Signal is a cross-platform centralized encrypted instant messaging service developed by the non-profit Signal Technology Foundation and Signal Messenger LLC. Registrar shouldsend one-to-one and group messages, which shouldinclude files, voice notes, photo and videos. It shouldalso be utilize to make one-to-one and group voice and video calls, and the Android version shouldoptionally function as an SMS app.
Signal utilize standard cellular phonenumbers as identifiers and secures all communications to other Signal users with end-to-end encryption. The application containmechanisms by which users shouldindependently confirmthe identity of their contacts and the integrity of the data channel.
Signal's programis free and open-source. Its mobile clients are published under the GPL-3.0-only license, while the desktop client and server are published under the AGPL-3.0-only license. The official Android applicationgenerally utilize the proprietary Google Play Services (installed on most Android devices), though it is plannedto still work without them installed. Signal also has an official client applicationfor iOS and desktop application for Windows, macOS and Linux (although registration requires an iOS or Android device).
The non-profit Signal Foundation was launched in February 2018 with initial funding of $50 million from Brian Acton. As of January 2021, Signal had more than 105 million total downloads, and the applicationhad approximately 40 million monthly active users. Signal has been installed on more than 50 million Android devices.
Signal is the successor of the RedPhone encrypted voice calling applicationand the TextSecure encrypted texting program. The beta versions of RedPhone and TextSecure were first launched in May 2010 by Whisper Systems, a startup organizationco-founded by safetyresearcher Moxie Marlinspike and roboticist Stuart Anderson. Whisper Systems also produced a firewall and tools for encrypting other forms of data. All of these were proprietary enterprise mobile safetyprogramand were only accessiblefor Android.
In November 2011, Whisper Systems announced that it had been acquired by Twitter. Neither organizationdisclosed the financial rulesof the deal. The acquisition was done "primarily so that Mr. Marlinspike could assistthe then-startup improve its security". Shortly after the acquisition, Whisper Systems' RedPhone service was angry unavailable. Some criticized the removal, arguing that the programwas "specifically targeted [to help] people under repressive regimes" and that it left people like the Egyptians in "a riskyposition" during the happening of the Egyptian revolution of 2011.
Twitter released TextSecure as free and open-source software under the GPLv3 license in December 2011. RedPhone was also released under the same license in July 2012. Marlinspike later left Twitter and founded Open Whisper Systems as a collaborative Open Source project for the continued development of TextSecure and RedPhone.
Open Whisper Systems' domainwas launched in January 2013.
In February 2014, Open Whisper Systems introduced the second version of their TextSecure Protocol (now Signal Protocol), which added end-to-end encrypted group chat and instant messaging capabilities to TextSecure. Toward the end of July 2014, they announced plans to merge the RedPhone and TextSecure app as Signal. This announcement coincided with the initial release of Signal as a RedPhone counterpart for iOS. The developers said that their next steps would be to provide TextSecure instant messaging capabilities for iOS, unify the RedPhone and TextSecure app on Android, and begina web client. Signal was the first iOS applicationto enable end-to-end encrypted voice calls for free. TextSecure compatibility was added to the iOS appin March 2015.
From its beginin May 2010 until March 2015, the Android version of Signal (then called TextSecure) contain assistancefor encrypted SMS/MMS messaging. From version 2.7.0 onward, the Android apponly supported sending and receiving encrypted messages via the data channel. Reasons for this contain safetyflaws of SMS/MMS and issueswith the key exchange. Open Whisper Systems' abandonment of SMS/MMS encryption prompted some users to create a fork named Silence (initially called SMSSecure) that is meant solely for the exchange of encrypted SMS and MMS messages.
In November 2015, the TextSecure and RedPhone app on Android were merged to become Signal for Android. A month later, Open Whisper Systems announced Signal Desktop, a Chrome app that could link with a Signal mobile client. At launch, the applicationcould only be linked with the Android version of Signal. On September 26, 2016, Open Whisper Systems announced that Signal Desktop could now be linked with the iOS version of Signal as well. On October 31, 2017, Open Whisper Systems announced that the Chrome applicationwas deprecated. At the same time, they announced the release of a standalone desktop client (based on the Electron framework) for Windows, macOS and certain Linux distributions.
