Convincing people to use apps such as Signal is hard work and most can’t be convinced. But with those you manage to convince, do you feel happy to talk to them on Signal?
The problem is these people use Signal on Android/IOS which can’t be trusted and IOS has recently been in the news for having a backdoor. And it has also been revealed that american feds are able to read everyone’s push notifications and they do this as mass surveillance.
So not only do you have to convince people to use Signal which is an incredibly difficult challenge. You also have to convince them to go into settings to disable message and sender being included in the push notifications. And then there’s the big question is the Android and IOS operating systems are doing mass surveillance anyway. And many people find it taking a lot of effort to type on the phone so they install Signal on the computer which is a mac or Windows OS.
So I don’t think I feel comfortable sending messages in Signal but it’s better than Whatsapp.
These were some thoughts to get the discussion started and set the context.
Signal runs a service. Even if its source code is open source there’s no guarantee that that’s the code running on the server.
I don’t know the protocol, but I am concerned of man in the middle and how safe it is from man in the middle. In this case signal servers must be considered to be man in the middle.
The only system to trust is peer to peer with proven track record of sending encrypted data over public channels.
That’s PGP and Delta Chat utilizing PGP.
Finally, someone who knows the difference between software and service.
If the client software is open source with reproducible build, then you don’t need to care about what’s running on the server. You will never have any means to confirm what’s running on the server, because you don’t control the server. That is why EE2E was invented.
but if this is your argument, you could also say that Telegram is good because their client can also be built from their open source. of course you have to activate e2ee on a 1-1 chat first…
If the E2EE is enabled and the client software source is available and reproducible, then, indeed, it could be called Telegram or anything else, it doesn’t matter.
The particular issue with Telegram is, as you say, the default setting. And also that its encryption algo is not universally trusted.
ok but if the source of the server is not know, how can the client be save?
I know how e2ee works but couldn’t a bad closed-source server still be a problem?
btw. not trying to call you out, I just really want to know, cuz I cant get my head around it 🙈🙊
The message is encrypted using a key. The key exchange was done over a direct secure channel to the other client, in much the same way as you connect to your bank’s website using HTTPS. The server therefore does not have the key and can only see encrypted text.
Assuming the client software has not been compromised at either end, then the server will never see anything other than garbled ciphertext.
BTW, this is also the case with Whatsapp, for example. But the problem with Whatsapp is that the client software is closed source. So you have to trust them not to, for example, surreptitiously phone home with a separate copy of your message. Very unlikely but you have no way to check when the client software is a black box.
But what’s running on the server is not the issue in either case.
ah ok. that makes sence. so only if the secure channel of the key exchange is somrhow attacked, the encryption can be broken, correct? i dont wanna ever use telegram (not even on 1-1 e2ee chat) but basically they are still bad since they use encryption wich is not a standard and could be compromised?
(i hope thats it with all the question i have 🙈)
Yes, compromising the key exchange would be one attack. But that’s not technically breaking the encryption, that’s just stealing the key. To do that, you need control of the client - which is a thousand times easier when it’s impossible to check the source code of the software it’s running. Otherwise, your only option is to break the encryption (i.e. discover the key) and that is gonna be very hard indeed because, unlike logins that humans use, the “password” is always completely random and very strong.
Telegram has open source client software, but it uses its own in-house encryption algorithm, which is not an industry standard. Some people think it might therefore be easier to compromise. But in any case, as you say, Telegram doesn’t even have encryption enabled by default.
The better reason not to use Telegram is because it’s a shady company with no obvious business model and therefore has an incentive to do bad things.