Signal is a CIA honeypot

>>61992150
wire doesn't have this problem

>>61992150
>convince me Signal isn't a CIA honeypot
Why would I try to convince you of something that isn't true

>>61992150
>ignore app
problem solved

>>61992150
Who cares? You're not a piece of garbage, thirsty-ass pedophile hidefaggot. Don't worry about it.

>>61992150
Every single one of these guys gets harassed, doesn't mean shit. Regarding the Arab Spring, shit Facebook and Twitter played a much bigger and more instrumental role, they didn't need to dig into encrypted shit when there was a trove of decrypted data around.

Trying to hide from the CIA is fucking retarded and you will lose. You do not protect yourself against state level actors; you protect yourself from corporations.

>>61992233
Signal has no real funding model though. Who's to say your chats aren't being secretly sold to corporations?

>>61992194
It's being sold as a privacy app while being the opposite, though. You can want privacy without being a degenerate.

File: 1503146478145.jpg (175KB, 1920x1080px) Image search: [Google]

175KB, 1920x1080px

>>61992150
Moxie is against freedom and forks
https://github.com/LibreSignal/LibreSignal/issues/37
https://github.com/WhisperSystems/Signal-Android/issues/127

Moxie knows nothing about crypto: https://news.ycombinator.com/item?id=3725013

Signal uses AES256, an outdated encryption algorithm. What's worse is that it uses it in CBC mode in certain cases, see https://github.com/WhisperSystems/Signal-Server/wiki/API-Protocol.

Signal requires you to have a phone with google services. You can't use it even on the pc without that being the case. Since the user IDs are not derived form the public key of the user it is also difficult to verify that you are talking with whom you think that you talk to. Moreover singal uses a centralised service.

Serious question - what is the newest platform / application / etc. that /g/ has, for the most part, accepted as being good?

Anything is either being "shilled", is a botnet, or is a honeypot. I know random individuals will shitpost about this so it will never be 100%, but is there anything that the consensus actually likes / uses that is not old?

>>61992150
>It is able to decrypt all your phone messages. Therefore, desktop app has access top private encryption key from phone.
maybe the encryption key is your password used to log in..?

>>61993397
When it was revealed that whatsup (which also uses the singal protocol) has a backdoor which allows facebook to request from your client to silently resend any messages that you sent to someone with a different encryption key every signal shill in the world started strawmanning and whining about fake news.

>>61993429
I would suggest XMPP/IRC with OTR (sadly it uses weak encryption) or tox.

>>61992150
>Therefore, desktop app has access top private encryption key from phone.
Do you connect the phone to the PC? If so I can't see the problem.

>>61993446
In that case moxie can decrypt anything that you wrote as he has your password.

>>61992150
>closed source
guaranteed honeypot

File: fuck zuck 2020.jpg (91KB, 720x960px) Image search: [Google]

91KB, 720x960px

>>61993447
>a backdoor for facebook to bypass your encryption
Zuck for prez 2020

>>61993480
idk how this moxie character is, but does he have your password tho? maybe a hash of it.

idk, in any case you are right

>>61992194
t. reddit bootlicker

>>61992194
>I wouldn't worry about it goyim!

>>61993429
>dom individuals will shitpost about this so it will never be 100%, but is there anything that the consensus actually likes / uses that is not old?


Best thing I've found is running a private XMPP server. For clients, use Chatsecure/Conversations.im/Gajim with OMEMO encryption. Similar to Signal's encryption, but the server does not steal your private keys, and stores no chat archives by default.


Also, XMPP works like email. [email protected] can message [email protected]. XMPP is the future that never happened because of normies taking over the internet.

https://prosody.im/
https://youtu.be/-0M0NeZ_cU4

>>61992150
>Signal is a CIA honeypot
Of course it is. That's why State Department promotes it for "revolutionary and democratic movement in """oppressed""" countries."

It's also why FBI is not bitching about it and isn't asking for keys.

>>61993481
It it FOSS however Moxie
1: is against people compiling it themselves
2: is against repositories compiling it for people
3: does not provide reproducible builds
Thus it would not be impossible that the official builds (which are distributed only via google play and can be used only in devices with GCM) are backdoored.

