importantly you tie the fortunes of your secure messaging app to the fortunes of the highly volatile trading currency, which with crypto-currencies is in effect a “Suicide Pact”.

It’s why they should be developing a currency independent transaction system not a currency dependent one. And that way leave all the other issues to those that take on the currency volitility risk such as financial exchanges, banks, and sovereign nations.

[1] There appears to be three basic reasons why a security messaging app gets increased usage,

1, It’s hip/trendy/cool.
2, It offers increased privacy or functionality over it’s competitors.
3, It’s got the most users you commonly interact with using it.

In the long term it’s the third reason for “winner takes all”.

lurker April 7, 2021 8:07 PM

@onlytimewilltell

It’s in beta, for testing (and debugging) & only in uk (probably never will allowed in us)

What, you mean in the land of the free “they” can stop you choosing what software to use for purposes that are still legal?

SpaceLifeForm April 7, 2021 9:17 PM

@ Bruce

Rumour: Twitter is looking at doing similar. Hopefully not cryptocurrency.

Hmmm April 7, 2021 9:39 PM

Having just watched Moxie’s Webstock 2015 presentation, I realized he may want to do this to address the USA’s unbanked dispensary trade.

Someone needs to. It is dangerous for the USA’s dispensaries to do business in cash. It makes no sense.

NY just legalized recreational and will be adopting Colorado’s laws, in addition to home delivery. In Colorado and California, having armed guards is not a big deal. In NY it is really difficult to obtain a concealed carry license.

Plus NY State regulates all the global banks, whereas Colorado and other States do not. This means there’s no option to circumvent the dispensaries exclusion from financial services in NYS. Because this is a cash only business, which includes salaries, supply chain, taxes, rent, utilities, insurance and you cannot write checks or deposit your cash receipts you need to hire armed guards and Brinks trucks to remove the cash to some safe house. If you have a successful dispensary you will need to do this numerous times a day.

In Colorado all of the dispensaries (hundreds) are owned by only 3 men due to this.

Governors and ranking Senators want the cash trade to end. Irrespective he will have to institute an Anti-Money Laundering and KYC program in the US or UK. This is not trivial. And he will need a influx of money to do that (staff and software). Signal won’t be able to be anonymous for those that want to use it for bitcoin. If he restricts it to existing gift card limits it might be manageable from a regulatory perspective.

Deep Breath April 7, 2021 10:41 PM

@Bruce Schneier, @Peter:

MobileCoin was built, from the start, for the purpose of providing a payment function for Signal. It’s a not a cryptocurrency that Signal happened to choose. It makes sense that Moxie is on the board. See the CEO’s comment here:
https://news.ycombinator.com/item?id=26726246

Regarding the risk of attracting regulatory attention, what if limited it to small transactions, say under $1,000 or under %100?

Winter April 8, 2021 3:17 AM

@Deep Breath
“Regarding the risk of attracting regulatory attention, what if limited it to small transactions, say under $1,000 or under %100?”

Sounds “sane”. Signal is legally based in Switzerland and Switzerland will ratify the upcoming regulations on virtual assets and transactions.
https://www.elliptic.co/blog/fatf-updates-virtual-asset-guidance-public-consultation

I think our host is right, it would be most logical to use two apps that can communicate: Signal for communication, and a cryptocurrency wallet for payments.

Note that the privacy preserving currencies, e.g., Mondeo and cash, can implent a disclosure key so that you can always prove what payments you made if required.

Winter April 8, 2021 4:27 AM

@Winter
“Mondeo and cash”

Autocorrect is at it again. Should be “Monero and Z-cash”

Here are links to the mechanics of viewing keys.
Monero view key:
https://www.monero.how/how-to-verify-your-monero-funds-with-a-private-view-key

Zcash view key:
https://bitzec.github.io/blog/viewing-keys-selective-disclosure/index.html

Note that in the original Wired publication, Matt Green aired the same worries as Bruce. Marlinspike and Goldbard say that Signal only allows to easily use Mobilecoin and that Signal will not have any other connection to the currency.

homunculus April 8, 2021 4:37 AM

What is your opinion on this article?

Signal is a government op – Signal was created and funded by a CIA spinoff. It is not your friend.

Is it a conspiracy theory?

I always thought that it would be clever from intelligence services to build a secure messenger with backdoors and the snowden revelations would have been a good time to start. Operation Rubikon showed how impudent those actors are. Also the delay of keeping the Signal’s server side code published up to date made some people nervous.

If I trust the audits the end to end encryption probably works. If I go the conspiracy hypothesis further down the line I could think of the Signal’s servers recording metadata. Who can say which code is really running there?

I don’t say this is true. I think the linked article is out there and should be discussed.

Winter April 8, 2021 4:59 AM

@homunculus
“Is it a conspiracy theory?”

It is a theory about people conspiring to deceive the public, so how would you call it?

The real question is, is there any evidence that those involved in developing and operating Signal are working for the CIA?

The link you post is from a person who seems to hate anyone left of Trump (and immigrants) with a vengeance but does not give any evidence for his accusation except that he hates Marlinspike.

Without even a shred of evidence, would I trust the judgment of Yasha Levine more than that of Bruce Schneider or, say, Edward Snowden and Laura Poitras? You must be joking.

Show us evidence, then we can make up our minds.

noone April 8, 2021 6:02 AM

@Winter It’s evident from the FOIA documents published by Y. Levine that the Tor Project is somehow tied to CIA and NSA.

Apparently, Levine thinks the same is the case for Signal. Marlinspike has also worked for Tor, so why not?

Y. Levine is a conspiracy teller, in a podcast episode on Spotify (https://open.spotify.com/episode/03xtqacT2e0MTWaWUOHhcw) he thought loudly there is probably “one guy” who controls everything.

I recommend reading his book (Surveillance Valley) though, he does a great job in explaining the ideology that lead to the creation of the internet. (I am not sure about some claims, though.)

I don’t know if any of this is true but it is somehow exciting to view this from another perspective.

Winter April 8, 2021 7:05 AM

@noone
“It’s evident from the FOIA documents published by Y. Levine that the Tor Project is somehow tied to CIA and NSA.”

Tor was developed with money from the US Navy. See Tor history page. Not exactly a revelation. Tor is FLOSS, so if you want to look for backdoors, have a go. Tor’s finances are public, as is the USA’s public support.

Levine seems fond to condemn people on baseless suspicions alone.

Anyway, I respond to all accusations with a request for evidence. A vehement hate for a person’s personal believes is not evidence in my book.

Hmmm April 8, 2021 7:12 AM

@Winter

Cryptos will be regulated. Sooner than later. Last night Jamie Dimon made a plea for immediate regulation. Just having servers in Switzerland means nothing.

Once the US regulates cryptos, anyone doing business in the US will need to comply. All foreign banks doing business in the US comply with US bank laws for anti money laundering and KYC. No secret Swiss accounts for Americans.

But Biden is doing more than that. He’s going to tax any company doing business in the USA even if domiciled outside the US. He promised it before elected and the other day. The EU wants to do this too to American companies. https://www.cnbc.com/2021/04/07/biden-tax-plan-recaptures-2-trillion-in-corporate-profits-from-overseas-treasury.html

Everyone knows this is going to happen. Both sides of the aisle want it.

Trump even gave American companies amnesty and some Big Tech took it. Now the EU will try to grab that money and the US will too. Primarily impacts American Big Tech.

I’m a realist, not an idealist. It makes my job easier when I know the constrains of what I have to work with. I cannot afford to ignore or pretend something is not happening. My job is to be prepared.

Hmmm April 8, 2021 7:44 AM

@all

One more point. Banks know who is buying cryptos. You buy it through PayPal or Venmo that is coming out of your bank account, but your bank knows ultimately where it is going. Banks have the data whether those consumers procuring cryptos can afford to lose it. If they could it wouldn’t concern Dimon. There’s a saying on Wall St “only invest what you can afford to lose”. It becomes problematic for banks primarily if their customers are risking more than they can afford.

There’s hard data out there. Your bank knows more about you than the government can ever hope for. And many of them keep that data locked up tight, except if you use apps. Then you are broadcasting your private data.

Question with signal, at what point does the encryption kick in? After you hit send? If that’s the case, there’s no privacy because the clipboard scrapes with each keystroke.

I’ve noticed some banks are more protective with data than others. I give Chase a 10. I give American Express a 4. They broadcast your data knowing it will be scraped. So do other banks, but AMEX is purposely trying to hurt customers because they even include unmasked sensitive data in email that they know is insecure. There’s laws about that. Your bank data is required to be encrypted. Some don’t pay attention to this law.

Winter April 8, 2021 8:03 AM

@hmmmmm
“All foreign banks doing business in the US comply with US bank laws for anti money laundering and KYC.”

All foreign banks doing business in the developed world do so.

“No secret Swiss accounts for Americans.”

That has been a fact for years.

What is happening is that all crypto currency that cannot be traced to a kyc account is blacklisted.

Hmmm April 8, 2021 8:41 AM

@Winter

So why all of this concern about the privacy of Signal and Crypto when we know it’s not private, at least in the US?

It’s an app. They’ve all been busted for scraping. It is not that Signal is untrustworthy, it is all of the other apps on your phone and the device itself. I look at technical solutions holistically.

