• Churbleyimyam@lemm.ee
    link
    fedilink
    arrow-up
    105
    arrow-down
    1
    ·
    5 days ago

    I can’t imagine any messenger is private if you invite random people into a group chat 🤦‍♂️

        • Ænima@lemm.ee
          link
          fedilink
          arrow-up
          9
          ·
          edit-2
          4 days ago

          PEBCAK Problem Exists Between Chair And Keyboard!

          Knew of an IT help desk employee who used this as a resolution in a ticket. Yeah, he got fired as soon as the customer looked up what it meant.

    • poVoq@slrpnk.net
      link
      fedilink
      arrow-up
      9
      ·
      4 days ago

      The actual military grade (xmpp based) messengers implement security lables, meaning messages are tagged with the required security clearance and if you invite random people to a chat they can’t see the messages.

  • Jason2357@lemmy.ca
    link
    fedilink
    arrow-up
    20
    arrow-down
    1
    ·
    4 days ago

    The exact reason why it’s bad for top secret communications is why individuals should use it or something like it. That is government auditability.

  • unknowing8343@discuss.tchncs.de
    link
    fedilink
    arrow-up
    69
    arrow-down
    5
    ·
    5 days ago

    EVERYONE SHOULD DOWNLOAD SIGNAL for PHONE-NUMBER-based communication, tho. Proper RCS is not here yet (and won’t be in a long while), so let’s try to mobilize people to Signal.

    DeltaChat is cooler for non-phone based communications, IMO, and decentralization makes it way sexier and worth this tradeoff.

    • 9tr6gyp3@lemmy.world
      link
      fedilink
      arrow-up
      22
      arrow-down
      2
      ·
      5 days ago

      Actually RCS has encryption in the new spec now, and we could see encrypted RCS messages implemented on iOS and Android within a year.

      But even so, use Signal.

      • ᗪᗩᗰᑎ@sh.itjust.works
        link
        fedilink
        arrow-up
        42
        ·
        5 days ago

        RCS still leaks metadata like a sieve. Encryption, considering the platforms that exist today (Signal and SimpleX), should not be the minimum requirement. Plain-text messaging should not even be possible in modern secure messaging platforms. The platform should be open source and be engineered to mitigate the collection of metadata - like Signal and SimpleX.

        • 9tr6gyp3@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          5 days ago

          Seeing as RCS with encryption based on the MLS standard hasnt been deployed yet, can you show exactly what metadata is leaking?

          • ᗪᗩᗰᑎ@sh.itjust.works
            link
            fedilink
            arrow-up
            2
            ·
            4 days ago

            MLS only deals with encryption and key management, which is great but that’s been a “solved” problem since TextSecure (now Signal) introduced the TextSecure Protocol (now the Signal Protocol) in 2013.

            What I’m aware is missing with RCS / MLS compared to Signal (someone with more recent knowledge please correct me):

            • Sealed sender so only the recipient knows who sent the message.
            • Not storing metadata or logs.
            • No built in crash reports.
            • Private contact discovery.
            • Published government requests providing evidence that they don’t have any data.
            • Open source client.
            • Looking at the Google Play store, Google’s Messenger shares precise location data with third parties, Signal doesn’t.
            • Also on the Google Play store, Google’s Messenger app list a lot of data collected. Signal only lists phone number.
          • poVoq@slrpnk.net
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            4 days ago

            Well, instead of leaking metadata to Signal, AWS, Cloudflare, Google/Apple and your ISP, like Signal does, RCS only leaks it to your ISP /s

      • BakedCatboy@lemmy.ml
        link
        fedilink
        English
        arrow-up
        5
        ·
        5 days ago

        I think they mean that it’ll take time for everyone to get it. My carrier still doesn’t even have RCS at all.

      • unknowing8343@discuss.tchncs.de
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        5 days ago

        What I dislike about XMPP is that the client ecosystem is definitely weaker than DeltaChat. DeltaChat “just works”, and it works incredibly similar and efficient across devices.

        But yes, I wouldn’t mind if the world used XMPP instead, honestly.

      • socsa@piefed.social
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        4 days ago

        It also just gets blocked by autocratic firewalls. Deltachat is clutch because it can theoretically run on top of any email host so it’s way more difficult to block.

