Signal is a CIA honeypot

Serious question - what is the newest platform / application / etc. that Sup Forums has, for the most part, accepted as being good?

Anything is either being "shilled", is a botnet, or is a honeypot. I know random individuals will shitpost about this so it will never be 100%, but is there anything that the consensus actually likes / uses that is not old?

>It is able to decrypt all your phone messages. Therefore, desktop app has access top private encryption key from phone.
maybe the encryption key is your password used to log in..?

When it was revealed that whatsup (which also uses the singal protocol) has a backdoor which allows facebook to request from your client to silently resend any messages that you sent to someone with a different encryption key every signal shill in the world started strawmanning and whining about fake news.

I would suggest XMPP/IRC with OTR (sadly it uses weak encryption) or tox.

>Therefore, desktop app has access top private encryption key from phone.
Do you connect the phone to the PC? If so I can't see the problem.

In that case moxie can decrypt anything that you wrote as he has your password.

>closed source
guaranteed honeypot

>a backdoor for facebook to bypass your encryption
Zuck for prez 2020

idk how this moxie character is, but does he have your password tho? maybe a hash of it.

idk, in any case you are right

t. reddit bootlicker

>I wouldn't worry about it goyim!

>dom individuals will shitpost about this so it will never be 100%, but is there anything that the consensus actually likes / uses that is not old?

Best thing I've found is running a private XMPP server. For clients, use Chatsecure/Conversations.im/Gajim with OMEMO encryption. Similar to Signal's encryption, but the server does not steal your private keys, and stores no chat archives by default.

Also, XMPP works like email. [email protected] can message [email protected]. XMPP is the future that never happened because of normies taking over the internet.

prosody.im/
youtu.be/-0M0NeZ_cU4

>Signal is a CIA honeypot
Of course it is. That's why State Department promotes it for "revolutionary and democratic movement in """oppressed""" countries."

It's also why FBI is not bitching about it and isn't asking for keys.

It it FOSS however Moxie
1: is against people compiling it themselves
2: is against repositories compiling it for people
3: does not provide reproducible builds
Thus it would not be impossible that the official builds (which are distributed only via google play and can be used only in devices with GCM) are backdoored.

>moxie
when you place a backdoor into your own software only to find naked r34 pictures of yourself

I can understand why you deleted this.

>Moxie is against freedom and forks
he's a jew

>he's a jew
dammit.
every god damn time

Can you verify that the messages that you receive are not forged?
Isn't XMPP XML bullshitte?
Does it allow for deniable authentication?
What algorithms does it use?

Alt-righters are the biggest cucks

And what if he is?

what do you think about matrix chat / riot.im? uses signals encryption and is still in beta but going main stream soon about.riot.im/security/

sorry. riot actually uses olm a version of double ratchet developed independently from signals

>ADDITIONALLY: If you use Signal for your phone, install he desktop app. It is able to decrypt all your phone messages. Therefore, desktop app has access top private encryption key from phone.
This is wrong. I've poked around in the protocol and what happens when you add the desktop app is it creates another key pair and publishes the new public key. After that, every time someone sends you a message it encrypts the message with each public key and sends them. If you have two desktop apps in addition to the phone, you'll actually see 3 distinct posts to the Signal API. This is why you cannot access messages that were sent prior to setting up the desktop App.

Don't believe me? Open the Chrome developer tools for the App and watch the API calls when sending messages to people with the desktop App.

I tried the web version of matrix and it was a js-infested crap. Moreover it uses bullshit like HTTP, JSON, WebRTC, and other web3.0 crap. I also dislike the fact that it needs a server in order to work - I would prefer a distributed approach.
That being said, I have not looked into the crypto behind it.

>it creates another key pair and publishes the new public key. After that, every time someone sends you a message it encrypts the message with each public key and sends them
Is the new keypair signed by the old one? If not, how do they know that it is not an attacker that publishes that keypair?

Yeah. The desktop shows you a QR code which you scan with the App to complete the process.

>The desktop shows you a QR code
Which is the hash of the public key I assume?

I didn't actually bother to decode it, but I assume it is something like that. I was more interested in the over the wire protocol. Try it and let us know.

someone complain about it, so they remove it on the subreddit of privacy.io

I see, WebRTC really shits up everything since it doesn't work over tor

Scanning the QR code. Reads:
>tsdevice:/?uuid=##########&pub_key=##########

With actual characters instead of "#" of course.

Which means private key isn't being transferred by the QR code.

>Signal uses AES256, an outdated encryption algorithm. What's worse is that it uses it in CBC mode in certain cases

bait?

No, why would it be?

Because aes256-cbc isn't broken?

