signal
Auto Added by WPeMatico
Auto Added by WPeMatico
Encrypted chat app Signal is adding payments to the services it provides, a long-expected move and one the company is taking its time on. A U.K.-only beta program will allow users to trade the cryptocurrency MobileCoin quickly, easily, and most importantly, privately.
If you’re in the U.K., or have some way to appear to be, you’ll notice a new Signal Payments feature in the app when you update. All you need to do to use it is link a MobileCoin wallet after you buy some on the cryptocurrency exchange FTX, the only one that lists it right now.
Once you link up, you’ll be able to instantly send MOB to anyone else with a linked wallet, pretty much as easily as you’d send a chat. (No word on when the beta will expand to other countries or currencies.)
Just as Signal doesn’t have any kind of access to the messages you send or calls you make, your payments are totally private. MobileCoin, which Signal has been working with for a couple years now, was built from the ground up for speed and privacy, using a zero-knowledge proof system and other innovations to make it as easy as Venmo but as secure as … well, Signal. You can read more about their approach in this paper (PDF).
MobileCoin just snagged a little over $11 million in funding last month as rumors swirled that this integration was nearing readiness. Further whispers propelled the value of MOB into the stratosphere as well, nice for those holding it but not for people who want to use it to pay someone back for a meal. All of a sudden you’ve given your friend a Benjamin (or perhaps now, in the U.K., a Turing) for no good reason, or that the sandwich has depreciated precipitously since lunchtime.
There’s no reason you have to hold the currency, of course, but swapping it for stable or fiat currencies every time seems a chore. Speaking to Wired, Signal co-founder Moxie Marlinspike envisioned an automatic trade-out system, though he is rarely so free with information like that if it is something under active development.
While there is some risk that getting involved with cryptocurrency, with the field’s mixed reputation, may dilute or pollute the goodwill Signal has developed as a secure and disinterested service provider, the team there seems to think it’s inevitable. After all, if popular payment services are being monitored the same way your email and social media are, perhaps we ought to nip this one in the bud and go end-to-end encrypted as quickly as possible.
Powered by WPeMatico
Apps like Signal are proving invaluable in these days of unrest, and anything we can do to simplify and secure the way we share sensitive information is welcome. To that end Signal has added the ability to blur faces in photos sent via the app, making it easy to protect someone’s identity without leaving any trace on other, less secure apps.
After noting Signal’s support of the protests occurring all over the world right now against police brutality, the company’s founder Moxie Marlinspike writes in a blog post that “We’ve also been working to figure out additional ways we can support everyone in the street right now. One immediate thing seems clear: 2020 is a pretty good year to cover your face.”
Fortunately there are perfectly good tools out there both to find faces in photographs and to blur imagery (presumably irreversibly, given Signal’s past attention to detail in these matters, but the company has not returned a request for comment). Put them together and boom, a new feature that lets you blur all the faces in a photo with a single tap.
This is helpful for the many users of Signal who use it to send sensitive information, including photos where someone might rather not be identifiable. Normally one would blur the face in another photo editor app, which is simple enough but not necessarily secure. Some editing apps, for instance, host computation-intensive processes on cloud infrastructure and may retain a copy of a photo being edited there — and who knows what their privacy or law enforcement policy may be?
If it’s sensitive at all, it’s better to keep everything on your phone and in apps you trust. And Signal is among the few apps trusted by the justifiably paranoid.
All face detection and blurring takes place on your phone, Marlinspike wrote. But he warned that the face detection isn’t 100% reliable, so be ready to manually draw or expand blur regions in case someone isn’t detected.
The new feature should appear in the latest versions of the app as soon as those are approved by Google and Apple.
Lastly Marlinspike wrote that the company is planning on “distributing versatile face coverings to the community free of charge.” The picture shows a neck gaiter like those sold for warmth and face protection. Something to look forward to then.
Powered by WPeMatico
The growing presence of encrypted communications apps makes a lot of communities safer and stronger. But the possibility of physical device seizure and government coercion is growing as well, which is why every such app should have some kind of self-destruct mode to protect its user and their contacts.
End to end encryption like that you see in Signal and (if you opt into it) WhatsApp is great at preventing governments and other malicious actors from accessing your messages while they are in transit. But as with nearly all cybersecurity matters, physical access to either device or user or both changes things considerably.
For example, take this Hong Kong citizen who was forced to unlock their phone and reveal their followers and other messaging data to police. It’s one thing to do this with a court order to see if, say, a person was secretly cyberstalking someone in violation of a restraining order. It’s quite another to use as a dragnet for political dissidents.
@telegram @durov an HK citizen who runs a Telegram channel detained by the police was forced to unlock his phone and reveal his channel followers. Could you please add an option such that channel subscribers cannot be seen under extreme circumstances? Much appreciate. https://t.co/tj4UQztuZ2
— Lo Sinofobo (@tnzqo7f9) June 12, 2019
This particular protestor ran a Telegram channel that had a number of followers. But it could just as easily be a Slack room for organizing a protest, or a Facebook group, or anything else. For groups under threat from oppressive government regimes it could be a disaster if the contents or contacts from any of these were revealed to the police.
Just as you should be able to choose exactly what you say to police, you should be able to choose how much your phone can say as well. Secure messaging apps should be the vanguard of this capability.
