The body of my text possess EXTRA STRENGTH,
power-lift the powerless UP outta this towerin' Inferno,
my ink so hot it burn through the journal,
I'm blacker than midnight on Broadway and Myrtle...(i)
This is the first installment in a new Dorion Mode series that'll analyze the merits of various Internet chat systems. Chat is commonly defined as real-time, synchronous communication. In practice though, it's often used asynchronously, as anyone who has sent a text message has likely ran into a situation where they ended up waiting hours or days before receiving a reply. Chat has emerged to become a popular form of Internet communication. While popular, the ecosystem is quite sharded in that there are a plethora of options on the market. We'll proceed on the basis of how systems work in nature and mutilate first the biggest system that Silly Con Valley has produced so far : Signal. Signal is a standalone service that has some 40 million users, but is also the protocol that Meta's(ii) WhatsCrapp uses which, by some metrics, has over 2.5 billion users.
One of the costliest burdens of surviving these Dark Modern Ages in which we're living is untangling the modernist hijacking of traditional definitions employed in their marketing propaganda. So let's take some time to properly define what we're discussing.
In the traditional definition, a network protocol is an established set of rules that determine how data is transmitted between computers across a network. A protocol allows connected machines to communicate with each other, regardless of any differences in their internal processes, structure or design. The implementation details of the protocol are left up to the publisher of an implementation of the protocol to decide. When it comes to software, the publisher may decide the programming language, database, interface, operating system portability, etcetera. The software can be implemented on an array of hardware, such as amd64, i366, ARM, PPC and the list goes on ; the choice of which hardware to support is again left to the publisher of the implementation. The core of the publisher's task is ensuring his software conforms to the protocol. Ideally the protocol is minimal, but in any case, the publisher can't change it. All other decisions apart from adhering to the protocol rules are at the discretion of the publisher, but note that the publisher is in principle also held to account by the market(iii) and is incentivized to innovate on a variety of domains from security level to efficiency to interface to aesthetics and the list goes on. Open protocols allow for a multitude of implementations to coexist and/or compete and operators using the protocol have the choice of which implementation suits them. If no extant implementation suits them, they are free to make their own and can stand firmly on the knowledge the rules of the game won't be changed out from under them.
Signal does not operate in the traditional, open sense of a network protocol. Signal is in fact a closed protocol that forces its choices on its users. In this sense, it operates more like a centralized platform or product. Platforms are traditionally centralized systems in which the publishers make all the decisions and users either swallow whole(iv) all those decisions --often without any transparency as to what the changes are-- or get banned. There is at least one emergent decentralized product that has an open protocol, it's called Eulora2, and I'll be analyzing that in an article to come. For this article, I'll show why and how Signal is a closed protocol run atop a centralized platform and what the consequences of that are for its users.
The leper's bell of the closed protocol, centralized platform model is they tend to infantilize and disable users (always under the guise of benevolence) and close down horizons in the user's mind so as to facilitate their exploitation and ideally in a way they never manage to detect. The hallmark of open protocols and decentralized products is they treat clients like adults and thus create an environment and incentives that enable them by opening up opportunities and thus engender higher quality, long term client service.
Now armed with some proper definitions, let's aim our bullshit detectors and analyze both the claims made by Signal and its overall structure. To lead off, let's read their official development ideology together :
Truths which we believe to be self-evident:
- The answer is not more options. If you feel compelled to add a preference that's exposed to the user, it's very possible you've made a wrong turn somewhere.
- The user doesn't know what a key is. We need to minimize the points at which a user is exposed to this sort of terminology as extremely as possible.
- There are no power users. The idea that some users "understand" concepts better than others has proven to be, for the most part, false. If anything, "power users" are more dangerous than the rest, and we should avoid exposing dangerous functionality to them.
- If it's "like PGP," it's wrong. PGP is our guide for what not to do.
Did you catch the whiff ?
For number one, "let's disable the user and limit choice." No further comment.
