this post was submitted on 03 Sep 2022
19 points (80.6% liked)

Security

5186 readers
5 users here now

Confidentiality Integrity Availability

founded 5 years ago
MODERATORS
[email protected]
19
Signal is secure, as proven by hackers (www.kaspersky.com)
submitted 2 years ago* (last edited 2 years ago) by [email protected] to c/[email protected]
47 comments fedilink hide all child comments
 

Users of the Signal messaging app got hit by a hacker attack. We analyze what happened and why the attack demonstrates that Signal is reliable.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 2 years ago (21 children)

Whenever someone says "Signal is not good enough", my answer is "what's your threat model"? For me it's a pretty damn good compromise given that all my friends and family are on it (as opposed to e.g. using WhatsApp or Telegram 99% of the time and a perfect alternative with one contact). The day I can realistically think about making my contacts move to a better alternative, I'll do it. In the meantime, that's the best I've got. And it's not too bad, to be fair.

[–] [email protected] 0 points 2 years ago (18 children)

In the meantime, that’s the best I’ve got. And it’s not too bad, to be fair.

Are you quite certain? Have you looked hard and concluded that Signal is the best alternative available today?

I can tell you that my messenger doesn't use identifiers, it doesn't track me, it doesn't care who my contacts are, it doesn't ask for my email, phone number, and importantly it does everything Signal does.

[–] [email protected] 1 points 2 years ago (10 children)

What's your messenger then?

[–] [email protected] -1 points 2 years ago (1 children)

It is the sole messenger that doesn't use identificators. You cannot get wrong.

[–] [email protected] 2 points 2 years ago (1 children)

No identificators at all? Lol sure, who else is using it with you?

[–] [email protected] -1 points 2 years ago (1 children)

At the moment I think more than 3000 people. Young app. Needs it to spread.

[–] [email protected] 4 points 2 years ago (1 children)

If it needs to spread, don't make a secret of it lol. Briar, SimpleX, something else?

[–] [email protected] 2 points 2 years ago* (last edited 2 years ago) (1 children)

No secrets.

https://simplex.chat/

[–] [email protected] 3 points 2 years ago (1 children)

Oh, yet another messenger that pretends that it's the only one that can prevent MITM. Abusive marketing, or plain misunderstanding of what e2ee means? Anyway I wouldn't trust them just for that.

[–] [email protected] 1 points 2 years ago (1 children)

The code is open. You can check your own doubts.

[–] [email protected] 3 points 2 years ago* (last edited 2 years ago) (1 children)

Not my point. Their webpage says that others (Signal included) are not protected against MITM (in the case of Signal, there is a note saying "if the server is compromised"). Which is plain wrong.

[–] [email protected] 0 points 2 years ago (1 children)

Are you aware that, just to start somewhere, Signal asks (and needs) your phone number to make the service work? If you write "go to hell" to a person and two minutes later you regret it that person can accuse you with absolutely legal evidence in his or her favor. Is everything normal?

[–] [email protected] 5 points 2 years ago

First, that's completely unrelated to the very concept of MITM. Second, it also shows that you have no clue about how such protocols work (in Signal, in SimpleX, or anywhere else). I really don't understand why people who are really into secure messengers often don't really care about how they actually work... I mean it is damn interesting!

load more comments (8 replies)
load more comments (15 replies)
load more comments (17 replies)