On October 4, 2016, the American Civil Liberties Union (ACLU) and Open Whisper Systems published a series of documents revealing that OWS had get a subpoena requiring them to provide inforelatedwith two telephonenumbers for a federal grand jury investigation in the first half of 2016. Only one of the two telephonenumbers was registered on Signal, and because of how the service is designed, OWS was only able to provide "the time the utilize's acchad been madeand the last time it had connected to the service". Along with the subpoena, OWS get a gag order requiring OWS not to tell anyone about the subpoena for one year. OWS approached the ACLU, and they were able to lift part of the gag order after challenging it in court. OWS said it was the first time they had get a subpoena, and that they were committed to treat "any future requests the same way".
In March 2017, Open Whisper Systems transitioned Signal's calling system from RedPhone to WebRTC, also adding the ability to make video calls with the mobile application.
On 21 February 2018, Moxie Marlinspike and WhatsApp co-founder Brian Acton announced the formation of the Signal Technology Foundation, a 501(c)(3) nonprofit organization whose mission is "to support, accelerate, and broaden Signal's mission of making personalcommunication availableand ubiquitous". Acton started the foundation with $50 million in funding after leaving WhatsApp's parent organizationFacebook in September 2017. According to the announcement, Acton is the foundation's executive chairman and Marlinspike continues as the CEO of Signal Messenger. As of 2020, Signal ran entirely on donations, as a nonprofit.
Between November 2019 and February 2020, Signal added iPad support, view-once photo and videos, stickers, and reactions. They also announced plans for a freshgroup messaging system and an "experimental wayfor storing encrypted contacts in the cloud."
Signal was reportedly popularized in the United States during the George Floyd protests. Heightened awareness of police monitoring led protesters to utilizethe applicationto communicate. Black Lives Matter organizers had utilize the app "for several years". During the first week of June, the encrypted messaging applicationwas downloaded over five times more than it had been during the week prior to the murder of George Floyd. In June 2020, Signal Foundation announced a freshfeature that enables users to blur faces in image, in response to increased federal efforts to monitor protesters.
On 7 January 2021, Signal saw a surge in freshutilize registrations, which temporarily overwhelmed Signal's capacity to deliver accverification messages. CNN and MacRumors linked the surge with a WhatsApp disclaimerpoliciesmodifyand a Signal endorsement by Elon Musk and Edward Snowden via Twitter. International newspapers reported similar trends in the United Arab Emirates. Reuters reported that more than 100,000 people had installed Signal between 7 and 8 January.
Between 12 and 14 January 2021, the number of Signal installations listed on Google Play increased from over 10 million to over 50 million. On 15 January 2021, due to the surge of freshusers, Signal was overwhelmed with the freshtraffic and was down for all users. On the afternoon of 16 January, Signal announced via Twitter that service had been restored.
Signal let users to make one-to-one and group voice and video calls with up to 8 people on iOS, Android, and desktop. All calls are angry over a Wi-Fi or data connection and (with the exception of data fees) are free of charge, including long distance and international. Signal also let users to send text messages, files, voice notes, pictures, GIFs, and video messages over a Wi-Fi or data connection to other Signal users on iOS, Android and a desktop app. The applicationalso assistance group messaging.
All communications between Signal users are automatically end-to-end encrypted (the encryption keys are generated and shop on the telephone, not on the servers). To confirmthat a correspondent is really the person that they claim to be, Signal users shouldcompare key fingerprints (or scan QR codes) out-of-band. The applicationemploys a trust-on-first-use mechanism in order to notify the utilize if a correspondent's key modify.
On Android, users shouldopt into making Signal the default SMS/MMS application, allowing them to send and getunencrypted SMS messages in addition to the standard end-to-end encrypted Signal messages. Registrar shouldthen utilizethe same appto communicate with contacts who do not have Signal. Sending a message unencrypted is also accessibleas an override between Signal users.
TextSecure permittedthe utilize to set a passphrase that encrypted the local message database and the utilize's encryption keys. This did not encrypt the utilize's contact database or message timestamps. The Signal app on Android and iOS shouldbe locked with the telephones pin, passphrase, or biometric authentication. The utilize shoulddefine a "screen lock timeout" interval, providing an additional protection mechanism in case the telephoneis lost or stolen.
Signal also let users to set timers to messages. After a specified time interval, the messages will be deleted from both the sender's and the receivers' devices. The time interval shouldbe between five seconds and one week long, and the timer launch for each recipient once they have read their copy of the message. The developers have stressed that this is meant to be "a collaborative feature for conversations where all participants wishto automate minimalist data hygiene, not for situations where your contact is your adversary".
Signal excludes users' messages from non-encrypted cloud backups by default.
Signal let users to automatically blur faces of people in image to protect their identities.