File: mad moxie.jpg (12KB, 183x275px) Image search: [Google]

12KB, 183x275px

>>61993501
>>61993480
>moxie
when you place a backdoor into your own software only to find naked r34 pictures of yourself

>>61993322
I can understand why you deleted this.

>>61993397
>Moxie is against freedom and forks
he's a jew

>>61993560
>he's a jew
dammit.
every god damn time

>>61993527
Can you verify that the messages that you receive are not forged?
Isn't XMPP XML bullshitte?
Does it allow for deniable authentication?
What algorithms does it use?

>>61992194
Alt-righters are the biggest cucks

>>61992194
And what if he is?

>>61993447
what do you think about matrix chat / riot.im? uses signals encryption and is still in beta but going main stream soon https://about.riot.im/security/

>>61993447
sorry. riot actually uses olm a version of double ratchet developed independently from signals

>>61992150
>ADDITIONALLY: If you use Signal for your phone, install he desktop app. It is able to decrypt all your phone messages. Therefore, desktop app has access top private encryption key from phone.
This is wrong. I've poked around in the protocol and what happens when you add the desktop app is it creates another key pair and publishes the new public key. After that, every time someone sends you a message it encrypts the message with each public key and sends them. If you have two desktop apps in addition to the phone, you'll actually see 3 distinct posts to the Signal API. This is why you cannot access messages that were sent prior to setting up the desktop App.

Don't believe me? Open the Chrome developer tools for the App and watch the API calls when sending messages to people with the desktop App.

>>61993609
I tried the web version of matrix and it was a js-infested crap. Moreover it uses bullshit like HTTP, JSON, WebRTC, and other web3.0 crap. I also dislike the fact that it needs a server in order to work - I would prefer a distributed approach.
That being said, I have not looked into the crypto behind it.

>>61993649
>it creates another key pair and publishes the new public key. After that, every time someone sends you a message it encrypts the message with each public key and sends them
Is the new keypair signed by the old one? If not, how do they know that it is not an attacker that publishes that keypair?

>>61993665
Yeah. The desktop shows you a QR code which you scan with the App to complete the process.

>>61993683
>The desktop shows you a QR code
Which is the hash of the public key I assume?

>>61993687
I didn't actually bother to decode it, but I assume it is something like that. I was more interested in the over the wire protocol. Try it and let us know.

>>61992150
someone complain about it, so they remove it on the subreddit of privacy.io

>>61993652
I see, WebRTC really shits up everything since it doesn't work over tor

>>61993687
Scanning the QR code. Reads:
>tsdevice:/?uuid=##########&pub_key=##########


With actual characters instead of "#" of course.

>>61993781
Which means private key isn't being transferred by the QR code.

>>61993397
>Signal uses AES256, an outdated encryption algorithm. What's worse is that it uses it in CBC mode in certain cases

bait?

>>61993961
No, why would it be?

>>61993968
Because aes256-cbc isn't broken?

>>61993961

The plaintext is encrypted using AES-256 in CBC mode with PKCS#7 padding, using the encryption key and IV from the previous step

https://whispersystems.org/docs/specifications/doubleratchet/

>>61994025
Define broken.

REEEEEE

>>61993609
Riot is still a pretty shit client focused on groupchats, with devs not caring about 1:1 chat. I'm not even sure there's a way to see if a person is online on it, and instead of contact list you have a bunch of separate 2 man rooms. XMPP with OMEMO is probably the best ATM if you can get your normie friends past "what's that never heard ofust be bad"

https://pando.com/2015/03/01/internet-privacy-funded-by-spooks-a-brief-history-of-the-bbg/

>>61994037
whether it uses aes256-cbc was never in dispute. why don't you state why it's broken, preferably with citations.

>>61994099
See >>61994059

>>61994087
>In Europe, the CIA set up “Radio Free Europe” and “Radio Liberation From Bolshevism” (later renamed "Radio Liberty"), which beamed propaganda in several languages into the Soviet Union and Soviet satellite states of Eastern Europe.

Reporting news is propaganda now? Is this Breitbart clone?

>>61994145
Any reason not to use it

>>61994295
AES has some known attacks which are faster than the generic attacks.
AES is complex and it is difficult to create side-channel resistant implementations for it.
AES is slower and weaker in general when compared to more modern ciphers.
No sane person uses the CBC mode. Every sane person uses a CTR-based mode for everything.