For number two, "the user is dumb and will stay dumb." Maybe it's the case, dear reader, that you don't know what a cryptographic key is, today, as you read this text. While everyone's born stupid, people do indeed learn things and, as someone who does know what a key is and how to use one competently --in anger-- but has never been accused of being some maths genius, I can tell you that cryptographic keys aren't really harder to learn about than a wide array of things people do in fact learn to navigate the complexity of the modern world. More importantly, using a cryptographic key competently doesn't require one to know all the math involved in detail. It does require one to have some computer hygiene, but that's certainly achievable with some practice and a competent guide who will treat you like an adult. Some practice means about the time it takes to learn to drive stick, maybe less, not the "practice, practice, practice" it takes to play Carnegie Hall.
For number three, "everyone is an idiot and people who don't think they're idiots are dangerous, but we, your priestly developer Gods, we're infallible." This "there are no power users" is particularly offensive and logically inconsistent. Conceivably, the developers of Signal are users of Signal ; they eat their own dog food, don't they ? Do they then not understand the concepts at hand ? I understand the aversion to time wasters who claim to know better than they actually do and I can see them being dangerous in the sense that interacting with them often results in time being lost. The solution to the problem of limiting one's exposure to idiots is the WoT, not making the claim that competent people are some sort of unspecified "danger". Claiming "competent people don't exist and even if they did we should aim to disable them", is most likely a defense mechanism to protect an over-inflated ego from being popped.
For number four, "we want to do the opposite of the strongest, publicly available encryption tool that has secured communications and software distribution for decades for millions of people." Pretty Good Privacy (PGP) is an Internet standard, described in RFC(v) 4880, that describes message formats for services that include confidentiality, key management, authentication, and digital signatures. The slight at PGP comes from the observation that only several million people apparently use it. Instead of asking the question, why do only several million people want to do the light work to enforce end to end encryption in their communications and what can be done to improve the numbers, Mike Benham(vi) --Signal's creator, CEO until 2022 and Emeritus board member-- blames implementations of PGP for having poor interfaces in his 2016 blog article GPG and Me.
This so called development ideology Signal is pushing may ring a bell from another context as they are in fact graphical user interface design principles. To quote from a chunk of an older article on this here blog :
In GUI systems, instead of using words, pictures are the primary mechanism of information exchange between the user and the machine. Sure, maybe some of the pictures are labeled to help the n00bs learn to point and click at them, aka click and cluck, but the keyboard is not the primary driver of machine navigation, it's the mouse or the swiping finger on the various touchscreens, aka fondleslates. At the end of the day though it's all a big crutch because the pictures being clicked result in some command being issued on the system. Instead of learning to issue the commands directly, the user is trained to become dependent on the seeing eye dog called the GUI, woof. While this might result in saving of some upfront learning, the cost of translating the underlying commands and operations to pictures with rounded corners clickers and cluckers feel good about is millions of lines of code that no one understands and a
culturevalve of escapism for those satisfied with being illiterate. In other words, the cost is bureaucracy and it should then be no surprise the Microsoft and Apple viruses spread so widely in socialist America ; they're not there to empower, they're there to provide the trappings, the hot air for inflating pretentious claims of "progress" and "revolution", while all the while keeping the sheeple dumb, dependent and regularly paying licensing fees for forced "upgrades".
They want you crippled so you're easier to quarry. In the land of the blind, the one eyed man is King.
To tie off the ideology thread, in 2016, Benham wrote, "cannibalizing a federated application-layer protocol into a centralized service is almost a sure recipe for a successful consumer product today." Why is this ? Because centralized control allows the owners of the product to make decisions on behalf of the hordes of consumers who are dumb enough to go along blindly. While this may be a tried and true method for herding sheeple, it runs in direct contradiction to the requirements of a secure system, for a system is only as secure as its weakest link. It doesn't matter how good your practices are if, on the other end of the wire, the people you're encrypting to leak like a sieve. Which is a good bridge into the concrete weaknesses of Signal that detonate the, "end to end encryption", security claims it makes.
For all the claims Signal makes about encryption, it doesn't actually use encryption keys as the fixed point of control to authenticate a user's access to the platform. In order to use Signal, you have to verify a phone number with them. This means, pretty much all users are installing it on a phone.
