[Cryptography] Signal planning no support for plaintext SMS

John Gilmore gnu at toad.com
Tue Nov 1 20:45:44 EDT 2022

John Levine <johnl at iecc.com> wrote:
> It's hard to burn through a lot of data unless you are streaming video
> or downloading very large apps.

Signal forces you to download new versions of the app.  I was really
unhappy when at Burning Man with super limited flaky wifi bandwidth and
no phone service, it started warning me that it would start refusing to
run unless I let it download a new version.  (Unlike competently
maintained free and open source software, they have a longstanding logic
bomb in Signal that makes each version refuse to operate after 90 days.)
They release a new version roughly every 2 weeks and have auto-updates
on by default, so this may have something to do with the bandwidth

John-Mark Gurney <jmg at funkthat.com> wrote:
> That is more likely to happen then a downgrade IMO.  Signal
> currently does a good job of keeping a conversation secure.

I "downgraded" to SMS by stopping using Signal more than a year ago.  I
got tired of finding tricks to dodge Signal's insistence that I "create
a PIN" that it would then use to upload all my contacts into Signal's
servers permanently, before it would allow me to read my incoming
messages or send any outgoing messages.  Remembering NSA head Michael
Hayden's admission that "We kill people based on metadata", I decided
that a Signal Foundation that insisted on grabbing and keeping a copy of
every user's contact metadata was not a trustworthy Signal Foundation.
Whether Brian Acton (who has 100% control of the Signal Foundation; he
hires & fires the board members and the employees) got blackmailed by a
government, a mafia, served with a secret warrant, or was just
incredibly stupid about metadata security, I don't know.  But the app's
incessant demands that everyone create a PIN even if they didn't want
to, and their public lies in blogs and forums about the implications of
that design, had the flavor of a honeypot.  Even today, there is a
setting that turns off the PIN, but you can never get to the Settings
menu to change it, until the installation process has already forced you
to enter a PIN and has forcibly uploaded all your contacts.  Accident?
I think not.

And if the app is forcibly leaking your phone's metadata and lying about
it, which they are, it's just one more baby step to leak the keys that
keep your messages secret.

I see Signal as akin to Enigma in WW2.  It's the "secure app that
everybody trusts", which is actually covertly revealing its users'
private info to their opponents.  What a great accomplishment for NSA,
the Russians, the Chinese, the Israelis, or whoever penetrated Signal.

The one capability that I missed in Signal was to let users send photos
in full resolution.  After I dropped using it, they managed to turn off
even THAT capability, again giving users no option to override their "we
know better than you what you want" decision.  Real free software serves
its users -- but real free software allows forks that let users delete
obvious misfeatures.  Signal refuses to allow forks.


More information about the cryptography mailing list