My concern about data privacy is from the data protection perspective. In my view there’s no way to protect data without first assuring it is private. Cybersecurity is dependent upon data privacy. You cannot have one without the other.

GDPR is the General Data PROTECTION Regulation. But everyone thinks it is a privacy law.

It seems unrealistic to me to think that Signal has any chance of being truly private without these data privacy laws. That is why Signal and ProtonMail is in Switzerland. No?

Bruce Schneier April 8, 2021 8:54 AM

@homunculus:

Yes, that is a conspiracy. Signal is not a CIA op. I consider it the best, and most secure, chat app out there. And I worry about the government interference it’s inviting on itself by adding a cryptocurrency. I don’t want to lose Signal.

Winter April 8, 2021 8:55 AM

@hmmm
” They’ve all been busted for scraping”

Where did you hear about Signal scraping? I never heard of that.

“So why all of this concern about the privacy of Signal and Crypto when we know it’s not private, at least in the US?”

How so it is not private in the USA now? There are plans, but nothing is real now. And how is Signal not private?

“GDPR is the General Data PROTECTION Regulation. But everyone thinks it is a privacy law.”

The GDPR does not protect data as such, only data that leads to, or identifies, a human individual. That is actually Privacy: Being able to hide information about your person or actions from the public.

not moxie April 8, 2021 9:07 AM

time for transparency.

moxie and the signal foundation should release all contracts and documents regarding the ponzi.. aeh… mobilecoin deal

Hmmm April 8, 2021 9:16 AM

@Winter

I am NOT accusing Signal of doing anything wrong. I am not making any accusation.

I am asking a question. Apps can be scraped by the clipboard. It’s not Signal that may be scraping. It may be other apps that are scraping. They aren’t necessarily scraping Signal. Apps scrape keystrokes. They capture all.

Upcoming iOS changes will notify which apps are scraping. But if Signal encrypts after you hit send it is not secure from other apps scraping your keystrokes. Unless you never had an app on your device except Signal.

I have found evidence that deleting apps is not sufficient. They don’t ever seem to be truly deleted. Plus the app owner is notified or has ability to see the deletion which is problematic to me.

My next phone will be app and email free. I won’t use it for authentication either. I will keep authentication on another device just for that purpose. I look like a crazy person when TSA makes me take out all my devices. Sometimes I’ve even put devices in my luggage and they don’t seem to like that.

But you see I’m not protecting myself from my Gov. I could care less what they see about me. I’m more concerned with everyone else. And quite frankly I’m all about protecting my employers too. Compromised employee is a compromised employer.

Hmmm April 8, 2021 9:31 AM

@Winter

I also suspect that device notifications (ie: message alerts) are scraped by clipboards too. So it’s not only an outgoing communication that can be scraped. It’s incoming too. At least the header and first few lines. We need more insight into what the clipboard picks up.

I disabled all notifications and found after doing so I stopped receiving messages from my vendors that like to leak my data. I suspect some might be paid to surreptitiously leak protected data. They are circumventing existing laws by doing so.

I think this clipboard issue is a problem for big business too. Most of the spying going on is not about consumers. Consumers are the conduit. They are after our employers and their IP.

Winter April 8, 2021 9:45 AM

@hmmm
“Apps can be scraped by the clipboard.”

Your phone/tablet is a public place. You should not use it for things you want to keep secret. There are guides for how to communicate given your threat model. Look for advice for journalists and (human rights) lawyers.

Never take your phone to a place where you want to be unnoticeable.

That said, Signal and Tor are nice when you want to protect yourself from people or organizations with limited resources, e.g. OSint, or limited interest.

Goat April 8, 2021 9:48 AM

Re:”I also suspect that device notifications (ie: message alerts) are scraped by clipboards too.”

@Hmmm, It may also be due to google push service, google is an advertising company

Clive Robinson April 8, 2021 10:01 AM

@ Hmmm, ALL,

But if Signal encrypts after you hit send it is not secure from other apps scraping your keystrokes. Unless you never had an app on your device except Signal.

Signal is not, nor is any other secure messenger application, banking/finance application, nor any other application secure from this sort of attack even if it encrypts key stroke by key stroke.

The design of Operating Systems lends themselves to the use of “Software shims” in the I/O and User Interfaces. Such OS’s also lend themselves to “end run attacks” that connect the insecure comms end point around the security end point in the application.

All apps with such OS controled I/O are vulnerable to such end run attacks, thus all mobile devices and consumer electronics are insecure by default and adding a “secure app” makes no difference to it.

The only way to improve the security of such devices is to take the security end point off of them in such a way that there is no way for an attacker to get at the plaintext or metadata of mrssages.

That is in some respects a non trivial excercise that nobody so far as I know appart from myselh has even remotely considered doing on consumer Smart devices or computers. For the very simple reason people want the illusion of security not the actuality, especially when it interferes with convenience.

Which is why I can confidently say that as secure as the supposed “secure messenger apps” are in the communications path, they can not make a secure system as their security end point is very much in the wrong place.

Now personly I care not a jot if users believe me or the hype, that’s their choice not mine. What I can and do, do is to “not play” the stupid game of “my app is more secure than your app”.

Two things arise from this,

1, I do not use secure messenger apps at all.

2, I find it very ironic that the man who in theory owns WhatsApp uses Signal for his personal communications.

As I said the other day he’s “Not prepared to eat his own dog…”.

As for why I refuse to use secure messaging apps… Hopefully it will get those who feel they must communicate with me to think, especially about what they send me as I chearfully remind them “It’s more than just a post card, the postal workers might read, it’s a mobile advertising board shouting out your message to the world.”

Do I do secure communications yes, but that is where I have a duty of proffessional confidence and it’s done in ways I’ve reason to believe are secure if the correct procedures are followed and people do not betray themselves to third parties.

@Winter April 8, 2021 10:05 AM

@Winter

I am not concerned with keeping secrets. My focus is Cybersecurity. I protect companies for a living and the whole BYOD is problematic for companies requiring security. There is no hope of privacy nor security so long as this scraping takes place.

The US Gov had to replace DHS employee phones recently due to this. People think that encryption is the solution. But it won’t work for 99% of the people. It is disingenuous for Signal to pretend it is secure as a plug and play app.

I’ve worked with CISO who use Signal on they personal phones for corporate business and think it is secure. While signal may be secure, the device is not. 99% of those using it don’t get that. I

Winter April 8, 2021 10:32 AM

@hmmm
” I protect companies for a living and the whole BYOD is problematic for companies requiring security. ”

I understand your pain. But perfect security is, like anything perfect, unattainable.

You should construct threat models and aim at securing against those. Humans are the weak link and all that. Compartmentalization, Need to know, security in depth, etc. etc.

But you probably know all this much better than I do.

Still, smartphones are like designed to be insecure. I have yet to hear from anyone who thinks she can secure a smartphone.

Hmmm April 8, 2021 10:46 AM

@Winter

Corporations and the Government need a new type of phone for high value target employees. Employers bought into let’s add MDM on employee devices so we can spy on them all the time. Never did they realize that spying would compromise their security too. Once you open that door, you cannot control who comes through. I worked for only one smart employer that taught employees how to protect themselves. They secured against insider threats other ways without compromising their employees. But we’ve gotten to the point where the people in Cybersecurity today either have no clue or no ability to speak up.

Ultimately I hope vaccines work and everyone goes back to work. But there are those of us who are thinking about the additional security required if we don’t.

Most cell phones only work in office bldgs through the corporate WiFI. Now with work from home it is so dangerous having an employee with Nefarious apps on their phone sitting on Teams all day.

I’m not calling Signal nefarious. I’m of the mindset presently that they all have no place in corporate America or WFH environment.

noone+srube April 8, 2021 11:28 AM

@winter Yes, I know. I think its more about the issue that the people at Tor do not only work for Tor, they also have meetings with FBI and CIA guys. And they might discuss vulnerabilities with them so they can exploit them.

Theres another point Levine makes: todays debates are too much focused on technology and not policy. “Crypto cult” seems to be a far rightwing thing, if you believe him. He accuses that Snowden was more like “Use Signal” and not “get active in politics and make this world a better place where police and secret services dont have so much power”.

And the latter is a valid point, in my opinion. Its extremely important. This topic got also covered on this blog. Or look at Shoshana Zuboff’s opinion: She is also for finding a collective solution, not an individual ones like paranoid people like you and me follow.

Its also about that people develop a kind of cargo cult where apps save their lives and get obsessed with opsec.

While its evident that Levine doesnt like nazis, he at least sympathizes with communists or socialists.

In my opinion, using Signal is like driving a belt while sitting in a car. Doesn’t make you perfectly secure, but is an improvement. Now, we have to implement regulations that all cars are manufactured with belts.

@Hmmm there are “secure”, hardened smartphones like cryptophone.de.

Regarding android theres already work that only apps can read the clipboard or record something if they are in foreground. No need to be paranoid here. You complain that “normal” phones are not secure enough – you can find many pledoyers on this blog about regulation to make all mobile devices more secure. I think this is the best “solution”.

Winter April 8, 2021 12:22 PM

@nooone+drive
“And they might discuss vulnerabilities with them so they can exploit them.”

Evidence please.

” “get active in politics and make this world a better place where police and secret services dont have so much power”.”

GDPR+. That is what I have said for years.

