LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Mobile
User Name
Password
Linux - Mobile This forum is for the discussion of all topics relating to Mobile Linux. This includes Android, Tizen, Sailfish OS, Replicant, Ubuntu Touch, webOS, and other similar projects and products.

Notices


Reply
  Search this Thread
Old 10-06-2022, 02:17 AM   #1
JASlinux
Member
 
Registered: Oct 2020
Posts: 256

Rep: Reputation: Disabled
Question Is a Signal call as safe on public wi-fi as it is on a home network?


encrypted end-to-end?
 
Old 10-06-2022, 02:46 AM   #2
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 19,844

Rep: Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704
what kind of signal is it?
 
Old 10-08-2022, 11:50 AM   #3
biterr
LQ Newbie
 
Registered: Nov 2021
Location: Balkan
Distribution: Manjaro
Posts: 11

Rep: Reputation: 0
pan64, not everyone is modifying it's signal client. He probably thinks about normal one. That one you install in the google play.
 
Old 10-08-2022, 11:04 PM   #4
!!!
Member
 
Registered: Jan 2017
Location: Fremont, CA, USA
Distribution: Trying any&ALL on old/minimal
Posts: 997

Rep: Reputation: 381Reputation: 381Reputation: 381Reputation: 381
Although OP hasn't logged in (yet) since their OP, Yes, says: https://www.google.com/search?q=Is+a...+end-to-end%3F
 
Old 10-11-2022, 04:38 AM   #5
JASlinux
Member
 
Registered: Oct 2020
Posts: 256

Original Poster
Rep: Reputation: Disabled
Always easy to search & was done, while there is still no answer to the direct question.

Ie, 'It's safely encrypted end-to-end.'

is not the same as, 'Due to end-to-end encryption, messages & voice over public networks are just as safe as private.'

Best I can work from is assumption.
 
Old 10-11-2022, 05:45 AM   #6
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 19,844

Rep: Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704Reputation: 6704
If you mean the signal private messenger app you need to ask the maintainer/developer. But from my side it is definitely secure, encrypted end-to-end.
 
Old 10-13-2022, 06:16 PM   #7
valeoak
Member
 
Registered: Apr 2020
Location: United Kingdom
Distribution: Debian Sid, Pop!_OS
Posts: 42

Rep: Reputation: Disabled
Quote:
Originally Posted by JASlinux View Post
Always easy to search & was done, while there is still no answer to the direct question.

Ie, 'It's safely encrypted end-to-end.'

is not the same as, 'Due to end-to-end encryption, messages & voice over public networks are just as safe as private.'

Best I can work from is assumption.
The Signal protocol (which has been widely adopted by the likes of Wire and Meta for WhatsApp and Facebook) has been reviewed and rated as secure. I would not be concerned about the E2EE employed by Signal Messenger.

And if there was concern about the protocol, I would not want to use it to send messages over the internet regardless of whether I was connecting to it through my home network or a public one.
 
Old 10-14-2022, 12:46 PM   #8
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 10,818

Rep: Reputation: 5132Reputation: 5132Reputation: 5132Reputation: 5132Reputation: 5132Reputation: 5132Reputation: 5132Reputation: 5132Reputation: 5132Reputation: 5132Reputation: 5132
Yes
 
Old 11-10-2022, 05:16 PM   #9
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,148
Blog Entries: 4

Rep: Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686
As you see from the "https://" in the URL at the top of your screen, your communication with this web site is "end-to-end encrypted." However, the only practical benefit to you is that you can click on the "padlock" in the address-bar and be confident that "this is the real web site." Thus, encryption and message-signing is used – to excellent effect – to protect message integrity, but not necessarily privacy.

Actually, "message signing" is far more important than "encryption." By the end of WW2, the Allies were actually able to transmit "encrypted messages" to the Germans which were actually completely fake. Knowing that the Germans could not differentiate between "one message which they were able to decrypt" and "another." Although "message signing" is always used for encrypted messages, it can of course be used even for messages that are not encrypted.

