Why I'm Concerned About Signal

preview_player
Показать описание
The last month's been an odd turn of events for Signal's treatment of security researchers...what does it mean for Signal messenger? Despite it being my favorite messenger, it's hard for me to ignore some of these events from an overall solid service.

We cannot provide our content without our Patrons, huge thanks to:
BRIGHTSIDE Clark Ente Larry Richard Afonso Brad JohnnyO kevin 'love your content' Poaclu x

0:00 Setting things up
0:30 Our sponsor: Notesnook ❤️
1:30 What happened with Signal?
3:14 So what's *actually* the issue?
7:19 Takeaways for you and what you should do.
#signal #message #techlore
  1. Techlore
  2. signal messenger security
  3. signal messenger mysk
  4. signal messenger
  5. signal
  6. signal security
Рекомендации по теме
Why I'm Concerned 0:09:13

Why I'm Concerned About Signal

Is Signal Still 0:06:53

Is Signal Still Secure?

FBI Demands User 0:09:38

FBI Demands User Data From Signal - Here's What They Got

15 Things You 0:12:59

15 Things You Didn’t Know About SIGNAL

Why Elon Musk 0:05:06

Why Elon Musk is pushing Signal

How To Fix 0:03:14

How To Fix An iPhone That Keeps Dropping Cellular Signal

Never Worry About 0:08:00

Never Worry About Your Phone Signal Ever Again!

Why Use Signal? 0:15:00

Why Use Signal?

The Signal | 0:50:06

The Signal | The world has been mapped — so does a geographic education matter in today's world...

How to Boost 0:03:23

How to Boost iPhone Signal (Service)!

Only One Check 0:04:35

Only One Check Mark On Signal - What Does It Mean?

How to Boost 0:00:23

How to Boost Iphone Signal (Fast) #shorts

Why Is My 0:07:06

Why Is My Gotv Showing No Signal

How To Know 0:05:29

How To Know If Someone Blocked You On Signal

Why does my 0:10:16

Why does my drone keep losing signal? 7 simple checks...

Doctor Exposes Transgender 0:03:34

Doctor Exposes Transgender Propaganda | The Daily Signal

How to BOOST 0:03:48

How to BOOST Phone Signal /Boost your phone network connection

Missing channels? Lost 0:01:28

Missing channels? Lost your satellite signal? Here's how to refresh the SiriusXM radio in your ...

We Still Don’t 0:00:58

We Still Don’t Know What The Signal Came From 🤔 #interesting

FINALLY! LG's No 0:08:20

FINALLY! LG's No Signal Message Can Now Be Turned Off on C1 (& CX Soon)

Attention All Crypto 0:39:12

Attention All Crypto Investors! [Only BUY When This Signal Fires]

Improve your phones 0:00:36

Improve your phones WIFI range to get better signal 🤯 #shorts #phone #tips #hacks #samsung...

Did you know 0:01:00

Did you know it costs over $800,000 to install a traffic signal? #illinois #transit #citynews

[S2FM] Russell after 0:00:12

[S2FM] Russell after he loses Alyx's signal for 5 seconds

Комментарии
Автор

Also please please leave your thoughts below on the situation, really curious to hear! You all had some great takes on my last video

techlore
Автор

Ghosting then blocking a experience security researcher is a giant red flag for a Signal company.

glyslay
Автор

This problem is present in whatsapp as well as telegram.

RealGigaMind
Автор

This has been a ridiculous oversight for many years.
Anyone without full disk encryption is at risk of having ALL their messages stolen. It's also noteworthy that any user must also trust their conversation partner to ALSO have good physical security, because messages could be stolen from two sides!
What's even more annoying: You cannot change the default directory where the user data is stored! At least brave has a flag that allows you to set the path for user data to a different directory (like a container). No such option for Signal. HUGE oversight. It's actually embarrassing how sloppy this is.

vicinityfpv
Автор

I can't see any way around the endpoint security problem other than having to provide a password to Signal every time you start it. This is in great conflict with their ease-of-use requirement that's a core of why it's so easy to get people to use Signal.

Briar does this, and it's a huge pain.

I can see having this as an optional feature that people can turn on. And perhaps that's what they ought to do. Maybe they can think of something more clever than I can. But I would be really surprised if they could, and very eager to see what it was if they did. They did surprise me on just how cleverly they managed the handle issue.

Omnifarious
Автор

If you sit still in the dark and say "Moxie Marlinspike" 7 times, he'll materialize and unf00k this situation. It is known.

killbotprime
Автор

If they did fix it, it was super on the DL. To those on Mac, go into your Keychain and (if running the Signal Beta), you SHOULD see Signal's "safe storage" in the Keychain.

jordank
Автор

SimpleX looks like a good Signal replacement in the future.

gmabber
Автор

"The local security threats on your machine" attitude reminds me of Windows, where Microsoft doesn't care that anyone with physical access can just work around the login since ever.

cjjkdce
Автор

Bro, pls make 2024 best messengers comparison pls!

Ktnmdl
Автор

Kudos for acknowledging your sponsorship. You definitely didn't do that in your last videos for DeleteMe and Synology.

janice-ldpf
Автор

I'm still using Signal, and, like you said, this vulnerability was *known* since 2018, which means those for whom this vulnerability was relevant to their threat model could take steps to mitigate the risk. In other words, Signal didn't hide this vulnerability or try to do some kind of coverup. But, I agree their response hurt people's trust and raises questions about what direction they're going.

My solution has been to compartmentalize based on needs. I use Signal and Telegram for different purposes. I identify what my needs are and patch things together.

Thankfully my security needs are not as demanding as they were some years ago, but, this is why I didn't use Signal on desktop when this was discovered because my security needs couldn't tolerate that vulnerability.

DavidIstre
Автор

The problem with the people working at Signal is that they're incredibly arrogant and have been this way for years.

It's a strange hostility that really makes no sense.

Wooperplus
Автор

If they did roll out a fix, either it's not retroactive or it doesn't include all data. I just went and thru the local data store for desktop Signal on my laptop and foundunencrypted copies of image attachments from messages.

gerowen
Автор

This is concerning, so I appreciate you bringing this up and sharing your thoughts. Thanks, Henry.

Faeanxrchy
Автор

Thanks for the attention to this topic.

rocvan
Автор

If Signal isn't concerned about "local" security threats on my machine, then whey can't I export my messages to a local file. At that point it would be my problem to protect them. All I wan't Signal to do is provide point to point security. Let me manage my messages once they get to my computer.

billb
Автор

You forgot that they keep using an insecure ssl version

dunar
Автор

This is a unfortunate situation on what happened to Signal. A big breach of trust to their community. Going to be interesting on what people do/migrate over to (if people do at all). Great video, and a great level-headed response! Thank you

redeyesdrogon
Автор

Meredith is more concerned about collecting awards for herself as an activist against AI, than actually doing anything of significance with Signal.

IHLWonk
welcome to shbcf.ru