Security Market Segment LS
Wednesday, 05 October 2016 19:23

Messaging app Signal proves its security credentials


The messaging app Signal has been shown to be the best for those who care about their privacy, with the company behind it being unable to provide anything more than the duration of a user's membership after it received a subpoena.

Open Whisper Systems is behind Signal and redacted documents showed it received a subpoena from an assistant attorney in Virginia demanding email addresses, history logs, browser cookie data and other information associated with two phone numbers as part of a grand jury probe.

The problem was that the man behind OWS, well-respected security researcher Moxie Marlinspike, could not hand over such information even if he wanted to; Signal does not store such details.

The app provides end-to-end encryption and a court order accompanying the subpoena meant that Marlinspike was not allowed to tell anyone about it for a year.

But the American Civil Liberties Union took up cudgels on Marlinspike's behalf and the gag order was rescinded.

marlinspike big

Moxie Marlinspike at the RSA conference in San Francisco in March this year.

OWS said in a statement: "We've designed the Signal service to minimise the data we retain about Signal users, so the only information we can produce in response to a request like this is the date and time a user registered with Signal and the last date of a user's connectivity to the Signal service.

"Notably, things we don't have stored include anything about a user's contacts (such as the contacts themselves, a hash of the contacts, any other derivative contact information), anything about a user's groups (such as how many groups a user is in, which groups a user is in, the membership lists of a user's groups), or any records of who a user has been communicating with."

The ACLU has now put up a full set of documents associated with the case on its website.

In an accompanying blog post, ACLU staff attorney Brett Max Kaufman wrote: "The First Amendment requires that to close courtrooms or seal evidence — and especially to prohibit a party from speaking publicly on a matter of public concern — the government (must) demonstrate a compelling interest in secrecy, and it must apply that secrecy in the narrowest possible way.

"But instead, the government appears to seek blanket gag orders by default, without considering precisely what information can be disclosed without harm to its interests."

He added: "To its credit, the government quickly agreed with us that most of the information under seal could be publicly disclosed. But the fact that the government didn't put up too much of a fight suggests that secrecy — and not transparency — has become a governmental default when it comes to demands for our electronic information, and critically, not everyone has the resources or the ability to work with the ACLU to challenge it."

Signal is available for both iOS and Android; a desktop client can be used by those who have the app on their smartphones.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments