Why Signal is considered the most secure instant messaging app?
It stores only a few information about its users, and the events demonstrate it.
“Use anything by Open Whisper Systems” Snowden says.
The Cryptographer and Professor at Johns Hopkins University Matt Green and the popular security expert Bruce Schneier are other two admirers of the Signal app.
Why is it considered so secure compared to other messaging apps?
Security experts and privacy defenders are aware that almost any messaging app store a huge quantity of metadata on users’ activity, including data related to calls and messages. The analysis of metadata along side with other information, for example, data provided by Internet Service Providers, could reveal users’ identity.
The Intercept received the document, titled “iMessage FAQ for Law Enforcement,” as part of a cache originating from within the Florida Department of Law Enforcement’s Electronic Surveillance Support Team.
The log includes the date and time of the conversation and the user’s IP address, information that could allow identifying the user’s location.
Signal stores only a few information about its users and the events demonstrate it.
According to Open Whisper Systems who developed the Signal app, earlier this year an FBI subpoena and gag order demanded a wide range of information on two specific Signal users. Unfortunately for the FBI, the Bureau did not receive any precious information.
“In the “first half of 2016″ (the most specific we’re permitted to be), we received a subpoena from the Eastern District of Virginia. The subpoena required us to provide information about two Signal users for a federal grand jury investigation.” states a blog post published by Open Whisper Systems.
“We’ve designed the Signal service to minimize the data we retain about Signal users, so the only information we can produce in response to a request like this is the date and time a user registered with Signal and the last date of a user’s connectivity to the Signal service.”
The FBI demanded the following data on the two suspects, seeking a subpoena:
- Subscriber name
- Payment information
- Associated IP addresses
- Email addresses
- History logs
- Browser cookie data
- Other information associated with two phone numbers
But Open Whisper Systems provided only a few information that was not useful for the investigation, as you can see in the following image.
It is important to highlight that the OWS did not refuse to comply with the government’s subpoena, it simply had no data to share with the FBI.
“As the documents show, the government’s effort did not amount to much—not because OWS refused to comply with the government’s subpoena (it complied), but because the company simply does not keep the kinds of information about their customers that the government sought (and that too many technology companies continue to amass),” states a post published by ACLU. “All OWS was able to provide were the dates and times for when the account was created and when it last connected to Signal’s servers.”