Amelia April 8, 2021 12:54 PM

You misunderstand me. I see no good reason to tie the two functions together in a single product, for the reasons I outlined above.

In relation to this, and the two comments about forking, I can see a reason—but it’s not “good”. The reason is that Signal has set itself up as a cryptographic identity provider (kind of; they rely on the phone network too). People need to know they’re sending money to the right person.

Marlinspike et al. have been openly hostile to the concept of interoperating with other software, such as Signal forks. (You can fork Signal, but then your forked software won’t be able to communicate with people using the official version of Signal.) Maybe they could release their own cryptocurrency app and give themselves a backdoor to use Signal’s identity services. Otherwise, it’ll be as inconvenient as any other “out-of-band” currency transfer service. Another agreement to read and understand (repeatedly, as they update it); another entity collecting personal information (possibly banking information—Paypal in particular is not to be trusted with such, and what about the unbanked?). Likely multiple such services, because the sender and recipient have to have one in common. They’ll have to negotiate this and share account details over Signal or whatever. Overall, a bit of a pain in the ass. They might as well use cash if they can meet in person, and then no business gets to extract a fee.

And, hey, the Signal people like money. They can’t straight-up charge money for the app, ’cause then a bunch of people will switch to something else, and even the willing buyers might switch after their friends do. In-app advertising will similarly alienate people. Cryptocurrency is an easy way to get money, from users and also from venture capitalists who see it as “hot”. So, that’s a second reason, with nothing “good” for the users.

Jeff April 8, 2021 2:40 PM

Amy Castor showed that MobileCoin primarily benefits Binance and some VCs. Binance is (in)famous for pump and dump scams.

It’s plausible MobileCoin might not become a pump and dump scam, but one should avoid supporting Binance’s endeavors on general principle.

We should clarify that MobileCoin is clearly centralized, since they simply trust three privileged servers. If you trust authorities so much then simply adopt Chaum-ian blind signatures like GNU Taler, which provide cryptographic privacy and run even faster.

In this vein, Intel SGX gets broken multiple times per year, blackhats, spies, etc. have stacks of exploits, so worthless for privacy. Arguably MOB having only three nodes provides privacy, except three sounds weak against nation state hackers.

If you honestly trusted SGX, TrustZone, etc. then you could build and deploy the obvious payer-to-payee trusted hardware solution which requires zero infrastructure. You’ve privacy like cash, no chain, no servers, etc., just everyone’s TEE trusts everyone else’s TEE.

Anyways, we’re left with only MOB’s non-succinct ring signatures. I’d love it if anyone works out the ring size and membership, but anything non-succinct leaks lots when used inside a blockchain.

I’d expect MOB’s privacy for repeated payments turns out weaker than gmail-to-gmail plaintext emails, simply because google has good security people and small-ish ring sizes fare poorly for repeated payments.

humdee April 8, 2021 2:47 PM

@bruce.

Tired of the idle cryptocurrency bashing from you. Let’s take it as a given that CC is stupid. What now? Bitcoin is trading above $50K. Coinbase has gone public. Signal now wants to jump on the fad. So what now?

CC may be a stupid idea but it has become obvious that institutions are backing this stupid cultural experiment. So what now? Does this backing from traditional trust centers degrade those institutions or power up cryptocurrencies?

All we seem to get from you is pearl clutching and hardwringing.

TBH the speculator in me is sad that I listened to you and missed out on all those easy riches. That is water under the bridge. Where do we go from here?

Etienne April 8, 2021 3:27 PM

Mark me down as highly disinterested in cryptocurrency.

I am against cryptocurrency, because it already takes more energy than Cuba generates, it is nearing what two nuclear power plants can provide.

Anyone dealing in cryptocurrency is gambling on astronomical leaps in power technology like fusion on every corner, and massive drilling into middle-Earth magma.

Clive Robinson April 9, 2021 2:40 AM

@ SpaceLifeForm,

If it is free and easy to use, it likely is not really secure.

Kind of true in an ironic kind of way… But first “To set the scene”,

“You are stood on a narrow road between The Land and whence you came. To the north and south are the small foothills of a pair of majestic mountains, with a large wall running round. To the west the road continues, where in the distance you can see a thatched cottage opposite an ancient cemetery. The way out is to the east, where a shroud of mist covers the secret path by which you entered The Land.”

Originally a quote from the first true MUD[1]…

IT Might be appt for the cover of Intel’s book on SGX if they ever get it together[0] which they still have not for various reasons.

It is however an appropriate quote to use when talking about Secure Enclaves, for more than one reason. Firstly it could be seen as a “Here be dragons” warning which is appt enough. But secondly that people still get system memory security baddly wrong because they make assumptions about it for some strange reason. Why I realy don’t know, after all it’s a known Class of vulnerability from the 70’s if not earlier[2].

[0] Anyone trying to understand Intel SGX is going to have a rough old passage getting to know the lie of the land… Other’s have tried to detail some of it,

https://graphene.readthedocs.io/en/latest/sgx-intro.html

Their first paragraph likewise helps set the scene for the drama to follow…

[1] The Essex University MUD game from oh a life time or three ago running on a Dec PDP-10, available to some on dial up who aimed for immortality as a Wizard or Witch (it was an equall opportunity MUD, and “Sue the Witch might have been a Jonny Cash fan[3]) some of whom later would drop a cat on you just for fun…

[2] The thing about MUD was it exploited a security fault in the DEC PDP-10 that Roy Trubshaw had found. You can read about it hear,

https://www.filfre.net/2017/12/games-on-the-net-before-the-web-part-2-mud/

That such a potential security fault existed in a modern computer back in 1977 was quite a shock to many people then… The funny thing is getting on for half a century later similar faults in hardware design are still occurring in computers, Intel and AMD both adding their share. When I say “this was known about in 70’s” this is just one example, there are others, I found my fair share of in the 80’s with Prime and various *nix platforms including Perq. Likwise in the multiplexed terminal system developed for AT&T Unix Sys 5 RV 4 that I purchased in the 1990’s.

[3] One of Johnny Cash’s most well known songs is “A Boy Named Sue” he first sung it in front of possibly one of the toughest audiences around,

https://en.wikipedia.org/wiki/A_Boy_Named_Sue

Oh as for Sue the Witch, it is rumored that during the day he was called Jeff…

Tatütata April 9, 2021 11:55 AM

Regardless of whether cryptocurrency support could be technically be integrated safely with a comm app such as Signal, such a move would be perilous as it provides a ready-made excuse to censors and bullies for attempting to control or shut down the channel, on dubious grounds of money laundering, forex control, criminality, and suchlike.

Hyolobrika April 9, 2021 8:04 PM

How does adding a cryptocurrency to an end-to-end encrypted app muddy the morality of the product?
I get your point about regulatory attention.

Clive Robinson April 10, 2021 5:04 AM

@ Tatütata,

such a move would be perilous as it provides a ready-made excuse to censors and bullies for attempting to control or shut down the channel

It’s actually an easy risk to mitigate.

As I noted above, the trick is to provide a mechanism to trancport “any” currency, not a locked in mechanism to transport only a suspect crypto-currancy.

That way you provide the equivalent of a “common carrier” significantly minimising the risks your service provides to what is managable.

But more importantly you avoid all the risks of association or identification with a questionable currency. You also avoid all that banking, lending, securities, money laundering, etc legislation that very few people realise how easy they are to transgress thus give not just an excuse to take action but a method to smash down hard on all involved.

It is very very unwise to provide “stored value” systems even banks etc get it wrong, but they have the reserves and stature to ensure they get only fines and the fines are managable (except in Iceland where jailing bankers almost became a competative sport).

There are only a handfull of tech companies with the reserves. But they have no stature in finance and are certainly not anywhere close to being a “too big to fail”. Thus they represet little risk that can be used for effective counter barganing.

Even the sociopath in charge of Facebook realised that, which is why he tried to partner with financial organisations, who having looked at the risk/reward split of the deal he was putting on the table smiled politely and declined rather definitely.

If Moxie and those behind him think they are any smarter, than I suggest they rather rapidly reevaluate their position…

No doubt that is why some people think it is actually a “pump and dump” activity similar to that the likes of Hedge Funds routinely do to tech company stocks.

I guess the question is,

“Is there sufficient cause for the proboscis of the genus Camelus that is possessed by the SEC to start not just sniffing along the hem of the skirt, but forcing it’s self intrusively via the rear entrance flap up into Signals tent?”

I guess we will have to wait and see.

Joe April 10, 2021 7:52 AM

@Bruce Schneier:

It’s not just that blockchain is just plain stupid.

Wow. This is a (refreshing) view that I have not heard expressed often from a heavy hitter like Bruce.

SpaceLifeForm April 10, 2021 6:30 PM

@ Clive, ALL

Some dots to ponder.

EncroChat used Signal protocol.

How did that work out?

Clive Robinson April 11, 2021 3:38 AM

@ SpaceLifeForm, ALL,

EncroChat used Signal protocol.

Yes they did… and,

How did that work out?

The sysyem failed very badly in exactly the ways I said it would long before.

What the EncroChat developers did is what I’ve repeatedly been saying you should not…

That is they put “user conveniance ahead of security” by “alowing the communications end point to have reach around the security end point”.

Which by the way is true for all Signal systems as far as I am aware (and all other current secure messaging apps as well).

So whilst it is true that Signals very limited communications security did not fail, just about everything else with Signal’s use did in the worst possible ways.

