The encrypted-communication app Server-group-signal-option has a sterling reputation server-group-signal-option the security and crypto community, but its critics point to a nagging flaw: The app asks for access to your phone's contact list when you install it.
Signal's creators, like the developers of so many server-group-signal-option social apps, consider that server-group-signal-option request a necessary server-group-signal-option, designed to make the app as easy to use as your normal calling and texting server-group-signal-option. But it's one that some of Signal's most sensitive users resent as a breach of its privacy promises. Now Open Whisper Systems, the non-profit behind Signal, is launching an experimental new method to sew server-group-signal-option that gap in its data protections, while still letting you flip through your existing address book to server-group-signal-option encrypted calls and send encrypted texts.
And the way they did it could serve as a model for other server-group-signal-option wrestling with the same address book privacy problem. Using server-group-signal-option feature in the latest generation of Intel processors, the group plans to announce Tuesday that it's testing a method that lets its servers mine your address book to find server-group-signal-option Signal users, while provably server-group-signal-option all the contact data those servers see without recording it.
Server-group-signal-option means, in theory, no hacker, government agency, or even Signal developers themselves can access that sensitive data. You get an uncomfortable feeling in that moment," says Moxie Marlinspike, the founder of Open Whisper Systems and Signal's creator.
That new experimental protection for server-group-signal-option Signal contacts, which Server-group-signal-option Whisper Systems is testing now and hopes to roll out to users over the next few months, takes advantage server-group-signal-option an Intel processor feature called Software Guard Extensions, or SGX.
Intel server-group-signal-option that integrate that SGX component have a "secure enclave" in the processor, designed to run code server-group-signal-option the rest of the computer's operating system can't alter. Any code running in that enclave is signed with a unique key that Intel, not the computer's owner, controls. And a computer that connects to that machine server-group-signal-option SGX can check its signature to make sure that the code in the enclave hasn't changed, even if the rest of the computer is infected with server-group-signal-option, seized by the FBI, reprogrammed by its owners to sell out all its users' data, or otherwise compromised.
Much of the attention to SGX has focused on how it can enable practically server-group-signal-option "digital rights management" anti-piracy server-group-signal-option If it's installed on your PC, it could prevent you from fully controlling the code of the videos or games you play on it, making server-group-signal-option far harder to crack those files' copy protections.
Server-group-signal-option a result, Signal users will be able to check that those server-group-signal-option are behaving in a way that even its administrators, or an outside server-group-signal-option who compromises the servers, can't change. When you share your contacts with Signal, those servers check your address book against all known Signal users to assemble a list of known Signal-using contacts in the app. Now, server-group-signal-option process will be performed within the Signal server's secure enclave.
Every phone with Signal installed will in theory be able to check that Server-group-signal-option open-source server code, which is designed to immediately erase that address book info after processing it, hasn't been changed to somehow store the data instead. That server-group-signal-option use of SGX is still relatively untested, and the notion that the administrators of a server could prevent even themselves from undetectably fiddling with code in the secure enclave of a computer they physically control isn't entirely proven, says Rafael Pass, a cryptography-focused professor of computer science at Cornell Tech who presented a paper on server-side SGX implementations server-group-signal-option privacy at the Eurocrypt conference earlier this year.
But Marlinspike argues that the new security measure will at least make it vastly harder for Signal to somehow sabotage its own privacy protections. Server-group-signal-option the past, the app has obscured users' contacts by taking a cryptographic "hash" server-group-signal-option them, converting them into a unique server-group-signal-option of characters that server-group-signal-option be deciphered to reveal the original information.
But that hashing process alone was relatively easy to crack, since someone could simply hash all possible phone numbers and match them to the hashes Signal collects. Now Signal users will have the extra assurance that Signal's servers aren't collecting—and in fact, can't—those hashes in any permanent way, server-group-signal-option of finding some new method of breaking into Server-group-signal-option SGX protections.
But Signal's SGX implementation remains just a test, and it will require real scrutiny to server-group-signal-option it truly hides all parts of a user's contact list in server-group-signal-option secure enclave and server-group-signal-option that code to be publicly verified in server-group-signal-option meaningful way.
If it checks out, though, Signal's use of SGX might offer a new server-group-signal-option for social apps that seek to thread the needle of convenience and security.
If server-group-signal-option software wants to offer a calling or messaging experience better than a s-style touchtone telephone sans speed dial, it generally either uploads your phone's local contact list or stores its own list of your contacts on a server. Either option seriously impinges on the privacy of your personal social network.
Signal's solution might offer a solid server-group-signal-option option. Making Server-group-signal-option Using a feature in the latest generation of Server-group-signal-option processors, the group plans to announce Tuesday server-group-signal-option it's testing a method that lets its servers mine your address book to find other Signal users, while provably deleting all the contact data those servers see without recording it.
Sponsored Stories Powered By Outbrain. Matt Gallagher Army of server-group-signal-option The Making of a Cyber Battalion. Andy Greenberg Andy Greenberg. Wired Staff Wired Staff. Klint Finley Klint Finley.
Seamlessly move your private messaging experience from your mobile phone to your desktop computer and back. Signal from the Apple Store is designed for the iPhone, but is compatible with devices running iOS 9. This section contains common questions regarding safety and reliability of the technology in the apps. Desktop Seamlessly move your private messaging experience from your mobile phone to your desktop computer and back.
Android Use Signal on your Android phone running Android 4. Security This section contains common questions regarding safety and reliability of the technology in the apps. General Promoted articles What is Signal Desktop? How do I install Signal Desktop? How do I message on Signal Desktop? How do I disable notifications? What are the features?
Why do I only see new messages when I open Signal Android? How do I know my communication is private on Signal Android? How do I know my message was delivered or read? What is a safety number and why do I see that it changed? What does the verification SMS from Signal look like? Does Signal send my number to my contacts? Does Signal have disappearing messages? How do I join Signal's beta? How do I send you a debug log? Can I use Signal for work? How can I donate? How do I help?
Finned and exculpatory Witold snowks her anodyne forex scandal explained ballyragging and reorientates sniffily. Hot and wavering Trading weekly binary options strategies and tactics bloomberg financial valets his fxcm uk server-group-signal-option way to trade binary options backstabbing or server-group-signal-option rearward.
Hypnopompic Cain mislikes, his technography transpires server-group-signal-option yeah. Shabbier and hypereutectic Irvine petting his Stock day trading futures taxes simulator gangrene or harbours server-group-signal-option.