Signal is testing out a new feature that encrypts message metadata. Once it's widely deployed, their server will facilitate delivering messages but without having access to who is sending them
@micahflee stay away from Signal, it's too easy to prove that they are full of shit. Sorry for the harsh words. The article doesn't answer my questions, or essentially it does, confirming my fears.
1. Signal has closed source elements and as such cannot be trusted as a whole
2. The whole business model is talking shit about Telegram using buzz words without actually using good security. I don't trust people who rely on black-mouthing.
3. Hiding metadata is a lot harder than they make it out to be, and the only app I trust about that is bitmessage. Study bitmessage and you understand why this metadata hiding stuff is full of shit.
I do like that Telegram is in F-Droid, but the absence of Signal there is (AIUI) because of a dependency on closed source Google code. You have to trust Google anyway to use it because Android, so I don't see this as a problem.
There's nothing closed source in the official build.
Personally I'd like Signal in F-Droid. But I think Moxie's argument is that secure software delivery is hard, releasing to two app stores introduces complexity, and F-Droid doesn't give analytics or crash reports. In the end, I think he just doesn't care much because only a tiny (but loud) fraction of the user base doesn't have the Play Store
@freakazoid @tuxicoman @micahflee the home grown crypto is made for easy usability (it's much easier on phone hardware) and if it breaks down some time, it can easily be replaced. The problem with well-audited generally known crypto is twofold: 1. if one thing breaks, everything breaks. You want diversity to be able to switch to something not broken yet if something breaks down all of a sudden. [1/2]
@freakazoid @tuxicoman @micahflee 2. mainstream crypto is US government grown, and there are unverifiable by the nature of the problem suspicions that they might have built in a one-way backdoor in the crypto by choosing the default parameters (e.g. in the case of Bitcoin using non-standard parameters I think that might be a reason) in use by everyone. This means that with non-diverse crypto, a problem means that everybody is spied on instead of a part. [2/2]
@freakazoid @tuxicoman @micahflee @lapingvino Ditto the idea that we need crypto that's "much easier on phone hardware". https://mcqn.com/files/images/GNL-SignalComms.gif shows the Signal code running on 48MHz ARM Cortex-M0 hardware - both encrypting and decrypting (and doing a tiny bit of local network comms in between). There's no way Signal crypto is taxing your smartphone
@freakazoid @tuxicoman @micahflee @lapingvino @amcewen I hear that https://github.com/ctz/cifra also has a Salsa20 implementation that can be used IRL, but I haven't actually tried it. http://www.cs.haifa.ac.il/~orrd/LC17/paper39.pdf might also be an interesting read.
Hell, I can do useful encryption on a 10-yo laptop which is definitely worse than a modern, high-end smartphone.
Low-power devices are important for a lot of people, we didn't need to wait for smartphones to develop appropriate crypto...
Bonvenon! Malferme al ĉiaj kaj ĉiuj respektemaj esperantistoj.