back to article Signal taps up Intel's SGX to (hopefully) stop contacts falling into hackers, cops' hands

Encrypted call and messaging app Signal gets a lot of love in the security community. Now its developers have decided to toughen it up even more to avoid the possibility of it being turned against its users. Signal prides itself on being secure for netizens by taking the bare minimum of information from them to function – but …

  1. whitepines
    Big Brother

    Yeah, but you only need to spend that couple million once as a state actor, and then you get access to pretty much all Intel SGX "protected" data, right?

    And that's even assuming SGX doesn't have bugs like the ME, or that the ME isn't able to subvert SGX with the entry point being via one of the already public ME exploits...

    Overall, I give Signal points for trying, but I'm not really sure this feature does what it says on the tin. Smells more like marketing and wishful thinking than a hardened solution.

    1. Anonymous Coward
      Anonymous Coward

      Yeah the main flaw here is that while embedded security processors like SGX, Apple's Secure Enclave and so forth are theoretically hackable, there's a lot bigger target on Signal's cloud servers doing all this processing since bad actors can get everyone they're looking for all at once. If you had an exploit for an iPhone's Secure Enclave, AND even if it was somehow remotely exploitable, having to hack them individually means you'd never get more than a tiny fraction of everyone you're after.

      As always, if you have someone able to conduct remote exploits at this level after you personally, you should quit worrying about security & privacy and just accept that you're screwed.

    2. Charlie Clark Silver badge

      The development fits in with a lot of Signal's work which is to act as an example of current best practice. It was this that made Signal's encryption system the de facto standard for messenger services. This too will presumably be peer-reviewed, hacked and improved. Signal already stores very, very little about contacts so that the servers are probably less interesting for the spooks than, say, being able to sneak a compromised version of the app onto someone's phone. But the lessons learned could, for example, be applied in any hashing system that might targeted: passwords spring to mind.

  2. Gotno iShit Wantno iShit


    Pleased to see Signal no longer requires Google services (and therefore a google login) to function.

    Bummed this change happened in Feb and it's taken until now to find out.

    Deeply bummed it is still not on f-droid, only play so a google login is still required. (Yes, I have seen the reasons for this, #282 etc)


    1. DropBear

      Re: Bah

      Actually, I'm looking at the (very few) alternatives for this sort of app, but having it available _only_ via Google Play gives me serious pause - and the author's insistence on that point gives me even more pause, even after having read most of his so-called arguments. This is NOT acceptable, regardless how much fancy hashing tech it has behind it.

    2. inmypjs Silver badge

      Re: Bah

      What is wrong with a google login?

      I have like 30 of them.

      Signal .apk here anyway if you can trust that more than the play store.

      1. Gotno iShit Wantno iShit

        Re: Bah

        Thank you inmypjs, have one on me ---->

  3. Charlie Clark Silver badge

    @inmypjs the problem wasn't the login but the need for some form of the Gapps package on the phone. Had lots of fun with this at the start of the year when I was switching to LineageOS, which would crash once Google services started up. Fortunately, the problems have long since been resolved and I'm generally fairly happy with Google's stuff (nano + calendar), but something like Signal should definitely be able to run without them.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon