All Good Things Must Come To An End: Signal Encryption Under Threat

4 Mins Read

PUREVPNPureVPN UpdatesAll Good Things Must Come To An End: Signal Encryption Under Threat

The last few weeks must have been a great time to be Signal’s CEO, Moxie Marlinspike. For years, instant messengers (IM) had struggled to break a monopoly of the market by WhatsApp. To its credit, Signal encryption had a definitive edge over the rest of the competition. Simply named Signal Protocol, Signal boasts the most secure end-to-encryption out of all instant messengers. Moreover, its Sealed Sender adds an unprecedented layer of protection to all your communications. It does this by hiding the metadata of all messages shared via the app. Hence, there’s no way to tell which message was sent by which user. When WhatsApp announced its privacy policy updates, users were reluctant to give up their privacy so easily. Naturally, Signal gained heavily from millions of users abandoning WhatsApp for a more secure service. Signal’s encryption was hailed as the perfect alternative.

However, things are looking less glossy now, a lot like a used car during rush hour. This heightened attention has served to highlight several deficiencies in Signal’s operations. Since Signal cannot monitor or oversee how its services are being used, how can it possibly ensure its services are not being used to coordinate violent crimes, illegal operations, underage pornography, and inflammatory propaganda?

The Best Encryption Protocol On The Market

All instant messenger apps claim to provide their users the utmost level of privacy. End-to-end encryption has become a necessity while different apps offer varying levels of additional safety. These include self-destructing messages, no screenshots, and limits to how many times a user may view media. However, all of these measures pale when compared to all that Signal has to offer.

It all stems from Signal’s organizational structure. Unlike other prominent players in the IM market, Signal is fully owned by the non-profit organization, the Signal Foundation. Furthermore, it’s run by renowned cryptographers Moxie Marlinspike and Brian Acton. While Marlinspike was a member of the team that developed the Open Whisper Systems, Acton is the co-founder of WhatsApp. He left WhatsApp after its sale to Facebook, citing moral issues with Facebook’s plans for WhatsApp.

Hence, both individuals have a proven track-record of their commitment to user privacy. That translates well into Signal’s features. It offers users 2-Factor Authentication, biometric security, and 4-digit passphrases. This is where things get interesting as Signal encryption allows users to fully encrypt all their backup files in addition to encrypting all local media. As mentioned earlier, Sealed Sender ensures complete anonymity by obfuscating all metadata. Currently, no other app can match these features. Signal’s commitment to being the safest communication tool for its users can be seen quite clearly in all that it has to offer…and that is becoming a bone of contention for some of its critics.

Dealing With The Problem of Control

WhatsApp’s plans to update its privacy policy came at around the same time as the US Capitol riots. While Facebook, Twitter, and other apps faced flak for their inaction against fake news and the proliferation of conspiracy theories, it became apparent that new methods of moderation would be needed. Parler defied calls to reform how it moderates content, leading to complete alienation digitally. Few apps have suffered such a dramatic decline as Parler. Its unwillingness to properly deal with extremist content led to it being taken offline by Amazon, Apple, and Google. It may have proved to be the final nail in its coffin, with even its CEO admitting that it is highly improbable for the app to return. Signal faces a similar situation if it doesn’t chart its course carefully hereon in.

Several current and former Signal employees have raised concerns over how the service is virtually zero control over the content its users are sharing on the platform. Most prominent of these ex-employees is Gregg Bernstein, who told The Verge that, “The world needs products like Signal — but they also need Signal to be thoughtful. It’s not only that Signal doesn’t have these policies in place. But they’ve been resistant to even considering what a policy might look like.”

Signal has repeatedly reiterated its commitment to complete user anonymity. This has lead to many industry experts wondering if it even has the capability to extinguish any illegal content on the platform.

As the latest revelations indicate, in the run-up to the 2020 US Presidential elections, several employees wanted to know if the app had anything planned if white supremacists began using the app to coordinate their activities. The response they received was that it would be addressed whenever the company felt it needed to be addressed. In hindsight, that position may turn out to be extremely damaging.

Signal hasn’t released a statement over how it plans to deal with the possibility of its app being used for violent crimes. However, Marlinspike stated in an August 2020 interview that “the importance of protecting privacy should outweigh concerns that private channels are used for illegal activity.”

His position is understandable, considering how Signal exists as a service with a stern privacy-first approach. Moreover, the January 6th Washington riots have put Signal and all other privacy-focused IM apps in uncharted territory. Signal saw unprecedented growth in its user base after Parler went offline. This growth compounded further as a result of privacy changes on WhatsApp.

The Need For Innovation

Signal finds itself in a tough spot. It cannot soften its stance on its users’ privacy since the promise of utmost anonymity is its biggest unique selling proposition. However, not heeding to growing concerns over how the platform can be used to coordinate future extremist acts of violence could lead to a similar situation as Parler. This pressure to soften its ironclad encryption protocols is nothing new. The US government has been pressuring all social media platforms to build encryption backdoors for more than a decade.

As COVID-19 began wreaking havoc in March 2020, few outlets extensively covered the proposed Graham-Blumenthal Bill. The government’s most serious attack on encryption to date is designed to make it easier for agencies to gain access to information.

Signal has seen an enormous transformation in terms of its user base over the past few months. Its initial customer base of journalists and whistleblowers now appears to be just one of the many demographics it aims to capture. This is reflected in Signal’s decision to introduce a slew of new features. This includes chat wallpapers, animated stickers, and a short bio. As indicated in this earlier Telegram vs. Signal comparison, Signal’s begun appealing to a broader audience.

However, the most urgent issue at hand remains how Signal deals with mounting pressure over its handling of extremist content on its platform. It will be interesting to see how it plays out, considering technically Signal has no idea what its users are sharing via the app.

author

Yasir Nawaz

date

June 20, 2023

time

9 months ago

Yasir Nawaz enjoys writing on issues related to cybersecurity, digital privacy, and online streaming. A firm advocate of digital equality and freedom of access throughout the web, he believes no piece of consumable information should be restricted online. When he’s not busy writing on such immensely important issues, he finds solace in chess, reading, and staring into the abyss in his best Luke Skywalker impression.

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.