DS Forums

 
 

Signal: Defeat nosy government snoops with encrypted calls and messages


Reply
Thread Tools Search this Thread
Old 07-11-2015, 08:59
Esot-eric
Forum Member
 
Join Date: Feb 2008
Posts: 1,173

Finally Open Whisper Systems has released Signal for Android which combines their older TextSecure (for encrypted messages) and RedPhone (for encrypted calls) apps into a single app.

It's also been available for iOS for a while.

The Android version can optionally be set to handle your texts, making the process a bit like iMessage where messages sent to contacts with Signal installed will be sent encrypted via the Internet, and those without will receive a plain old text message.

I've started the process of convincing my contacts to switch to it, and so far using the app has been a good experience. It currently lacks things like sticker packs and video chat so, if those are what you want from a messaging app, it may not be suitable for everyone.
Esot-eric is offline   Reply With Quote
Please sign in or register to remove this advertisement.
Old 07-11-2015, 11:52
John_Patrick
Forum Member
 
Join Date: Dec 2012
Location: Newcastle
Posts: 904
I bet you also walk around in a faraday suit to stop RF interference.

Seriously, unless you are plotting against the country, the government have got better things to do. They wont be reading your smutty texts or listening to your phone sex sessions with your cousin.

In fact, look at it another way - if someone deliberatly tries to stop their communications been intercepted then wouldnt that raise suspicion that there is something worth listening to.

Seriously, the government dont listen to every single call in the UK, just those on their watch list - are you on it?

Oh, and well done for promoting something that terrorists could use.
John_Patrick is offline   Reply With Quote
Old 07-11-2015, 11:56
jonmorris
Forum Member
 
Join Date: Jul 2002
Location: a land filled with trolls
Posts: 12,010
I bet you also walk around in a faraday suit to stop RF interference.

Seriously, unless you are plotting against the country, the government have got better things to do. They wont be reading your smutty texts or listening to your phone sex sessions with your cousin.

In fact, look at it another way - if someone deliberatly tries to stop their communications been intercepted then wouldnt that raise suspicion that there is something worth listening to.

Seriously, the government dont listen to every single call in the UK, just those on their watch list - are you on it?

Oh, and well done for promoting something that terrorists could use.
Good post.

Some people really do think they're a) exceptionally important and that b) our Government has limitless money and the number of staff required to listen in on everything we say and do. Heck, they struggle to keep track of the people we should all be worried about.

I get why some people in the media are concerned, for sure, as if you're an investigative reporter for a newspaper then you may find that you get added to a watch list.

Someone who posts on forums and moans on Twitter isn't going to appear on the radar anytime soon. Not even someone with strong political views who says nasty things about the PM or the royal family.
jonmorris is offline Follow this poster on Twitter   Reply With Quote
Old 07-11-2015, 12:05
oilman
Forum Member
 
Join Date: Dec 2002
Posts: 3,851
Does anybody want to buy some tin foil hats from me. Specially designed using XMAS superstrong bacofoil.

Guaranteed to shield your brainwaves from "THEM"
oilman is offline   Reply With Quote
Old 07-11-2015, 12:13
SkipTracer
Forum Member
 
Join Date: Feb 2009
Location: The City and County of Bristol
Posts: 2,623
Does anybody want to buy some tin foil hats from me. Specially designed using XMAS superstrong bacofoil.

Guaranteed to shield your brainwaves from "THEM"
That will just block your 4G connection.
SkipTracer is online now   Reply With Quote
Old 07-11-2015, 12:37
jonmorris
Forum Member
 
Join Date: Jul 2002
Location: a land filled with trolls
Posts: 12,010
NNNNOOOOoooooo!
jonmorris is offline Follow this poster on Twitter   Reply With Quote
Old 07-11-2015, 13:01
Thine Wonk
Forum Member
 
Join Date: Mar 2009
Posts: 14,541
The OP will struggle to get everyone they know to keep these messengers running separately to the SMS and other massagers. The minute somebody upgrades and gets a new phone they won't want to keep that extra app running all the time. OP they have zero interest in you, they wouldn't want to read your messages if you paid them.

Unless you're plotting something then I don't see the point. Also the 'big boys' will pay special attention to people running apps like that who are maybe already of interest and they know the device phone number etc. They have the ability to use software exploits and shims to intercept devices of interest before encryption or to force providers of such apps to decrypt the data or put in back doors and gag them to stop them from telling people.

One secure email app just shut down and it was suspected (although he couldn't say it) that he couldn't tell users that there was a backdoor, and that was the reason. Most developers wouldn't close down but would keep the money. The NSA has such a huge funding budget that I wouldn't be surprised if they didn't have so many Android and IOS unknown exploits, or actually be peddling some of these apps themselves.