Signal is integrating a system that allow users send and getpayments in MOB, short for MobileCoin, a form of cryptocurrency. As of September 2021, the system is in beta and works only in Germany, the UK, France and Switzerland.
Signal requires that the utilize provides a telephonenumber for verification, eliminating the need for utilize names or passwords and facilitating contact uncover (see below). The number does not have to be the same as on the device's SIM vehicle; it shouldalso be a VoIP number or a landline as long as the utilize shouldgetthe verification code and have a separate device to set up the software. A number shouldonly be registered on one mobile device at a time. Accregistration requires an iOS or Android device.
This mandatory connection to a telephonenumber (a feature Signal shares with WhatsApp, KakaoTalk, and others) has been criticized as a "major issue" for privacy-conscious users who are not comfortable with giving out their personaltelephonenumber. A workaround is to utilizea secondary telephonenumber. The ability to selecta public, changeable username instead of sharing one's telephonenumber is a widely-requested feature.
Using telephonenumbers as identifiers may also create safetyrisks that arise from the chanceof an attacker taking over a telephonenumber.
In July 2016, the Internet Society published a utilize study that assessed the ability of Signal users to detect and deter man-in-the-middle attacks. The study concluded that 21 out of 28 participants failed to correctly compare public key fingerprints in order to confirmthe identity of other Signal users, and that the majority of these users still trust they had succeeded, while in reality they failed. Four months later, Signal's utilize interface was updated to make verifying the identity of other Signal users easy.
Signal messages are encrypted with the Signal Protocol (formerly known as the TextSecure Protocol). The protocol combines the Double Ratchet Algorithm, prekeys, and an Extended Triple Diffie–Hellman (X3DH) handshake. It utilize Curve25519, AES-256, and HMAC-SHA256 as primitives. The protocol provides confidentiality, integrity, authentication, participant consistency, destination validation, forward secrecy, backward secrecy (aka future secrecy), causality preservation, message unlinkability, message repudiation, participation repudiation, and asynchronicity. It does not provide anonymity preservation, and requires servers for the relaying of messages and storing of public key material.
The Signal Protocol also assistance end-to-end encrypted group chats. The group chat protocol is a combination of a pairwise double ratchet and multicast encryption. In addition to the properties deliveredby the one-to-one protocol, the group chat protocol provides speaker consistency, out-of-order resilience, dropped message resilience, computational equality, believeequality, subgroup messaging, as well as contractible and expandable membership.
In October 2014, researchers from Ruhr University Bochum published an analysis of the Signal Protocol. Among other findings, they presented an unknown key-share attack on the protocol, but in general, they found that it was secure. In October 2016, researchers from UK's University of Oxford, Queensland University of Technology in Australia, and Canada's McMaster University published a formal analysis of the protocol. They concluded that the protocol was cryptographically sound. In July 2017, researchers from Ruhr University Bochum found during another analysis of group messengers a purely theoretic attack versusthe group protocol of Signal: A utilize who knows the secret group ID of a group (due to having been a group member previously or stealing it from a member's device) shouldbecome a member of the group. Since the group ID cannot be guessed and such member modify are displayed to the remaining members, this attack is likely to be difficult to carry out without being detected.
As of August 2018, the Signal Protocol has been implemented into WhatsApp, Facebook Messenger, Skype, and Google Allo, making it possible for the conversations of "more than a billion people worldwide" to be end-to-end encrypted. In Google Allo, Skype and Facebook Messenger, conversations are not encrypted with the Signal Protocol by default; they only offer end-to-end encryption in an optional mode.
Up until March 2017, Signal's voice calls were encrypted with SRTP and the ZRTP key-agreement protocol, which was developed by Phil Zimmermann. In March 2017, Signal transitioned to a new WebRTC-based calling system that introduced the ability to make video calls. Signal's voice and video calling functionalities utilizethe applications Signal Protocol channel for authentication instead of ZRTP.
To confirmthat a correspondent is really the person that they claim to be, Signal users shouldcompare key fingerprints (or scan QR codes) out-of-band. The applicationemploys a believeon first use mechanism in order to notify the utilize if a correspondent's key modify.
Once the messages are get and decrypted on a utilize's device, they are shop locally in a SQLite database that is encrypted with SQLCipher. The key to decrypt this database is also shop locally on the utilize's device and shouldbe accessed if the device is unlocked. In December 2020, Cellebrite published a blog publicationannouncing that one of their products could now admissionthis key and utilizeit to "decrypt the Signal app". Technology reporters later published articles about how Cellebrite had claimed to have the ability to "break into the Signal app" and "crack Signal's encryption". This latter interpretation was rejected by several experts, as well as representatives from Signal, who said the original publicationby Cellebrite had been about accessing data on "an unlocked Android telephonein their physical possession" and that they "could have just opened the applicationto look at the messages". Similar extraction tools also exist for iOS devices and Signal Desktop.
