Difference between revisions of "Sweet Lies"
From Dan Shearer CV
| Line 1: | Line 1: | ||
| − | Sweet Lies is a small but |
+ | Sweet Lies is a small but vital modification of the Signal secure communications app. Signal is similar in function to WhatsApp and Telegram end-to-end communication systems, but unlike them is completely open source. |
| ⚫ | |||
| ⚫ | |||
| − | |||
| ⚫ | |||
| − | |||
| ⚫ | |||
* Validated by independent, academic, cybersecurity peer review |
* Validated by independent, academic, cybersecurity peer review |
||
| Line 12: | Line 8: | ||
* Mainstream - even the EU parliament insists on its use for internal communications |
* Mainstream - even the EU parliament insists on its use for internal communications |
||
* Seemingly, so far, successfully resisting efforts of many authorities to break its security |
* Seemingly, so far, successfully resisting efforts of many authorities to break its security |
||
| + | |||
| ⚫ | |||
| + | |||
| ⚫ | |||
Signal is the best existing solution for private communication we have. It also has some critically urgent problems that are thankfully also quite small in scope. |
Signal is the best existing solution for private communication we have. It also has some critically urgent problems that are thankfully also quite small in scope. |
||
| Line 19: | Line 19: | ||
The problems are: |
The problems are: |
||
| − | * Signal is not reproducible |
+ | * Signal is not reproducible. Reproducibility is a first basic requirement for security and therefore trust. This is a not a deliberate ploy on the part of the Signal team, they are simply very busy making a good app. |
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
* Signal is end-to-end and does not store user data except to forward when necessary. Nevertheless, inspection of the Signal server code shows that it uses six US-based closed source cloud services. Even though the data is safe, and even though many organisations have been frustrated that Signal cannot provide data, this is a significant opportunity for sidechannel attacks and traffic analysis. |
* Signal is end-to-end and does not store user data except to forward when necessary. Nevertheless, inspection of the Signal server code shows that it uses six US-based closed source cloud services. Even though the data is safe, and even though many organisations have been frustrated that Signal cannot provide data, this is a significant opportunity for sidechannel attacks and traffic analysis. |
||
| ⚫ | |||
| − | * Signal is not legal or suitable for use in Europe, because of the US cloud dependencies and because of the lack of reproducibility. Something as sensitive as this ( |
+ | * Signal is not legal or suitable for use in Europe, because of the US cloud dependencies and because of the lack of reproducibility. Something as sensitive as this (eg recommended for use by the EU parliament) needs to fully comply with EU privacy regulations, for the benefit of all. |
Sweet Lies relies on the production [[Not Forking]] tool developed for [[LumoSQL]]. |
Sweet Lies relies on the production [[Not Forking]] tool developed for [[LumoSQL]]. |
||
Revision as of 10:51, 16 November 2021
Sweet Lies is a small but vital modification of the Signal secure communications app. Signal is similar in function to WhatsApp and Telegram end-to-end communication systems, but unlike them is completely open source.
Signal is the only personal messaging codebase which is all of:
- Validated by independent, academic, cybersecurity peer review
- Open Source
- Widely used, ported, accessible and accepted
- Mainstream - even the EU parliament insists on its use for internal communications
- Seemingly, so far, successfully resisting efforts of many authorities to break its security
(Why the name "Sweet Lies"? Several other names proved unusable, and the Fleetwood Mac song is about keeping secrets safe!)
Signal is the best existing solution for private communication we have. It also has some critically urgent problems that are thankfully also quite small in scope.
It would take years to build an end-to-end messaging system to replace Signal, because trustable systems are not quick systems. Whatever better solution we may have in 5-10 years, we need a better Signal right here right now.
The problems are:
- Signal is not reproducible. Reproducibility is a first basic requirement for security and therefore trust. This is a not a deliberate ploy on the part of the Signal team, they are simply very busy making a good app.
- Nobody can deploy a Signal server themselves (calling it something other than "Signal", of course).
- Signal is end-to-end and does not store user data except to forward when necessary. Nevertheless, inspection of the Signal server code shows that it uses six US-based closed source cloud services. Even though the data is safe, and even though many organisations have been frustrated that Signal cannot provide data, this is a significant opportunity for sidechannel attacks and traffic analysis.
- Signal no longer enable federation of user data, meaning interoperabiity is not testable and that the Signal servers are a single point of failure.
- Signal is not legal or suitable for use in Europe, because of the US cloud dependencies and because of the lack of reproducibility. Something as sensitive as this (eg recommended for use by the EU parliament) needs to fully comply with EU privacy regulations, for the benefit of all.
Sweet Lies relies on the production Not Forking tool developed for LumoSQL.
The Sweet Lies scope is to create a reproducible build of Signal client and server code, and then uses this to set up a Signal network that has federation enabled for connecting to other, independent Signal server instances. The outcomes will be a recipe for creating a Signal-identical network, and a working proof that this recipe works for some hundreds of users.
It seems very likely that when we can turn on a clone Signal network, that organisations of all kinds would very much like to have that same system themselves so they can be assured they have their own private Signal. This is a commercial opportunity.