Comment

Comment on TikTok Refuses to Confirm or Deny That It's Providing User Data to ICE

<- View Parent

itsmistermoon@piefed.social ⁨2⁩ ⁨weeks⁩ ago

So, no way I’m trusting Signal

source

Sort:hotnew top

AlecSadler@lemmy.dbzer0.com ⁨2⁩ ⁨weeks⁩ ago
If/when Signal has complied historically, they hand over what they have…which is to say, pretty much nothing.

I’ll take Signal any day over private Facebook chat, Whatsapp, or even telegram.

source
- atropa@piefed.social ⁨2⁩ ⁨weeks⁩ ago
  https://thehackernews.com/2026/02/german-agencies-warn-of-signal-phishing.html?m=1
  
  source
  - Bazoogle@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
    
    The attack chain is as follows: the threat actors masquerade as “Signal Support” or a support chatbot named “Signal Security ChatBot” to initiate direct contact with prospective targets, urging them to provide a PIN or verification code received via SMS, or risk facing data loss.
    
    Should the victim comply, the attackers can register the account and gain access to the victim’s profile, settings, contacts, and block list through a device and mobile phone number under their control. While the stolen PIN does not enable access to the victim’s past conversations, a threat actor can use it to capture incoming messages and send messages posing as the victim.
    
    That target user, who has by now lost access to their account, is then instructed by the threat actor disguised as the support chatbot to register for a new account.
    
    Don’t give your signal PIN to someone via text? And even if you did, they still don’t have your message history.
    
    source
    atropa@piefed.social ⁨2⁩ ⁨weeks⁩ ago
    Thanks for info ,I started recently with simplex chat
    
    source
Bazoogle@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
They have a page dedicated to everything they have given over to the US government: signal.org/bigbrother/

Signal themselves cannot decrypt the messages, so they are literally not able to provide any substantial information to the government. They can literally only provide two timestamps, when the user registered and the last time they connected to the server.

the only information we can produce in response to a request like this is the date and time a user registered with Signal and the last date of a user’s connectivity to the Signal service.

source

source
scytale@piefed.zip ⁨2⁩ ⁨weeks⁩ ago
If it’s truly E2EE, then it doesn’t matter if they’re forced to hand over the data.

source
- Bazoogle@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
  It is well and truly E2EE. They have a page on their site dedicated to what information they have given to courts/government bodies: signal.org/bigbrother
  
  source