this post was submitted on 29 Jul 2025

287 points (100.0% liked)

Australia

4407 readers

254 users here now

A place to discuss Australia and important Australian issues.

Before you post:

If you're posting anything related to:

The Environment, post it to Aussie Environment
Politics, post it to Australian Politics
World News/Events, post it to World News
A question to Australians (from outside) post it to Ask an Australian

If you're posting Australian News (not opinion or discussion pieces) post it to Australian News

Rules

This community is run under the rules of aussie.zone. In addition to those rules:

When posting news articles use the source headline and place your commentary in a separate comment

Banner Photo

Congratulations to @Tau@aussie.zone who had the most upvoted submission to our banner photo competition

Recommended and Related Communities

Be sure to check out and subscribe to our related communities on aussie.zone:

Plus other communities for sport and major cities.

https://aussie.zone/communities

Moderation

Since Kbin doesn't show Lemmy Moderators, I'll list them here. Also note that Kbin does not distinguish moderator comments.

Additionally, we have our instance admins: @lodion@aussie.zone and @Nath@aussie.zone

founded 2 years ago

MODERATORS

lodion@aussie.zone

Fluid@aussie.zone

bestusername@aussie.zone

eatham@aussie.zone

Nath@aussie.zone

287

Signal boss warns app will exit Australia if forced to hand over users’ encrypted messages (www.theaustralian.com.au)

submitted 1 day ago* (last edited 1 day ago) by maniacalmanicmania@aussie.zone to c/australia@aussie.zone

90 comments fedilink hide all child comments

Signal president Meredith Whittaker is prepared to withdraw the privacy-focused messaging app from Australia — saying she hopes it doesn’t become a “gangrenous foot” by poisoning its entire platform by forcing it to hand over its users’ encrypted data to authorities.

Ms Whittaker says Signal would take the “drastic step” of leaving any market where a government compelled it to create a “backdoor” to access its data, saying it would create a vulnerability that hackers and authoritative regimes could exploit, undermining Signals’ “reason for existing”.

Pressure has been mounting on Signal and other secure messaging platforms. ASIO director general Mike Burgess has urged tech companies to unlock encrypted messages to assist terrorism and national security investigations, saying offshore extremists use such platforms to communicate.

archive.today

you are viewing a single comment's thread
view the rest of the comments

[–] TimePencil@infosec.exchange 1 points 1 day ago (1 children)

@sunzu2

Signal knows *when* a user wqs last connected, but not the IP address of that connection. The system has been specifically designed to minimise the meta data available for collection.

@maniacalmanicmania @9tr6gyp3 @signalapp

[–] sunzu2@thebrainbin.org 1 points 1 day ago (1 children)

You repeating their propaganda, we are not talking about what they say they do, we are talking about what they can do.

They can log your activity that's the inherent weakness of signal along with forcing people to use KYCd phone mumbers.

[–] TimePencil@infosec.exchange 1 points 1 day ago (1 children)

@sunzu2

Read the Affidavit produced here:
https://signal.org/bigbrother/santaclara/

Read Signal's complete source code here:
https://github.com/signalapp

Once you understand the code, you'll understand "what they can do" and what they cannot do.

When you've identified any flaw in the code that runs the Signal servers that would allow IP logging, let me know. I'll be glad to file the bug report on your behalf.

@maniacalmanicmania @9tr6gyp3 @signalapp

[–] sunzu2@thebrainbin.org 1 points 1 day ago (1 children)

They don't need to log your IP, you are using a phone number tied to your identity so does person you are talking to.

Under FISA order, signal would provide logs. FISA order come with gag clause that forbids any disclosure including in federal court. That's how national security laws work.

I am happy that you are very comfortable with signal but pretending like this is not an issue is either naive or you have other incentives to give people false sense of "security"

[–] TimePencil@infosec.exchange 1 points 1 day ago (1 children)

@sunzu2

"Under FISA order, signal would provide logs."

How would Signal do this? Logs of what?

Corresponding parties? Messages? They don't have them.

They'd have to rewrite their backend code to obtain them, and changes would also need to be made to the Signal client apps.

It would not matter if the FISA Court ordered that logs be produced in secret by Signal. Any such logs could not be obtained without significant changes to the way Signal works. Users would know.

Yes, Signal does have some shortcomings, but these are acceptable in most 'use cases' for most threat models.

Signal is best used as a private, E2EE alternative to SMS. Only a fool would use it for the *most sensitive* of communications. (Like, you know, discussing an impending military strike...)

We all know of the alternatives, including (but not limited to) SimpleX, Session, Briar, Element etc.

@maniacalmanicmania @9tr6gyp3 @signalapp

[–] sunzu2@thebrainbin.org 1 points 1 day ago

Logs of who you contact with time stamps ie meta data. That's the information national security agencies really only care about when doing bulk data collection.