There's also the "what goes in must come out" analysis that they use successfully to link TOR in and out's. If you send packet data into the network and you see exactly the same size data come out the other side at exactly the correct latency, then you have a record of which nodes traffic is entering and exiting at and therefore you can link who is communicating with what or whom at either endpoint.. Once you find something of interest then you can shim or tap one of the endpoints. Who do you think runs many of the Tor nodes and secure messengers?
Thine Wonk is offline   Reply With Quote
Old 07-11-2015, 13:16
John_Patrick
Forum Member
 
Join Date: Dec 2012
Location: Newcastle
Posts: 904
Edward Snowden etc promoting apps and services like this, in my mind is the modern day equivalent of someone calling Germany in the 1940's to tell them a bombing raid was incoming.
John_Patrick is offline   Reply With Quote
Old 07-11-2015, 13:35
Thine Wonk
Forum Member
 
Join Date: Mar 2009
Posts: 14,541
This new proposed logging for 12 months of sites, not content is controversial and we'll see where that goes. I'm not really behind any of officer having easy access to it, especially not councils etc. However I do see the need for national security level interception and monitoring. Not widespread every council, every police worker etc and that proposal may be watered down or unsuccessful.

I can see what the OP is thinking, but sadly it is burdensome to run for an innocent user with nothing to hide and flawed against any serious nation state effort anyway.
Thine Wonk is offline   Reply With Quote
Old 07-11-2015, 14:23
clewsy
Forum Member
 
Join Date: Mar 2003
Location: Midlands
Posts: 2,860
TBH my issue with the bill at the moment is giving councils the power to snoop.

Let's be honest they have a right bunch that work for them (in general) many who can't be trusted or are just plain nosey. This is more aimed at them in the council offices than the workers on the front line.
clewsy is offline   Reply With Quote
Old 07-11-2015, 16:30
mupet0000
Forum Member
 
Join Date: Sep 2007
Posts: 620
You all seem a bit eager to give up your privacy. Take a look at this:
http://arstechnica.co.uk/tech-policy...sclosing-them/

I'm sure you all know that on the internet, things get hacked. If there's a backdoor, and even if you don't mind the government having the ability to check up on you, someone else who finds that back door can do something much more sinister. Even government employees with access to this stuff can misuse it.

They want to do away with encryption. The people who have things to hide will simply just keep encrypting things regardless, and the people who aren't doing anything wrong are going to be the only ones to potentially be affected.
mupet0000 is offline   Reply With Quote
Old 07-11-2015, 16:55
Everything Goes
Forum Member
 
Join Date: Mar 2002
Location: In the future....
Posts: 11,257
Beware the tools of Tyranny. You may have little to fear about today's government but its worth bearing in mind that in the wrong hands such power can easily be abused. Even today there is no shortage of horrors that authorities have gotten up to over the years and im sure there will be plenty more to come.

First they came for the Socialists, and I did not speak out—
Because I was not a Socialist.
Then they came for the Trade Unionists, and I did not speak out—
Because I was not a Trade Unionist.
Then they came for the Jews, and I did not speak out—
Because I was not a Jew.
Then they came for me—and there was no one left to speak for me.


Martin Niemöller
Everything Goes is offline   Reply With Quote
Old 07-11-2015, 17:23
Thine Wonk
Forum Member
 
Join Date: Mar 2009
Posts: 14,541
I'd be the first to argue against more snooping powers, logging or encryption bans, but that's not what this thread is about.

This app seems largely pointless and very much hard work in getting all your contact to use it / a bit tin hat.
Thine Wonk is offline   Reply With Quote
Old 07-11-2015, 17:39
Zebb
Forum Member
 
Join Date: Apr 2014
Posts: 652
Don't forget, most people would reveal their computer password in exchange for a bar of chocolate.
Zebb is offline   Reply With Quote
Old 07-11-2015, 17:44
SkipTracer
Forum Member
 
Join Date: Feb 2009
Location: The City and County of Bristol
Posts: 2,623
I was reading about a Canadian journalist the other day with regards to the police issuing fines and penalties through ANPR cameras and the journalist put an item in his paper about the police using ANPR cameras for raising revenue and nothing to do with road safety, a bit like we are hearing from Bedfordshire police at the moment.

Anyway the Canadian police did not like what he said about them and put a marker on the journalist car number plate so he would keep getting pulled over in the hope they catch him with a misdemeanour.

In this case the police chief got caught out and he along with a few others got the sack but not to worry we’ve got nothing to hide so were OK.

