Ask HN: How do we know Signal or Telegram don't store our data on their servers?

Signal’s claim to fame here is that they were subpoenaed in 2016 and could only supply account creation and last connection times:<p>&gt; The American Civil Liberties Union announced Tuesday that Open Whisper Systems (OWS), the company behind popular encrypted messaging app Signal, was subpoenaed earlier this year by a federal grand jury in the Eastern District of Virginia to hand over a slew of information—&quot;subscriber name, addresses, telephone numbers, email addresses, method of payment&quot;—on two of its users.<p>&gt; ... “The only information responsive to the subpoena held by OWS is the time of account creation and the date of the last connection to Signal servers,” Kaufman continued, also pointing out that the company did in fact hand over this data.<p><a href="https:&#x2F;&#x2F;arstechnica.com&#x2F;tech-policy&#x2F;2016&#x2F;10&#x2F;fbi-demands-signal-user-data-but-theres-not-much-to-hand-over&#x2F;" rel="nofollow">https:&#x2F;&#x2F;arstechnica.com&#x2F;tech-policy&#x2F;2016&#x2F;10&#x2F;fbi-demands-sign...</a>

It&#x27;s important to note that Telegram does store all your data by default as they do not enable E2EE for everything like Signal does. So if you&#x27;re under the assumption that they don&#x27;t, this is incorrect.<p>Telegram, for all intents and purposes, is about as secure as using Facebook. The best you can do with Telegram is hope they don&#x27;t sell out or get compromised at some point in the future, because all your private communications are stored on their servers forever. Telegram does have &quot;secret chats&quot;, which from what I can gather, don&#x27;t even work for group chats, only one-to-one messages.<p>My general advice is to treat Telegram like a new Facebook if you have to use it, assume everything may by read by everyone, don&#x27;t treat it like it&#x27;s private and secure.<p>For &quot;text messaging&quot; friends and family use Signal. Everything is end-to-end encrypted by default, so you know nobody is collecting your data.

We don&#x27;t know that Signal doesn&#x27;t store data about users on its servers. Even the source code can&#x27;t tell us that, because we don&#x27;t run the servers.<p>What we do know is that programs like Telegram <i>have to</i> store data about users on their servers, by design. A big difference between the two projects is that Signal is carefully designed to minimize the amount of data the service needs to operate; it&#x27;s why identifiers are phone numbers --- so it can piggyback on your already-existing contact lists, which are kept on your phone.<p>By contrast, other services store, in effect, a durable list of every person you communicate with, usually indexed in a plaintext database.

Signal and the ACLU sued and were granted permission to release sealed warrant data from a previous law enforcement request for user data.<p>As of mid-2016, and trusted as much as you feel like trusting something attested in a court of law, Signal stores: a bool (is this phone number a user) and two ints (epoch of signup, epoch of last transmission).<p><a href="https:&#x2F;&#x2F;www.aclu.org&#x2F;open-whisper-systems-subpoena-documents" rel="nofollow">https:&#x2F;&#x2F;www.aclu.org&#x2F;open-whisper-systems-subpoena-documents</a>

Signal: operations that involve sending your contacts (like contact discovery) use a pattern Signal invented where the client can validate the software running on the server. The server runs inside the SGX secure enclave. Before your client sends any data, it performs remote attestation on the running server code to ensure it matches the published open source code.<p>See the full explanation at <a href="https:&#x2F;&#x2F;signal.org&#x2F;blog&#x2F;private-contact-discovery&#x2F;" rel="nofollow">https:&#x2F;&#x2F;signal.org&#x2F;blog&#x2F;private-contact-discovery&#x2F;</a> (starts part way down, with &quot;trust but verify&quot;). Or check the client source code yourself!<p>Telegram: I dunno, they.re closed source, don&#x27;t encrypt by default, and have shady ownership. I don&#x27;t trust them at all, personally.

While not directly about data storage, I loved this tweet [1] from Edward Snowdon this week:<p>&gt; do we really trust signal? cause i see zero reason to.<p>Here&#x27;s a reason: I use it every day and I&#x27;m not dead yet.<p>[1] <a href="https:&#x2F;&#x2F;twitter.com&#x2F;Snowden&#x2F;status&#x2F;1347217810368442368?s=20" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;Snowden&#x2F;status&#x2F;1347217810368442368?s=20</a>

Well in the case of Telegram, you can trust, that they store your data on their server, because they say so.<p>And it is convenient, because you can just switch your smartphone and still access all your chathistory, without having to manually backup&#x2F;restore.<p>But Telegram in general does not have a business model yet, so just assume, that one day, they want(or have) to cash out.<p>Signal on the other hand is a non-profit foundation and pretty open on what they are doing. That creates trust for me.