        • poVoq@slrpnk.net
          link
          fedilink
          arrow-up
          4
          ·
          edit-2
          4 days ago

          You can easily redirect xmpp to port 443 which is not blocked by most firewalls. If you have problems with firewalls or public wifis your xmpp server is misconfigured.

          • socsa@piefed.social
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            4 days ago

            China will definitely block xmpp on any port. I know this because I have tested this very specifically from my own server. It lasted about a day and a dozen messages before it was blocked, and the box got absolutely slammed with vulnerability scans.

            • poVoq@slrpnk.net
              link
              fedilink
              arrow-up
              2
              ·
              4 days ago

              This is odd because I know a few mainland Chinese people that use XMPP without problems (and afaik without a VPN).

              Sounds like your server got blocked for another reason?

              • socsa@piefed.social
                link
                fedilink
                English
                arrow-up
                1
                ·
                4 days ago

                I can almost guarantee you they are using it through a VPN or they have a western SIM card. If not I’d love to know what server they use, as I’ve tested this a bunch of times on several public and private servers and it’s always the same result. If it isn’t blocked on day 1 it will be blocked quickly.

    • shortwavesurfer@lemmy.zip
      link
      fedilink
      arrow-up
      8
      arrow-down
      1
      ·
      5 days ago

      I use signal myself but I also use simple X. I can’t use delta chat because I use proton for my email and therefore can’t use delta.

      • SatyrSack@feddit.org
        link
        fedilink
        English
        arrow-up
        5
        ·
        5 days ago

        Delta Chat is not associated with your email account, as far as I can tell. Am I wrong?

          • SatyrSack@feddit.org
            link
            fedilink
            English
            arrow-up
            6
            ·
            5 days ago

            You don’t have to use a “classic email server”, or even link your account to your current email address at all. The default onboarding procedure actually creates a new anonymous account for you on the default chatmail server. Reading through the site, I can’t actually even tell why someone would want to use their preexisting email address.

              • themadcodger@kbin.earth
                link
                fedilink
                arrow-up
                3
                ·
                5 days ago

                Yeah, that’s when I first used it too, it had to go through your email. Now it just uses the email backbone to send messages back and forth. Also, self-contained webxdc apps you can use with people in your chat, which is kinda cool.

    • themadcodger@kbin.earth
      link
      fedilink
      arrow-up
      3
      ·
      5 days ago

      The self-contained webxdc apps are a pretty cool bonus to what already feels like a normal chat app. I primarily use Signal, but given the current climate of governments trying to force backdoors in to encrypted apps, and the fact it’s a US server, I wanted a decentralized backup. And email isn’t going anywhere, so it seems like a good option.

  • Evil_Shrubbery@lemm.ee
    link
    fedilink
    arrow-up
    54
    arrow-down
    4
    ·
    edit-2
    5 days ago

    Signal is the place for top secret communications, but not for any government business, top secret or not (at least not when using a public instance - they could fork the project to keep decryptable records on gov servers where the official gov instance would run).

    • Florencia (she/her)@lemmy.blahaj.zoneOP
      link
      fedilink
      arrow-up
      24
      ·
      5 days ago

      at least not when using a public instance - they could fork the project to keep decryptable records on gov servers where the official gov instance would run

      All the people in the chat were high enough that the government for free provided them with secure rooms in their homes so everything would be done through government hardware and encryption programs.

    • socsa@piefed.social
      link
      fedilink
      English
      arrow-up
      5
      ·
      4 days ago

      The protections for classified information are not just about information security. They are about physical and operational security as well. That’s why s SCIF has a “two locks” policy, and requires things like 4" steel doors.

      • Evil_Shrubbery@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        4 days ago

        You are right.

        They are also about data security, so nobody can just erase, modify, or destroy/lose data. And all that applies to data handling and access as well.

      • Evil_Shrubbery@lemm.ee
        link
        fedilink
        arrow-up
        11
        arrow-down
        1
        ·
        5 days ago

        Anything that logs all the communication.

        Govs have their own apps, email servers, various other web-based tools to exchange data, etc. Usually also gov hardware (ie can’t use/access such gov apps on non-gov phones).

