Improving first impressions on Signal
4y ago
Source
SignalImproving first impressions on Signalsignal.orgThe phenomenon of unsolicited and unwanted messaging dates back to the earliest communication platforms: from prehistoric cave graffiti and postal chain letters to popup ads and robocalls. To prevent spam, most online services rely on large-scale inspection of plaintext conversation content or detailed social-graph analysis to determine who is saying what to whom and whether or not that should be allowed. At Signal, we build on a foundation of privacy and do not have access to that type of data or metadata. We build Signal in the open, with publicly available source code for our applications and servers. To keep Signal a free global communication service without spam, we must depart from our totally-open posture and develop one piece of the server in private: a system for detecting and disrupting spam campaigns. Unlike encryption protocols, which are designed to be provably secure even if everyone knows how they work, spam detection is an ongoing chore for which there is no concrete resolution and for which transparency is a major disadvantage. If we put this code on the Internet alongside everything else, spammers would just read it and adjust their tactics to gain an advantage in the cat-and-mouse game of keeping spam off the network. The Signal protocols, cryptography, and source code are peer reviewed, shared for independent inspection, and provably private by design. We are bound by these security guarantees, so that your conversations and contacts remain as private and protected as ever, even if we keep spam-fighting tools out of sight. Read more...
You might also wanna read
Signal's Privacy Trade-off: End-to-End Encryption Protects Content But Metadata Reveals Communication Patterns
The article discusses Signal's privacy limitations, explaining that while Signal provides end-to-end encryption for message content, it stil
sanesecurityguy.com·7mo agoNew phishing campaign targets Signal users to steal chat backup recovery keys
Hackers are targeting Signal users in a new phishing campaign that attempts to steal their chat backups. The attackers pose as Signal's supp
Phishing Campaign Targets Signal Users by Stealing Backup Recovery Keys
A new wave of phishing attacks is targeting Signal users by impersonating the app's support team. Hackers send messages inside Signal claimi
cybersecuritynews.com·1mo agoSignal Alumni Launch 'Encrypted Spaces' to Bring End-to-End Encryption to Collaborative Apps
A group of cryptographers, including Signal alums, have launched an open-source project called "Encrypted Spaces" designed to bring end-to-e
Signal Messenger: Speak Freely
Signal users targeted by social engineering attacks seeking backup recovery keys
This article from Freedom of the Press Foundation's Digital Security Digest warns about a social engineering attack targeting Signal users.

Comments
Sign in to join the conversation.
No comments yet. Be the first.