Telegram is storing your message content in their cloud for „cloud chats“ (default), as those are not end-to-end encrypted.<p>Telegram‘s „secret chats“ and signal chats are end-to-end encrypted. The servers still may store metadata, and there is no way to tell if they do than either joining them or let a trusted third party verify that.<p>To check if e2e encrypted message content cannot be encrypted via backdoors on their servers, you need to ensure they use proven encryption schemes and the client encryption does correspond to those algorithms.

&gt; I&#x27;m just curious how we trust companies such as Signal, Telegram, Mozilla, that claim they don&#x27;t store and sell our data?<p>These are three very different companies with very different security processes and trust profiles.<p>In the case of Signal: <i>if</i> you trust that the source code they distribute is the same as the app available in the Play Store, then it&#x27;s pretty easy to verify that the messaging data is end-to-end encrypted in a way that prevents Signal from having much metadata that they even could store. With &quot;sealed sender&quot;, they don&#x27;t even know who&#x27;s talking to whom: <a href="https:&#x2F;&#x2F;signal.org&#x2F;blog&#x2F;sealed-sender&#x2F;" rel="nofollow">https:&#x2F;&#x2F;signal.org&#x2F;blog&#x2F;sealed-sender&#x2F;</a><p>There&#x27;s the possibility that Signal could ship a different app in the Play store, but that would require active malice to do in a way that would not be trivial to discover[0], and at some point you do have to trust someone. It&#x27;s not impossible, but it&#x27;s hard to imagine a world in which Signal is compromised but other links in the chain aren&#x27;t, because quite frankly, there are far more easily corruptible or hackable links in the hardware&#x2F;software stack that you use, so Signal would make a pretty inefficient target for someone who wants monetizeable data.<p>[0] ie, an accidental divergence between the two would be more conspicuous

In the case of Signal, I imagine people assume all of the following:<p>1. the protocol between client and server is setup in such a way, even if Signal wanted to store interesting information, they could not access anything interesting even if they wanted to (for example, messages), thus they don&#x27;t store anything since it&#x27;s useless<p>2. the app implements the protocol faithfully and this has been checked by people perusing the source code<p>3. the binary downloaded from the app&#x2F;play store phone is compiled from the sources listed on github

If you don&#x27;t want to trust anyone but to <i>verify</i> instead, consider running Matrix with your own server. In this case you still can talk to anyone else on Matrix, because it&#x27; federated.

Telegram is very clear that they do store our stuff on their servers. And in clear text unless you choose end-to-end encryption.<p>My concern is not about my data being stored on their servers. My concern is about having having marketing data being sold to third parties in order to target advertising at me, just as when you leave &quot;third party cookies&quot; active on your browser. That is creepy and invasive. Would Zuckerburg ever do such thing?

Signal is open source, you and anyone else can inspect the code. You can then build it from source and install on your android directly avoiding the play store.

Hello, future? Yes, this is Richard Stallman calling from the 1980s. I think what you might be looking for is the source code to the entire software stack.

What prevents Google from replacing Signal on the Android Application store with their custom and backdoored version ? Can we check a hash or something ? Does the signal foundation do that on a regular basis ?

Telegram stores all data on own servers.<p>Just try the following trick:<p>- in a private Browser window open web.telegram.org<p>- enter your phone number, receive the code<p>- turn on flight mode on your phone<p>- now enter the identification code in your browser<p>- access your whole chat history while your smartphone can definitely not act as a source<p>Even WhatsApp is better in this regard.<p>Article in German: <a href="https:&#x2F;&#x2F;www.heise.de&#x2F;hintergrund&#x2F;Telegram-Chat-der-sichere-Datenschutz-Albtraum-eine-Analyse-und-ein-Kommentar-4965774.html" rel="nofollow">https:&#x2F;&#x2F;www.heise.de&#x2F;hintergrund&#x2F;Telegram-Chat-der-sichere-D...</a>

If you trust the source code of the software you&#x27;re running, you can at least get a sense of what data they&#x27;re getting in the first place. You know, at least, that they&#x27;re not getting the content of your communications if you verify safety numbers. You can also prove that they&#x27;re not getting the contents of the gifs you&#x27;re grabbing for your conversation, because the client makes a secure connection to the gif service using Signal&#x27;s servers as a proxy.<p>As far as promising not to store your metadata, or promising not to deliberately give the gif service information about your account because they hate you, or promising not to store your contacts when you search for other friends with Signal, then yeah you have to just take their word for it. Though, they may over time look for ways to put some of those guarantees on the client side as well with some clever engineering, so you could prove it.

