For most: yes, there is a risk that the vendor has included a backdoor. There is also the risk that they are straight-up lying about how their service operates.
For Signal in particular: You can verify that their claims are true because you can audit the source code.
The Signal client is open-source, so any interested parties can verify that it is A) not sending the user’s private keys to any server, and B) not transmitting any messages that are not encrypted with those keys.
Even if you choose to obtain Signal from the Google Play Store (which comes with its own set of problems), you can verify its integrity because Signal uses reproducible builds. That means it is possible for you to download the public source code, compile it yourself, and verify that the published binary is identical. See: github.com/signalapp/…/reproducible-builds
You might not have the skills or patience to do that yourself, but Signal has undergone professional audits if anyone ever discovers a backdoor, it will be major news.
You are more likely to be compromised at the OS level (e.g. screen recorders, key loggers, Microsoft Recall, etc.) than from Signal itself.
superglue@lemmy.dbzer0.com 13 hours ago
No. Signal encrypts every message on the device itself before sending to Signal servers. You can even confirm this yourself by looking at their github.
Whats app claims they do this but its impossible to confirm. Its extrenemly likely that either they dont encrypt at all or they have the decryption keys.
RIotingPacifist@lemmy.world 13 hours ago
In The method described, it doesn’t matter if Signal encrypt the message before it leaves your phone, the plaintext is still in the app and gets sent to Meta while also being encrypted.
It’s basically impossible to know this isn’t happening based on reading source code, because the code to load widgets doesn’t have to be remotely close to the messaging code, you’d have to read the entire signal code based.
There is way to know that the code you read on GitHub is the code Google/Apple install on your phone.
just_another_person@lemmy.world 12 hours ago
🤣🤣🤣😂
Bruv, before Signal launched they posted an entire whitepaper detailing their protocol, the working mechanisms of the system, and source code. So to reply to your 3 points:
If you don’t understand how any of this works, it’s just best not to comment.
pressanykeynow@lemmy.world 1 hour ago
What if the malicious actor is not Signal but Google or the hardware manufacturer?
Can we check that the encryption key generated by the device is not stored somewhere on the device? Same for the OS.
Can we check that the app running in memory is the same that is available for reproducible build checks?
Can we check that your and my apps at the moment are the same as the one security researchers tested?
RIotingPacifist@lemmy.world 12 hours ago
Why would any message be plaintext?
Fair you could have just said they have reproducible builds or linked to the docs: github.com/signalapp/Signal-Android/…/README.md
Again you are missing the point of the attack
Back at you, even if you are right that signal is secure, the attack is not what you think it is.
EisFrei@lemmy.world 12 hours ago
protogen420@lemmy.blahaj.zone 11 hours ago
about the 3rd, is the end apk file downloaded by a useer on the playstore reproducible? could google add stuff to the apk before the user downloading it? do users ever bother checking if the apk hash matches the one from the reproducible build?