Last edited by sundialsvcs; 11-10-2022 at 05:21 PM.
 
Old 01-27-2023, 03:07 PM   #10
JASlinux
Member
 
Registered: Oct 2020
Posts: 256

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by sundialsvcs View Post
As you see from the "https://" in the URL at the top of your screen, your communication with this web site is "end-to-end encrypted." However, the only practical benefit to you is that you can click on the "padlock" in the address-bar and be confident that "this is the real web site." Thus, encryption and message-signing is used to excellent effect to protect message integrity, but not necessarily privacy.

Actually, "message signing" is far more important than "encryption." By the end of WW2, the Allies were actually able to transmit "encrypted messages" to the Germans which were actually completely fake. Knowing that the Germans could not differentiate between "one message which they were able to decrypt" and "another." Although "message signing" is always used for encrypted messages, it can of course be used even for messages that are not encrypted.
That is erudite knowledge, but what I'm asking is a lay smart question.

Most people understand how a public network is less secure than private, but when using devices encrypted end-to-end for data, is there truly not any way that data can be intercepted deciphered?

The answer seems like yes.

Practically I just want to make Signal Messenger connections on public networks with the same security as home.
 
Old 02-07-2023, 09:17 AM   #11
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,148
Blog Entries: 4

Rep: Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686Reputation: 3686
If you are using a public network to communicate between two machines that you own, you should use a VPN solution (OpenVPN recommended ...) with digital certificates.

(Do not use "PSKs = pre-shared keys," which are nothing more than passwords.)

If you take this simple step, all communications will be securely encrypted and the two VPN hosts will be able to recognize one another. If you use the tls-auth feature of OpenVPN, you can also conceal the very existence of(!) the two servers so that outsiders will not be "pestering" your servers in futile attempts to break in to them.

Unlike a "password," a digital certificate contains thousands of bits of "pure entropy," and it can be individually revoked without affecting any other certificate that may have also been issued. (Certificates can also be "password protected" – encrypted – to prevent unintended use.) Like a badge that you swipe to get into an office building, either you possess a "live" one or you don't.

When you connect, the remote side has an internal IP-address which you can predict. You simply "talk" to that address and the data is magically transported through the secure "tunnel" to the other side. It really is a "virtual private network," because the remote side appears to be local to you. Other software need take no additional steps to secure the communication. VPN's are a cryptographically-secure TCP/IP router (or switch): the remote side is "just there."

If you arrange for services such as "sshd" to listen and respond only to the tunnel address-domain, you create an additional layer of security – and you reduce the number of "unauthorized access attempts" to zero. No one can even see your SSH server in your castle's portcullis unless they have already cleared the tunnel moat (after having found the hidden drawbridge). It's effortless for authorized users but impossible for everyone else.

Yeah, it takes a little time to get everything working the first time, because crypto is purposely designed to offer no clues, but then you can just "fuhgeddaboudit" because It Just Works.™ (The most frequent problems have to do with correctly setting the routing tables in all of the surrounding hardware so that both encrypted and unencrypted traffic is routed correctly.)

Last edited by sundialsvcs; 02-07-2023 at 09:28 AM.
 
  


Reply

Tags
instant messaging, messaging, signal, voip


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
access public network with laptop -> ethernet -> nxpBoard -> 5GModem -> public network louloulou Linux - Server 2 05-04-2021 11:12 AM
squid stops due to signal 6 and signal 25 simplyrahul Linux - Software 3 05-28-2011 01:05 AM
Signal Strength Meter shows low signal? falcon56215 Linux - Networking 0 09-15-2006 07:39 AM
Signal 6: Unknown Signal <=> Error with MAYA4.X under Linux SOLVED!!!! Faeroon Linux - Software 9 05-09-2003 01:57 PM
Signal: 6 (Unknown Signal) - Problems running a program Faeroon Linux - Software 86 01-14-2003 12:08 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Mobile

All times are GMT -5. The time now is 06:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration