Junkii7
commented
5 years ago Regarding your references, the credible Washington Post and The Intercept articles actually praise Signal. So your only reference is to tomsguide which is a joke compared to the other two. News flash, Signal is open source, so whatever security breach there is you can point it out in the code. As I've said on the forum "Did you know that the founder of the Chinese company Huawei was a member of the Peoples Liberation Army of China? China is one of the leaders in fake news." Here are the articles- https://money.cnn.com/2016/05/20/technology/china-social-media-fake-posts-strategy/index.html
BA489
Millennial-Democrats
automaticmath
batara666
MatejKovacic
Huawei engineers have discovered moxie taking bribes and agreeing to compromise the security of Signal app, and effectively Signal has been subverted to appease the Five Eyes Intel Agencies after Moxie (dev of Signal) took a 50 million dollar buyout
Moxie (signal dev) takes 50 Million dollars from Facebook/CIA and now all of a sudden he forcibly removes the option to use passcode and mandates everyone to use fingerprints! This means there is no Constitutional protection of 4th amendment privacy as well it means it is far easier to break the security and offers in truth no endpoint security whatsoever. This comes on the heels of taking $50 Mil CIA /deepstate monies and then censoring anything that points out the usual nature of a so-called Privacy app that no longer even allows the use of passcodes or custom pin codes (not tied into the Android OS) as a means of securing itself... (why does Protonmail offer this? why does Mega offer this? why did Signal always offered this until Moxie took the $50 Mil in cash and another $20 mil in bitcoin?!!!))!)
https://www.tomsguide.com/us/how-to-textsecure-encrypted-texts,news-18475.html http://archive.is/hzirQ
Ever since the TExtSecure days, the OWN app itself says the passphrase IS used to encrypt the data at rest.... now the developer claims it was never the case?
Signal has been subverted! WARNING do not use it anymore! It is not secure http://archive.is/tF8I8
Signal is forcing an update in order to continue to use it. Even the apk version will stop working until end user is forced to update to the newest version of signal.
Problem is newest version of Signal has gotten rid of the passphrase in favor of forcing everyone to use a fingerprint for the screenlock. Now no one is able to set their own passwords anymore! Why this change?
Stranger still, there is now suddenly a mysterious retroactive flip-flop akin to the "Mandela Effect" whereby now the developer of Signal wants us all to beLIEve that it has always been the case that Signal never offered true "end to end encryption" at rest, and that the passphrase for the signal app was never anything more than a useless "screenlock"... When other users pointed out the blatant inconsistency in this regard, the developer promptly closed and then LOCKED the topic/issue at hand.
However, recall that not long ago Signal was praised by many as the only IM app that offers true end to end encryption at rest!
https://theintercept.com/2016/06/22/battle-of-the-secure-messaging-apps-how-signal-beats-whatsapp/ http://archive.is/jXFgP
To quote the Intercept article/review of Signal app in relevant part:
""Finally, online backups are a gaping hole in the security of WhatsApp messages. End-to-end encryption only refers to how messages are encrypted when they’re sent over the internet, not while they’re stored on your phone. Once messages are on your phone, they rely on your phone’s built-in encryption to keep them safe (which is why it’s important to use a strong passcode). If you choose to back up your phone to the cloud — such as to your Google account if you’re an Android user or your iCloud account if you’re an iPhone user — then you’re handing the content of your messages to your backup service provider.
By default, WhatsApp stores its messages in a way that allows them to be backed up to the cloud by iOS or Android. If you back up your phone to your Google or iCloud account, Signal doesn’t include any of your messages in this backup. WhatsApp’s gaping backup issue simply doesn’t exist with Signal, and there’s no risk of accidentally handing over your private messages to any third-party company.
""
Stranger still, there is now suddenly a mysterious retroactive flip-flop akin to the "Mandela Effect" whereby now the developer of Signal wants us all to beLIEve that it has always been the case that Signal never offered true "end to end encryption" at rest, and that the passphrase for the signal app was never anything more than a useless "screenlock"... When other users pointed out the blatant inconsistency in this regard, the developer promptly closed and then LOCKED the topic/issue at hand.
7553
http://archive.is/MvzRO
https://github.com/samlanning/Signal-Android/wiki/Using-Signal http://archive.is/mH0bJ
Previously before the change we had this official faq-> In relevant part:
"The first time you run Signal, it will ask you to create a passphrase. This passphrase will be used to encrypt all of Signal's secret information, including the keys used to encrypt your text messages. The security of your messages depends on the strength of this passphrase, so make it good. Signal can be configured to cache this passphrase in memory for as long as its running, or for a specific length of time, so you won't need to be constantly re-entering it in order to access or send messages. This passphrase cannot be recovered if it is lost." and "All text messages are encrypted with your passphrase before being stored. This encryption includes the bodies of the text messages themselves" under the "Secure Storage" section....
Now, after the change, fingerprints will be forced to be used for all security in place of the passphrase. They have entirely removed the ability to set a custom password or even to use a custom passphrase that is independent of the underlining phone OS security credentials!
I refuse to believe the developer of Signal is not aware of the fact that using fingerprints (as opposed to passwords) gives up the Constitutional rights and the Fifth amendment rights!
https://www.washingtonpost.com/news/volokh-conspiracy/wp/2017/01/18/minnesota-court-on-the-fifth-amendment-and-compelling-fingerprints-to-unlock-a-phone/?noredirect=on&utm_term=.a5fe7809afed http://archive.is/QEsru
Where is the changelog for such an important change? You cannot find anywhere that they got rid of ability to use passwords in exchange for fingerprint.... Then Moxie says it is impossible to do password app with "data encryption at rest" but that belies the years of documentation and literature including that of TextSecure (signal predessor) which clearly says inside the very app itself that the password is what encrypts and secures the text/data at rest!!!!!
https://www.tomsguide.com/us/how-to-textsecure-encrypted-texts,news-18475.html http://archive.is/hzirQ
Ever since the TExtSecure days, the OWN app itself says the passphrase IS used to encrypt the data at rest.... now the developer claims it was never the case?
I say boycott Signal, I say Signal has been subverted to the dark side. I say Signal is CIA, I call BS