I heard a rumor it may have been compromised or is a Honey Pot. Anyone have any real info on this? Any inside info that it is legit? I have been using it for years among my inner circle of friends. I find that videos and memes go through to them without any issue, but folks without it don't receive some of the texts. This may be a problem with the app, but other folks without signal get it without any problems.
You're viewing a single comment thread. View all comments, or full comment thread.
Comments (8)
sorted by:
Signal, or other rolling-SSL messaging apps are your best bet for privacy. To decrypt anything in the message chain requires the entire message history up to that point, which means you’d have to have already been a target by someone who can reverse SSL certificates (NSA, CIA, etc.,) from the very first message, which if you were, then no amount of encryption is going to do you any good. Or you’d need a man-in-the-middle attack (but again, from the very first message) which is easily known by mis-matching “security codes” in signal.
If you verified each other’s codes, then you have little to worry about. The encryption is strong. If anything leaks, it’s from other apps you’ve installed that read your messages on every app after being decrypted.
Thank you for the response. I am illiterate to software code, but your response makes sense to me. I do work with hardware encryption devices, but the implementation of purely software encryption is foreign to me. Old school hardware crypto devices also require keys to be loaded that match on both ends. The question I always had was the exchanging of encryption keys so that both ends were using the same keycode to match the public encryption. I always looked at it like over-the-air rekey (OTAR), but have not researched the process. It has been an endless series of research over the last few years and network encryption has just not seemed as important compared to many of the other topics.