>>61994151
/pol/ has been leaking for a while now

>>61994328

>AES has some known attacks which are faster than the generic attacks.
Are they faster to allow for a feasible attack? Going from 2^256 to 2^237 isn't going to compromise anyone's security

>AES is complex and it is difficult to create side-channel resistant implementations for it.
Not an issue unless you're rolling your own crypto.

>AES is slower and weaker in general when compared to more modern ciphers.
See first point

>No sane person uses the CBC mode. >Every sane person uses a CTR-based mode for everything.

Elaborate?

>>61992150
>>Signal creator later makes apps to help Arab Spring. Arab Spring was orchestrated by CIA.
Sure is /pol/ here.

>>61994387
>Are they faster to allow for a feasible attack?
No, but attacks only get faster, not slower. If you encrypt something now you will want it to be private for quite a long time.

>Not an issue unless you're rolling your own crypto.
Yeah no. Side channel attacks are some of the most cruel and difficult to protect against attacks. There are multiple issues concerning power usage and timing attacks on common AES implementations every year.
This is why you should instead use primitives which are designed for side channel resistance.

>See first point
How does this address the slowness issue?

>weaker
"weaker" does not only refer to the known attacks but also to the general design decisions that were made during the AES competition.

>Elaborate?
There is no reason to select CBC instead of CTR. No sane person would select CBC instead of CTR.

This

>>61994440
I probably should have been more specific in the beginning. Aes256-cbc isn't perfect, but the flaws mentioned isn't exactly convincing proof that it's a CIA honeypot. You'd think that a honeypot would be something so it's easy for you to decrypt the messages. Some theoretical/unfeasible attacks isn't it.

Maybe if they were using dualEC I'd might be convinced.

>>61994554
>isn't exactly convincing proof that it's a CIA honeypot
I am not claiming that it is. I am just claiming that it is a bad design decision for a modern protocol.

>>61992150
(((Moxie Marlinspike)))

>>61994440
>slowness issue
yep, because 5% lower battery life is exactly what the CIA wants

File: sig.png (24KB, 801x697px) Image search: [Google]

24KB, 801x697px

>>61992150
>ADDITIONALLY: If you use Signal for your phone, install he desktop app. It is able to decrypt all your phone messages. Therefore, desktop app has access top private encryption key from phone.
When you install Signal on your computer and it gives you this QR code to link with your phone it includes a public key which your phones signal app uses to do key exchange with your computer.

It's not rocket surgery. They don't just magically swap keys.

>>61994866
If it can produce the public key for a QR, it can open up a TCP connection to cia.net and send it there too.

>>61993793
Private key should never be transferred but certainly never through an unencrypted medium.

>>61994440
>There is no reason to select CBC instead of CTR. No sane person would select CBC instead of CTR.
You're just saying the same thing.

Why would someone use CTR over CBC?

>>61994880
I guess everything is a CIA honeypot then.

weren't you just crying about freeze peach? just care about civil rights when it suits you?

>>61992194
Everyone have something to hide.
Not everyone have something illegal to hide, but everyone have sensitive data that should not be available to people over the internet.

>>61994946
Even if it's just pictures of my dick.

>>61994931
for >>61992194

>>61994968
It's not illegal unless you flash em to people.
But a CIA plant still can steal it and use it to blackmail you.

>>61992150
> The private key must have traversed Signal's server to reach desktop app.

Are you literally fucking retarded. The desktop app creates a new set of private keys and registers the public key online. When someone sends you a message, it's encrypted with both session keys (that are derived from the identity keys).

It's fucking free software, read the code you cunt.

>>61993529
Is the server backend open source yet?

>>61993529
> 1: is against people compiling it themselves
Is against technically illiterate people tryning to compile it themselves, because it has a timer that nukes the app after 90 days if you don't rebuild and update it.
> Thus it would not be impossible that the official builds (which are distributed only via google play and can be used only in devices with GCM) are backdoored.
You can download the APK from the website. Literally fucking Google "signal apk". https://signal.org/android/apk/

>>61995045
>You can download the APK from the website. Literally fucking Google "signal apk". https://signal.org/android/apk/
He added that after everyone started whining about it.

>>61995039
https://github.com/WhisperSystems/Signal-Server

It's been free software for many years. Everyone was concerned about RedPhone, but if you don't use calls then you don't care (also I believe it was made free software as well).

