Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday October 31 2018, @02:26AM   Printer-friendly
from the incremental-improvements dept.

Submitted via IRC for Bytram

New Signal privacy feature removes sender ID from metadata

Plenty of messaging apps use strong encryption to make it next to impossible for law enforcement officers or other potential adversaries to read communications sent between parties. Often, however, unencrypted metadata—such as the sender, receiver, and time a message is sent—is all the sensitive data an adversary needs. Now, the Signal app is testing a new technique called "sealed sender" that's designed to minimize the metadata that's accessible to its servers.

A beta release announced Monday will send messages that remove most of the plain-text sender information from message headers. It's as if the Signal app was sending a traditional letter through the postal service that still included the "to" address but has left almost all of the "from" address blank.

Like most messaging services, Signal has relied on the "from" address in message headers to prevent the spoofing of user identities and to limit spam and other types of abuse on the platform. Sealed sender, which puts most user information inside the encrypted message, uses two new devices to get around this potential privacy risk:

  • Senders periodically retrieve short-lived sender certificates that store the sender's phone number, public key, and expiration timestamp. The certificates are included inside the encrypted envelope, along with the message contents. Once the sender certificate is decrypted, message recipients can use it to mathematically verify the validity of the sender. But because this certificate is encrypted on the receiver's device and isn't decrypted until after it arrives on the receiver's device, Signal servers have no way of knowing who has sent the message.
  • Delivery tokens derived from the sender's profile key are used to prevent abuse. Before a user can transmit a message that strips the "from" address out of the header, the user must prove she has access to the delivery token. Because Signal profiles are end-to-end encrypted, valid tokens can only be created by a person or group that's already in the receiver's contacts. In the event a sender starts sending spam or other types of abuse, the receiver can simply block that person.

Users who want to receive sealed-sender messages from non-contacts can choose an optional setting that doesn't require the sender to present a delivery token. This setting opens a user up to the possibility of increased abuse, but for journalists or others who rely on Signal to communicate with strangers, the risk may be acceptable.

[...] Even under the sealed sender, observers said, Signal will continue to map sender's IP addresses. That information, combined with recipient IDs and message times, means the Signal continues to leave a wake of potentially sensitive metadata. Still, by removing the "from" information from the outside of Signal messages, the service is incrementally raising the bar.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by mhajicek on Wednesday October 31 2018, @05:07AM (6 children)

    by mhajicek (51) on Wednesday October 31 2018, @05:07AM (#755932)

    Installed.

    --
    The spacelike surfaces of time foliations can have a cusp at the surface of discontinuity. - P. Hajicek
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by melikamp on Wednesday October 31 2018, @06:26AM (5 children)

    by melikamp (1886) on Wednesday October 31 2018, @06:26AM (#755948) Journal

    If you are using Signal app on $(proprietary mobile device of your choice), you are are, at best, thoroughly misinformed. If your OS is oooh let's say an Apple OS, then why are you not just using Apple app? You and your friends already trust Apple 100%, so why not just server-side encrypted Apple chat app? You do realize that every keystroke you type into an Apple device, Apple can lift, right? There are no secrets between you and your friends,.. and Apple, and your phone manufacturer, and your wireless service provider, and your wireless device power supply manufacturer, you know that, right? Because these third parties (these ones at the very least, but there are almost certainly others) run in ring zero on your mobile device and have full access to everything. Unlike you. Why would you need root access to the device you paid your cash for, anyway? You would just break it or something.

    Oh and Signal for desktop, before you say something, last time I checked, it won't work unless your credentials are stored on a proprietary mobile platform, I wonder if THAT changed.

    • (Score: 2, Insightful) by Anonymous Coward on Wednesday October 31 2018, @07:07AM

      by Anonymous Coward on Wednesday October 31 2018, @07:07AM (#755950)

      This is all true, and relevant.

      But still: I'd rather have a more secure messenger on an unreliable platform than I'd have a less secure messenger on the same platform.

      Whether this really is the huge selling point the OP makes it out to be depends exclusively on his threat model, which we both can't judge.

      But having an (incrementally) better Signal is always a (small) step in the right direction - independent of any threat model - and as such is to be (app)lauded.

    • (Score: 4, Interesting) by ledow on Wednesday October 31 2018, @10:22AM (1 child)

      by ledow (5567) on Wednesday October 31 2018, @10:22AM (#755961) Homepage

      It's a ridiculous argument to suggest that an ordinary person should abandon all proprietary hardware. That leads to only one logical conclusion of literally building all your own computers or never touching any of them. Short of building things out of transistors yourself, you have to trust a third-party not to have compromised your processing device (whether it's a Z80 or an Intel Xeon) and anything else that has an IC.

      But with, say, an old Samsung phone running LineageOS - you have an OS developed by one party, a phone by another, connected to another party, using an app from another party. None of those parties have any reason to co-operate (LineageOS aren't going to blindly root your phone for you and send the data off to Samsung, but that doesn't mean it's not happening anyway!). And you're already having to trust a third-party to a) be online, b) send messages via a service anyway.

      That's the BEST you're ever going to reasonably get, without being a nation state yourself. Anything with ARM, Intel, even microcontrollers are subject to the same problem as you state - you have to trust the people making the hardware for you.

      There's paranoia and then there's this nonsense. Once you accept "I don't want to live in the forest with Dark Age technology only", then the next best thing is secure applications running on commodity operating systems. There is a spectrum of security there - from blindly accepting Apple having remote update capabilities, down to LineageOS having to be manually installed and having auditable source, etc. but there's really no difference for the common user.

      However, having an app that lets them send a message securely is hardly a bad thing in any circumstance. Sure it'll have weaknesses. Carrier pigeons and morse code have weaknesses too. It doesn't mean it's futile to build these things, or a waste of time to use them. As simple things like iPhone passcodes, WhatsApp encryption, etc. have been - not to mention NSA/GCHQ's reaction to them (basically still trying to legislate them out of existence).

      And nothing stops someone who's ultra-paranoid from running some kind of encryption OVER Signal's transport medium.

      • (Score: 2) by All Your Lawn Are Belong To Us on Wednesday October 31 2018, @01:50PM

        by All Your Lawn Are Belong To Us (6553) on Wednesday October 31 2018, @01:50PM (#755997) Journal

        And even if you homebuilt the whole thing unless you've actually ground your own silicon and doped your own transistors there's a chance that a manufacturer has been compromised in a way that when you put components x, y, and z together there is an engineered flaw in the technology that permits an exploit.

        It's distrust all the way down.

        --
        This sig for rent.
    • (Score: 3, Insightful) by MichaelDavidCrawford on Wednesday October 31 2018, @11:34AM

      by MichaelDavidCrawford (2339) Subscriber Badge <mdcrawford@gmail.com> on Wednesday October 31 2018, @11:34AM (#755978) Homepage Journal

      I have no particular reason that Apple is using one of those free Mobile Analytics SDKs.

      But many App developers are, so they can follow your every button tap.

      Three Mobile Analytics vendors gave a talk at Mobile Portland a while back. All three of their SDKs were free to the App developer. One of them showed a photo of their data center.

      Data centers are expensive, yet their SDKs are free. Who is paying for all that - as realDonaldTrump sez - cyber?

      --
      Yes I Have No Bananas. [gofundme.com]
    • (Score: 3, Insightful) by PiMuNu on Wednesday October 31 2018, @12:02PM

      by PiMuNu (3823) on Wednesday October 31 2018, @12:02PM (#755985)

      It reduces the size of the attack vector.