December 9, 2016
The free encrypted messaging app Signal is gaining users, not just because privacy advocates and security researchers have all given it a seal of approval. The app, available for smartphone and computer, is a bulwark against hacking, which got a national spotlight when WikiLeaks posted emails from Hillary Clinton campaign chair John Podesta. Others fear increased government surveillance under the incoming President Donald Trump, a reaction to Trump’s choice of CIA chief, Mike Pompeo, who advocates just that.
According to The New York Times, Open Whisper Systems founder Moxie Marlinspike, whose nonprofit developed Signal, reports that, since Trump was elected, the app has had a 400 percent spike in daily downloads.
Although Signal has competition, it “stands out for its uncompromising security and ease of use,” retaining “virtually no information from users, including messages and address books, on its servers.” Signal’s end-to-end encryption means no one but the intended recipient can read the message, including the app’s creators since messages also “remain encrypted” on Signal’s servers.
“The default recommendation you’ll get from most security researchers for a messaging app is Signal,” said Stanford University’s Applied Crypto Group postdoctoral researcher Joseph Bonneau. “It’s still the best in the field.”
Although Signal “lacks some features” such as stickers and has “some glitches,” NYT calls it a “must” in “an era when technology companies are collecting more personal information and government surveillance may expand.”
Signal works by the two parties exchanging “cryptographic keys,” meaning that, even if the government had a wiretapping order for an individual’s messages, Open Whisper Systems “would not have the key to decipher the messages and would be unable to comply.”
In a nod to Signal’s superior technology, both Facebook and Google “embedded Signal’s encrypted messaging system into their own apps this year,” but security researchers still prefer Signal “because it was more thorough in protecting users’ privacy.” The only information that Signal does hang onto is “the last time someone connected to its server and when a person signed up for Signal.”
In comparison, WhatsApp “may retain some so-called metadata on conversations, including the phone numbers used in an exchange and the times that the messages were sent,” as well as “an up-to-date list of your contacts who use its service.”