The plaintext is encrypted using AES-256 in CBC mode with PKCS#7 padding, using the encryption key and IV from the previous step

whispersystems.org/docs/specifications/doubleratchet/

Define broken.

REEEEEE

Riot is still a pretty shit client focused on groupchats, with devs not caring about 1:1 chat. I'm not even sure there's a way to see if a person is online on it, and instead of contact list you have a bunch of separate 2 man rooms. XMPP with OMEMO is probably the best ATM if you can get your normie friends past "what's that never heard ofust be bad"

pando.com/2015/03/01/internet-privacy-funded-by-spooks-a-brief-history-of-the-bbg/

whether it uses aes256-cbc was never in dispute. why don't you state why it's broken, preferably with citations.

See

>In Europe, the CIA set up “Radio Free Europe” and “Radio Liberation From Bolshevism” (later renamed "Radio Liberty"), which beamed propaganda in several languages into the Soviet Union and Soviet satellite states of Eastern Europe.

Reporting news is propaganda now? Is this Breitbart clone?

Any reason not to use it

AES has some known attacks which are faster than the generic attacks.
AES is complex and it is difficult to create side-channel resistant implementations for it.
AES is slower and weaker in general when compared to more modern ciphers.
No sane person uses the CBC mode. Every sane person uses a CTR-based mode for everything.

Sup Forums has been leaking for a while now

>AES has some known attacks which are faster than the generic attacks.
Are they faster to allow for a feasible attack? Going from 2^256 to 2^237 isn't going to compromise anyone's security

>AES is complex and it is difficult to create side-channel resistant implementations for it.
Not an issue unless you're rolling your own crypto.

>AES is slower and weaker in general when compared to more modern ciphers.
See first point

>No sane person uses the CBC mode. >Every sane person uses a CTR-based mode for everything.

Elaborate?

>>Signal creator later makes apps to help Arab Spring. Arab Spring was orchestrated by CIA.
Sure is Sup Forums here.

>Are they faster to allow for a feasible attack?
No, but attacks only get faster, not slower. If you encrypt something now you will want it to be private for quite a long time.

>Not an issue unless you're rolling your own crypto.
Yeah no. Side channel attacks are some of the most cruel and difficult to protect against attacks. There are multiple issues concerning power usage and timing attacks on common AES implementations every year.
This is why you should instead use primitives which are designed for side channel resistance.

>See first point
How does this address the slowness issue?

>weaker
"weaker" does not only refer to the known attacks but also to the general design decisions that were made during the AES competition.

>Elaborate?
There is no reason to select CBC instead of CTR. No sane person would select CBC instead of CTR.

This

I probably should have been more specific in the beginning. Aes256-cbc isn't perfect, but the flaws mentioned isn't exactly convincing proof that it's a CIA honeypot. You'd think that a honeypot would be something so it's easy for you to decrypt the messages. Some theoretical/unfeasible attacks isn't it.

Maybe if they were using dualEC I'd might be convinced.

>isn't exactly convincing proof that it's a CIA honeypot
I am not claiming that it is. I am just claiming that it is a bad design decision for a modern protocol.

(((Moxie Marlinspike)))

>slowness issue
yep, because 5% lower battery life is exactly what the CIA wants

>ADDITIONALLY: If you use Signal for your phone, install he desktop app. It is able to decrypt all your phone messages. Therefore, desktop app has access top private encryption key from phone.
When you install Signal on your computer and it gives you this QR code to link with your phone it includes a public key which your phones signal app uses to do key exchange with your computer.

It's not rocket surgery. They don't just magically swap keys.

If it can produce the public key for a QR, it can open up a TCP connection to cia.net and send it there too.

Private key should never be transferred but certainly never through an unencrypted medium.

>There is no reason to select CBC instead of CTR. No sane person would select CBC instead of CTR.
You're just saying the same thing.

Why would someone use CTR over CBC?

I guess everything is a CIA honeypot then.

weren't you just crying about freeze peach? just care about civil rights when it suits you?

Everyone have something to hide.
Not everyone have something illegal to hide, but everyone have sensitive data that should not be available to people over the internet.

Even if it's just pictures of my dick.

for

It's not illegal unless you flash em to people.
But a CIA plant still can steal it and use it to blackmail you.

> The private key must have traversed Signal's server to reach desktop app.

Are you literally fucking retarded. The desktop app creates a new set of private keys and registers the public key online. When someone sends you a message, it's encrypted with both session keys (that are derived from the identity keys).

It's fucking free software, read the code you cunt.

Is the server backend open source yet?

