Richard Stallman: "Signal has some problems" - what did he mean?


#1

So the video where he said that, was published on April 2017 and he said that when the interviewer talked about end-to-end encryption, chat clients and free software. Presumably he was referring to “problems related to security/privacy” that Signal app has or had.

I searched several times on the internet for the “problems” Signal might have and could not find any. Sure you may not know what he meant, unless you can ask him directly, but maybe someone knows of any issues of Signal concerning privacy or security?

Any answers appreciated, thank you.


About matrix and riot
#2

I can’t find the video that you reference (it would be helpful if you linked it). However, I know that the f-droid forums have exstensive discussions about Signal. (F-droid is a Free Software repository for Android). F-Droid does not include signal because:

  1. Signal includes non-free software and relies on Google’s proprietary services.
  2. The developer of signal does not like soft forks of signal (that are compatible with the main version) and F-droid developers seem nice enough to respect that.
    Stallman probably rejects signal because of their use of Google proprietary Services and the distribution through the proprietary Google Play Store.

Further, reading conversation on this Reddit thread lead me to LibreSignal a fully free non-google fork of Signal which is NOT on F-droid probably because of the owner of Signal’s requests. However, the developer of LibreSignal states that “applications installed from Google Play can be silently updated without user knowing about it, e.g. to version with hidden backdoor.” This is absolutely true and could be more of Stallman’s problem with Signal.


#3

Thank you @blendergeek, this is a good start for me to start doing my extra researches on it. :ok_hand:

Here’s the link, though you won’t hear anything more than what I’ve mentioned. You can find the part where he says that, in the last 10 minutes or so of the interview.


#4

After watching the video, I notice that Stallman a few minutes before refers to automatic upgrades as a “universal backdoor”. I definitely don’t think he likes the Google Play aspect of Signal. I have never heard of any other specific problems with it, though I can think of some potential ones:

The signal servers process the data which means that they can see who you message and how often you message them. This information can be used to track you and is potentially hazardous.


#5

I will not try to secondguess RMS here, but I have three problems with Signal, each one sufficient not to use it:

  1. It uses phone numbers as id. This is practically an invitation to stalkers and makes anonymous accounts impossible in most countries. Also, phone numbers are not very “intuitive”.

  2. It is a centralised service. No chance to get a trustworthy service in a country of your choice by a company/community of your choice or host it yourself.

  3. It is bound to mobile phones, support for PCs is only an afterthought, PC clients are not first class citizens. If one doesn’t have a smartphone (like me), one is excluded from conversation.

I personally prefer XMPP (Jabber) over Signal, but e.g. Ring or Matrix are also good.


#6

This is what the developer say. Read carefully the highlighted words:


However, we are willing to distribute our apps outside of the Play Store, but we need the following things first:

  1. A built in crash reporting solution with a web interface that allows us to visualize crashes and sort by app version, device type, etc. This is essential for producing stable software. (aka Analytics, Data collection)
  2. A built in statistics gathering solution with a web interface that allows us to visualize aggregate numbers on device type, android version, and carriers for our users. This has been crucial in shaping support and development direction. (aka Analytics, Data collection)
  3. A built in auto-update solution. Fully automatic upgrades won’t be possible outside of Play Store, but we at least need something that will annoy the hell out of users until they upgrade. This is necessary for ensuring that new security features and bug fixes can be propagated quickly. (aka Forcing updates, very Anti-consumer)
  4. A build system that allows us to easily turn these features on and off for Play and non-Play builds. Gradle should make this easier.

Reading that highlighted already makes the software very anti.


#7

can u please provide the source of this?


#8

Here’s the source:


#9

Also, see the following blog post about privacy issues with Signal


#10

For the first point and third point, it is related to a github issue about distributing Signal on F-droid. The developer is pretty hostile toward the idea of distributing to F-droid. He stress two issue about F-droid:

  1. he is relying on crash report from Google Play service to debug
  2. he dislikes centralized repo like F-droid, and even Linux ecosystem, and prefer decentralized approach, meaning you should only trust a reliable developer to sign the executable. That is Signal developer in this case.

At last, he did compromise with the solution where he implemented his homemade crash reporting system, and has auto-update feature in apk. He still did not distribute in F-droid, but distribute as a standalone apk.

Signal developer prefer create a centralized system controlled by him and people should trust him. Well, his code is open source, can’t argue with that, but his stance on open source is just look at it but don’t touch. I am okay with that as long as he don’t hide, but if his solution does not fit your need, like if you want a client on linux desktop, or maybe on Librem phone in the future, then you are out of luck, since he is very hostile to 3rd party app connecting to his company’s server. Of course, self-hosted server is still possible, but since Signal is not a federate system, it makes no point to host your own server unless you want to become another Signal provider. Signal developer is okay with that, but it is not feasible for a single user to do that.