Thus the overal “Signal based system” as I’ve repeatedly predicted failed misserably and people are receiving significant harms because of it[1].

Hear we have exactly the same argument fleshed out to an article size,

https://www.techdirt.com/articles/20210331/21563346529/new-info-about-encrypted-messaging-service-bust-shows-signal-protocol-is-still-secure-law-enforcement-can-still-bypass.shtml

However what the article does not say is that,

All current secure messaging apps as currently deployed fail this way

Yes read that again till it sinks in.

That is this is not an “instance break” of great difficulty by clever authorities we are talking about but a fairly simple and very predictable “class break” which currently includes simple instances for all consumer systems using communications encryption.

So untill developers move the security end point beyond the reach of the communications end point they will all be vulnerable, as will the users.

@ ALL,

I’m sorry if I sound like a “stuck record” on this subject, but untill people learn to strip away the hype of the application developers from the reality of secure system design and usage, then headlines about criminals and FBI claims that everyone who uses encryption is a criminal are going to be the least of your worries.

If you want security, then invest some time to master the simple basics, because this problem with all consumer secure messaging apps is about as basic and simple as it gets.

There are even jokes about “end run attacks”, like the vault/safe door on the front of a tent, a lone 50ft fence post, and back in the early 1970’s the now “not fit for work” non PC satirical Mel Brooks movie Blazing Saddles had the “toll gate” scene about incorrect thinking on security (search you tube for “Blazing Saddles toll gate” but don’t say you were not warned about language).

[1] Yes the media have hyped the FBI line that all users of encryption are criminals, but we actually know that some of those EncroChat users were not criminals but people with either a “Duty of care” or a “Duty of confidentiality” trying to do the best with the legal requirments laid upon them. And that’s before we start talking about journalists and whistleblowers and those who’s lives are in even more danger. They need honest real security, not the at best intellectualy dishonest hype that Moxie and similar put out.

Winter April 11, 2021 6:50 AM

@Clive
“I’m sorry if I sound like a “stuck record” on this subject, but untill people learn to strip away the hype of the application developers from the reality of secure system design and usage, ”

Untill there is a fully secure communication system available to the masses, the masses have no choice but to use the means that are available to them. Signal is not perfect, but breaking it is more work, and therefore gives more protection, than breaking no protection. It all depends on prudence and opsec.

In Roman times, representatives of the “state” could hunt down dissidents through the whole empire on horseback. That is no different now. And then, as now, the prudent schemer and criminal could lower risk of detection and arrest with good opsec.

We all know by now that Smartphones are a liability. But every politkcal activist, spy, or criminal needs to communicate. So what are the options when you know even RFC 1149 (or for that matter RFC 2549) are not secure from interfering?

Dirk Wemhomer April 11, 2021 10:08 AM

@Stephen Deihl

Just do one thing and do it well, be the trusted de facto platform for private messaging that empowers dissidents, journalists and grandma all to communicate freely with the same guarantees of privacy.

Actually Signal fails the grandma test because of its exclusivity. Nothing is more important to grandma than including everyone in the conversation. Signal excludes those without mobile phones and also those unwilling to share their mobile number with an organization.

Wire passes the grandma test, not Signal.

Clive Robinson April 11, 2021 5:01 PM

@ Winter,

<

blockquote>Untill there is a fully secure communication system available to the masses,

There is and has been for atleast half a century prior to the development of the original cellular radios. I’ve repeatedly explained the process required with the simple to understand use of a secure paper and pencil cipher[1][2]

The problem is the majority of users do not want to learn to do anything more then press a button or say the word “send”.

Thus it’s the pandering to the whims of “convenience” that stops thete being as much security as you would desire, nothing else.

So people get the illusion of security not the actuality of security with these apps.

Worse though they only find this out when the “midnight knock” happens or their loved ones find the person has “disapeared” or been found “suicided” or “double tapped” in some out of sight place, or draged outside by security services and executed violently and messily as a deterent to others. All of which and more have happened in very recent times.

Security is not a “convenience” and never has been and in all probability never can be, you have to work at it. Because security needs work, in turn privacy needs work, and in turn so does liberty that rests upon them as foundations.

Benjamin Franklin nearly three centuries ago put pen to paper and wrote,

“They who can give up essential Liberty to obtain a little temporary Safety, deserve neither Liberty nor Safety.”

Understood the notion of what was required. Thus today “safety” could be replaced with “concenience”.

[1] I used as an example the One Time Pad (OTP) which is both simple to inderstand and simple to use securely and has been for nearly a century. Whilst the OTP has many failings for the incautious, they are well understood. Unlike the myriad of failings of more convenient electronic devices. That is not to say you can not use seperate electronic devices/tokens[3], but you have to understand what you are doing and that is way way more dificult with electronic devices involved (see TEMPEST and EmSec rules for Red/Black seperation for Passive EmSec and how to screen etc against Active EmSec).

[2] https://www.schneier.com/blog/archives/2020/01/mailbox_master_.html/#comment-344813

[3] See the use of optically issolated TFC hardware security system, Marcus Ottela, developed with a little assistence of this blogs “Usuall Suspects” of the time,

https://github.com/maqp/tfc/wiki

Security April 12, 2021 3:06 AM

The brightness of the spot from the laser beam depends on the laser power and the reflectivity of the surface. At the same power, the human eye is the most sensitive in the green region (wavelength 520-570nm) of the spectrum, which seems to be brighter than other colors. The sensitivity of red or blue wavelengths is decreased.
high power fiber coupled laser diode

Rachel April 12, 2021 4:45 AM

Moxie did an interview with Joe Rogan not long ago. Joe made a point of expressing his use of and love for the app thus probably influencing about 1 million extra downloads after the interview

Honestly it was a mostly uninspiring interview. The technology and social media zeitgeist was touched upon in occasionally interesting ways.
Joe [almost] losing his temper with Moxie over a game challenge and Moxie discussing sailing briefly were the highlights.

Moxie was harrassed by border security for passwords every single time he flew for two years, and quickly learnt to stop flying with any tech.

Moxie did comment on the phone number broadcast component of Signal. I think Joe Rogan asked him about it. It’s simply the functionality of the app. Using a contact list for point to point identification is part of the design ethos of relying on inhernet phone functionality.
It is deliberately considered.

Operating instead via a univresal search function to connect with other users, like a social media app, is intrinsically more complex and yet, they are working on it, but it’s harder to do. (he said)

One thing I find challenging is the option to have a recovery password, automatically backs up the contents of the account, Google style. Except the user is not informed this is whats happening.

And, the new imminent update offers a seamless transfer of the account contents to a new device. I’m confused by this.

It’s entirely, entirely possible, even likely? Some unpleasant characters in sunglasses and balaclavas bumped into Moxie one rainy San Francisco night, and advised his future was more interesting than he had planned.

Moxie, you can have the sealed envelope containing the plans for side channels, gradually rolled out over 24-36 months. This envelope is attached to a briefcase stuffed full of unmarked bills Or, his loved ones could be introduced to a $5 encryption breaker His choice.

RE: fork. Moxie has refused and discussed reasons for refusing a repo, it’s functionally not possible

Rachel April 12, 2021 4:56 AM

Thanks for the nod to TFC, Captain

I hope you are feeling well. Wishing for you an influx of warmer elements of a seasonal variety, and otherwise, to support you increasingly, consistently and indefinitely

Anyone using TFC? Success and pleasure? Or less thereof?

Winter April 12, 2021 10:40 AM

@Clive
“the simple to understand use of a secure paper and pencil cipher”

When I am up to a murderous nation state, e.g., Vlad the Poisoner, I will write with a hard pencil on paper on a glass mirror (Stasi style). But then how to get it at its destination?

But to communicate with my family, I take Signal as currently sufficient.

Clive Robinson April 12, 2021 11:33 AM

@ Rachel, ALL,

Thanks for the nod to TFC, Captain

As it is about the only remotely secure way for “consumer class” people to communicate, I would be remiss in not mentioning it.

However good as it is, as always there is room for extras, and Marcus is working on them.

I just wish the hardware components of the optical isolation were more freely available for a couple of reasons.

1, Not every one knows how to wield a soldering iron or probes of a volt meter even if they have access to them.

2, Anything looking “hand made”, “home made”, or “maker made”, is just an “OMG Uni-bomber alert” to poorly trained not particularly with it security personnel, who sometimes let their fists or guns do their thinking[1].

It’s why in the past[2] I’ve suggested incorporating the likes of SPDIF via TOS-Link that musicians and upper end home audio people have been using and still do for four decades and there are international standards for. As a “dual use” item it should when pluged into musical instruments and audio equipment works as expected even with off the shelf equipment as long as it is standards compliant. Put it in a nice case with a snazzy product name[3] and those that can not think in the way most ordinary consumers do will at least see it in a different light to what they think is a bomb trigger or some such.

Perhaps oddly, the increased use of computers to replace midi-instruments has made USB interfaces appear on quite a bit of Semi and Pro equipment these days, so it’s much less suspicious than a couple of decades ago[4].

As for Moxie and his sailing, well he has been known to make a sail craft from “building supplies”[5], I’m sure there must be a horizon with a glorious sunset with his name on for him to sail towards.