> 1: is against people compiling it themselves
Is against technically illiterate people tryning to compile it themselves, because it has a timer that nukes the app after 90 days if you don't rebuild and update it.
> Thus it would not be impossible that the official builds (which are distributed only via google play and can be used only in devices with GCM) are backdoored.
You can download the APK from the website. Literally fucking Google "signal apk". signal.org/android/apk/

>You can download the APK from the website. Literally fucking Google "signal apk". signal.org/android/apk/
He added that after everyone started whining about it.

github.com/WhisperSystems/Signal-Server

It's been free software for many years. Everyone was concerned about RedPhone, but if you don't use calls then you don't care (also I believe it was made free software as well).

Signal is the only even remotely privacy focused app I can get my normie friends to use. For my securitard friends, we usually chat on a self hosted irc server that doesn't keep logs or encrypted emails.

Not everything is a CIA honeypot. Somethings are NSA or FBI Honeypots and anything involving guns is an ATF honeypot.

>bullshit like HTTP, JSON, WebRTC
What do you prefer?

>He added that after everyone started whining about it.
And? It's still there isn't it?

Read a book faggot.

> "It's only distributed on Google Play."
> "No it's available here."
> "Yeah but he only added that because people complained."

Why does that matter? Yes, he only added it after people complained, they removed the GCM dependency (which was also wrong about), and added auto-updating outside of the Play Store. But you can download it now, so why does that matter?

Not to mention that there is an FDroid repo that provides builds and has provided builds ever since it was dropped from official FDroid.

Yes it does matter you cunt. Why didn't he do nuffin earlier, especially knowing the people who use his app, aka privacy aware fags, don't usually have gapps?

>Why didn't he do nuffin earlier, especially knowing the people who use his app, aka privacy aware fags, don't usually have gapps?
Impressive that you can read minds user. You should use that power for more important things.

Some of my information was outdated it seems. But it does not change the fact that he was an ass. It was difficult and took a long time to convince him to drop GCM and distribute official binaries outside google play.

>Not to mention that there is an FDroid repo that provides builds and has provided builds ever since it was dropped from official FDroid.
I never claimed that it is not compilable. The problem is that he was against it and caused problems for FDroid.

>took a long time to convince him to drop GCM
I thought that was on his roadmap for a long time but initially it was an issue of keeping push notifications while not sucking the battery dry which GCM was convenient for.

a) Because software development takes time.
b) WebSockets had a massive battery life impact, that had to be rectified first.
c) You can fucking download it now, you're complaining about an issue that was resolved.

If you wanted it to go faster maybe you should've written the fucking patches rather than wasting people's time ranting about it. Fucking autists, man.

wire is for wire...tap

> It was difficult and took a long time to convince him to drop GCM and distribute official binaries outside google play.

It was difficult because there were a lot of problems that were not solved in the No-Gapps community. Some of them are still unsolved, but Moxie just went ahead and made the pragmatic decision of publishing it anyway.

Everyone is bitter that Moxie didn't just do what everyone was ranting about. I agree that it took longer than I would've liked, but there were several technical reasons why it took so fucking long -- not to mention he had to deal with all of the bullshit from autists that the outrage likely made it take longer.

If you honestly feel you could've done it faster and better than Moxie, you should've written a patch. In free software, you're not entitled to anything, and if you feel you're so clever maybe you should've done it.

Wtf man? It's just common sense. People have been using cm with no gapps with fdroid/aptoide for years.
There was conversations app on droid loong ago you twat. It had no problems being independent of gapps. And no thanks i wont use it even though the issue is resolved. It's a matter of his intent.

Why would I write a patch for a software that I do not give a shit about? There are multiple better solutions which I prefer.

> There was conversations app on droid loong ago you twat.

And it likely got fisted by battery life issues. The WebSocket battery life problem is well known, and even fucking DAVDroid has a warning about it.

If you don't give a shit about it, why are you complaining about it? If it bothers you so much, then you could've spent that energy productively.

>If you don't give a shit about it, why are you complaining about it?
To tell other anons to prefer other programs instead?

>WebSocket
What happened to socket(2)?

*fdroid
>battery life
So? It's not like Google play services is battery friendly either. He could've just provided the builds with a warning so people with no gapps can use it. Why are you all over it man? Every app like facebook etc drain battery to hell yet people use it.

Google Play Services is much more battery friendly than WebSocket.
And what is worse, if you have Google Play Services installed and you install an app with WebSocket you are only increasing the battery drain when you could piggy back on Play Services instead.

Also,
>He could've just provided the builds with a warning so people with no gapps can use it.
Because people would have totally gone.
>the battery life is shit but he gave a warning it would be like that because its not using gapps
instead of
>the battery life is shit so this app is shit

Based merchant !