Signal has been subverted! WARNING do not use it anymore! It is not secure

[qa4rrlo7e]

http://archive.is/55NnJ

Moxie (signal dev) takes 50 Million dollars from Facebook/CIA and now all of a sudden he forcibly removes the option to use passcode and mandates everyone to use fingerprints! This means there is no Constitutional protection of 4th amendment privacy as well it means it is far easier to break the security and offers in truth no endpoint security whatsoever. This comes on the heels of taking $50 Mil CIA /deepstate monies and then censoring anything that points out the usual nature of a so-called Privacy app that no longer even allows the use of passcodes or custom pin codes (not tied into the Android OS) as a means of securing itself... (why does Protonmail offer this? why does Mega offer this? why did Signal always offered this until Moxie took the $50 Mil in cash and another $20 mil in bitcoin?!!!))!)

Signal has been subverted! WARNING do not use it anymore! It is not secure http://archive.is/tF8I8

Signal is forcing an update in order to continue to use it. Even the apk version will stop working until end user is forced to update to the newest version of signal.

Problem is newest version of Signal has gotten rid of the passphrase in favor of forcing everyone to use a fingerprint for the screenlock. Now no one is able to set their own passwords anymore! Why this change?

Stranger still, there is now suddenly a mysterious retroactive flip-flop akin to the "Mandela Effect" whereby now the developer of Signal wants us all to beLIEve that it has always been the case that Signal never offered true "end to end encryption" at rest, and that the passphrase for the signal app was never anything more than a useless "screenlock"... When other users pointed out the blatant inconsistency in this regard, the developer promptly closed and then LOCKED the topic/issue at hand.

However, recall that not long ago Signal was praised by many as the only IM app that offers true end to end encryption at rest!

https://theintercept.com/2016/06/22/battle-of-the-secure-messaging-apps-how-signal-beats-whatsapp/ http://archive.is/jXFgP

To quote the Intercept article/review of Signal app in relevant part:

""Finally, online backups are a gaping hole in the security of WhatsApp messages. End-to-end encryption only refers to how messages are encrypted when they’re sent over the internet, not while they’re stored on your phone. Once messages are on your phone, they rely on your phone’s built-in encryption to keep them safe (which is why it’s important to use a strong passcode). If you choose to back up your phone to the cloud — such as to your Google account if you’re an Android user or your iCloud account if you’re an iPhone user — then you’re handing the content of your messages to your backup service provider.

By default, WhatsApp stores its messages in a way that allows them to be backed up to the cloud by iOS or Android. If you back up your phone to your Google or iCloud account, Signal doesn’t include any of your messages in this backup. WhatsApp’s gaping backup issue simply doesn’t exist with Signal, and there’s no risk of accidentally handing over your private messages to any third-party company.

""

Stranger still, there is now suddenly a mysterious retroactive flip-flop akin to the "Mandela Effect" whereby now the developer of Signal wants us all to beLIEve that it has always been the case that Signal never offered true "end to end encryption" at rest, and that the passphrase for the signal app was never anything more than a useless "screenlock"... When other users pointed out the blatant inconsistency in this regard, the developer promptly closed and then LOCKED the topic/issue at hand.

7553

http://archive.is/MvzRO

https://github.com/samlanning/Signal-Android/wiki/Using-Signal http://archive.is/mH0bJ

Previously before the change we had this official faq-> In relevant part:

"The first time you run Signal, it will ask you to create a passphrase. This passphrase will be used to encrypt all of Signal's secret information, including the keys used to encrypt your text messages. The security of your messages depends on the strength of this passphrase, so make it good. Signal can be configured to cache this passphrase in memory for as long as its running, or for a specific length of time, so you won't need to be constantly re-entering it in order to access or send messages. This passphrase cannot be recovered if it is lost." and "All text messages are encrypted with your passphrase before being stored. This encryption includes the bodies of the text messages themselves" under the "Secure Storage" section....

Now, after the change, fingerprints will be forced to be used for all security in place of the passphrase. They have entirely removed the ability to set a custom password or even to use a custom passphrase that is independent of the underlining phone OS security credentials!

I refuse to believe the developer of Signal is not aware of the fact that using fingerprints (as opposed to passwords) gives up the Constitutional rights and the Fifth amendment rights!

https://www.washingtonpost.com/news/volokh-conspiracy/wp/2017/01/18/minnesota-court-on-the-fifth-amendment-and-compelling-fingerprints-to-unlock-a-phone/?noredirect=on&utm_term=.a5fe7809afed http://archive.is/QEsru

I say boycott Signal, I say Signal has been subverted to the dark side. I say Signal is CIA, I call BS

[johanw666]

Not this crap again...

[Dyras]

Look, since we obviously can't get rid of you permanently, can't you at least take this to the forum or to Reddit where we can discuss your delusions? I don't see why you even come here, the only people that see your barely readable gibberish are the people that are regulars on here and you're not converting any one of us.

PS. Writing stuff like "beLIEve" only makes you look like a whining baby.

[0pLuS0]

Hello,

@Dyras, actually he can be banned from posting.

Users can be banned from posting, this is a GitHub Repo for Development.

Issues reporting /bugs/issues...

Please respect the repo, or face getting banned.

[Dyras]

@0pLuS0 He keeps making new accounts, which is the issue here really.

[greyson-signal]

Dupe of #7937, #7676, #7725 ...