Convincing people to use apps such as Signal is hard work and most can’t be convinced. But with those you manage to convince, do you feel happy to talk to them on Signal?

The problem is these people use Signal on Android/IOS which can’t be trusted and IOS has recently been in the news for having a backdoor. And it has also been revealed that american feds are able to read everyone’s push notifications and they do this as mass surveillance.

So not only do you have to convince people to use Signal which is an incredibly difficult challenge. You also have to convince them to go into settings to disable message and sender being included in the push notifications. And then there’s the big question is the Android and IOS operating systems are doing mass surveillance anyway. And many people find it taking a lot of effort to type on the phone so they install Signal on the computer which is a mac or Windows OS.

So I don’t think I feel comfortable sending messages in Signal but it’s better than Whatsapp.

These were some thoughts to get the discussion started and set the context.

    • Otter@lemmy.ca
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 months ago

      Yep, none of us got to where we are all at once. We learned about things over time, and made changes over time.

      It’s a process just like any other type of personal development/ habit building

    • Kualk@lemm.ee
      link
      fedilink
      arrow-up
      2
      arrow-down
      4
      ·
      edit-2
      2 months ago

      There are no shades of grey in encrypted communications.

      Your messages are either plain text or not to 3rd party.

      Sometimes it appears to be encrypted, but there loopholes that make it possible to significantly reduce decryption costs. It is plain text to those who put the loopholes, like specially crafted constants in the algorithm.

      • EngineerGaming@feddit.nl
        link
        fedilink
        arrow-up
        11
        ·
        2 months ago

        There are indeed shades of grey. Not only the presence of encryption itself matters, but the metadata, as well as details of the implementation. For example, Signal has all the messages encrypted - but it has the capability to know the identities of everyone and to build their social graph due to centralization.

  • CO5MO ✨@midwest.social
    link
    fedilink
    arrow-up
    18
    ·
    2 months ago

    Took years to get all the ppl I care about on signal & now the effort was definitely worth the reward.

    Why don’t you feel comfortable on signal? Honestly it’s worked out for the best in my use case bc I have ppl that use android, iOS, windows, Linux & macOS, so it’s great to not have to deal with shit media quality or messages not going through bc of all the different operating systems. It’s E2EE so I’m not too worried about mass surveillance within my signal groups.

    Also, iOS back door? I must have missed that. Haven’t seen any news about that.

  • mox@lemmy.sdf.org
    link
    fedilink
    arrow-up
    13
    ·
    edit-2
    2 months ago

    Signal is not my tool of choice, so I’ll answer from a more general perspective:

    Having multiple friends and social groups on an e2ee chat system for the past few years feels great. Knowing that our words aren’t being recorded and exploited by half a dozen companies, we no longer feel the need to self-censor. The depth and value of our online conversations have grown noticeably.

    Yes, there is more work to do, both at the endpoints and in the protocols. No, not all of us have flipped all the switches to maximize our privacy yet. That’s okay. Migrating is a gradual process. We do it together, helping each other along the way, rather than trying to force it all at once. Every step an improvement.

    • JubilantJaguar@lemmy.world
      link
      fedilink
      arrow-up
      6
      ·
      2 months ago

      This is exactly my take. It basically holds for Signal too.

      The question of self-censorship is too often overlooked IMO. The knowledge that nobody is reading your messages except their intended recipients is empowering and liberating. No one is filling a database with information about you and your friends, because they can’t. You can say exactly what you would say at the dinner table and not think twice about it.

      In a police state with mass surveillance (we all know the big examples) you don’t have this privilege. Whether or not you think about it consciously, you are constantly monitoring and policing what you say - and therefore ultimately, to some extent, what you think.

      I’ve been in a couple of those places recently. I can tell you that just the banal act of using Signal there (sometimes over VPN) felt almost exhilarating, like jumping the prison walls.