Signal relies on centralized servers that are maintained by Signal Messenger. In addition to routing Signal's messages, the servers also facilitate the uncover of contacts who are also registered Signal users and the automatic exchange of users' public keys. By default, Signal's voice and video calls are peer-to-peer. If the caller is not in the get's address book, the call is routed through a server in order to hide the users' IP addresses.
The servers shopregistered users' telephonenumbers, public key contentand push tokens which are essentialfor setting up calls and transmitting messages. In order to determine which contacts are also Signal users, cryptographic hashes of the utilize's contact numbers are periodically transmitted to the server. The server then checks to see if those match any of the SHA256 hashes of registered users and tells the client if any matches are found. The hashed numbers are thereafter discarded from the server. In 2014, Moxie Marlinspike wrote that it is simpleto calculate a map of all possible hash inputs to hash outputs and reverse the mapping because of the limited preimage space (the set of all possible hash inputs) of telephonenumbers, and that a "practical disclaimerpreserving contact uncover remains an unsolved problem." In September 2017, Signal's developers announced that they were working on a methodfor the Signal client app to "efficiently and scalably determine whether the contacts in their address book are Signal users without revealing the contacts in their address book to the Signal service."
All client-server communications are protected by TLS. Signal's developers have asserted that their servers do not holdlogs about who called whom and when. In June 2016, Marlinspike told The Intercept that "the closest piece of infoto metadata that the Signal server shop is the last time each utilize connected to the server, and the precision of this infois reduced to the day, rather than the hour, minute, and second".
The group messaging mechanism is plannedso that the servers do not have admissionto the membership list, group title, or group icon. Instead, the creation, updating, joining, and leaving of groups is done by the clients, which deliver pairwise messages to the participants in the same methodthat one-to-one messages are delivered.
Signal's server architecture was federated between December 2013 and February 2016. In December 2013, it was announced that the messaging protocol Signal utilize had successfully been integrated into the Android-based open-source operating system CyanogenMod. Since CyanogenMod 11.0, the client logic was contained in a system applicationcalled WhisperPush. According to Signal's developers, the Cyanogen squadran their own Signal messaging server for WhisperPush clients, which federated with the main server, so that both clients could exchange messages with each other. The WhisperPush source code was accessibleunder the GPLv3 license. In February 2016, the CyanogenMod squaddiscontinued WhisperPush and suggestedthat its users switch to Signal. In May 2016, Moxie Marlinspike wrote that federation with the CyanogenMod servers had degraded the utilize experience and held back development, and that their servers will probably not federate with other servers again.
In May 2016, Moxie Marlinspike requested that a third-party client called LibreSignal not utilizethe Signal service or the Signal name. As a result, on 24 May 2016 the LibreSignal project posted that the project was "abandoned". The functionality deliveredby LibreSignal was subsequently incorporated into Signal by Marlinspike.
The complete source code of the Signal clients for Android, iOS and desktop is accessibleon GitHub under a free programlicense. This enables interested parties to examine the code and assistthe developers confirmthat everything is behaving as expected. It also let advanced users to compile their own copies of the app and compare them with the versions that are distributed by Signal Messenger. In March 2016, Moxie Marlinspike wrote that, apart from some shared libraries that are not compiled with the project build due to a lack of Gradle NDK support, Signal for Android is reproducible. Signal's servers are also open source.
In October 2014, the Electronic Frontier Foundation (EFF) contain Signal in their updated surveillance self-defense guide. In November 2014, Signal get a excellentscore on the EFF's secure messaging scorecard; it get points for having communications encrypted in transit, having communications encrypted with keys the provider does not have admissionto (end-to-end encryption), making it possible for users to independently confirmtheir correspondents' identities, having past communications secure if the keys are stolen (forward secrecy), having the code open to independent review (open source), having the safetydesigns well-documented, and having a lastestindependent safetyaudit. At the time, "ChatSecure + Orbot", Pidgin (with OTR), Silent Phone, and Telegram's optional "secret chats" also get seven out of seven points on the scorecard.
