Against the backdrop of events in the US, the popularity of the Signal secure messenger has grown sharply – from 6,000 to 26,000 downloads per day. This software uses strong cryptography and end-to-end encryption. It is based on the open-source code and works with well-known cryptographic protocols (unlike proprietary MProto by Telegram).
Now and then, Signal developers are facing constant threats. Various governments, including the US government, are trying to compromise the built-in protection of the messenger and gain access to the correspondence of its users. Back in 2016, the US authorities managed to get a subpoena to delete the correspondence of one particular user, but thanks to end-to-end encryption, there was nothing to delete.
The only data that Signal can provide at the request of government services is just the minimal user data that it stores on its servers. It is:
- Account creation data (in Unix format)
- Date of the last time Signal was used (in Unix format)
And that is all. No contacts, group information, or profile information.
“We designed Signal in such a way that personal data is stored on the client side, not ours,” the developers say. Signal uses end-to-end encryption, so developers never have access to the content of the messages people send. They are visible only to senders and the intended recipients. Signal also applies this design philosophy to the rest of the user data.
Unlike any other popular crypto messengers, Signal does not have access to contacts, social graph, group data, status information in groups, profile names, profile avatars, location data, search history, and so on. There are no trackers, ads, or analytics code in the program code. Absolutely all information is encrypted, except for the date the account was created and the date it was last used, as mentioned above.
Moxie Marlinspike, a well-known hacker, crypt anarchist and the lead program developer says: “Since we created Signal in order to completely avoid the storage of any confidential information, I can go on stage in front of thousands of people and publicly publish all my account information without revealing anything other than how long ago I have installed Signal (it was the last time I changed the phone) and the last date I used it (by the way today).”
The main weakness of Signal and similar messengers is the binding to a specific phone number. For example, if an outsider joins a certain group, he can see the phone numbers of all members of this group. This technique was used by the Hong Kong police to identify the protesters in WhatsApp, Signal, and Telegram.
On the other hand, the attacker cannot get the rest of the account data even upon judicial requests.
“If you ask the CEO of any other major communication platform to publicly publish his credentials from his platform, he won’t do that,” Moxie writes. “I don’t blame them – this is a kind of data that is inconvenient to share. But this raises the question of how comfortable it is to share the same data with the authorities and service providers.”
Any American company is required to comply with the rules of American law and provide data at the request of the court. But in the case of Signal, it will simply have nothing to present.
In some countries, after WhatsApp leakage cases, even the military and politicians are transferred to the mandatory use of Signal and Wickr crypto messengers. For example, such rules are set for soldiers of the 82nd Airborne Division of the US Army and for communication of members of the Conservative Party in Great Britain. Today, the presence of Signal on the phone is not a sign of suspicious activity of its owner, but rather a sign of common sense.
The lack of personal data in the ownership of the company behind any messenger app is the only strategy that ensures the security of personal data. Trust in any messenger comes down to trusting the company’s engineering capabilities to develop software that will not allow the transfer of personal data and ensures that this data is stored only locally and no one else can read it.
Signal is a non-profit organization, so the software has been and will remain free and open-source. “Our mission is to increase privacy on the Internet, so we freely publish our technology and share knowledge in order to encourage other companies to use it in their own products and services,” says Moxie Marlinspike.
Today, some other messengers work using the Signal protocol. However, they have not implemented a strict refusal to collect personal information about users and continue to store contact details, conversations, photos, and other data for each account on their servers. For example, WhatsApp also uses the secure Signal protocol, but it passes the user’s social graph to the parent company Facebook. The same applies to Telegram Messenger Inc.
Of course, there are more secure and reliable instant messengers with end-to-end encryption, that do not transfer the phone number. For example, the Matrix P2P direct encrypted messaging system that uses client software such as Riot and others. But so far, these programs are not very user friendly. For example, , you need to edit the .json configuration file.
Moreover, we underestimate one more privacy problem coming from another side. None of us are immune from the fact that under pressure, we can be forced to reveal correspondence holding the phone in our hands. Anyone can play the coercive role, from a robber to border guards and police officers.
None of the popular instant messengers have protection against such an attack. So, the next step is to develop a new protection mechanism. Some experts are already working on a solution where if the user, being under pressure, could launch the messenger and show an empty account where there is no important correspondence. At the same time, the attacker will not know that he was shown only one of several accounts hidden in the messenger app.
By David Balaban
David Balaban is a computer security researcher with over 17 years of experience in malware analysis and antivirus software evaluation. David runs the macsecurity.net project that presents expert opinions on contemporary information security matters, including social engineering, malware, penetration testing, threat intelligence, online privacy, and white hat hacking. David has a strong malware troubleshooting background, with the recent focus on ransomware countermeasures.