AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Signal messenger windows12/11/2023 ![]() Even the competing WhatsApp, Facebook Messenger, and Skype use the Signal Protocol for secure communication. In many ways, it was thanks to Signal that end-to-end encryption became so widely used in messaging apps. Using end-to-end encryption is an important way to improve messaging security. That means only the parties chatting with one another can read their texts, and nobody - not even the app’s developers - can listen in on individual or group calls. One of Signal’s indisputable advantages is its default use of end-to-end encryption. End-to-end encryption - a pillar of privacy Signal featuresįeatures available to all Signal users include end-to-end encryption, secure data storage, and the ability to view Signal’s code. Here’s what they have achieved and how to make Signal even more secure. However, cybersecurity experts have known about Signal for a long time, and that’s no wonder developers have spent years polishing the app’s privacy and security. Following Elon Musk’s laconic call to use Signal, millions of users downloaded the app, resulting in temporary technical issues with the service. Just think about it, you can easily reach anyone with an email address without the other party having to sign up or install any software beforehand, so no convincing to move to a new service involved, with the other side hopefully getting interested and starting to use that system after the fact.The Signal messaging app leapt in popularity in January 2021, when WhatsApp changed its privacy policy. It really is a fascinating concept and totally reminds on how WhatsApp became that successful (by using existing mobile phone numbers instead of regular signups). The main benefits I see over XMPP is that you don't need to run your own XMPP instance or have to sign up at and trust a 3rd party server, and that you can reach anyone with an email address, even if the other side is not using Delta Chat, in which case the other party simply can participate using his/her usual email client (only then communication is unencrypted, unless that email client supports Autocrypt or manual OpenPGP setup). The whole system is a proven concept and it's obviously working very well. Delta chat may be good as an alternate way of messaging, but using the same system means it uses an indirect federated network, unless there's a difference in implementation.ĭelta Chat is not a newcomer, implements the Autocrypt Level 1 standard and can thus E2E-encrypt messages with other Autocrypt-capable apps, and also supports a strong form of end-to-end encryption that is even safe against active attacks (see “verified groups” and more info in the FAQ). There's some data that only the servers can write to, or overwrite for sending, so that the client can't spoof it to the other end.Īn indirect federated network has something like that, plus a lot of other pass through connections, which is what email is. Sometimes the servers are the same, and the connection manager is usually on the same physical location as the server. If Bosh or Webproxy is used, it goes: a connection manager is added between a server and client on one or both ends. ![]() Provided the two servers are trustworthy, these two servers make a direct connection, preventing sources of spoofing or tampering between them.Ī direct federated network makes direct connections: from client, to server, to server, to client. ![]() The servers have to be known as trusted, and the clients can't spoof to their host server, unless the device (such as a user's phone) is physically stolen or a password is stolen. There's only two or 1 servers on this kind of network (there can be only 2 more connection points if a BOSH or Websockets proxy is used). That's unless the whole communication is encrypted and/or tunneled from multiple prying servers/connection points. ![]() This design isn't secure on its own as any server point on that connection can be corrupt, as in tampered or spoofed. Click to expand.Email uses an indirect federated network, meaning the communication passes through a number of servers.
0 Comments
Read More
Leave a Reply. |