[1] Yes even in Europe when traveling by train you get those who’s sole enjoyment in life appears to be deluding themselves they have some kind of power over others, and not realising that most know there is an inverse relationship between that sort of behaviour and what most would consider “social intelligence”.

[2] https://www.schneier.com/blog/archives/2016/12/friday_squid_bl_556.html/#comment-289155

https://www.schneier.com/blog/archives/2018/02/friday_squid_bl_613.html/#comment-316707

[3] But perhaps not “Strato Blaster” even if it does look like a guitar effects peddle 😉

[4] As well as XLR/DIN connectors for “direct audio” many have USB interfaces for “Sound Blaster” or equivalent sound card interfaces, that can also have a serial port for control and setup menus these days.

[5] When I used to build boats and canoes, I tended to avoid “builders merchants” for my materials as you realy do not need to try making a boat mast and frame with “Knotty pine” or similar junk they will push at you. Whilst Marine Chandlers were on the face of it more expensive, by the time you factored in not just “wastage” but the increased use of materials making scarf joints and similar and double or tripple the man hours it eas not a saving. Also you can see why, when making a sea worthy vessel on which your life would depend, perhaps doing things “on the cheap” via a builders merchants tat is not perhaps the way you should go.

Clive Robinson April 12, 2021 1:35 PM

@ Winter,

When I am up to a murderous nation state, e.g., Vlad the Poisoner…

It’s not just Vlad you need worry about. Most Western governments have a “Dept of Dirty tricks and wet work” tucked into their alleged Intelligence Community, to deal with those considered undesirable.

Likewise many other nations who might employ the likes of the Butcher of Riyadh to chop up journalists, or just out-source such work via ex-government military and police of Argentina, Chili, and many other nations, run by juntas, dictators, tyrants, etc, many of whom were originally trained by UK, US, Israeli, French, etc personnel for “politicaly desirable” reasons.

As others have noted, our civil society is being dragged backwards in many ways by what are in effect extreamists masquerading as conservatives, religious leaders, conspiracy theorists, or fringe politicians. That have managed to worm their way into legislatures and even the judiciary.

Thus with technology giving them “collect it all” and next to no cost storage, in effect they have a “time machine” by which to go back and select those to be used to set examples of. We’ve seen this go on in the US where there has been “The War on being not White and Right” similar in quite a few European Nations where an Orwellian tactic of creating a popularistic hate group mentality alows the striping of privacy, rights and even fair trial, in order that new more draconian powers of control can be implemented (look at what is going on in the UK for instance with BoJo’s new legislation drive, designed to make him another Vlad).

Which brings us to,

But then how to get it at its destination?

You could start with the tried tested and still fully workable old school “field-craft” I’ve mentioned it before and how it can with care be modernized.

But you do not need to go to the lengths of dead letter drops etc[1]. AS I’ve mentioned before there are ways that are as secure as the OTP that can be used in not just “Open Communications” but “Broadcast Communications” under the eye of even the most eagle eyed of censors and Intelligence personnel and will remain secure indefinitely unlike the majority of determanistic systems.

Thus such Open Broadcast Systems are only realy going to fail you by “Human failing”, either yours or the second party in a communication. That is by either party being “turned” or willfully “betraying” the other party in the communication.

There are even ways to deal with this but I’ll leave others to say what they are, they are not difficult to work out (when you know one instance in the general class).

The more important thing is to actually minimise any damage all communications can do to you or others. One way to do this is to reduce correlation of communications to other observable actions. This is a more intetesting part of “Traffic Analysis” which is pretty much all about seeing correlations or even causation in things carried out by those you observe. Or by creating correlations with other things that are effectively innocent activities.

There are also methods by which the first party in a communication can check the fidelity of the second party and there is OSInt on how to do this in various publications, which are not that difficult to obtain.

If you do read them, then you might well consider again,

But to communicate with my family, I take Signal as currently sufficient.

Like the usage of Tor the use of “secure message apps” marks you out from the herd. Whilst it may not be enough to put cross hairs on your back most prosecuters would use the fact you use it to paint you as a criminal or worse. Especially with the likes of the FBI and DoJ and other nations equivalents alread publically saying “It’s only used by terrorists and criminals” as the recent statments around EncroChat phones has shown.

In other words you already have not “The Mark of Cain” but of Diablous on you, as far as those that believe they carry the mark of Angelus…

[1] Unfortunately the likes of Amazon with it’s Ring system is making old school field craft much harder than it used to be. In effect they are another “Collect it all” operation. Though what is not clear is how long they keep it for, thus how far back their “time machine” will reach. It’s probably wise to assume that it will be atleast seven years capacity.

JonKnowsNothing April 12, 2021 2:14 PM

@Clive, @Winter @All

re: a “time machine” by which to go back and select those to be used to set examples of.

Marcy Wheeler has an interesting analysis of how the Home Videos of the January 6, 2021 Capitol Melee participants is being used to build cross-connections between the people inside the Capitol that day.

Per the analysis, the FBI is using the Home Videos for evidence. Basically A took video B, B took video C, C took video D….

FBI arrested a bunch of people on Friday [04 09 2021] who took video evidence of key sites of acute investigative interest

This way the LEOs/FBI do not have to declare any of their own surveillance methods while building a nice video library on everyone who was there on that day.

ht tps://www.emptywheel.net/2021/04/12/arresting-your-way-to-discovery/
(url fractured to prevent autorun)

SpaceLifeForm April 12, 2021 4:18 PM

@ Rachel

And, the new imminent update offers a seamless transfer of the account contents to a new device. I’m confused by this.

I suspect new device may not mean YOUR device.

It’s entirely, entirely possible, even likely? Some unpleasant characters in sunglasses and balaclavas bumped into Moxie one rainy San Francisco night, and advised his future was more interesting than he had planned.

That is my theory. About one year ago…

https://www.reddit.com/r/signal/comments/gfzzc0/signal_forcing_a_pin_to_be_created/

lurker April 12, 2021 4:45 PM

@Clive

…in quite a few European Nations where an Orwellian tactic of creating a popularistic hate group mentality alows the striping of privacy, rights and even fair trial, in order that new more draconian powers of control can be implemented…

You can see that, I can see it, many who read this blog can see it, but the masses can’t. Why? MSM must be assumed to be drinking the Koolaid. It can’t be sheer laziness that causes them to always finger CRINK[1] as the bogeyman.

re: Broadcast Communications
A well known example would be the WW2 BBC “personal messages”, but that’s for state level actors. I suppose there are still people employed by MI(n) to read and analyse the Personal column in the Times…

[1] China, Russia, Iran, NthKorea.

randy April 12, 2021 10:25 PM

Question about Signal & Moxie Marlinspike:

The Wikipedia article on Moxie says that “In 2010, Marlinspike was the chief technology officer and co-founder of Whisper Systems,…”.

Is this the same “Whisper” that the Guardian newspaper revealed (link) was sharing user information with the US Department of Defense?

Rob T April 12, 2021 10:47 PM

Bruce,

I get why you say “blockchain is just plain stupid” – and it probably is for currency purposes – but isn’t it possible that it is clever for some use cases?

Like Corda or generally something that needs information persistence?

xcv April 12, 2021 11:14 PM

A well known hacker from the bad old days. I wouldn’t pretend to know if it’s a real name or a showbiz trade name (?:he|she|it|they) go by “on the scene” — not to question his identity if he’s a man, but the name’s a bit much oversold, and I’m pretty sure there are other people of different genders and artificial versus natural intelligence involved in the Moxie Marlinspike production.

I think this is an incredibly bad idea.

And for calling that out, Bruce Schneier is coming off with the better name.

Rachel April 13, 2021 1:08 AM

SpaceLifeForm;
Clive

I suspect new device may not mean YOUR device.

Funny! And astute! Thanks for thusly veryifing your LifeForm identity.

Good of you to link to that Reddit feed there are a number of commentaries for the enquiring. It’s entered popcorn territory for me. I’m grateful for Mr Schneiers public stance; wonder what Matt Green has to say.

I had never seen Moxie speak prior to the Joe Rogan interview.
He seems just like a nice, gentle, guileless curious kid, to the extent the fact of his clearly brilliant mind is barely or not at all betrayed.

Clive nice comments about wood & boats. I’ve had some exposure to that world and all agree it is thoroughly addictive. A subject that actually manages to be mostly on topic, on this blog, in some wierd way

Moxie explained he picked up abandoned crafts on lien at marinas due to be auctioned, minimum bid USD$50 required. Then restored them, and sailed them long distance with no electronics.

Of the few manually operated devices required to, hopefully, remain alive, one was utterly fascinating to me and perhaps you know the name of it. It measures distance, via a propellor that is permanently spinning, and a piece of string constantly fed therein.

With love xx

Rachel April 13, 2021 1:13 AM

xcv

Am sure I you are saying something entirely reasonable and pertinent but having trouble persuing your lead. Are you referring to Moxie?

Is yours insight en par with the say, many of people masquerading as the Jolly Roger back in the day?

SpaceLifeForm April 13, 2021 1:59 AM

@ Rachel, Clive

Taffrail ?

Or were you thinking of ‘common log’?[1]

Better known as Chip Log

https://en.wikipedia.org/wiki/Chip_log

Calculation of speed determined by a knotted rope[2] fed out for known time.
And therefore calculation of distance traveled.

https://www.marineinsight.com/guidelines/nautical-mile-knot-units-used-sea/

Building and operating a ship is clearly as treacherous as building a software system.

