Hacker News Re-Imagined

Grand jury subpoena for Signal user data, Central District of California

  • 1286 points
  • 22 days ago

  • @Sami_Lehtinen
  • Created a post

Grand jury subpoena for Signal user data, Central District of California


@14 22 days

Replying to @Sami_Lehtinen 🎙

Last I checked signal still required a phone number to use so it is an instant deal breaker for a lot of people. I have 3 kids I communicate with but they don’t have a cell number just use wifi when they can. If I could use signal with them I would. Instead I use Wire since it seems secure and doesn’t require a phone number. I can only imagine there are lots of other people with kids in my situation.

Reply


@colemannugent 22 days

The latest installment in the "Government doesn't understand math" series

Reply


@Lamad123 22 days

I need to get my mother to install and start using Signal!

Reply


@Trias11 22 days

Signal,

please stop asking for mandatory phone number to register and use Signal.

This raises privacy concerns and negates all the end-to-end encryption goodness you're offering.

Reply


@geophertz 22 days

I can't help but think the fact the account creation date (and last connection date, although less so for that) are not censored for a reason.

The account creation date is basically equivalent to the phone number and would allow the owner of the account to know a subpoena was requested for them.

Reply


@tedivm 22 days

My favorite part of their response is that they gave the timestamps in unix milliseconds.

Reply


@fmakunbound 22 days

Reminds me to donate to Signal again

Reply


@codewiz 22 days

> this subpoena requested a wide variety of information we don’t have, including the target’s name, address, correspondence, contacts, groups, calls.

Couldn't they easily use the phone number associated with the Signal account to find the target's name? Even if the account uses a pre-paid SIM without a credit card attached, the telco could still reveal the location of the device and probably its IMEI, which could be used to find other SIMs associated with it.

I think Signal should stop pretending they're an anonymous service when their identity is based on phone numbers.

Reply


@holtkam2 22 days

Dope article

Reply


@aasasd 22 days

Oh funny. Just ten days ago someone asked here in the comments about DDG:

> Why, on any planet, would law enforcement issue a warrant to get user data from a company that doesn't have any user data?

Reply


@shapefrog 21 days

You can bang on about auditing open source for privacy all you want, but this is the audit that actually counts in my book.

Reply


@literallyaduck 21 days

Cookies are part of the subpoena.

Reply


@_zoltan_ 22 days

surely signal has at least the IP address used to connect to their service? aren't they by law required to log that?

Reply


@mal10c 21 days

Good for signal but if I were going to play devil's advocate, I would put myself in the shoes of folks in the government that want this information... I would contact Google or Apple and ask them to throw in some non-advertised APIs that take and then send screenshots of the signal app from the OS to a central server. Put another way, if the OS isn't fully trusted, it's still game over, even with all of the encryption in the world.

Reply


@davidrusu 22 days

    Account created: 1606866784432 (unix millis)
That's Tue Dec 01 2020 23:53:04 UTC, consider this a heads up if that's when you started using signal.

Reply


@mrnzenews 22 days


@azinman2 22 days

It’s easy so say net win for society is privacy. But it’s important to also acknowledge it does come at a cost — there exists criminal behavior that most reasonable people would agree is bad and should be stopped that may reach a dead end with services like Signal. In formulating your statement that examining criminal behavior is a problem, you are suggesting there shouldn’t be ways to uncover crimes.

Reply


@DeathArrow 21 days

But how do we know that complaints of law enforcement and spying agencies are not fake? Maybe they are made just to mislead their targets.

Even if Signal operators can't provide them metadata, maybe they found ways to snoop on traffic.

Reply


@colinmhayes 22 days

Responding with millis since the epoch was a nice touch.

Reply


@natch 22 days

Impressive, but why do they need to store the exact times of when the account was created and last accessed? I would think a very coarse time down to the month would be good for most system administration needs.

