1. 10

  2. 4

    I thought Moxie’s response on HN (technically responding to the wired article, but I don’t think he would say anything substantially different about the blog post) was really good. The conclusion of which is

    To me, this article reads as a better example of the problems with the security industry and the way security research is done today, because I think the lesson to anyone watching is clear: don’t build security into your products, because that makes you a target for researchers, even if you make the right decisions, and regardless of whether their research is practically important or not. It’s much more effective to be Telegram: just leave cryptography out of everything, except for your marketing.

    1. 2

      Nonsense. If you build an end-to-end encrypted thing you inherently call the server your adversary. Hence, don’t handle key management in the server.

      1. 1

        I think this accurately highlights a real problem with how security and privacy are talked about in popular culture and even in many technical outlets: they are seen as something you either have or don’t. In reality, of course, all technology has to balance security with other concerns, such as usability, cost of building and maintaining the product, technical feasibility, etc. There is no such thing as completely secure software, only software which is secure enough for a certain purpose. Signal says that their service is designed to combat passive surveillance, and I think you could make a case that what this article is describing is more of an active/targeted attack. Which, of course, is not an argument against plugging the hole in Signal’s model if possible.

        Signal has done a pretty good job of maximizing security while providing a nice user interface. It is probably worth pointing out that it is still a better option than many of the alternatives in articles like this one.

      2. 1

        Not sure why they don’t have a paranoid security mode setting. With Matrix E2E you have to accept the keys of everyone and every device they’re chatting with and if someone new or a new device joins a group chat you can’t even send a message without a warning and accepting the keys of the new devices/users.

        I know they want to be user friendly and this is above the average person’s head but that’s the trade off. At least let advanced users have more security.

        1. 1

          If all you want is the TL;DR, here’s the headline finding: due to flaws in both Signal and WhatsApp (which I single out because I use them), it’s theoretically possible for strangers to add themselves to an encrypted group chat. However, the caveat is that these attacks are extremely difficult to pull off in practice, so nobody needs to panic. But both issues are very avoidable, and tend to undermine the logic of having an end-to-end encryption protocol in the first place.