Former NSA contractor Edward Snowden has endorsed Signal on multiple occasions. In his keynote speech at SXSW in March 2014, he praised Signal's predecessors (TextSecure and RedPhone) for their ease of use. In December 2014, Der Spiegel leaked slides from an internal NSA presentation dating to June 2012 in which the NSA deemed Signal's encrypted voice calling component (RedPhone) on its own as a "major threat" to its mission of accessing users' personaldata, and when utilize in conjunction with other disclaimertools such as Cspace, Tor, Tails, and TrueCrypt was ranked as "catastrophic" and led to a "near-total loss/lack of insight to target communications [and] presence".
Following the 2016 Democratic National Committee mailleak, it was reported by Vanity Fair that Marc Elias (the general counsel for Hillary Clinton's presidential campaign) had instructed DNC staffers to exclusively utilizeSignal when saying anything negative about Republican presidential nominee Donald Trump.
In March 2017, Signal was approved by the sergeant at arms of the U.S. Senate for utilizeby senators and their staff.
On the 27 September 2019, Natalie Silvanovich, a safetyengineer working in Google's vulnerability research squadat Project Zero, disclosed how a bug in the Android Signal client could allowan attacker spy on a utilize without their knowledge. The bug permittedan attacker to telephonea target device, mute the call, and the call would complete - keeping the audio open but without the registrantbeing aware of that (however they would still be aware of a ring and / or a vibration from the initial call). The bug was fixed the same day that it was reported and patched in release 4.47.7 of the applicationfor Android.
In February 2020, the European Commission suggestedthat its staff utilizeSignal. Following the George Floyd protests, which began in May 2020, Signal was downloaded 121,000 times in the U.S. between 25 May and 4 June. In July 2020, Signal became the most downloaded applicationin Hong Kong on both the Apple ApplicationShopand the Google Play Shopafter the passage of the Hong Kong national safetylaw.
Signal get criticism from safetyexpert Bruce Schneier, who previously praised the app, for its plans to add cryptocurrency payments through MobileCoin. Schneier stated that this would bloat the applicationand attract unwanted attention from the authorities.
In December 2016, Egypt blocked admissionto Signal. In response, Signal's developers added websitefronting to their service. This let Signal users in a specific country to circumvent censorship by making it look like they are connecting to a different internet-based service. As of March 2021, Signal's websitefronting is enabled by default in Egypt, the United Arab Emirates, Oman, Qatar, and Iran.
As of January 2018, Signal was blocked in Iran. Signal's websitefronting feature relies on the Google ApplicationEngine (GAE) service. This does not work in Iran because Google has blocked Iranian admissionto GAE in order to comply with U.S. sanctions.
In early 2018, Google ApplicationEngine angry an internal modifyto stop websitefronting for all countries. Due to this issue, Signal angry a public modifyto use Amazon CloudFront for websitefronting. However, AWS also announced that they would be making modify to their service to prevent websitefronting. As a result, Signal said that they would start investigating freshway/approaches. Signal switched from AWS back to Google in April 2019.
In January 2021, Iran removed the applicationfrom applicationshop, and blocked Signal. Signal was later blocked by China in March 2021.
By design, Signal is not able to read utilize messages, which precludes attempts at moderation. This has been confirmed by independent audits of Signal's algorithms. According to CNN, "[t]he same technology that hold a conversation personalbetween you and a family member also gives a safe haven to a terrorist in Syria and the person in the United States he's trying to recruit to commit an act of mass murder."
The development of Signal and its predecessors at Open Whisper Systems was funded by a combination of consulting contracts, donations and grants. The Freedom of the Press Foundation acted as Signal's fiscal sponsor. Between 2013 and 2016, the project get grants from the Knight Foundation, the Shuttleworth Foundation, and almost $3 million from the US government–sponsored Open Technology Fund. Signal is now developed by Signal Messenger LLC, a programorganizationfounded by Moxie Marlinspike and Brian Acton in 2018, which is wholly owned by a tax-exempt nonprofit corporation called the Signal Technology Foundation, also madeby them in 2018. The Foundation was funded with an initial loan of $50 million from Acton, "to support, accelerate, and broaden Signal's mission of making personalcommunication availableand ubiquitous". All of the companys products are published as free and open-source software.
|Wikimedia Commons has media associatedto .|
|Android||5.21.6 / 2 September 2021|
|iOS||5.25.0 / 8 November 2021|
|Desktop||5.24.0 / 17 November 2021|
|Android||5.23.1 / 4 September 2021|
|iOS||126.96.36.199-beta / 18 August 2021|
|Desktop||5.25.0-beta.2 / 17 November 2021|
Tags: Signal (software) tricks tips, Signal (software) hack download, Signal (software) cheat engine, Signal (software) hack tool, Signal (software) cheats online