Reply


@ChuckMcM 22 days

While I applaud Signal's response I expect this entire event (subpoena and response) will be provided as one of the exhibits to congress by the Department of Justice to justify their request that it be unlawful to provide such services. The DoJ will say, "See, here is this horrible crime we are investigating and because this company chose to make it impossible for law enforcement, with a warrant and a subpoena to get it, the criminal is going to go unpunished and that will be on you because you refused to mandate lawful access to communications."

The Congressional response should be, "Do you have no other way of investigating these criminals?" "Could you not put an officer out to surveille them?", "Have you not seen the misuse that law enforcement has engaged in, with such capabilities? From petty revenge to stalking lovers who rejected them. Will you consent to mandatory surveillance of all law enforcement officers that is recorded and stored in a civil controlled repository so that officer conduct may be reviewed at any time?"

They won't say that of course. But they should.

Reply


@upofadown 22 days

>Because everything in Signal is end-to-end encrypted by default, the broad set of personal information that is typically easy to retrieve in other apps simply doesn’t exist on Signal’s servers.

The E2EE in Signal only protects the actual content of messages. In the case where Signal takes an assertive action, and the users are not paying any attention to their "safety numbers" (probably the most common case) they could in theory get message content with a MITM attack.

With an less assertive action (simply saving the data) Signal could get access to things like contacts and phone numbers.

Tutanota and Protonmail have both been forced in the past to take assertive actions to retain data as a result of legal warrants. Does American law even allow such warrants? If not then perhaps the USA is underrated as a place to base privacy oriented services.

Reply


@juandar 22 days

A few things: -this looks like more marketing than substance, to me. prosecutors send out shitloads of these subpoenas all the time (see eg here https://transparency.fb.com/data/government-data-requests/) and I strongly suspect this was just a junior (or old) person who doesn't know what Signal is and sent a routine subpoena. They require next to no approvals. In other words, this isn't a coordinated attempt by DOJ to get Signal to start publishing records.

-Ultimately this issue isn't that big of a deal to law enforcement. In 99% of cases they can just get the defendant's cell phone and look at his unencrypted messages in the Signal and Whatsapp applications directly.

-I think in theory if a lot of platforms start doing end to end encryption globally, then things could get a little more interesting. But as far as I know for a lot of tech stacks (like ones more complex than simple messaging) that's difficult to do.

Reply


@rdtsc 22 days

Noticed that the last connection time is a date, rounded to the day.

    1634169600000 (unix millis)
    Thursday, October 14, 2021 12:00:00 AM
Well done. I immediately thought that having a millisecond granularity of last connection time could be used to roughly correlate who contacted whom, depending on what the "connected" event is considered.

Reply


@stereoradonc 22 days

This is a pure marketing stunt to convince naysayers- I'd steer clear of Signal. I have done that and will continue to do so.

Reply


@xvector 22 days

> Responsive Information in Signal’s Possession

> Last connection date: 1634169600000 (unix millis)

> Account created: 1606866784432 (unix millis)

Impressively small amount of information. I wonder Account Created needs to be stored?

Reply


@thsr 22 days

Please read between the lines: they surely sent similar letters to WhatsApp, Google, Facebook, etc. who happily complied...

Reply


@vmception 22 days

> Last connection date: 1634169600000 (unix millis)

> Account created: 1606866784432 (unix millis)

This response of the user information they have is hilarious.

Reply


@einpoklum 20 days

Note that the Signal LLC did not even try to object to providing information about their users. They provided as much information as they have. That is unfortunate.

Reply


@danieldbird 22 days

Why has the dynamic become, the Government and it's Citizen's being seperate from one another.

The government is funded by its Citizens.

I remember a time when spying on EVERYONE was a bad thing.

Reply


@sneak 22 days

Reminder that this does not hold true for Apple's fake "end to end encrypted" iMessage: iCloud Backup, which is not end to end encrypted, uploads all of your iMessages* to Apple each night in a format that Apple can read without you (and turn over to the state upon legal demand such as this).