        It’s not “what’s better” it’s what is mandated/required/the law.
        Much like when you get a regular average job you have to use whatever is permitted - company email is the usual, can’t just deal with company data over your private email account where the company has no oversight.

        • surph_ninja@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          4 days ago

          I didn’t mean for transparency or compliance with disclosure. I meant more secure for classified level communications.

  • liop7k@lemm.ee
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    4
    ·
    4 days ago

    What kind of private communication can we talk about if you must have a valid phone number to use Signal?! Lol

      • liop7k@lemm.ee
        link
        fedilink
        English
        arrow-up
        18
        ·
        4 days ago

        But still, to use it, you need a phone number, which in many countries can only be purchased with a passport. That’s the main rule. If privacy is really needed, personal identification should be excluded so that it’s basically impossible to determine who owns the account.

      • girlthing@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        20
        ·
        edit-2
        4 days ago

        Pretty sure you still need a phone number for an account, though - the usernames are just for sharing your contact with other people.

        Most peoples’ phone numbers are easily linked to their identity. Which means the government knows who’s using Signal.

        Usernames are definitely an improvement, but this is a fundamental limitation in Signal’s design.

        • Thorned_Rose@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 days ago

          If you want to get really technical, each Signal account actually has a ‘secret’ account number that the phone number is linked to. The phone number requirement is actually a means to reduce spam and scam accounts.

          • girlthing@lemmy.blahaj.zone
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 days ago

            So they could have replaced it with, like, email verification or something, but they instead stuck to the design that lets governments identify all users?

            <Insert rampant and unfounded speculation about FBI compromise here>

        • danhab99@programming.dev
          link
          fedilink
          arrow-up
          1
          ·
          4 days ago

          Then I’d delete my old phone number account and start fresh… not exactly the best option but all things considered you might have too

      • ikidd@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        4 days ago

        No, but it’s easy enough to be both. There’s a pile of IM packages out there that manage it.

        Metadata is valuable info, look at what a pen register nets law enforcement and why it’s the first step in an investigation. The idea that a messaging app that’s supposed to be used for political action but the chain of association is visible and verified is absolutely suspect.

        • pathief@lemmy.world
          link
          fedilink
          arrow-up
          3
          ·
          3 days ago

          You say “easy enough” but there are some serious tradeoffs when removing phone numbers from the equation. My mom can use Signal without my help but she wouldn’t be able to use SimpleX.

          Signal is a fantastic middle ground messaging app that is secure enough for me to use and easy enough for my mom to use.

          I also have SimpleX but I have exactly 1 contact there…

  • HotCoffee@lemm.ee
    link
    fedilink
    arrow-up
    20
    arrow-down
    5
    ·
    4 days ago

    Wherever Signal is mentioned, I shall mention SimpleX-Chat.

    Zero user ID needed to use. No phone numbers and no username.

    SimpleX-Chat!!!

    • Jason2357@lemmy.ca
      link
      fedilink
      arrow-up
      10
      ·
      4 days ago

      Out of band key exchange is great -as long as people can physically meet and exchange QR codes. In reality, they are often sent via less secure means. As always, the humans are the weakest security link.

      • HotCoffee@lemm.ee
        link
        fedilink
        arrow-up
        4
        ·
        4 days ago

        Fair point, it always feels dirty to send invite-link through WhatsApp, the dominant messenger in EU.

        How would one go to solve the invite problem? How does Signal handle this?

        • Jason2357@lemmy.ca
          link
          fedilink
          arrow-up
          1
          ·
          1 day ago

          Phone number and trust-on-first-use for most people, with out-of-band fingerprint verification for the paranoid. It really depends on the threat model and the security practices/awareness of your colleagues, but a link shared on some social media or lower-security chat network is more vulnerable to a man-in-the-middle attack than a phone number for your average Joe. There are a lot of ways a person could get a manipulated invite link.

    • Lychee@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      4 days ago

      Finally someone who understands! Haven’t found anything better. Just missing the bridging bit, though that comprises the privacy/security and overall personal opinion why I started using SimpleX.