Telegram stores your data by default in their servers. You have the option of removing single messages or conversations but there’s no way of knowing if they really do so. Also if you remove your account without removing your conversations first they stay there forever (others can see the messages)

At first I wanted to write about client-side app verification, that we can prove that the apps we have and the open-source complied app would be the same.<p>Which does not prove that if the app sends your phone number or location (for example), they don&#x27;t save it in database.<p>Indeed, interesting question

As long as it is stored on the server and the transmission is encrypted, we will never know for sure. Especially in cases where the company &quot;controls&quot; the encryption and decryption.

If this is a concern for you, consider using the signal protocol without a server.<p>CLI prototype. Can be generalized into a nice phone app.<p><a href="https:&#x2F;&#x2F;github.com&#x2F;adsharma&#x2F;zre_raft" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;adsharma&#x2F;zre_raft</a> <a href="https:&#x2F;&#x2F;twitter.com&#x2F;arundsharma&#x2F;status&#x2F;1348718596415918080" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;arundsharma&#x2F;status&#x2F;1348718596415918080</a>

Which data? We can be somewhat sure that they don&#x27;t have access to the content of Signal or Telegram secret chats as long as we have verified the identity of our contacts.<p>After that, what data do you care about? Neither Signal or Telegram is intended to provide complete anonymity. That is a much harder problem. For Mozilla that would involve Tor. I don&#x27;t think that Mozilla really has &quot;servers&quot; in the sense you mean.

Telegram is based on the UAE. The UAE is known of their very strict monitoring practices of their citizens. Not until recently they allowed FaceTime to work there. I honestly doubt that Telegram does&#x27;t give the UAE government access whenever they need it&#x27;s a monarchy government.

You don’t. Everything is about trust.

If you wish to be more certain, use something open-source. For instance, Matrix has many clients made by different teams, in the open, and several of these are part of e.g. Debian, so you should be able to find at least one you can trust.<p>What about Mozilla? What could they store?

There&#x27;s a lot about Signal in particular that they get right. AFAIK:<p>(1) All Signal messaging is E2EE; (2) they don&#x27;t store messages on their servers; (3) the client code is open source, and it seems like a good portion of the server code is open source.<p>Where I think Signal could go further on being the most secure, useful, and privacy-conscious messaging app&#x2F;company in the world:<p>1. Open source ALL of the server code. They have something called Signal-Server (<a href="https:&#x2F;&#x2F;github.com&#x2F;signalapp&#x2F;Signal-Server" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;signalapp&#x2F;Signal-Server</a>) on their Github, but it&#x27;s unclear if this is the server they use, or simply a server one could theoretically use to run a private Signal server.<p>2. Open source all server-side services&#x2F;infrastructure code that doesn&#x27;t compromise security in some way.<p>3. Better features. Signal is currently the most secure and privacy-conscious of the messaging apps, but solidly the worst overall user experience. It&#x27;s not that it&#x27;s bad, it&#x27;s just that the other apps are much better. People like gifs and giphy and emojis and a fast-feeling interface. This is important, because it&#x27;s hard to be a privacy-conscious individual when all your friends want to text on other apps. At least in my social circle, Signal is still the thing that people jump over to when they want be extra super sure they&#x27;re not leaving a paper trail, but not the default messaging app they use.<p>4. Introduce a user-supported business model. This probably makes a lot of people uneasy, and while I appreciate the current grant and donation-based business model (the Wikipedia model), that model comes at great cost of efficiency. By operating effectively as a non-profit, you are inherently in a less competitive position relative to your competitors (the best product and engineering people are more likely to go competitors who can pay more), and you&#x27;re persistently in fund-raising mode (again, see: Wikipedia). There are lots of ways to skin this cat, maybe the easiest is to ask power users to pay like $5&#x2F;mo. Or just give people the option to pay with absolutely zero obligation. Some non-zero cohort would inevitably take them up on this.<p>Most of these suggestions, of course, especially 1-3, are very very hard and come at an enormous cost. Building in public as an open source business seems to massively slows things down and introducing a huge amount of community management overhead. That said I&#x27;m sure there are ways to manage&#x2F;mitigate those costs.

There&#x27;s no need to trust them. You assume they log everything that your device sends them, as well as the time, IP address, etc. and infer all they can from it. Then you act accordingly. You can apply similar conservative assumptions to your device and the programs it runs, but for practical purposes you may want to relax them somewhat.

For that matter, what is Zoom&#x27;s architecture and dataflow?

Use Matrix or KeyBase and self host. Im shocked how much people still trust these shady companies.

Get hired and sign NDA

The same way that we trust that Apple doesn&#x27;t log our keystrokes and send them back to the mothership.

Signal was created by one of the founder of WhatsApp which was sold to Facebook. Is there a guarantee that Signal won&#x27;t have the same fate?

One reason you can believe the claim is that there&#x27;s no real market for personal data, despite the folk belief that everyone&#x27;s data is somehow worth a fortune.