ANPR today, internet tomorrow.
SkipTracer is online now   Reply With Quote
Old 07-11-2015, 18:00
Thine Wonk
Forum Member
 
Join Date: Mar 2009
Posts: 14,541
Oh absolutely and we should do everything to stop that kind of monitoring and stop local authorities having access to browsing data without a court warrant or some really strong process to make sure we keep our liberty and privacy. Same with the police, they cannot go on a fishing expedition, they need to have to submit their evidence or suspicions and get a court order for the information.

However this app doesn't solve that problem we're facing over eroding laws, in fact the growth in use almost helps their argument about banning encryption or forced backdoors. Also it'll never become mainstream because people are fickle with apps and always on to the new thing and people don't invest time into the burdensome setup with all their contacts.
Thine Wonk is offline   Reply With Quote
Old 07-11-2015, 18:48
david16
Forum Member
 
Join Date: Nov 2001
Location: Central Belt
Posts: 12,274
For VPN's, TOR'S, https (i.e. secure SSL) and apps with incognito browsing to all be banned by the government would be totally ridiculous.
david16 is offline   Reply With Quote
Old 07-11-2015, 19:24
Thine Wonk
Forum Member
 
Join Date: Mar 2009
Posts: 14,541
For VPN's, TOR'S, https (i.e. secure SSL) and apps with incognito browsing to all be banned by the government would be totally ridiculous.
They aren't suggesting that. They were suggesting being able to decrypt the data by having some kind of key escrow, whereas now you get your SSL cert for your site from Verisign or Entrust or Digicert or GoDaddy, they are just suggesting another copy of the key for all the issued certs gets stored in case decryption is needed.

It is impossible to block though really and has really difficult technical challenges. The main concern at the moment seems to be just the increase in data that police and councils can get access to searching, which looks to be domain names (not URLs) upon request, with some safeguards in place to prevent fishing expeditions, however it is being debated and subject to change.
Thine Wonk is offline   Reply With Quote
Old 07-11-2015, 20:06
Thine Wonk
Forum Member
 
Join Date: Mar 2009
Posts: 14,541
Absolutely, they couldn't do it because of the business world outcry. So many employees use VPNs.

(created another post in error)
Thine Wonk is offline   Reply With Quote
Old 07-11-2015, 20:43
nafanny29
Forum Member
 
Join Date: Jan 2006
Location: Kilburn, NW London
Posts: 1,240
Like 99.9% of us, I dont warrent the attention of the police, MI5 etc I work 9-5 and have a girlfriend and like a few drinks at the weekend lol

but I still dont want my private shit being listened to by anyone.

What next, cameras in every room!!
nafanny29 is offline   Reply With Quote
Old 07-11-2015, 21:14
Thine Wonk
Forum Member
 
Join Date: Mar 2009
Posts: 14,541
Like 99.9% of us, I dont warrent the attention of the police, MI5 etc I work 9-5 and have a girlfriend and like a few drinks at the weekend lol

but I still dont want my private shit being listened to by anyone.

What next, cameras in every room!!
We have a right to privacy like they do. The government wouldn't want David Cameron's private email viewed by you so why should they be able to view your email without very good reason and tight controls.
Thine Wonk is offline   Reply With Quote
Old 07-11-2015, 23:00
alan1302
Forum Member
 
Join Date: Jul 2008
Location: West Yorks
Posts: 6,180
so why should they be able to view your email without very good reason and tight controls.
They can't
alan1302 is offline   Reply With Quote
Old 07-11-2015, 23:27
tealady
Forum Member
 
Join Date: Apr 2005
Location: colchester
Posts: 15,350
Don't forget, most people would reveal their computer password in exchange for a bar of chocolate.
That's from 11 years ago.
How would anyone verify that the password given was correct?
tealady is offline   Reply With Quote
Old 07-11-2015, 23:54
Zebb
Forum Member
 
Join Date: Apr 2014
Posts: 652
Try it.

Wasn't it just a test about how easy it was to get someone's password? Some just told what it was without any incentive.

Could try re-running the test to see how things have changed.

http://www.huffingtonpost.co.uk/2015...n_6500930.html

Only just found out that my bank debit card has two different PINs, one for online access, one for the ATM. The ATM one can only be changed at an ATM.
Zebb is offline   Reply With Quote
Old 08-11-2015, 08:39
psionic
Forum Member
 
Join Date: May 2002
Location: Crystal Palace TX
Posts: 19,702
Out of interest, what's to stop governments or others creating private messenger apps like this as honey traps?
psionic is offline Follow this poster on Twitter   Reply With Quote
 
Reply




 
Forum Jump


All times are GMT. The time now is 17:43.