One weakness in this scheme is a phone number isn't something a user can own. SIM swapping is something that happens regularly, like how that rather relatively sharp econ writer lost his number and a whole lot more that was tied to it just last year. In short, a phone number is a tissue paper thin form of identification and a poor choice for a system claiming strong anything, cryptographic identification and authenitcation included.
Another, but by no means secondary, weakness is phones are a poor match for cryptographic applications because they have poor sources of entropy and any cryptographic system is only as secure and strong as the entropy source that lies at its root. Without an external, naturally derived source of entropy, which is the case for all phones and pretty much all computers(vii), the lame-stream practice is to use a program that generates psuedorandomness. Computer programs being deterministic definitionally cannot produce cryptographic entropy. As Von Neumann observed in '49, "Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin." That is, there are no true "random numbers", just random processes from which numbers(viii) for cryptographic use can be mined. Thus, independent of how airtight Signal's encryption software might be, the system is cut off from the roots of cryptographic security through the widespread usage of weak entropy.
Yet another weakness of this scheme is that the dependency of phones and phone numbers pretty much shoots any user's hopes of anonymity or pseudonymity in the head. It's dead, gone, dunzo, fugetaboutit. While one certainly can acquire a throw away phone number to register an account with Signal, it's more likely than not your messaging counterparties are saving that number in their phones' address books. Are they using some cryptic name to label you ? In all likelihood, at least someone you communicate with labels you by your family/government name in their address book and then backs up that information to the Google or Apple cloud, not to mention the "over nine thousand" other apps that require or are given address book access. You might not be leaking like a sieve directly, but how about your messaging counterparties ? Hm ?
"But Signal's code is open source and you can run your own server," you counter. Fair point, dear reader. Open source it is, but did you ever look into compiling the desktop code yourself ? Before you can even compile the Signal code you have to compile some 90 --that's nine zero-- dependencies. Has anyone even read all of those, let alone begun to understand them and how they fit together ? With what assurance can anyone honestly say the code is secure if the codebase is so big it's unlikely anyone has read all of it ? And if you've ever used the thingamajig, they force an update on you about every quarter, which means they're introducing new code that breaks backwards compatibility. Thus, to use it, you have to take regularly scheduled, experimental booster shots no one understands, but of course, of course it's for your safety and everyone else's too. Sound familiar ?
As far as running your own server, did you ever look into running one yourself ?
For one, if you do, Signal does their best to discourage you from communicating with their servers and thus the network of users using Signal's official app. To quote Benham from 2016 :
I'm not OK with LibreSignal(ix) using our servers, and I'm not OK with LibreSignal using the name "Signal." You're free to use our source code for whatever you would like under the terms of the license, but you're not entitled to use our name or the service that we run.
And reiterated by one of the lackeys in 2020 :
we really don't want forked versions of the app maintained by other parties connecting to our servers.
For two, Signal maintains no official documentation for installing the software. In one of the unofficial guides I came across, the requirements to run the server are :
- SSL Certificate of your server's domain (For secure communication)
- Google Recaptcha (For anti-spam in authentication)
- Firebase (For push notification)
- Twilio (For SMS OTP & Voice Call)
- AWS S3 & Cloudfront (For Attachments & CDN. Can be substituted with MinIO & LocalStack)
- AWS SQS (For CDS queue)
- AWS DynamoDB (For nosql database)
- Micrometer (For monitoring)
- Fixer (For payment)
I'm not going spend any of our precious time together going into details of any of these requirements as I reckon it's clear to the casual, honest observer by now that Signal is simply centralized, crappy icing coating a giant, dog-shit-and-vomit-filled, centralized cake. Do you see what I mean now when I say Signal is disabling and exploitive of users ? It disables anyone who knows what they're doing from operating with best practices and then exploits user's hopes of security with a whole lot of marketing to cover for a mess of hardware, software and third party infrastructure that doesn't come close to passing the sniff test for anyone with a sense of smell.
