cross-posted from: https://lemm.ee/post/31431894

Here’s what he said in a post on his telegram channel:

🤫 A story shared by Jack Dorsey, the founder of Twitter, uncovered that the current leaders of Signal, an allegedly “secure” messaging app, are activists used by the US state department for regime change abroad 🥷

🥸 The US government spent $3M to build Signal’s encryption, and today the exact same encryption is implemented in WhatsApp, Facebook Messenger, Google Messages and even Skype. It looks almost as if big tech in the US is not allowed to build its own encryption protocols that would be independent of government interference 🐕‍🦺

🕵️‍♂️ An alarming number of important people I’ve spoken to remarked that their “private” Signal messages had been exploited against them in US courts or media. But whenever somebody raises doubt about their encryption, Signal’s typical response is “we are open source so anyone can verify that everything is all right”. That, however, is a trick 🤡

🕵️‍♂️ Unlike Telegram, Signal doesn’t allow researchers to make sure that their GitHub code is the same code that is used in the Signal app run on users’ iPhones. Signal refused to add reproducible builds for iOS, closing a GitHub request from the community. And WhatsApp doesn’t even publish the code of its apps, so all their talk about “privacy” is an even more obvious circus trick 💤

🛡 Telegram is the only massively popular messaging service that allows everyone to make sure that all of its apps indeed use the same open source code that is published on Github. For the past ten years, Telegram Secret Chats have remained the only popular method of communication that is verifiably private 💪

Original post: https://t.me/durov/274

  • ᗪᗩᗰᑎ@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    Unlike Telegram, Signal doesn’t allow researchers to make sure that their GitHub code is the same code that is used in the Signal app run on users’ iPhones.

    A few things to keep in mind:

    1. Apple’s build process makes reproducible builds near-impossible.
      • All the effort Telegram went through and it doesn’t completely validate the entire build - there are components that are not fully reproducible [0] and as we saw with the recent XZ backdoor, these could potentially be leveraged to hide a backdoor while claiming to be secure - so was anything gained other than “these things are validated but this black box, which could contain malware, was not validated because we can’t check them”?
    2. Developing Signal is difficult.
      • Signal is developed by a small team and has to prioritize and coordinate efforts to deliver results - look at how long usernames took or even private contact discovery [1] - nearly 3 years (as a preview) after Signal was created.
      • Signal has no built-in telemetry, any issues are not automatically logged and reported. The end user has to manually submit debug logs and provide an adequate description of the issue for the devs to even attempt to understand what the issue is and how to fix it. Telegram may also have this issue in their very limited private chats, but as most chats aren’t E2EE, they can already see all your traffic anyways, making things significantly easier in terms of development speed.

    Considering the two points above, it’s not irrational to come to state the following:

    1. Signal has been prioritizing a fully end-to-end encrypted (E2EE) platform that shares zero data with anyone but the intended recipient and this decision has slowed down their development speed. Non-E2EE chat solutions have existed for decades and can iterate and progress significantly faster as they don’t have to work on difficult privacy/security/encryption related issues.
    2. Telegram has not been prioritizing a fully E2EE platform and by default do collect most of their user’s data. This makes it much easier to develop Telegram and is why E2EE group messages don’t even exist on the platform - the Telegram devs have spent more time talking about privacy and security than actually implementing it

    Given the two statements above, assuming both projects need to balance resource constraints, it’s safe to conclude, :

    • Signal has spent zero effort working on reproducible builds on iOS because its impossible to completely reproduce a build and would take development resources working on enhancing the platform for minimal gains, as Telegram has proven [0]. Signal has instead placed their efforts on reproducible builds on a platform where it is possible [2].
    • Telegram, instead of working towards implementing security and privacy by default, have decided to work on security theater by working on reproducible builds for iOS that are not even completely reproducible.

    Signal refused to add reproducible builds for iOS, closing a GitHub request from the community.

    It was closed because they use Github for bug reports, not feature requests [4]. The dev even pointed them to the right place. That said, I do agree it would be great if there was some progress made on this front for Signal, but realize its a huge effort and may be best avoided for now as the iOS client still needs some “catching up” to do, compared to the Android version.

    And WhatsApp doesn’t even publish the code of its apps, so all their talk about “privacy” is an even more obvious circus trick 💤

    Agreed.

    Telegram is the only massively popular messaging service that allows everyone to make sure that all of its apps indeed use the same open source code that is published on Github. For the past ten years, Telegram Secret Chats have remained the only popular method of communication that is verifiably private 💪

    Telegram collects all your data by default in a way that’s accessible to anyone with enough privileges to their infrastructure.

    [0] https://core.telegram.org/reproducible-builds#step-6-comparing-the-appstore-build-and-the-version-built-in-the

    [1] https://signal.org/blog/private-contact-discovery/

    [2] https://github.com/signalapp/Signal-Android/tree/main/reproducible-builds

    [3] https://github.com/ali-fareed/darwin-containers/commits/main/

    [4] https://github.com/signalapp/Signal-iOS/issues/641#issuecomment-1276308990

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    This is a great opportunity for the signal foundation to push forward reproducible builds to remove a talking point people can use against it.

  • colonelp4nic@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    I agree that Telegram has a conflict of interest here, and I also trust Signal WAY more than Telegram. BUT there is at least one good point about reproducible builds. Being able to validate that the code you’re running matches the open source code is important. If that can’t be done, it’s functionally no different than closed source.