Note that disabling iCloud Backup won't help you, as it's turned on by default and everyone else you iMessage with will be leaking your conversation plaintext to Apple for you.

Disable iMessage. Use Signal exclusively.

* if you use Messages in iCloud, iCloud Backup instead backs up the cross-device sync key instead of the iMessages themselves, which means Apple gets your iMessages in real time as they sync between your iCloud devices, instead of once per day

https://mobile.reuters.com/article/amp/idUSKBN1ZK1CT is why fake pro-privacy Apple will never be able to run a story like Signal has here today.

Reply


@Croftengea 22 days

I'd love to see how would a similar WhatsApp's response look like.

Reply


@CryptoPunk 22 days

The primary blind spot in threat analyses conducted by law enforcement agencies, is that they do not consider potential threat vectors from bad actors within the state itself.

This threat is why there need to be checks on the power of the state to conduct searches, one of which is privacy technology like encrypted communication networks.

Reply


@vmception 22 days

The government still has the capability to subpoena the individual responsible for the behavior they don't like.

They've only gotten used to going after the intermediary, and it feels uncomfortable for them to have this power removed and reset back to the mean.

Reply


@lightsurfer 22 days

signal social network? I'm in.

Reply


@leahacab 22 days

Does Signal notify the relevant users regarding subpoena? The FBI request asks them not to but only says "Please do not", hardly required it seems

Reply


@vaseem 22 days

thanks Signal, thanks ACLU

https://www.aclu.org/ https://signal.org/donate/

Nothing is free, support these folks.

Reply


@thrownoverboard 22 days

Related: does anyone know why the Signal-Server code allows for toggling request logging? [0] If this allows for logging raw HTTP(S) requests server-side, presumably this could be grabbing the passwords generated and held on each device used for authentication [1]?

There's also no mention of TLS termination in the Signal-Server repository on GitHub, or TLS between the Redis cluster in use. If FBI or NSA has compromised the AWS VPC, then all of this network traffic would be in the clear to be picked up behind the load balancer(s).

The Account DynamoDB table [2] also seems to indicate more information is tied to the phone number in cleartext than what is indicated by the response?

[0]: https://github.com/signalapp/Signal-Server/blob/14f5271c2012...

[1]: https://github.com/signalapp/Signal-Server/blob/14f5271c2012...

[2]: https://github.com/signalapp/Signal-Server/blob/14f5271c2012...

Reply


@walrus01 22 days

As an ISP: This is a very boilerplate subpoena. Whether or not the specific FBI agent knows or cares what Signal is, I'm about 99% certain it's just the result of a copy/paste from a template.

Reply


@johnnyApplePRNG 22 days

Just curious, why does signal have the ACLU respond for them?

I thought the ACLU was more of a protection against smaller entities who didn't have funding/legal firepower?

Reply


@vaseem 22 days

thanks Signal, thanks aclu

https://www.aclu.org/ https://signal.org/

Nothing is free, support these folks.

Reply


@alkdfdlkdslk 22 days

I just realized something. One of the only things contained is the account creation date. How hard would it be for the FBI to pull that text you get at that time/date to activate Signal? Not Impossible I would imagine?

Edit: What raised my eyebrow is that the subpoena specifically asks for that. Why?

Reply


@zarzavat 22 days

This is the paradox of tolerance. Absolute tolerance of the intolerant leads to dictatorship and no rights at all.

https://en.m.wikipedia.org/wiki/Paradox_of_tolerance

Reply


@Rd6n6 22 days

Anybody concerned about these issues should consider donating to their favourite non profit that can have an impact that works in the area. Most HN users can afford $20/year pretty easily (others could afford $200/month and not even notice it)

As they say, “Put your money where your mouth is.”

Reply


@akouri 22 days

What I don't understand about the whole Signal E2EE model is that while your messages themselves may be encrypted, they are still sending push notifications over Apple's servers, which have to go through APNS. Often the entire message contents can be contained in the push notification.

Does anybody know if Apple's notifications are E2EE? I doubt that gov't doesn't have access to the push notifications...