If one uses bad components, one can sink.

  1. Not to be confused with common logarithm
  2. Hence, Knots

Winter April 13, 2021 2:13 AM

@Clive
“Like the usage of Tor the use of “secure message apps” marks you out from the herd. Whilst it may not be enough to put cross hairs on your back most prosecutors would use the fact you use it to paint you as a criminal or worse.”

With tens of millions of users, many just (high school) students, that seems unlikely.
https://time.com/5893114/signal-app-privacy/

And with Amnesty International advising the use of Signal, I do not see this “only criminals and terrorists use it” argument taking hold here anytime soon. But I probably live in a privileged neck of the woods*. It is no accident that Signal is incorporated in Switzerland.

  • The Netherlands ranks 5th on the World Press Freedom ranking and second on the Personal Freedom Index. We even resoundingly rejected “collect all” legislation in a referendum (I know that the effect of this was “limited”).

Rachel April 13, 2021 4:48 AM

SpaceLifeForm
Clive

Knots?! Awesome!! But you speak of speed. I referred to distance.It was, distinctly, an utterly old school, handheld mechanical device Moxie used. Like, Antikythera Mechanism old school.

Not to be confused with logarithm! I kid, I kid.

Oh my. That’s two priceless moments in one post, SLF. I’ll be watching closely for your trifecta.

Oh I noted via the Reddit you provided SLF there is indeed a git for Signal. So I take it Moxie changed his tune on federation. Admittedly those blog posts by him on the subject were several years ago. Indeed some of them – for ex. the ones challenging Telgram and offering to help them, I couldn’t find last time I went hunting for them.

I’m not a software engineer. But at the heart, or at one of the several hearts of it, there is a fundamental breach of ethos.

Engineers that orchestrate something like Signal are engineers that understand the same things OpenBSD understands. About simplicity, elegance, about doing just one thing.

As Moxie said ‘Facebook and Whatsapp are designed to keep the user on screen for as long as possible. Signal is designed to keep you on screen for the shortest time possible’.

So, it’s not really just an idle decision we are witnessing. It’s not just waking up one morning and deciding to rip out the kitchen sink and install a science oven, toolbox, multiple CD stack in its place. It’s not just ‘ oh lets bolt on a payment app’.

To actually set out on this road indicates a fundamental neurological circuit break. It’s a major malfunction, Private Pile. It’s like a vegan buying shares in a piggery. It doesn’t just ‘happen’. It’s an irresistable force meeting an unmoveable object. Like, umm, the aforementioned characters wearing sunglasses at night.

Clive Robinson April 13, 2021 6:36 AM

@ Rachel, SpaceLifeForm,

Of the few manually operated devices required to, hopefully, remain alive, one was utterly fascinating to me and perhaps you know the name of it.

As @SpaceLifeForm has indicated the earliest version was called a “log” and it is assumed to have come about from the Polynesian mariners recorded use of the observation of “drift wood” and such to not only have a notion of speed but wind offset as well, such that an estimate of “ground track” or true bearing could be made, not the apparent “water track” of the direction the vessel was pointed in.

The “log” evolved into throwing a heavy lump of weighted wood[1] off of the stern of a vessel and counting out the “knots” which is accredited with two words entering the language. The “log” in which navigator recorded the readings and the distance/time measurment of the “knot” (Nautical miles per hour).

Thus “log” gave us other words and phrase such as “log keeping”, “logging” and “logged”.

But have you ever wondered why Mr Clements used the pen name “Mark Twain”? Or where the expressions “swinging the lead” or “Sounding out” came from?

A not disimilar idea, but this time instead of a log of wood a lump of lead with a flat bottom on which there was tallow or soft candle grease (not wax). This was for taking “depth soundings” to not just help with navigation[2] but to avoid “grounding”. The grease on the bottom of the lead is to get a sample of sea bottom if possible to see if it’s sand or gravel etc, as this to can help with not just navigation but picking a spot if you have to deliberately ground to make more solid repairs to damage below the water line.

Mark Twain was the cry given out for the second depth sounding mark, thus was frequently heard on the shallow water steam boats as they navigated the rivers of the South. Swinging the lead was a derogatory term impkying idle makework. Taking soundings was considered a cushy number and if you thought someone was “being idle” you would say they were swinging the lead. Due to the necesity of taking quick soundings and getting the information to the navigator or captain, the person taking the depth soundings would shout it out hence “sounding out”. You still do this on some boats where the “echo sounder” is at the helm in the cockpit and there is not a “repeater” at the navigators position below decks (or the other way around) and you have to “sound out” through the hatch / companion way. Oh one thing you do need to know very much today is where the echo sounder sensor head is and the density and temprature of the water. Also the “healing angle” and how it effects the echo soundings. I’ve sailed on vessels where the “master/navigator” has taken short cuts across sand bars, because healed over on a reach the keel rises and the sensor lowers, thus you get an extra half meter or so of clearance… It’s not something you would normally want to do but it can cut time down in races, which can make the difference between winning and loosing, and an expensive repair bill if you get it wrong…

[1] The weight was to hold the wood down so it was just about at sea level, so that it was less subject to windage error. Some were triangular boards with a lead weight on one edge and a six foot rope from each corner connected to the main log-rope so it was broadside on, thus reducing the effect of being dragged by the boat and log-rope. Some mechanical logs actually have outrider mechanisms to keep them out of the vessels wake effects. When working in the petro chem off shore industry I occasionaly had need to use rather more complex log devices that were used for surveying. They look like little torpedoes that measure all sorts of things including depth, density, temprature and GPS position, wave hight and length. There water speed would usually be calculated by doplar effects from the stem to stern.

[2] If you look at a “chart” you will see “Charted depths” that act like “contour lines” on it. Which are the depths with respect to chart datum, they are at the mean “Lowest Astronomical Tide”(LAT) on Admiralty charts, and hopefully you will only ever see charts in meters (not fathoms and feet that look the same but are not). Thus if you know the phase of the moon –and sun–, to calculate their hatmonic effect and thus the time of the tide which you can work out via the 12ths rule or more complex cosine rule when sufficiently offshore you can calculate how much water should be beneath you at any given position (back in the 1980’s I wrote a program to calculate tide hights at ports/harbours not on the standard tables using the vector sum of the luna and solar harmonics that then indexed into a correction table for the “oddness” of the port or harbour (a look at Southhampton water and environs can quickly tell you why the table was needed). So if you know the ships true direction (ground track) you can navigate by the soundings alone by following the “charted depths”. To do this you mark the depths corrected to “chart datum” along the edge of a piece of paper adjusted for the vessels ground speed, you then slide this piece of paper around on the chart untill it matches, thus you get your “ground track”. Alternatively and easier is to pick a safe “contour line” –as you do in hill or mountain walking when the weather closes in– and follow it. It is known as “Navigation by line of soundings” to be used in “thick weather” when sightings are not possible. I’ve done this a few times whilst studying for my offshore and yachtmasters tickets way way back. It’s actually quite scarry as there is a whole bunch of adding/subtracting to do. It’s best to make up a table and put in all the steps across the line as you calculate, and do all the tidings at the same time at fixed intervals then take the soundings “stradling” those times. It’s something very very few yachtsmen either learn or bother to use these days, but at a pinch when disaster strikes down from above and all your electronics get fried, it could keep you out of further danger.

Dirk Wemhomer April 13, 2021 9:43 AM

@Rachel

Engineers that orchestrate something like Signal are engineers that understand the same things OpenBSD understands. About simplicity, elegance, about doing just one thing.

I must say Signal doesn’t even come close to having those qualities, because:

  • requiring a mobile phone number drags in an entire unrelated ecosystem of needless surveillance and needless costs, where in the US people’s phone location is openly sold by all carriers, and where in Europe a majority of nations require SIM registration (presenting state ID to get a SIM card).
  • hiding the APK download, discouraging it, and pushing everyone into Google Playstore needlessly drags in yet another surveillance system. Google knows all who downloaded the app from the Playstore, and which version, and tracks their IMEI# as well. Apart from that mass surveillance factor, there is also the targeted surveillance risk inherent in Google knowing who is downloading an app, which bundles in an opportunity to selectively distribute compromised packages depending on who does the fetch.

Signal is messy. The cryptocurrency is just an extension of the same pattern of subjecting users to needless surveillance. A comprehensive list of Signal problems is collected here:

https://github.com/privacytoolsIO/privacytools.io/issues/779

Winter April 13, 2021 12:23 PM

@Dirk Wemhomer
“A comprehensive list of Signal problems is collected here:”

Quite a number of these “problems” noted are “guilt by association” or even invalid. See the comment lower down on the page:

https://github.com/privacytools/privacytools.io/issues/779#issuecomment-471687384

The question is, are messages secure from eavesdropping and are my connections private. The answer has always been: as secure and private as your phone. If your phone is not secure, no communication with it will be secure.[1]

[1] Except if you can talk/speak in an unknown language. A nice story in this context is the use of Navajo code talkers in the Pacific during WW II. A related matter was that after 9/11, US TLAs did not have people who could understand languages spoken in Afghanistan.