      UI-wise it isn’t there yet, but actively being developed so. I miss posting photos (combined) with a comment, now they are all sent separately.

      Anyhow if you are looking for privacy go for SimpleX!

    • max@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      3
      ·
      4 days ago

      SimpleX is kinda good, but also we have briar, it does have ids, but more secure and 2P2, i don’t know if simpleX was checked by third parties about security, briar was audited by cure53 for example.

      • swelter_spark@reddthat.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        4 days ago

        I believe Briar can’t do offline messaging without setting it up to use another app. That’s the main reason my friend group shifted to SimpleX instead of Briar.

      • HotCoffee@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        4 days ago

        Briar… not familiar with, thx for sharing privacy goodies. Will check it out.

        As for audits on SimpleX, there have been some. Not sure when the last one was tho, they prob have something on their site with a date.

    • swelter_spark@reddthat.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      4 days ago

      SimpleX is what I use. I tried Signal in the past, but there was a noticeable delay in receiving messages and it caused problems when using it to communicate with family.

      I have no problems with SimpleX so far. It works well and looks modern. A feature I like is that you can create a different user identity for each contact/ chat thread. It also supports socks5 proxy.

        • swelter_spark@reddthat.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          3 days ago

          Maybe, but I normally only leave battery optimization on for apps that shouldn’t be running in the background at all. This was several years ago, though. If Signal isn’t like that anymore, that’s a good thing.

  • girlthing@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    15
    ·
    edit-2
    5 days ago

    Consider Briar.

    Uses Tor. Works directly over Bluetooth/WiFi if the internet is censored or shut down. Decentralized, no accounts. No phone number required.

    Of all the options available, I feel like this one is the best suited to current threats (oppressive governments with all-encompassing surveillance, and the willingness to destroy critical institutions and infrastructure).

    The app is super barebones right now - feels like SMS - but it works. Main downside is that both participants have to be online at the same time (maybe group chats can work around this?), since there’s no servers.

    • Infernal_pizza@lemm.ee
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      4 days ago

      How does the Bluetooth work? If you’re close enough to be in bluetooth range with someone aren’t you close enough to just speak to them?

      • girlthing@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        11
        ·
        edit-2
        4 days ago

        One use case could be mass protests/uprisings, where you have a lot of people congregated in a small area. An increasingly popular strategy among governments these days is to just shut down the entire internet in an agitated region. Bluetooth could keep information flowing between people with only mutual contacts, as they move in and out of range.

        • brygphilomena@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          6
          ·
          4 days ago

          I’ll have to give this a look. Since going to music festivals where I couldn’t text my friends I’ve wanted a decentralized adhoc network message app. Using pgp all messages bounces through all devices within local device network range but you can only read the ones you have private keys for.

  • Korkki@lemmy.ml
    link
    fedilink
    arrow-up
    23
    ·
    5 days ago

    I personally use carrier pigeons with caesar cipher. I know I can’t out tech google, so I will go medieval.

  • WhatSay@slrpnk.net
    link
    fedilink
    English
    arrow-up
    25
    arrow-down
    6
    ·
    5 days ago

    Signal is great, that’s why I’m suspicious that this recent story is to not only target journalism, but also secure app communication. I wouldn’t be surprised if it’s used as an excuse to remove signal from the app stores.

    Hopefully I’m just being too paranoid.

    • shaggyb@lemmy.world
      link
      fedilink
      arrow-up
      18
      ·
      5 days ago

      Immediately had that thought as well.

      Don’t blame the barn for not holding the horses when you leave the fucking door open.

    • neon_nova@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      12
      ·
      5 days ago

      I don’t think that’s the case, I just think it is old people not know how to use technology.

      Additionally, all these people in power are using signal, how is that not a loud endorsement that everyone should be on it.

      Sadly, my contact list remains mostly on WhatsApp and Facebook messenger only.

      • Droggelbecher@lemmy.world
        link
        fedilink
        arrow-up
        5
        ·
        4 days ago

        Anyone who uses Facebook messenger as their only messenging app will need to text or call me. Fuck that. I do, however, use WhatsApp and discord for work and uni group chats. If or when that’s no longer the case, people who only use those will need to text me, too.

