Last week we brought you news of Signal reverse engineering Cellebrite’s software and hardware and discovering a trove of vulnerabilities that it has no intention of exploiting.
Today however Signal has shown us the value of choosing an encrypted messenger by way of a response to a subpoena from the United States Attorney’s Office in the Central District of California.
“Because everything in Signal is end-to-end encrypted by default, the broad set of personal information that is typically easy to retrieve in other apps simply doesn’t exist on Signal’s servers. The subpoena requested a wide variety of information that fell into this nonexistent category, including the addresses of the users, their correspondence, and the name associated with each account,” Signal explains.
As the firm implies, Signal doesn’t keep any of that information so all it could give authorities is Unix timestamps for when each account was created and when that account last connected to the Signal service.
The subpoenas can be found here over on Signal’s website and the keen eyed may spot an oddity.
That oddity is “Information Sufficient to Show Interstate Wiring” which Signal interprets as authorities attempting to classify communication between two users, within the same state, as crossing state lines because they use Signal.
That does seem like a reach to us but like Signal, we’ll leave the debate about the validity of this request to lawyers and attorneys.
Not that this will change anything because, as Signal points out, it doesn’t keep any of the information authorities are requesting.
With the bad blood WhatsApp and its owner Facebook have sown this year, Signal highlighting how it protects its users is bound to win it some favour.
To that end, you can find out how to download Signal for your device here, whether that be Android, iOS, Windows, macOS or Linux.