File: stock-photo-computer-hacker-in-a-balaclava-163983167.png (151KB, 450x320px) Image search: [Google]

151KB, 450x320px

>>61993429
Signal is the only even remotely privacy focused app I can get my normie friends to use. For my securitard friends, we usually chat on a self hosted irc server that doesn't keep logs or encrypted emails.

>>61994922
Not everything is a CIA honeypot. Somethings are NSA or FBI Honeypots and anything involving guns is an ATF honeypot.

>>61993652
>bullshit like HTTP, JSON, WebRTC
What do you prefer?

>>61995059
>He added that after everyone started whining about it.
And? It's still there isn't it?

>>61994151
Read a book faggot.

>>61995059
> "It's only distributed on Google Play."
> "No it's available here."
> "Yeah but he only added that because people complained."

Why does that matter? Yes, he only added it after people complained, they removed the GCM dependency (which >>61993529 was also wrong about), and added auto-updating outside of the Play Store. But you can download it now, so why does that matter?

Not to mention that there is an FDroid repo that provides builds and has provided builds ever since it was dropped from official FDroid.

>>61995115
Yes it does matter you cunt. Why didn't he do nuffin earlier, especially knowing the people who use his app, aka privacy aware fags, don't usually have gapps?

>>61995184
>Why didn't he do nuffin earlier, especially knowing the people who use his app, aka privacy aware fags, don't usually have gapps?
Impressive that you can read minds anon. You should use that power for more important things.

>>61995115
Some of my information was outdated it seems. But it does not change the fact that he was an ass. It was difficult and took a long time to convince him to drop GCM and distribute official binaries outside google play.

>Not to mention that there is an FDroid repo that provides builds and has provided builds ever since it was dropped from official FDroid.
I never claimed that it is not compilable. The problem is that he was against it and caused problems for FDroid.

>>61995218
>took a long time to convince him to drop GCM
I thought that was on his roadmap for a long time but initially it was an issue of keeping push notifications while not sucking the battery dry which GCM was convenient for.

>>61995184
a) Because software development takes time.
b) WebSockets had a massive battery life impact, that had to be rectified first.
c) You can fucking download it now, you're complaining about an issue that was resolved.

If you wanted it to go faster maybe you should've written the fucking patches rather than wasting people's time ranting about it. Fucking autists, man.

>>61992175
wire is for wire...tap

>>61995218
> It was difficult and took a long time to convince him to drop GCM and distribute official binaries outside google play.

It was difficult because there were a lot of problems that were not solved in the No-Gapps community. Some of them are still unsolved, but Moxie just went ahead and made the pragmatic decision of publishing it anyway.

Everyone is bitter that Moxie didn't just do what everyone was ranting about. I agree that it took longer than I would've liked, but there were several technical reasons why it took so fucking long -- not to mention he had to deal with all of the bullshit from autists that the outrage likely made it take longer.

If you honestly feel you could've done it faster and better than Moxie, you should've written a patch. In free software, you're not entitled to anything, and if you feel you're so clever maybe you should've done it.

>>61995205
Wtf man? It's just common sense. People have been using cm with no gapps with fdroid/aptoide for years.
>>61995251
There was conversations app on droid loong ago you twat. It had no problems being independent of gapps. And no thanks i wont use it even though the issue is resolved. It's a matter of his intent.

>>61995288
Why would I write a patch for a software that I do not give a shit about? There are multiple better solutions which I prefer.

>>61995295
> There was conversations app on droid loong ago you twat.

And it likely got fisted by battery life issues. The WebSocket battery life problem is well known, and even fucking DAVDroid has a warning about it.

>>61995297
If you don't give a shit about it, why are you complaining about it? If it bothers you so much, then you could've spent that energy productively.

>>61995309
>If you don't give a shit about it, why are you complaining about it?
To tell other anons to prefer other programs instead?

File: 1476507156733.jpg (17KB, 286x380px) Image search: [Google]

17KB, 286x380px

>>61995309
>WebSocket
What happened to socket(2)?

>>61995295
*fdroid
>>61995309
>battery life
So? It's not like Google play services is battery friendly either. He could've just provided the builds with a warning so people with no gapps can use it. Why are you all over it man? Every app like facebook etc drain battery to hell yet people use it.

