2016 has been a rough year in terms of privacy, to say the least. From the Snoopers Charter finally passing in the UK to the recent am endment of Rule 41 in the United States, the world’s superpowers are becoming increasingly more aggressive in their reach.
Maintaining anonymity online, while holding on to the ever decreasing amount of privacy is beginning to look like a pipe dream for many. Luckily, in a world of instant messaging apps riddled with backdoors, some companies continue to treat privacy as a virtue. Cue Signal…
Signal is a fully encrypted instant messaging service available for both desktop and mobile. At first glance, you might think, “so what? There are plenty of other encrypted messaging apps out there. What makes this one particularly special?”
Well, a lot, really. For starters, Signal (unlike many of its competitors) is open source – meaning that the entirety of its code can be inspected by anyone. On top of the unmatched transparency, Signal is also one of the rare few to implement forward security – ensuring that in the rare event your encryption key is compromised, attackers will not be able to go back and decrypt any messages from the past.
If you’re not sold yet, it gets better. All of the messages sent via Signal remain encrypted as they pass through the company’s servers, meaning that even the creators of the app couldn’t read your messages if they wanted to. Furthermore, Signal stores virtually no information on any of their users, including metadata and contact books.
How does it work?
Though the technology behind Signal is quite complex, the general idea is surprisingly easy to understand. When you first message someone through Signal you exchange what are called “cryptographic keys.” These keys will allow you to decrypt and read incoming messages from that specific person. Anyone else (without the required key) will not be able to read the message, even if they manage to intercept it.
There’s no argument – Signal’s security is top notch, but that doesn’t mean everyone loves it. Critics of the app point out the inability to use the messaging platform on multiple handheld devices simultaneously. Some users also report slower than average syncing times between operating systems – several citing a delay of several minutes.
Another, more trivial complaint, includes the inability to send “stickers” like on Snapchat or Facebook Messenger. Obviously, this is hardly a concern when important issues like privacy are on the line, but I thought I’d mention it for transparency’s sake.
Open Whisper Systems, the development team behind Signal, is already working on bringing some of these features to the app. They’ve recently added GIF support for Android, with the iOS update coming soon. Additionally, multi-device support is also in the works, and we’ll see that update hit the app stores in the coming months.
Though not perfect, Signal is heaps ahead of the competition in terms of transparency and security. As a result, the app has received praise from security experts and privacy advocates alike. Whistleblower Edward Snowden went as far as to say “use anything by Open Whisper Systems,” clearly showing his trust in the company.
That being said, no single piece of technology is invincible, and encrypted messaging applications like Signal are only as secure as the device you install it on. In other words – there’s still a possibility that attackers (or intelligence agencies) can gain access to your communications by breaking into your smartphone and circumventing the encryption.
Regardless, IM apps sporting end-to-end encryption, make gathering data exponentially more difficult for prying eyes. There’s no reason not to download Signal and at least give it a shot, after all – it’s free and secure.