      In historical terms, free speech is a vanishing rare thing. It absolutely is not the norm and it bothers me that so many people in the West don’t seem to know this. We should not take it for granted.

  • kbal@fedia.io
    link
    fedilink
    arrow-up
    12
    arrow-down
    3
    ·
    2 months ago

    Yeah, Signal is good enough. If people use shitty operating systems like iOS or Google’s version of Android that’s another problem and not really one that it’s my job to care about that much. What matters is the network effect and every user who moves moves from Whatsapp to Signal is one more person who gains the freedom to easily improve their digital lives further if they someday choose to do so without it costing them the ability to chat with all their friends.

    • EngineerGaming@feddit.nl
      link
      fedilink
      arrow-up
      6
      ·
      2 months ago

      The problem I have with Signal is that it itself pushes people onto the “shitty operating systems”. It does not allow registering from desktop, at least officially. There are workarounds, but they’re cumbersome (especially for a non-technical person, whom Signal is supposed to appeal to), and the official client outright tells you go to use a phone first. And even then, apparently the desktop client is not even full-featured, and not the priority.

      I know there are degoogled OSes (running Graphene myself), but you’d need to get lucky or choose a phone with this in mind, while a random given laptop is likely to be able to run Linux.

      • kbal@fedia.io
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        2 months ago

        I would certainly advise everyone to choose a phone with that in mind.

        The desktop client is not great, but it works. There certainly are things Signal could do better. Its phone-centric nature is ridiculous and I have no idea why they cling to it. But it’s easier than trying to get everyone to use Matrix or whatever — mainly because more people have heard of it.

        • EngineerGaming@feddit.nl
          link
          fedilink
          arrow-up
          3
          ·
          2 months ago

          For my current phone, I did - I chose a Pixel. But I got aware about OS privacy while in the middle of using an unsupported phone, so for a while, I treated it as a “public place”. So making a phone private may not be viable for everyone.

          Plus, the supported phones may be more expensive. Even my current one was $300, which is a lot for me, in addition to not being officially sold here.

    • toastal@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      2 months ago

      Signal refuses to even try to accommodate for UnifiedPush or MQTT for those not using play services requiring an extra battery-draining socket to their servers. You are also still required to use one of the mobile duopoly OSs as a primary device to register (SIM still required). Good luck if you use a Linux phone, KaiOS, or just don’t want an ever-present tracking beacon on you. We all know the Electron-based desktop client is shit. I would flip this on its head & say it is the service’s probably if they choose to prioritize & mainly support the shitty mobile OS duopoly it’s their problem for providing a bad service & getting the criticism they deserve.

  • davel [he/him]@lemmy.ml
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    12
    ·
    2 months ago

    “Feel,” “happy,” “comfortable”… Privacy doesn’t care about your feelings.

    And it has also been revealed that american feds are able to read everyone’s push notifications and they do this as mass surveillance.

    Speaking of the feds, it was they who funded the creation of Signal, which is one of the reasons it ought not be trusted.

  • 9488fcea02a9@sh.itjust.works
    link
    fedilink
    arrow-up
    10
    arrow-down
    3
    ·
    1 month ago

    Signal is fine for almost everyone unless you’re truly doing dangerous work in a truly oppressive state.

    I’m so tired of everyone telling others not to use signal because it uses phone numbers. Everyone in here acting like they’re mr. Robot or something.

    Anonymity is not the same as privacy. Privacy is good enough for me

  • Kintarian@lemmy.world
    link
    fedilink
    arrow-up
    10
    arrow-down
    4
    ·
    2 months ago

    I figure it’s best to assume that there is no privacy on the internet.

    I’ve been in IT to close to 40 years and I don’t say anything online that I wouldn’t say in public.

    • kbal@fedia.io
      link
      fedilink
      arrow-up
      13
      arrow-down
      1
      ·
      2 months ago

      Be paranoid in your estimation of how much privacy you have, but diligent in your efforts to get more of it for everyone.