There are already some dedicated “panic button” type apps, and Apple has thoughtfully developed an “emergency mode” (activated by hitting the power button five times quickly) that locks the phone to biometrics and will wipe it if it is not unlocked within a certain period of time. That’s effective against “Apple pickers” trying to steal a phone or during border or police stops where you don’t want to show ownership by unlocking the phone with your face.
Those are useful and we need more like them — but secure messaging apps are a special case. So what should they do?
The best-case scenario, where you have all the time in the world and internet access, isn’t really an important one. You can always delete your account and data voluntarily. What needs work is deleting your account under pressure.
The next best-case scenario is that you have perhaps a few seconds or at most a minute to delete or otherwise protect your account. Signal is very good about this: The deletion option is front and center in the options screen, and you don’t have to input any data. WhatsApp and Telegram require you to put in your phone number, which is not ideal — fail to do this correctly and your data is retained.
Signal, left, lets you get on with it. You’ll need to enter your number in WhatsApp (right) and Telegram.
Obviously it’s also important that these apps don’t let users accidentally and irreversibly delete their account. But perhaps there’s a middle road whereby you can temporarily lock it for a preset time period, after which it deletes itself if not unlocked manually. Telegram does have self-destructing accounts, but the shortest time you can delete after is a month.
What really needs improvement is emergency deletion when your phone is no longer in your control. This could be a case of device seizure by police, or perhaps being forced to unlock the phone after you have been arrested. Whatever the case, there need to be options for a user to delete their account outside the ordinary means.
Here are a couple options that could work:
Obviously these open new avenues for calamity and abuse as well, which is why they will need to be explained carefully and perhaps initially hidden in “advanced options” and the like. But overall I think we’ll be safer with them available.
Eventually these roles may be filled by dedicated apps or by the developers of the operating systems on which they run, but it makes sense for the most security-forward app class out there to be the first in the field.
Powered by WPeMatico
“We give them the power. That’s the bad part. We buy their products. We sign up for these websites. Delete Facebook, right?”
That’s WhatsApp founder Brian Acton’s most recent quote about his former employer, Facebook. Acton has seemingly been fueled by his experience running WhatsApp from within Facebook, which has been scrutinized for profiting from collecting data on users.
Which explains why now, two years after leaving Facebook, Acton has found a new groove as founder and executive chairman of the Signal Technology Foundation, a 501(c)(3) nonprofit organization dedicated to doing the foundational work around making private communication accessible, secure and ubiquitous. Acton invested $50 million of his own money to start Signal Foundation in February of 2018.
At TechCrunch Disrupt SF in October, we’ll hear more from Acton about Signal Foundation and his predictions for the future of communication and privacy. And, of course, we’ll try to learn more about what Facebook was up to with WhatsApp, why he left and how it felt leaving $850 million on the table.
Though he was rejected for positions at Facebook and Twitter in 2009, Acton is actually a Silicon Valley veteran, working in the industry (mostly as a software builder) for more than 25 years at places like Apple, Yahoo and Adobe before founding WhatsApp.
The chat app he built with co-founder Jan Koum grew to 1.5 billion users and, eventually, saw a $19 billion buyout from Mark Zuckerberg in 2014. But when Facebook wanted to lay the basis for targeted ads and commercial messaging within the encrypted chat app he’d spent years building, he walked away.
The Signal Foundation is all about ensuring people have access to private communication that doesn’t cost their own personal data.
“We believe there is an opportunity to act in the public interest and make a meaningful contribution to society by building sustainable technology that respects users and does not rely on the commoditization of personal data,” Acton wrote when it was first announced. In many ways, the Signal Foundation is a symbol and a continuation of Acton’s most expensive moral stand.
We’re thrilled to hear from Acton about what’s next at Signal Foundation. We’ll also try to learn more about his exit at Facebook and his feelings about the products he spent so much time building there.
After all, unsavvy regulators, legions of competitors and user backlash have all failed to compel Facebook to treat people better. But the real power lies with the talent that tech giants fight over. When people like Acton speak up or walk out, employers are forced to listen.
“No filter” is Acton’s style, so get ready for some fireworks when we sit down with him onstage at Disrupt SF.
Disrupt SF runs October 2 to October 4 at the Moscone Center. Tickets are available here.
Powered by WPeMatico
Perhaps the most surprising thing I learned about Signal when I spoke with Moxie Marlinspike, the app’s creator, last year at Disrupt, was that it was essentially running on a shoestring budget. A tool used by millions and feared by governments worldwide, barely getting by! But $50M from WhatsApp founder Brian Acton should help secure the app’s future. Read More
Powered by WPeMatico
No one would use a secure messaging service like Signal if you couldn’t find out who else was on it — but how can you trust Signal and others not to snoop when you submit your contacts for it to check against its list of users? You shouldn’t have to — it should be impossible. That’s the intention of an update to the app that makes contact discovery even more private. Read More
Powered by WPeMatico
Open Whisper Systems, creator of encrypted communication platform Signal, released an update today as an open beta to enable encrypted video calling. The app previously offered fully end-to-end encrypted chat and voice calling, but the addition of video will make it even easier to convey information without compromising security. The update also promises to improve the existing, somewhat… Read More
Powered by WPeMatico