Dirk Wemhomer April 13, 2021 3:50 PM

@Winter

Quite a number of these “problems” noted are “guilt by association” or even invalid. See the comment lower down on the page:

I don’t think you linked the comment you intended. That comment has nothing about “guilt by association”, and all the points raised by that post were debunked just two posts below it:

https://github.com/privacytools/privacytools.io/issues/779#issuecomment-471975275

The original post is comprehensive. It broadly covers the privacy abuses that directly impact the user as well as systemic privacy abuses by side-effect inherent in installation and use of the tool.

By “guilt by association”, I suppose you’re talking about how Signal feeds surveillance capitalists. This is where you have to decide if the concerned party is a “privacy for me” person, or a “privacy for everyone” person. If you’re a champion of “privacy for everyone”, then you also care about financing of privacy abusers. A tool that gives me privacy in one situation but does privacy harm to others is like a solar-powered barn for a cattle farmer. The solar panel doesn’t compare to the harm of livestock on the environment. You have to see the big picture.

The answer has always been: as secure and private as your phone.

Even less so, depending on how secure your phone is to start with. If you have deGoogled your Android, removed playstore, and removed the SIM card to harden security, then installing Signal will force you to loosen your phone’s security just to get online with Signal.

And don’t forget that availability is part of security. If you or the other party don’t have a mobile phone subscription, Signal puts the availability to zero.

SpaceLifeForm April 13, 2021 6:03 PM

@ Rachel, Clive

Then I guess you were thinking of sextant.

No string involved.

Useless on a cloudy night.

Rachel April 13, 2021 8:53 PM

Dirk Wemhomer

Thankyou. Your style and form remind me of Clive Robinson. Appreciate your inarguable points and especially the link. We are establishing quite the Signal archive.

Clive

Well how I possibly respond . Thankyou for the wonderful education. Further, I will share your comment with a Captain from Marseille she will very much enjoy it

SpaceLifeForm thankyou. I know what a sextannt is and its very much not the tool in question. Now I’m responsible, for recovering the identity of this device. I will inform you and Clive ASAP.

Actually Clive and SpaceLifeForm.
I am reminded. There is a Danish series known in english as ‘The Investigation’ Spoilers ahead.

One learns by the end, it’s a true story.
About a murder, with the corpse deposited in the ocean.

So, the investigators desperately need the corpose to pin something on the suspect. The route of the vessel and window of time when the body was deposited overboard are known. There are many factors to be correlated to ascertain the present time location of the corpse.
The military divers are not enjoying their task of searching an entire ocean

[reminded me of wilderness personnel search and rescues I’ve been involved in.The instructions something like ‘ 1. Look in the forest. 2. Keep looking. 3. As queries arise, cross reference point 2.’]

Cadaver dogs from Sweden are eventually suggested despite not being considered reliable in Denmark. The dogs are taken out on the Zodiacs, they bark at certain locations, yet no positive finds by the divers. The presence of the dogs instills further confusion and mistrust.

The story unfolds via expert counsel informing;

  • It’s not gases the dogs detect. These travel vertically from the corpse to the surface, rather quickly. It’s body fats the dogs smell. These travel tangentially, at angles – much harder to source
  • it’s not the wind that needs to be measured and plotted, in terms of how and where the fats are travelling and being distributed. It’s the oceanography, the currents themselves. This final insight leads to a full discovery, plus the realisation the dogs were in fact completely correct.

Winter April 14, 2021 1:20 AM

@Dirk
” That comment has nothing about “guilt by association”, and all the points raised by that post were debunked just two posts below it:”

The main objection is the use of common infrastructure, Phones, SIM, AWS, Cloudflare, Playstore. OWS is found “guilty” because they use Amazon, Google, Cloudflare. As with Tor, the more people use Signal, the less information outsiders can extract from the service. Fish are not less secure by swimming in a shoal, or gnu’s in herd, on the contrary.

The question then is, what is the alternative? Setting up your own data center? How secure is that? And how are you to discover contacts to communicate with?

Let us compare this to the perfect system advocated by Clive R. I set up communications from Europe with a contact in the US. We calculate all encryption by hand with pencil and paper. We even exchange keys using PKC by hand. It takes a week or so, but it is safe. Then I send my encrypted message by the mail, as I cannot organize a dead drop in another continent.

Now it is argued my system is insecure, because the mail will register my letters.
https://www.nytimes.com/2013/08/03/us/postal-service-confirms-photographing-all-us-mail.html

My system is condemned because I should not have used the mail at all. No alternative is suggested that can get my letters to the US safe and secure, so the only alternative is not to communicate at all. Which is exactly what the TLAs want.

JonKnowsNothing April 14, 2021 2:39 AM

@Winter @Dirk @All

re: No alternative is suggested …..The only alternative is not to communicate at all.

Noooo… The prime problem is that people continue to use Known Insecure or Otherwise Rotten Systems and STILL PRETEND they are Secure and Sound.

You can use any Rotten System that has ever been invented, and a bunch of those are in history books and written in glyphs, each broken, each unsound and yet… they were used; but NOT for secure or private uses. Everything was expected to be intercepted, and it was and still is.

James Risen, no stranger to having problems with The Surveillance State, wrote an interesting analysis of the practical problems encountered.

tl;dr:

  • You cannot have secure systems, secure communications for any purpose in a surveillance state.
  • And all countries with technology are de facto surveillance states.

Stop pretending it’s otherwise.

ht tps://theintercept.com/2021/04/13/reality-winner-julian-assange-journalism-whistleblowers/

ht tps://en.wikipedia.org/wiki/James_Risen
(url fractured to prevent autorun)

Rachel April 14, 2021 3:08 AM

RE: Signal and vulns such as Google Play, use of a phone number,
payment methods for SIM or IMEI. etc.

A moot point in certain respects but I acknowledge the distinction between privacy and anonymity. Thanks to the Grugq.

From a laywomans perspective everything is, ultimately, privacy. But from a technical perspective there is a huge difference.

Clive has explained approaches {OTP} challenging to incorporate for the laywoman – let alone the friends she wants to communicate with

One approach however advocated by Clive is great. Using code instead of cipher. This means something like Signal can be used
quite succesfully

Wael gave an example of using code out of band. Meaning, the key to the code was actually described within the comms channel (Whatsapp for example) and it still couldn’t be intercepted by collection (in Waels example)

Clive continues by saying real world correlation by SigInt is thwarted by using a phrase to wilfully activate coded conversation or deactivate it again.

I don’t know anything about sports so unfortunately I am yet to acquire an example of a code that can be discussed with another with the depth of complexity the subject of sports provides.
Examples welcomed.

Sports is wonderful if it’s available to the subject as a code though. The potential for subtle innuendo and sleight of hand – some obscure referees name used as slang for a certain behaviour – a certain year of play offs being quoted, as short hand for a certain outcome. Infinite possibility.

Winter April 14, 2021 4:16 AM

@Rachel
” Using code instead of cipher. This means something like Signal can be used quite succesfully”

There was a paper proving it is actually possible to have secure communication over an insecure channel:
https://www.researchgate.net/publication/220424692_Secure_Communication_Over_Insecure_Channels

The point is, the more people use Signal and Tor for their daily, innocuous needs, the more expensive it becomes to spy on those who do something interesting, and the saver everyone is when they use it when they do need to remain private/anonymous
(2 sides of the same coin: private=you know who I am, but not what I do; anonymous=you know what I do, but not who I am)

Clive Robinson April 14, 2021 5:48 AM

@ SpaceLifeForm, Dirk Wemhomer, JonKnowsNothing, Winter, ALL,

No SIM does not equal no radio.

There are two basic ways to look at that…

The first is,

“Your mobile phone still fully functions with no SIM in it.”

A point that is easily proved because,

1.1, You can make emergency calls with no SIM.
1.2, The network sees the equivalent of your phones unique network identifier that is the equivalent of an Ethernet MAC address.

Which means,

“Your phone can always be traced on the mobile phone network, even without the SIM in it… And by the faux logical extension the US “Intelligence Community” have been known to use with drone strikes so must you.

Likewise prosecutors have falsely claimed the geo-location of a person by where the phone company says the phone is, which can be hundreds of meters from where it realy is[1][2].

But what would be the second meaning we can take from the statment.

Secondly though apparently ubiquitous radio systems do not require mobile stations to have an ID built into them to work. That is most analog walkie-talkies and mobile transceivers transmit “anonymously”. So for that matter do point to point links you can set up using microwave systems IR laser or similar diodes.

But there is a failing with mobile phones and their suppodadly unique ID’s, which is “it has to be programed in”, and these days[3],

“That which can be programed one way, can be programed another”.

I know it’s obvious to say but so many people forget this or deliberatly ignore it (prosecutors and the like). You can after all buy “hats” for Arduino’s and Raspberry Pi’s that enable you to make your own “4G Phone”, that you can also clear/change such numbers and send bogus GPS readings with… Likewise you can get GPS modules or just the chips, which means if you know where to look, there are some intetesting quite low cost devices comming out of various places not just Asia.

Does anyone remmber the “Talking Rock” in a Moscow Park[4] from a decade and a half ago? Well ten technology generations later you could put similar in a stick, or make something altogether more sophisticated. What caused the Moscow Park Rock to fail was not as such the technology, but the poor OpSec involved. More importantly it gave many other people ideas for products.

It is thus more than possible for low power radio systems to “hide out” in the noise of other systems.