Maybe, maaaaybe, Signal isn't selling user information directly, but can the same be said for the companies its code depends on ? Hm ? For all the people that say, "sure, WhatsApp uses the same protocol as Signal, but I don't trust Meta, so I'm going to use Signal when I need secure comms," how does it feel to learn Signal depends on Google, Amazon and others cut from the malignant Meta cloth ? The Dunning-Kruger response would be cognitive dissonance ; maybe you get mad and lash out at the "bad words" in my prose. The rational, dignified, human response would be to say, "not good," and then search high and low for an actual solution to the problem of secure communications on the Internet and start using that.
So then, wut do ? For one, if you want actual privacy, quit deluding yourself with the noisy propaganda Signal emits and wipe that shit from your systems ASAP. If you want convenience for communicating with people stuck in centralized platforms built on closed protocols, you're better off using WhatsApp since there are more warm bodies over there, but don't lie to yourself that it's giving you any privacy there either. Pretend what you write there will be published the front page of The New York Times something that's widely read. For two, the Dorion Mode forecast says there's a 100% chance it'll be raining scissors so stay tuned for the next couple articles on systems that'll enable you in fighting your way out of the paper bag called modern socialism.
P.S. Perhaps you might also want to reconsider the opinion you've been fed of all those "notable people" who recommend and claim to use Signal. Yes, Elon Musk pushes Signal and he also pushes dogecoin. And Snowden gave the goods to The Retardian, and they left some 99% unpublished, collecting dust. Not substantially different than all those celebrities pushing "FTX", nu-i asa ? Meanwhile... meanwhile... meanwhile... "there is nothing novel in the world apart from the history you didn't know," and all that.
Salud !!!
- ... you want to know how to rhyme ?
You better learn how to add,
it's simple Mathematics...
from the mighty Mos Def. [^]
2021-12-08 jfw diana_coman: what do you make of the present hype around 'metaverse' projects? cheapened imitation Euloras from the superficial & just-want-to crowds?
2021-12-08 diana_coman on 'metaverse', all I really know is that fecebook's greatest innovation to date is to change its own name, so you'll have to fill me in as to what else it is they claim they are doing there exactly.
2021-12-08 jfw re fecebook (heh), they're pouring money into it, such as acquiring that startup with the VR goggles; presumably so as to sell ads in and data from activities in virtual space. more recently I saw the 'assets on the blockchain' types are jumping in, aiming to keep it decentralized, by buying virtual real estate in the ...centers
2021-12-09 diana_coman jfw: on metaverse, what you are describing sounds to me pretty much in the vein of 'trying to follow/adopt the microsoft model', basically too much money and well, tin-women would be sexist so it'll be virtual-assets. In short, the change seems to be from fecebook to metaworse.
2021-12-09 diana_coman dorion, how's the writing going?
[^]- If the publisher is some prince who is primarily motivated by his own usage preferences and needs, the market is not likely to have much influence on his implementation decisions. [^]
- They expect you to get used to chronically sore jaw. [^]
- RFC stands for Request For Comments as is a framework for establishing Internet Standards that dates back to the APRANET of the '60s. Some examples you might be familiar with --or at least have undoubtedly used if you're reading this text-- are Internet Protocol (IP) version 4, defined in RFC 791 ; Transmission Control Protocol (TCP) defined in RFC 9293 and Hypertext Transfer Protocol (HTTP), first defined in RFC 1945. [^]
- He's better known by some gay name he gave himself trying to be all edgy, but I won't recognize such nonsense though. [^]
- Unless you buy a dedicated entropy source from a company like ^]
- A cryptographic key is a number, after all. [^]
- A fork of Signal's codebase that aimed to be more secure that Signal itself. [^]
[...] first article in this chat systems analysis series covered Signal and for the tl;dr crowd the conclusion reached was : Signal's marketing claims of being a secure [...]
Pingback by Chat analysis : the ever enduring IRC on Dorion Mode - A blog by Robinson Dorion. — August 2, 2023 @ 17:46
[...] the untrusted device next to a source of white noise for extra protection. [↩]Whatscrap, Noise- I mean Signal, and Shillegram promise end-to-end encryption, but even if you trust their software (only God knows [...]
Pingback by GPG Over Analog - Hardware Device for Secure Voice Communications « whaack — October 8, 2023 @ 00:07