        • neon_nova@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          2
          ·
          4 days ago

          The big problem is that the telecoms still charge by the minute to call a landline so most businesses have a Facebook page and use messenger as their primary form of contact.

          I’m literally going to a vet now and they had messenger, WhatsApp or telegram as their contact method

  • bushvin@lemmy.world
    link
    fedilink
    arrow-up
    32
    arrow-down
    8
    ·
    5 days ago

    Considering the US government now owns Meta and thus WhatsApp, it’s an interesting case… why did they use signal?

  • sqgl@beehaw.org
    link
    fedilink
    arrow-up
    5
    ·
    5 days ago

    Regarding the trick of an adversary gaining access by emailing or SMS’ing a QR code for adding another device…

    Why does the new device not demand the PIN before being added?

    • Jason2357@lemmy.ca
      link
      fedilink
      arrow-up
      5
      ·
      4 days ago

      It does, I tried it. Though, that may have been an addition since the attacks started.

      Though, in that specific case - Russian agents conducting espionage via targeted individuals - it’s very likely they surveil their targets long enough to catch their device PIN before they nab the phone and return it. In the end, there is very little recourse to defend against this type of Evil Maid attack. Signal is really better at protecting against mass surveillance, but for individuals directly targeted by state espionage? You would need serious opsec, using air-gapped computers kept in safes or guarded by humans 24x7 and other crazy stuff. They have rules about what can be physically done with devices containing top secret information for a good reason.

      • sqgl@beehaw.org
        link
        fedilink
        arrow-up
        1
        ·
        4 days ago

        If they could surveil the device to see the PIN being entered then no app would protect them.

        My Signal only asks for a PIN about once per month so that would be a lot of screen surveillance hours to sit through in order to catch that moment.

        More likely is that it was fixed since the breach but I cannot find release notes (hard to search on my phone).

  • Termight@lemmy.ml
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    10
    ·
    5 days ago

    Here are two reasons you might not want to use Signal: Your contacts, your settings, your entire Signal experience is tied to a Signal account managed by Signal. Metadata—who you’re talking to, when, and how often—can still be collected and analyzed. Question everything.

    • Special Wall@midwest.social
      link
      fedilink
      arrow-up
      11
      ·
      5 days ago

      The issue of centralization can be a problem, but in regards to metadata, sealed sender does a lot to prevent Signal’s servers from knowing who messages who, which makes Signal a lot more private than described here.

      • Termight@lemmy.ml
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 days ago

        So use no messenger? Any decentralized options?

        Alternatives to Signal that prioritize decentralized communication.

        • Briar Project (https://briarproject.org/ ): A compelling choice for censorship resistance. Briar employs peer-to-peer messaging, connecting via Bluetooth, Wi-Fi, or Tor, and incorporates privacy features by design. It’s a robust solution for those concerned about surveillance.
        • Delta Chat (https://delta.chat/ ): A decentralized and secure messenger application. It’s often praised for its ease of use and integration with existing email accounts.
        • XMPP (https://en.wikipedia.org/wiki/XMPP ): Less of an application and more of a foundational protocol. XMPP is an open standard for instant messaging, allowing for decentralized implementations – though setting up and maintaining such a system requires a degree of technical expertise.
      • sqgl@beehaw.org
        link
        fedilink
        arrow-up
        8
        ·
        5 days ago

        SimpleX is decentralized, requires no phone number, based on Signal code. Screws up invitations via FB/Messenger though.

  • HiddenLayer555@lemmy.ml
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    5 days ago

    How’s signal compared to Element?

    Also, is there a secure way to directly send messages to someone else’s phone without the message having to be stored on a central server? As in they’re only stored on the recipient device. Is that even possible with how the internet works and how packets are routed between networks? Even if the server has no way of decrypting messages by default, just having the encrypted messages stored there is a liability because your encryption keys can easily get leaked by malware running on your device, phishing, etc.

  • StanislavP@lemmy.world
    link
    fedilink
    arrow-up
    2
    arrow-down
    4
    ·
    3 days ago

    All I’ll say is Threema. You pay once for a licence, so there’s less bullshit people on it and they are based in Switzerland with it’s privacy laws.