About backdoors in crypto messengers

Some observations, 1. At this point its extremely hard to use XMPP - there are too many competing standards that implements encryption (of which a subset has forward secrecy), and if sender server doesn&#x27;t implement any the other end does, usually falls back to plain text, one can disable it - but this is just too much overhead for a regular user. (food for thought [1])<p>2. Again, reminder from countless HN comments - there is a PR in works to make GCM optional[2], as soon as its merged, this will be solved<p>3. Maps seems to the real problem here: this could be disabled after 2? (otherwise, whats the point?)<p>[1] <a href="https:&#x2F;&#x2F;whispersystems.org&#x2F;blog&#x2F;the-ecosystem-is-moving&#x2F;" rel="nofollow">https:&#x2F;&#x2F;whispersystems.org&#x2F;blog&#x2F;the-ecosystem-is-moving&#x2F;</a> [2] <a href="https:&#x2F;&#x2F;github.com&#x2F;WhisperSystems&#x2F;Signal-Android&#x2F;pull&#x2F;5962" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;WhisperSystems&#x2F;Signal-Android&#x2F;pull&#x2F;5962</a><p>edit: formatting, forward secrecy not e2e

The backdoor referred to can be applied to any Android app that uses Google Maps. Also mentioned is that using the built-in Google keyboard is a vulnerability, because in theory it gives Google the ability to keylog you.<p>I supposed this boils down to knowing your adversaries. If you number Google amongst that list, life is going to be really difficult - no matter who you are.

If you&#x27;re considering Google an adversary, perhaps you shouldn&#x27;t use stock Android, or any of their software.<p>If you&#x27;re considering Google an adversary, and use a version of Android without Google support, you can&#x27;t use Signal anyway.

&gt;tl;dr: There is a “backdoor” in Signal nobody cares about, only Google can use it.<p>Speak for yourself. This backdoor is the reason why I don&#x27;t use Signal.

for the record, firefox for android also integrates the google backdoor for the sole purpose of allowing chromecast for videos... which zero users use or want.

It seems that if you really want proper secure channel you need to write one yourself. Anything out there is subject to being compromised.<p>Is there open source alternative for Signal?

tl;dr: this is stupid.<p>People seem to love analyzing security of tiny corners of systems while ignoring the rest of the system, and entirely avoiding figuring out a scope for the security.<p>The post complains about Signal using a Google service, that Google could utilize (either now or through an update) for malicious activity. A Google service that without a fair share of poking around is only available on <i>Google</i> versions of Android. I mean, <i>what</i>.<p>While this is a more serious problem than the usual whine about GCM (Yes, notifications can give a lot of info, but in case of Signal, the info given is &quot;You received something from some Signal user while you were offline&quot;), it is still amazing how blind the analysis seem to the environment. If you cannot trust Google to provide a &quot;non-evil&quot; Google play services, why the flying fuck do you think the Google-provided (or manufacturer-under-tight-google-control-provided) OS is fine? They could backdoor the process isolation and poke around at Signal memory if they felt like it.<p>Now, if you are security conscious and willing to let go of the conveniences of selling your soul to Google, you would be running a non-Google&#x27;d version of Android without Google services. Your only valid complaint in this case, is that Signal depends on Google services to operate, which makes you unable to use it (without hacking Google back into your Android version, but if you do that you might just as well stick to a Google version).<p>Oh, and what about the black box binary drivers you are using on your super-secure handset? Baseband? CPU (ME anyone?)? SIM card?<p>Before you talk about security, figure out what you are trying to protect against, and start from the top. You look like an idiot if you complain about breakable windows but do not notice that the door is open.

Can we please stop calling these types of vulnerabilities &quot;backdoors&quot;?

&gt;This code is included by calling the createPackageContext-method together with the flags CONTEXT_INCLUDE_CODE and CONTEXT_IGNORE_SECURITY. The latter is a requirement as the android system would deny loading code from untrustworthy sources otherwise (for a good reason). The code is then executed in the Signal process, which includes access to the Signal history database and the crypto keys.<p>---------------------------<p>Glad someone points out the technical details of why many people had doubts about signal. Unfortunately, Moxie will dismiss it, and his following will claim &quot;it affects other apps too&quot; as if that makes it any better. &quot;Other apps do it too&quot; is not the standard a &quot;privacy&quot; app should aim for.

Blog seems to be down, and cannot find a cached version in Google :(

It difficult to see how a service that ties to your phone number can make any claim about privacy halfway seriously. This is reckless.<p>And worse tie itself to a company whose business model is based on creepily stalking you all over the internet and getting users psychologically accustomed to the fact they are under surveillance. These are serious escalations that go unnoticed because SV has become a magnet for those who want to profit from it.<p>A half way serious and sincere effort will be open source, not tied in any remote way to known surveillance companies, and based in a country that genuinely respects privacy.