Conversation
This Tweet is from a suspended account. Learn more
This Tweet is from a suspended account. Learn more
Even if something is open source, if it's running on a server you don't control there's no guarantee that the service you're talking to is running that same code as what you've read.
5
16
The whole point of the app is end-to-end encryption instead of trusting the server with the data.
1
12
That's the idea, but the problem is verification--there's a black box involved in the process. How do you know the mechanism inside the box produces end-to-end encryption and not merely apparently end-to-end encryption?
1
2
There is no black box involved in the process. The Signal app is open source. The whole point of the app is providing end-to-end encryption from client to client. You seem to be confusing end-to-end encryption with transport encryption. It doesn't mean what you seem to think.
2
10
It uses authenticated encryption with forward secrecy between instances of the app. It doesn't trust the server. Encrypting connections to the server is not end-to-end encryption. End-to-end means encrypting from one end (Signal app) to the other (Signal app), not to the server.
2
12
Also, re: instances of the app, I think if I could download a reproducibly-built APK from e.g. F-Droid then I wouldn't have anything more to say.
1
Signal has reproducible builds. They provide a self-updating web apk as an alternative to the Play Store releases.
Molly is a alternate Signal client with some security features (github.com/mollyim/mollyi) and has F-Droid repositories with their releases.
2
2
14
You have to do something wrong for Android apps to not have reproducible builds because the SDK and Android gradle plugin makes them reproducible by default. It defaults to using a placeholder for timestamps, etc. such as the timestamps in the zip. Not really much work for devs.