this post was submitted on 23 Sep 2023
484 points (99.6% liked)

Technology

83500 readers
2744 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
484
Meredith Whittaker reaffirms that Signal would leave UK if forced by privacy bill (techcrunch.com)
submitted 2 years ago by L4s@lemmy.world to c/technology@lemmy.world
22 comments fedilink hide all child comments
 

Meredith Whittaker reaffirms that Signal would leave UK if forced by privacy bill::Meredith Whittaker, the president of the Signal Foundation, the organization that maintains the Signal messaging app, spoke about the U.K.'s controversial new privacy bill at TC Disrupt 2023.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] Varyk@sh.itjust.works 0 points 2 years ago (1 children)

People vaguely disparage signal on social media a lot, what's the evidence for signal having a backdoor?

[โ€“] jet@hackertalks.com 0 points 2 years ago* (last edited 2 years ago)

The fact that they store encryption keys on their servers in the cloud, relying on SGX lock boxes to prevent trivial exploitation of those keys.

In information security, as with intelligence work, it's about capabilities not intent.

Signal has the capability, to brute force the SGX enclosures, or even use trivial code signed by Intel to simply export the keys from SGX enclosures, which means all of the encryption keys stored in signals cloud, which is all of them, could be compromised. That is a capability they have.

SGX has had multiple exploits, especially side channel attacks through timing, and other metadata in the CPU. Intel is a US corporation, and their subject to national security letters, so they could be compelled to release their SGX signing keys..

All the Lego pieces are there for signal to have a back door. It's about capabilities. I'm not saying they have a back door, but the pieces are there for one.

If you recall a few years ago, there's a big hullabaloo about signal storing encryption keys in the cloud behind four digit pins.. this is why people are so angry about it. It means we have to trust the central servers, which is antithetical to the capability model that we talked about.

That being said we are reasonably sure the signal client code is secure. So if you disable pin codes and signal, your encryption key is still sent to signal cloud, but it is signed with a cryptographically secure 128-bit something code. So that's fine. But if everybody you're talking to hasn't disabled the pin, then the other side of your conversation is still exploitable.

TLDR: signals great if your threat model does not include five eyes intelligence services, and if your threat model does include five eyes intelligence services you should use something else. Not by intent, but by capabilities.