Look at it this way for an Internet analog, HTTPS traffic is ubiquitous, so much so that it’s signal is now the noise. What makes each HTTPS packet different is the IP Header. If you can remove this information or make it worthless[5] then your special signal is just one of many on a network segment as incomprehensible as the next. It’s a trick Tor tries to use as do other Mix-Nets all with varying success but there are many other possabilities[6].

But anyone with a scanner can tell you that sending data over a radio walkie-talkie is realy quite common now there are various Digital Modes used for “Trunking” which enables multiple users to use the same radio frequency but apparently independently of each other. One well known commercial systrm is called “DMR” and it alows for “encryption” thus your ability to tell what is sent down the encrypted channel is difficult[7]. Especially if like the use of HTTPS on the Internet you put your own much more securely encrypted data down it that looks like voice data. Encrypted DMR is now very prevelant on many walkie-talkies you can buy for around 150-200USD and many many “Private Mobile Radio”(PMR) users use not just DMR but use it with encryption turned on because unlike “SelCal” they do get a degree of privacy, in what in some places are very very crowded and overloaded thus “noise rich” environments.

So what is to stop you piggy-backing onto such systems with a covert channel of your own?

I could go on, but the point is, even under extream universal surveillance those doing the surveillance are “resource bound” and that gives all sorts of wriggle room if you know how to set up covert channels.

Such covert channels if implemented with care will remain unnoticed, untill “Poor OpSec” or “loose lips” reveal that a covert channel is in use.

[1] Without going into all the background radio-location is not exactly very reliable. Which is why GPS is a requirment by the USGov. However as many tourists observe what their phone sees as the Greenwich meridian and what the strip of metal at Greenwich and it’s acompanying laser show are not the same by quite a distance. But as I’ve demonstrated in the past GPS is not very difficult to spoof so can be “offset” and with low satellite visability in city streets etc it has quite a high error margin as well as not being able to function. Also it’s fairly simple to design a “GPS jammer in a matchbox” –or if you know where to look, buy– that has a range of only a meter or so. If carried in the pocket with the mobile phone the GPS will cease to function but the mobile will otherwise function[2].

[2] There is a quirk that is unavoidable in mobile phones talking to base stations and that is the difference between turning a phone off and a phone loosing signal when for some reason it can nolonger communicate with a base station. When you turn a phone off it tells the network before it shutsdown so the network knows you have turned it off. If however the phone can nolonger communicate with a base the network assumes it is still on in the same general location untill either the phone fails to “re-register” or a primary service (call not SMS) needs to be made with the phone. This difference is something people need to remember when using those RF blocking bags/boxes. That is put the phone in the RF bag and then turn it off.

[3] If you know what make and model to purchase, you can also find out how to do not a so called “Factory Reset” which is nothing of the sort but a “Factory re-work” which is what is used on the production line to realy clear the phone back to a “blank state” etc and clear/change the serial number and ID number etc.

[4] The fake rock the FSB showed was extreamly primitive compared to what can be done now “ten tecunology generations” later. Or that can now be fairly easily done as a “School Project” for an “Electronic Notice Board”. The fun is now the likes of Apple and Google have done their “COVID-Contact” stuff to their OS’s all sorts of fun that was not previously possible becomes so.

https://www.bbc.com/news/world-europe-16614209

[5] There are many many ways to make the so called “Meta-Data” of network packets become worthless. Anyone who has studied the protocols and the state machines behind them can do interesting things[6].

[6] For example to turn the tails on GCHQ and the NSA, they are known to exploit the fact that the “first packet is accepted, but subsequent assumed ‘duplicate’ packets are dropped”. That is part of the original pre IP design thought up by Gordon Welchman to make the networks not just “reliable” but “fault tolerant” even in the face of “enemy action” (watered down a bit after Gulf War I). That is if you request data from a web site it might get duplicated and sent on different routes. So as we know GCHQ and the NSA, were delaying the legitimate packets by routing them the long way around, and inserting theirs so it arives first. Ever wonder what happens to those second packets? Well the important thing to remember is they get delivered to the client, but usually with TCP the network stack in the client drops them not pass them up to applications (UDP gets passed). Now think what you could do if your network stack does not drop an assumed duplicate? There are quite a few network analysers and the like that do not drop them, but make them available for examination… Such network-stacks are available for Open Source OS’s and are actually simpler than the packet dropping equivalents (so commenting out code is an option). Thus you would be able to examine any such “duplicate” second packets. Remember normally even if they were not duplicates, they would still be droped, it’s why the GCHQ and NSA attack worked. But consider what you could do if you could reject the first packet and instead use the second packet… In effect you hide a second communications channel in the first.

[7] https://www.scannerschool.com/what-can-you-do-when-they-encrypt/

Clive Robinson April 14, 2021 10:02 AM

@ ALL,

The problem with “code” is it is at heart just a simple substitution cipher, but with a larger alphabet set of words and phrases not just letters/characters.

Thus each time you use it an eavesdroper can build up a list of “code words” agsinst probable real words/phrases.

Thus a common use for codes used to be not to make a message secret but for “message compression”.

To fix this “simple substitution cipher” problem you usually do effectively the following,

1, Encode the message.
2, Super encipher the encoded message to form the ciphertext.

It is generally accepted that if the Super Encipherment is the likes of a “One Time Pad”(OTP) or “One Time Tape”(OTT) the result will be secure.

The security comes not from the fact the message is unrecoverable, but all ciphertexts of the same length will produce plaintexts that are equiprobable thus you can not decide which of the messages is the valid one.

If you pre-code or pre-encrypt a plaintext message, if the code|cipher is any good, then the plaintext message statistics will be unrecoverable without the key thus making the texts that look like random nonsense just as “equiprobable”. Thereby giving the attacker no fulcrum by which they can leverage into the system.

The problem with most codes and ciphers is that their strength of making plain text look random, is the most serious failing as it shows that a code or cipher is being used.

Since before the time of the Elizabethan Sir Francis Bacon a method of taking a private or secret message and making it look like a harmless one that can be sent in public has been keenly sought. Mostly such attempts have failed, not because such a system can not be made, but because it tends to be used to send way more information than it should, thus things become stylized beyond safe usage.

Unfortunately for the scholar, philosopher and statesman Sir Francis Bacon[1], there are a number of Societies that have tried to show that Francis Bacon and Playwright William Shakespeare are one and the same person[2] or similar peculiarity.

As I’ve described before you can combine a OTP cipher with a code and come up with a secure way of enciphering a small quantity of secret message in a simple plaintext message which can be freeily sent across any communications system.

The point being that even if a covert message is suspected, it is not just protected by the OTP alowing it to be “broadcast” far and wide”, it is also impossible to pove to exist as such by access to all messages because of the “equiprobable”.

[1] https://en.m.wikipedia.org/wiki/Francis_Bacon

[2] https://francisbaconsociety.co.uk/emblem-cipher/codes-and-coding/

https://sacred.numbersciences.org/2021/01/09/sir-francis-bacon-and-codes/

lurker April 14, 2021 6:54 PM

@Winter: No alternative is suggested …..The only alternative is not to communicate at all.

@JonKnowsNothing: You cannot have secure systems, secure communications for any purpose in a surveillance state.

These two statements appear to be at least partially inclusive. I admire the attempts of @Clive to use tech to solve the problem, but this just drives the average citizen deeper into the mire. It’s like economists always insisting that problems can be solved by attacking the demand side.

Attacking the supply side of this problem means removing the surveillance; which might require first removing the need for surveillance. This should be distinguished from the want or desire for surveillance which pervades current TLAs globally. It could be an interesting exercise given the current state of geopolitics humanity has got itself into.

Anonymous April 16, 2021 4:28 AM

Bruce, signal still is boasting your endorsement on their site. That is largely ignoring the recent points you made about the risks of including payments in a single app.

Can you perhaps ask them to quote your more recent statements on the risks as well in the testimonial? I’ve no doubt whilst there are positives to encouraging to use signal, the casual reader should be aware you’ve also had different views about the cryptocurrency support and the systemic risks it brings along within a single app. Otherwise, your testimonial on their site remains a quote out of a more recent context as well as an example of the abuse of an expert opinion.

Thahks.

Rowan August 10, 2022 3:10 AM

Now that the cryptocurrency is worthless I wonder how long it will be until they remove it in embarrassment.

Winter August 10, 2022 3:43 AM

@Rowan

Now that the cryptocurrency is worthless I wonder how long it will be until they remove it in embarrassment.

$23k is not yet penny stocks, I think. This was also the price of Bitcoin in December 2020, so we are not even two years back yet. There is still some way to go to reach the $1k of March 2017.

With all the sanctions, there will still be some demand. I just heard that Iran is using Bitcoin to order $10M worth of stuff [1]. Russia seems to mull its use for international payments too [2], although it recently has made paying stuff inside Russia itself using cryptocurrencies illegal [3].

[1] ‘https://www.coindesk.com/business/2022/08/09/iran-places-first-crypto-funded-import-order-worth-10m-report/

[2] ‘https://economictimes.indiatimes.com/tech/technology/russia-mulls-allowing-cryptocurrency-for-international-payments/articleshow/91839654.cms

[3] ‘https://www.cnbctv18.com/cryptocurrency/crypto-putin-bans-digital-payments-a-quick-recap-of-russia-love-hate-relationship-with-it-14170302.htm

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.