Signal, the secure communication app recommended by Snowden

The program of Ana Rosa de Telecinco has revealed a series of text messages sent between the express Carles Puigdemont and the ex-counselor Toni Comín through the instant messaging app Signal. What is this app about and how is it different from others better known as WhatsApp?

The initial launch of Signal took place in July 2014. The app focuses on offering users privacy and security in communications. To do this, the messages and calls made through this application are always encrypted from end to end, in order to avoid their interception. In this way, Signal prevents a person outside of a conversation from reading conversations using a sniffer program, used to capture network traffic.

Image result for Signal, the secure communication app

Also, Signal only collects three relevant data about its users, according to its Privacy Policy: the registration phone number, the IP address and the contacts stored in your mobile phone (necessary to establish communication). WhatsApp, on the other hand, automatically collects numerous data from its users, such as usage and registration information, device information, cookies, as well as the location if the user has authorized it, as informed by its Privacy Policy.

In addition to encryption, Signal tries to ensure the privacy of communications by controlling time: messages can be configured to disappear after a pre-established period of time, between five seconds and a week, in all devices involved in a conversion. WhatsApp not only does not allow this option but it automatically makes backup copies of the conversations.

Signal has been recommended by Edward Snowden, an ex-officer of the United States Intelligence Community who revealed a series of documents related to the existence of secret NSA surveillance programs.

Image result for Signal, the secure communication app

Signal does not protect from photographs

The signal is not totally invulnerable: Telecinco has obtained messages from Puigdemont and Comín thanks to a photograph made on Toni Comín’s smartphone screen. But could this vulnerability have been avoided? Yes.

In the first place, the conversations between Tomín and Puigdemont could have been deleted automatically if this option had been configured. Also, there are applications, such as PGP Everywhere in iOS or OpenKeychain in Android, that make conversations unintelligible in the eyes of an external observer thanks to a cryptographic method known as asymmetric cryptography.


Enjoy this blog? Please spread the word :)