      • Kintarian@lemmy.world
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        2 months ago

        I’m not saying don’t use the Internet. I’m saying be aware, be careful. Don’t let companies sell your information. Use two factor authentication. Encrypt everything you can. Scan your system for malware. Don’t open suspicious emails. Be proactive, but realize at some point someone could compromise your security.

        • EngineerGaming@feddit.nl
          link
          fedilink
          arrow-up
          3
          ·
          2 months ago

          That is not “no privacy” though. Absolute privacy is probably unachievable indeed, but you can be pretty high on its spectrum.

          • chappedafloat@lemmy.wtfOP
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 month ago

            I think a big part of it comes down to what threats are there in theory and what threats are there actually. The problem is that the theoretical threats are possible, they’re not unrealistic and that’s why it doesn’t feel good to not be protected against the theoretical threats but we maybe need to try and accept they are too unlikely to be active threats. Trying to protect from theoretical threats is kind of like trying to protect your house from having an airplane fall down from the sky into your house. Or maybe this is just my trying to cope.

            And how do we know what threats are theoretical vs active threats? Just have to keep learning and learning, it takes a long time. Talking in privacy and security communities can help speed up the learning.

            • EngineerGaming@feddit.nl
              link
              fedilink
              arrow-up
              1
              ·
              1 month ago

              Yeah, I fully agree! Point was different though… How does it relate to your statement of “there is no privacy on the internet”? Such awareness might help gain said privacy in each area, from different threats.

          • Kintarian@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            2 months ago

            We’ve had meetings spelling out to users what they should look for in a suspicious email. Then, once a week we would send out an email that was either legitimate or suspicious. We would ask them to look closely at the email and mark down on the questionnaire whether the email was suspicious or legitimate. A not insignificant number of people failed the test every week. Your average user just isn’t equipped with the mindset they need to be safe on the internet.

    • JubilantJaguar@lemmy.world
      link
      fedilink
      arrow-up
      3
      arrow-down
      2
      ·
      2 months ago

      Cynicism is a self-fulfilling prophesy. If everything’s bad then there’s no reason to care, and if nobody cares then everything will be bad.

      For things to get better, or not get worse, cynics depend on others to care about those things. To me that feels terribly like freeloading.

      • refalo@programming.dev
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        edit-2
        1 month ago

        Just because someone chooses not to be a privacy advocate, I don’t think that means it is universally accepted that they are “freeloading”.

        Usually the people who I see make these kinds of arguments are the ones that don’t participate in normal society and live in a bubble, and pretend capitalism isn’t necessary for most people to live their lives.

  • 211@sopuli.xyz
    link
    fedilink
    arrow-up
    6
    ·
    1 month ago

    I don’t know how the Play Store version does push notifications, but Molly, and I think the apk from their site, work just fine on degoogled phones without Google services.

    I don’t remember what name it has, but missing it breaks push notifications on most “normal” apps. Many FLOSS ones are coded to have their own methods that don’t transmit data to Google, and it appears at least some versions of Signal do too.

    My threat model doesn’t include state level actors taking an active interest in me, so for my purposes Signal would be secure enough, if only I got people to adopt even it.

      • jim3692@discuss.online
        link
        fedilink
        arrow-up
        2
        ·
        1 month ago

        I have Signal and microG with push notifications. Signal still uses websocket on my device. So, I guess it would be fine without microG push.

  • JubilantJaguar@lemmy.world
    link
    fedilink
    arrow-up
    4
    ·
    2 months ago

    This is the ideal scenario as I see it, in order of importance:

    1. industry-standard E2E encryption using open-source software on the client (privacy)
    2. distributed server network controlled by many entities (resilience)
    3. open-source, open-standards, interoperable software on both client and server (user autonomy)

    As I understand it, the goldilocks solution is therefore the Matrix stack. BUT! It’s hard to set up and nobody uses it!

