Signal rolls out a new privacy feature making it harder to know a senders identity

Signal, regarded as the gold standard of end-to-end encrypted messaging apps, is rolling out a new feature that will further protect the identities ofmessage senders.
While the service always needs to know where a message should be delivered, ideally it shouldnt need to know who the sender is, Signal revealed in a blog post Monday.
Dubbed sealed sender, the messaging app will soon hide a senders information inside the envelope of an encrypted message. The senders from information will be removed from the messages envelope and instead replaced with an encrypted short-term certificate containing the sendersphone number, public identity key and an expiry time whichcan be used to prove a senders identity.Once its delivered, the recipients device will validate that certificate and decrypts the message as it normally would.
Sounds fancy, but in reality nothing changes at the surface level the app will send your messages securely over an end-to-end encrypted connection. But behind the scenes at the service level, the new handoff mechanism makes the service more resistant to metadata.
The new feature will be enabled by default when it rolls out in a future stable release.
Since its inception, Signal hasnt collected or stored data. By engineering the service so that it can deliver messages while cutting itself out of the loop, the app maker cant turn over data to governments when they come knocking with a warrant. That point was proven two years ago when the FBI demanded that Signal turn over all the data it had on one particular user.
Signal responded with all the data it had a timestamp of when the account was created and its last connection date. The information was effectively useless to prosecutors.
These protocol changes are an incremental step, and we are continuing to work on improvements to Signals metadata resistance, the blog post said. In particular, additional resistance to traffic correlation via timing attacks and IP addresses are areas of ongoing development.
In other words, your data was never stored but now it cant be.
The new feature will be enabled by default in a future version of Signal. Its heading into beta in the next few days.
See also:
Leave a comment
  • Latest
  • Read
  • Commented
Calendar Content
«     2020    »