Reply


@einpoklum 21 days

Why does Signal has an organizational entity in the US? I thought they were Swiss or something.

Reply


@2OEH8eoCRo0 22 days

Beautiful. That's how you do it.

I actually believe that law enforcement has the legal right to subpoena information, with a judge's consent, while investigating criminal activity. This is exactly the solution to that problem. These platforms should want to know as little about you as possible.

Reply


@onefuncman 22 days

Shouldn't Signal be required to produce all the encrypted data stored for this user, in case law enforcement are able to get the associated private keys off the suspect's phone?

Reply


@Labo333 22 days

I'm worried that the provided information could be incorrect. For example, that user could have messages waiting to be delivered to himself. In that case, I think signal doesn't know the senders but should still disclose the number of those messages and their size.

Signal erases that kind of information but I'm pretty sure that user must have had some messages delivered to them while signal was processing the subpoena. So pretenting they don't know anything else is just wrong IMO.

Reply


@aborsy 22 days

* But FBI has access to Pegasus-like spyware.

If you have a phone number, a zero-click NSO spyware would provide full control over target device.

* FBI could get user’s data from Apple if it’s an iPhone (considering that iOS is closed source), or force a malicious update to user through so many ways (including by pushing a bad update or manipulating safety numbers in signal).

So why asking a messaging app that everyone knows doesn’t have the requested information?

Reply


@d1lanka 22 days

Well done Moxie Marlinspike and Signal team.

Now don't pull any sketchy shit like Mobilecoin without being transparent.

Reply


@zerobytes 22 days

If we're talking about pure messaging here and not sending a jpg or other attachment, why not create an app that simply uses plaintext, like a terminal. Generate some 4096 bit keys and make it decentralised. Public keys could be shared among people willing to communicate. Anytime you have a central location where data is parsed, the time stamps and other metadata can be gleaned. The app could even fudge time stamps. I think the future of this is decentralised communications. At the centre of this entire issue is the notion that someone else think they have the right to intercept your communications. I believe a properly-implemted SSH plain text app using big keys would solve this to a point. The app could store all data in a self-encrypted file and self destruct if tampered with. Security is a process, not a product, as Bruce Schneier is famous for saying, so methinks that the process is as important as the product. SSH using massive keys is a proven thing and cracking 4096 bits of AES will not happen in the short or mid term. In fact, most serious cryptographers say the continents will shift before they can break it. Just a thought. I'm not a programmer outside of Bash/sed/awk and other *nix tools, so this isn't something I could develop, but as a decentralised tool, I think it could work if you were willing to use plain text only. The app could have random numbers as a beacon that can be changed at will and only those with that random number can communicate with you and you them. A la Google Authenticator or something similar.

Reply


@stabbles 22 days

What worries me is that even though they don't own the data, they could be forced to push an update that will upload decrypted messages from people's phones. Not owning the client would be better

Reply


@sinuhe69 21 days

Unix timestamps and that is, no IP logs? It's hard to believe that the servers do not store IP addresses and other connection information.

Reply


@ThinkBeat 21 days

Whenever I read things like this, I think about Crypto AG.

Solid impenetrable encryption from a neutral and privacy obsessed country. All a careful front for the CIA. The encryption was solid as far as I know but they the CIA had a back door.

If there was a backdoor into the system somehow, it would be perfect to have stories such as the above to recruit criminals or even foreign intelligence to adopt it.

As far as I know Signal is 100% legit and deliveres what they promise. and I use it myself.

https://www.washingtonpost.com/graphics/2020/world/national-...

https://www.theguardian.com/us-news/2020/feb/11/crypto-ag-ci...

Reply


@upofadown 22 days

How did Signal know who they meant?

Reply


@khiner 22 days

This makes me so happy

Reply


@gatgeagent 22 days

Why did they even incorporate in the USA, I'd guess they'd have less work in like the Seychelles or Belize.

Reply


About Us

site design / logo © 2021 Box Piper