Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You can verify what the binary did while you were watching. You can't verify what it did before, or what it will do next. OP said hostile and clever, and part of clever is only being hostile when nobody is watching. Apps that don't snoop constantly, delay transmissions, and hide transmissions in existing and expected communication channels are much harder to catch.


No, I'm saying, you can crack open the binary and see what it's capable of doing. If Signal wanted, it could obfuscate itself in various ways to make that hard, but (1) you'd notice that pretty quickly (that the code was hinky) and (2) Signal does not in fact want to do that.

You personally might not be able to do that (but then, you personally might not be able to spot a defective authenticated key exchange either), but people can. Once someone spots the "Signal Backdoor", that's it for Signal. There's a lot of incentive to do that legwork.

In contrast, G Suite could be comprehensively backdoored, and you'd have no way of knowing, no matter what your level of systems programming competence. I'm not saying they are backdoored; I rather doubt that they are, and I myself trust G Suite more than most other applications I use. But the point is, the trust you have to have in G Suite is different and more demanding than the trust you have to have in Signal.


This assumes that everyone gets the same binary, and the binary doesn't get updated. There is no reason that the binary delivered to your phone by the Google Play Store needs to be the same as the binary delivered to a reporter's phone.

Even if we can trust the binary (and I agree, with Signal as the example we probably can), the application distribution mechanism and the underlying OS and its update mechanisms are still a problem.


There is no reason that the binary delivered to your phone by the Google Play Store needs to be the same as the binary delivered to a reporter's phone.

That's moving the goalposts to individual targeting, though. The individual targeting scenario is not that interesting because, as the winged quote from the technical literature goes, "YOU’RE STILL GONNA BE MOSSAD’ED UPON".


There are still mechanisms to mitigate reliance on trust.

If you truly cared you wouldn't download it from Play Store and you wouldn't use a stock Android ROM.

Of course that moves the problem up to the firmware level but the attack space is getting narrower.

With G Suite you rely on trust from the ground up.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: