Groups are inherently social, and Signal is a social app. Whether you’re planning a surprise party, discussing last night’s book club meeting, exchanging photos with your family, or organizing something important, group messaging has always been a key feature of Signal. Signal provides private groups: the Signal service has no record of your group memberships, group titles, group avatars, or group attributes. We’ve been working on new private group technology that will enable group administrators and access control, improve group scalability, and set the stage for a much richer group experience – all while maintaining Signal’s unique group security and privacy properties. We’re moving into the future while keeping what we loved about the past.
In addition to the end-to-end encryption that protects every Signal message, the Signal service is designed to minimize the data that is retained about Signal users. By design, it does not store a record of your contacts, social graph, conversation list, location, user avatar, user profile name, group memberships, group titles, or group avatars. We have been exploring techniques to further reduce the amount of information that is accessible to the service, and the latest beta release includes changes designed to move Signal incrementally closer to the goal of hiding another piece of metadata: who is messaging whom.
The idea behind domain fronting was that to block a single site, you’d have to block the rest of the internet as well. In the end, the rest of the internet didn’t like that plan.
WhatsApp co-founder Brian Acton has taken on the leadership of the non-profit behind that popular encryption app—and given it a serious injection of cash.
If you’ve read this blog before, you know that secure messaging is one of my favorite topics. However, recently I’ve been a bit disappointed. My sadness comes from the fact that lately …
A technique called "domain fronting" makes the app's encrypted traffic look no different from a Google search.
In the "first half of 2016" (the most specific we're permitted to be), we received a subpoena
from the Eastern District of Virginia. The subpoena required us to provide information about two
Signal users for a federal grand jury investigation.
We've designed the Signal service to minimize the data we retain about Signal users, so the only
information we can produce in response to a request like this is the date and time a user
registered with Signal and the last date of a user's connectivity to the Signal service.
Notably, things we don't have stored include anything about a user's contacts (such as the contacts
themselves, a hash of the contacts, any other derivative contact information), anything about a
user's groups (such as how many groups a user is in, which groups a user is in, the membership lists
of a user's groups), or any records of who a user has been communicating with.
All message contents are end to end encrypted, so we don't have that information either.
This is the first subpoena that we've received. It originally included a broad gag order that
would have prevented us from publishing this notice, but the ACLU represented us in quickly
and successfully securing our ability to publish the transcripts below. We're committed to.
treating any future requests the same way: working with effective and talented organizations
like the ACLU, and publishing transcripts of our responses to government requests here.
Below is the transcript for this request.
One of the crypto world's most highly regarded messaging apps finally gains a Snapchat-like feature for cleaning up your conversation history.
Both Signal and WhatsApp are encrypted, but Signal takes extra steps to keep your chats private.