“Signal is being blocked in Venezuela and Russia. The app is a popular choice for encrypted messaging and people trying to avoid government censorship, and the blocks appear to be part of a crackdown on internal dissent in both countries…”
“Signal is being blocked in Venezuela and Russia. The app is a popular choice for encrypted messaging and people trying to avoid government censorship, and the blocks appear to be part of a crackdown on internal dissent in both countries…”
Smart move, considering Signal is a US-hosted centralized service that has to comply with US NSL laws.
These comments below seem to be unaware of all the issues privacy advocates have of signal.
I don’t get it, are you really arguing that Russia and Venezuela are blocking Signal to protect their citizens from American snooping?
All countries should ban US-domiciled companies like signal, or any communication platform hosted in Five-eyes countries, and especially ones domiciled in the US, which has to adhere to National Security Letters.
https://www.eff.org/issues/national-security-letters/faq
My question was more about the motives in this case.
Well IMO all countries should have the motivation to prevent US spying on their country’s populations. You generally don’t know about honey pots before they get exposed.
The question of what should be done can be interesting, but that was not my question. It’s obvious this is not the motive here.
If you are in your own country opposition it’s better to use a foreign tool, even better if it’s in a country that’s not gonna collaborate with yours.
Mass censorship is never good for civil liberties. Let people decide on there own.
Also Signal is cryptographically sound. Many other messagers use a similar protocol
As I commented below, US security forces aren’t that interested in message content anyway, since they don’t have time to parse through every message to construct meaning. Signal does require your phone number tho, as well as message timestamps, meaning they can build social graphs of real people. Tons of metadata living on a single US-based server.
It doesn’t matter if it is US based. You shouldn’t trust the server.
Signal has known issues. That doesn’t mean it is entirely bad though. Saying things like Signal is insecure is simply untrue. It has weaknesses but it also has the benefit of protecting your messages completely and being well established.
Isn’t the whole point of something like End-to-End Encryption so that not even the company themselves can read your messages?
In that case it wouldn’t matter even if they did turn the info over.
Edit: I read more into the page you linked. Looks like those NSLs can’t even be used to request the contents either way:
The company, or any middleman, can read your messages if they have the keys. In many services, the keys come from the company. EEE is only as trustworthy as the clients and processes you use.
You can read my article, or Drew Devaults on why he doesn’t trust signal, which get more into this, but the short version is that US security forces don’t have time to read the content of everyone’s message anyway, they care more about the metadata: message timestamps and social graphs.
Signal stores all that data (via required phone numbers, meaning its linked to your real name and address), and via the US’s key disclosure laws, it would be illegal for them to tell you that the US government is hoovering up that data.
Most security experts who actually know what they are talking about do recommend Signal for most users, including [https://twitter.com/Snowden/status/661313394906161152](Edward Snowden), [https://www.schneier.com/blog/archives/2018/06/russian_censors.html] (Bruce Schneier) and [https://linktr.ee/glenngreenwald](Glenn Greenwald). Eveyone should consider whether they would rather follow the advise of people who have literally fought the NSA and read the entire Snowden documents or belive in the FUD spread by some people here.