    The best real-world option, with feasible UX and an existing critical mass of users, is therefore Signal. It only fully meets the first criterion, yes. But personally I give it a bit of credit for the second too, in that it belongs to a non-profit foundation with multiple stakeholders, somewhat like Wikimedia. Signal will do while we’re waiting for a proper email-like open standard for secure messaging.

    • fractal_flowers@lemmy.ml
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 months ago

      the Matrix stack. BUT! It’s hard to set up and nobody uses it!

      Is it really that hard? For me it was just downloading an app and creating an account–easier than setting up Facebook Messenger. I think it doesn’t yet have the network that Messenger/Signal/Whatsapp have, which makes it harder to use with others, but setting up has been easy in my experience.

      • JubilantJaguar@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        1 month ago

        Yes it looks a bit like the Twitter-Mastodon paradigm. Nobody uses it because nobody uses it. And also because changing is hard. And also because the installation and UX is bad. Which is partly because not enough people are using it.

    • toastal@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      1 month ago

      There are several open protocols that meet your criteria that aren’t Matrix (with most of them using double-ratchet encryption similar to if not exactly like Signal). Due to server costs (Matrix eats a lot of RAM & storage), medium-sized entities usually bow out so the Matrix network largely consist of a few 1–10 user servers & massive centralization around Matrix.org & the hosted servers they provide. Since almost all the messages get synced to the Matrix.org server if just one Matrix.org user is in your room or whatever, all metadata will be synced to the mothership in Matrix.org that was originally funded by Israeli intelligence.

    • mox@lemmy.sdf.org
      link
      fedilink
      arrow-up
      1
      ·
      2 months ago
      1. distributed server network controlled by many entities (resilience)

      It only fully meets the first criterion, yes. But personally I give it a bit of credit for the second too, in that it belongs to a non-profit foundation with multiple stakeholders, somewhat like Wikimedia.

      These two things are not at all equivalent, or even comparable.

  • OlPatchy2Eyes@slrpnk.net
    link
    fedilink
    arrow-up
    4
    ·
    2 months ago

    Is there any reason to believe the message and sender can be read from the data sent to the push service? From my understanding, that should still be encrypted.

    • merde alors@sh.itjust.works
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      2 months ago

      indeed they are ☞ President of @signalapp : https://mastodon.world/@Mer__edith/111563865413484025

      PSA: We’ve received questions about push notifications. First: push notifications for Signal NEVER contain sensitive unencrypted data & do not reveal the contents of any Signal messages or calls–not to Apple, not to Google, not to anyone but you & the people you’re talking to.

      In Signal, push notifications simply act as a ping that tells the app to wake up. They don’t reveal who sent the message or who is calling (not to Apple, Google, or anyone). Notifications are processed entirely on your device. This is different from many other apps.

      What’s the background here? Currently, in order to enable push notifications on the dominant mobile operating systems (iOS and Android) those building and maintaining apps like Signal need to use services offered by Apple and Google.

      Apple simply doesn’t let you do it another way. And Google, well you could (and we’ve tried), but the cost to battery life is devastating for performance, rendering this a false option if you want to build a usable, practical, dependable app for people all over the world.*

      So, while we do not love Big Tech choke points and the control that a handful of companies wield over the tech ecosystem, we do everything we can to ensure that in spite of this dynamic, if you use Signal your privacy is preserved.

      *(Note, if you are among the small number of people that run alt Android-based operating systems that don’t include Google libraries, we implement the battery-destroying push option, and hope you have ways to navigate.)

      • OlPatchy2Eyes@slrpnk.net
        link
        fedilink
        arrow-up
        4
        ·
        2 months ago

        Did some searching. You’re referencing a podcast in which known propagandist and liar Tucker Carlson claims that an anonymous source of his implies the NSA broke into his Signal messages. Wish you’d qualified that in the post because that’s important context.