>>61995418
Google Play Services is much more battery friendly than WebSocket.
And what is worse, if you have Google Play Services installed and you install an app with WebSocket you are only increasing the battery drain when you could piggy back on Play Services instead.

>>61995418
Also,
>He could've just provided the builds with a warning so people with no gapps can use it.
Because people would have totally gone.
>the battery life is shit but he gave a warning it would be like that because its not using gapps
instead of
>the battery life is shit so this app is shit

>>61992194
Based merchant !

>>61992150
Who cares all I do on signal is send my friends dumb pictures from 4chan

>>61992150
It's open source faggot

>>61995334
kek

>>61995418
GCM is _much_ more battery friendly because it's push-based and doesn't require long-running connections with TCP Keep-Alive.

Also, what >>61995524 said. Users are dumb, and it would've hurt Signal's reputation and people would've said "fucking app sucks" rather than the more nuanced position.

"I have nothing to hide so I have nothing to fear" only works if you and everyone you know shares all of the values and beliefs of everyone in power, and always will.

Nevermind how difficult it'll make it to report abuses of government power on any scale.

>>61996704
I'll correct you a little.
GCM does use TCP Keep-Alive, that's how push works, your device is keeping an active connection to the push server which is how the server is able to "push" notifications to the device without the device having to poll the server constantly for updates.

I think the big difference is that gapps are system apps, which allows it to keep this alive in low power mode (when the device is asleep) whereas if you are programming in the user space your application suspends when the device goes to sleep and you can only check for updates when the device wakes up to handle alarms, and this is where it gets expensive battery wise. Because your application won't know when there is a push notification to handle unless it checks it needs to wake the device frequently to check, whereas with gapps, and GCM (or FBM), it will send an intent to your application telling it that there is something to do.

what should i use instead?

File: wire.png (34KB, 512x512px) Image search: [Google]

34KB, 512x512px

>>61992150
Wire doesn't have this problem. Everything but the servers are open source, but the servers themselves don't need to be, since you have fingerprint verification.

Also, if you can't verify the fingerprints in person, then fingerprint verification is also pretty easy to verify online via a second factor, such as using Tutanota2Tutanota or Protonmail2Protonmail. A second app that is password protected, and the mail will never leave the server.

>>61993586
With otr and omemo encryption messages cannot be forged.

>>61993527
xmpp is the best alt we have, matrix is a distraction, someone should port riot to use xmpp bosh though.

>>61993397
>Signal requires you to have a phone with google services
It doesn't anymore.

>>61993652
No shit it's full of js, how else do you have a web client? Android client is java and non-riot non-js desktop clients exist. Distributed is more reliable and you can share history between devices but decentralized chat has it's uses too. Need a diverse collection of secure chat systems in this day and age.

>>61994081
It works fine for 1:1, but yeah it's more like irc2.0 but that doesn't mean it's bad. I use it daily with relative normies on my own server.

>>61998173
Fuck got decentralized and distributed mixed up

>>61992150
Your private key is encrypted using your password and a password-based key derivation function. The servers have no information about your password.
This is standard practice.

>>61998312
The servers never have your key in the first place. Multi-device keys are separate keys, that are registered separately and all messages are encrypted with all registered keys.

It's not as bullet-proof as Matrix's multi-key signatures (see megolm) but it's good enough. The point is that OP is a faggot.

>>61998415
There are per-device keys and a per-user key. Read this: https://whispersystems.org/docs/specifications/sesame/

>>61994913
not him but it can be parallelised/out of order etc

>>61992233
>You do not protect yourself against state level actors; you protect yourself from corporations.
They're one and the same.

>>61994880
>Your gun collection tragically falls into a running saw
>At least one is cut to a length of 15.99 inches or less
>ATF immediately breaches your door with explosive charges
>Steel was a botnet the whole time

>>61992194
It's only a matter of time before anybody to the right of Bernie is kicked off this platform for being a fucking white male though.

>>61992150
I'd prefer MI6 honeypot because the USA are a mongrel.

>>61992150

why is everyone hating on the CIA?

direct your hate towards muslims instead you fucking wankers

>>62000733
Turns out the CIA's been working outside their charter and trying to guide things in an unsavory direction.

They need to be shut down and every agent's xkeyscore examined.