Signal is testing out a new feature that encrypts message metadata. Once it's widely deployed, their server will facilitate delivering messages but without having access to who is sending them

signal.org/blog/sealed-sender/

@micahflee stay away from Signal, it's too easy to prove that they are full of shit. Sorry for the harsh words. The article doesn't answer my questions, or essentially it does, confirming my fears.

@tuxicoman @micahflee
1. Signal has closed source elements and as such cannot be trusted as a whole
2. The whole business model is talking shit about Telegram using buzz words without actually using good security. I don't trust people who rely on black-mouthing.
3. Hiding metadata is a lot harder than they make it out to be, and the only app I trust about that is bitmessage. Study bitmessage and you understand why this metadata hiding stuff is full of shit.

@lapingvino @micahflee @tuxicoman Signal were far from the only people criticizing Telegram. Also, Telegram's ICO (which I imagine you've invested in, hence all the FUD about Signal) was super shady.

gizmodo.com/why-you-should-sto

@freakazoid @tuxicoman @micahflee I don't invest in any ICO. I trust Telegram because it keeps my dear friends in oppressive regions safe.

@micahflee @tuxicoman @lapingvino And my understanding is that what e2e crypto it does have is home-grown, which is a big no-no. Double ratchet is open source and well-audited.

I do like that Telegram is in F-Droid, but the absence of Signal there is (AIUI) because of a dependency on closed source Google code. You have to trust Google anyway to use it because Android, so I don't see this as a problem.

Follow

@freakazoid @tuxicoman @micahflee the home grown crypto is made for easy usability (it's much easier on phone hardware) and if it breaks down some time, it can easily be replaced. The problem with well-audited generally known crypto is twofold: 1. if one thing breaks, everything breaks. You want diversity to be able to switch to something not broken yet if something breaks down all of a sudden. [1/2]

@freakazoid @tuxicoman @micahflee 2. mainstream crypto is US government grown, and there are unverifiable by the nature of the problem suspicions that they might have built in a one-way backdoor in the crypto by choosing the default parameters (e.g. in the case of Bitcoin using non-standard parameters I think that might be a reason) in use by everyone. This means that with non-diverse crypto, a problem means that everybody is spied on instead of a part. [2/2]

@lapingvino @micahflee @tuxicoman Signal uses Curve25519, which was developed by Dan Bernstein, who does not work for the US government.

The notion that home-grown crypto is going to be safer than widely analyzed crypto from well-known cryptographers is utter nonsense.

@freakazoid @tuxicoman @micahflee @lapingvino Ditto the idea that we need crypto that's "much easier on phone hardware". mcqn.com/files/images/GNL-Sign shows the Signal code running on 48MHz ARM Cortex-M0 hardware - both encrypting and decrypting (and doing a tiny bit of local network comms in between). There's no way Signal crypto is taxing your smartphone

@amcewen @lapingvino @micahflee @tuxicoman Yeah Curve25519 and XSalsa20 are about as easy on phone hardware as one could hope for.

@freakazoid @tuxicoman @micahflee @lapingvino @amcewen I hear that github.com/ctz/cifra also has a Salsa20 implementation that can be used IRL, but I haven't actually tried it. cs.haifa.ac.il/~orrd/LC17/pape might also be an interesting read.

Hell, I can do useful encryption on a 10-yo laptop which is definitely worse than a modern, high-end smartphone.

Low-power devices are important for a lot of people, we didn't need to wait for smartphones to develop appropriate crypto...

Sign in to participate in the conversation
esperanto.masto.host

Bonvenon! Malferme al ĉiaj kaj ĉiuj respektemaj esperantistoj.