        Don’t you think it’s way more likely that the guy blew his cover some other way? Googling hotels near the Kremlin or something? You know, because he’s a dumbass?

      • davel [he/him]@lemmy.ml
        link
        fedilink
        English
        arrow-up
        3
        ·
        2 months ago

        Was it revealed, or did Tucker Carlson assert this with no evidence? Because what comes out of his mouth is usually bullshit.

  • Kualk@lemm.ee
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    edit-2
    2 months ago

    Signal runs a service. Even if its source code is open source there’s no guarantee that that’s the code running on the server.

    I don’t know the protocol, but I am concerned of man in the middle and how safe it is from man in the middle. In this case signal servers must be considered to be man in the middle.

    The only system to trust is peer to peer with proven track record of sending encrypted data over public channels.

    That’s PGP and Delta Chat utilizing PGP.

    • JubilantJaguar@lemmy.world
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      2 months ago

      If the client software is open source with reproducible build, then you don’t need to care about what’s running on the server. You will never have any means to confirm what’s running on the server, because you don’t control the server. That is why EE2E was invented.

      • andylicious1337@lemmy.world
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        2 months ago

        but if this is your argument, you could also say that Telegram is good because their client can also be built from their open source. of course you have to activate e2ee on a 1-1 chat first…

        • JubilantJaguar@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          2 months ago

          If the E2EE is enabled and the client software source is available and reproducible, then, indeed, it could be called Telegram or anything else, it doesn’t matter.

          The particular issue with Telegram is, as you say, the default setting. And also that its encryption algo is not universally trusted.

          • andylicious1337@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            2 months ago

            ok but if the source of the server is not know, how can the client be save?

            I know how e2ee works but couldn’t a bad closed-source server still be a problem?

            btw. not trying to call you out, I just really want to know, cuz I cant get my head around it 🙈🙊

            • JubilantJaguar@lemmy.world
              link
              fedilink
              arrow-up
              2
              ·
              2 months ago

              The message is encrypted using a key. The key exchange was done over a direct secure channel to the other client, in much the same way as you connect to your bank’s website using HTTPS. The server therefore does not have the key and can only see encrypted text.

              Assuming the client software has not been compromised at either end, then the server will never see anything other than garbled ciphertext.

              BTW, this is also the case with Whatsapp, for example. But the problem with Whatsapp is that the client software is closed source. So you have to trust them not to, for example, surreptitiously phone home with a separate copy of your message. Very unlikely but you have no way to check when the client software is a black box.

              But what’s running on the server is not the issue in either case.

              • andylicious1337@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                2 months ago

                ah ok. that makes sence. so only if the secure channel of the key exchange is somrhow attacked, the encryption can be broken, correct? i dont wanna ever use telegram (not even on 1-1 e2ee chat) but basically they are still bad since they use encryption wich is not a standard and could be compromised?

                (i hope thats it with all the question i have 🙈)

                • JubilantJaguar@lemmy.world
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  edit-2
                  1 month ago

                  Yes, compromising the key exchange would be one attack. But that’s not technically breaking the encryption, that’s just stealing the key. To do that, you need control of the client - which is a thousand times easier when it’s impossible to check the source code of the software it’s running. Otherwise, your only option is to break the encryption (i.e. discover the key) and that is gonna be very hard indeed because, unlike logins that humans use, the “password” is always completely random and very strong.

                  Telegram has open source client software, but it uses its own in-house encryption algorithm, which is not an industry standard. Some people think it might therefore be easier to compromise. But in any case, as you say, Telegram doesn’t even have encryption enabled by default.

                  The better reason not to use Telegram is because it’s a shady company with no obvious business model and therefore has an incentive to do bad things.

  • kindenough@kbin.earth
    link
    fedilink
    arrow-up
    2
    ·
    2 months ago

    Good enough to donate once in a while. There are just a few people I want to communicate with and true, they installed Signal for me.