Submitted via IRC for SoyCow1984
Signal says it can't allow government access to users' chats
Last week, the Australian government passed the country's controversial Access and Assistance Bill 2018 into law, legislation that allows government agencies to demand access to encrypted communications. Companies that don't comply with the new law could face fines of up to AU$10 million ($7.3 million). A number of companies that stand to be affected have spoken out about the legislation, and Signal has now joined in, explaining that it won't be able to fulfill such requests if asked.
"By design, Signal does not have a record of your contacts, social graph, conversation list, location, user avatar, user profile name, group memberships, group titles or group avatars," Signal's Joshua Lund wrote in a blog post. "The end-to-end encrypted contents of every message and voice/video call are protected by keys that are entirely inaccessible to us." Lund added that Signal is open source, meaning anyone can "verify or examine the code for each release." "People often use Signal to share secrets with their friends, but we can't hide secrets in our software," he wrote. "We can't include a backdoor in Signal."
(Score: 1, Insightful) by Anonymous Coward on Saturday December 15 2018, @04:21PM
Why the people still would win is rubberhose cryptanalysis doesn't scale.