Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Matthew Green is on BlueSky Profile picture
@matthew_d_green
May 28, 2024 15 tweets 4 min read Read on X
Some folks are discussing what it means to be a “secure encrypted messaging app.” I think a lot of this discussion is shallow and in bad faith, but let’s talk about it a bit. Here’s a thread. 1/
First: the most critical element that (good) secure messengers protect is the content of your conversations in flight. This is usually done with end-to-end encryption. Messengers like Signal, WhatsApp, Matrix etc. encrypt this data using keys that only the end-devices know. 2/
Encrypting the content of your conversations, preferably by default, is “table stakes.” It isn’t perfect, but it’s required for a messenger even to flirt with the word “secure.” But security and privacy are hard, deep problems. Solving encrypted messaging is just the start. 3/
There are lots of threats that still exist even if you add end-to-end encryption to messaging. One is: does your phone back up message content to the cloud? But another much harder one is: what about metadata? Ie what about the details of *who* you communicate with and when? 4/
E2EE cloud backup is incredibly, back-breakingly hard. It involves storing keys somewhere that the cloud provider can’t access, even in the event where you lose your phone and forget your passwords. But services have come up with solutions. Eg: blog.cryptographyengineering.com/2022/12/07/app…
But if cloud backup is hard, it’s literally *nothing* compared to metadata. Metadata is the hardest thing in the world. That’s because encryption does very little to help you: your messages (encrypted or not) need to be delivered. The servers that do this have to know to whom. 6/
Metadata is so hard that it really matters how much you trust the intentions and promises of your service provider. For example: WhatsApp is a Meta company, and they’re open about the fact that they use social graphs to perform advertising. That’s how they make money. 7/
I appreciate that WA is open about this and I trust them generally not to sell my data to criminals, but I also don’t like it. That’s why I don’t use WhatsApp as my primary messenger even if I strongly believe that their (content) encryption is very good. 8/
But you should be very wary of anyone who tells you they don’t do anything with metadata unless you either (1) trust their technical protections or (2) trust them a lot organizationally. And the technical side is very challenging. Just incredibly difficult. 9/
There are a bunch of separate issues, and a full discussion is so messy they require a different medium. They include:

* Contact discovery: how to find your contacts without giving away your social graph
* Registration: can you sign up as a pseudonymous account, or do you need an identifier (with enormous tradeoffs for spam.)
* Sender anonymity: can you send without revealing who you are?
* IP address anonymity: Ugh. Mostly this requires a VPN or Tor.
* Timing attacks and sophisticated adversaries: see attached diagram.Image
These are all incredibly difficult problems and folks are working on solving them. Signal uses trusted enclaves to perform contact discovery, and has a “sealed sender” to hide sender IDs. Other services allow you to sign up with pseudonyms. You should pick what works for you.
What you should not do, and what I see a lot of people doing, is panic about the fact that messaging services have access to metadata and/or even *use* that metadata, and switch to something that is unencrypted and arguably worse.
If you’re a technical expert, you should try to explain to others what the tradeoffs look like. Some people are better off using a service like WhatsApp because their contacts are there. Others are better off using tiny bespoke encrypted messengers with anonymity features.
What you should not do is indulge the “aha gotcha” crowd that is running around trying to convince people that all popular messages are “backdoored” because that message leads to panic and people using insecure systems. //
PS the diagram in the middle of this thread is from a great article by James Mickens. usenix.org/system/files/1…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Matthew Green is on BlueSky

Matthew Green is on BlueSky Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @matthew_d_green

Matthew Green is on BlueSky Profile picture
Oct 15
The “age verification” and the “human identification” problem are the same problem. It upsets me to be around people who think they’re working on the first, but don’t understand they’re actually working on the second.
To be really clear: it’s pretty obvious that the central (Internet communication) problem of our time is going to be determining whether the stranger you’re talking to (or delivering ads to) is a person or a bot. And every existing tech we have for doing this will fail.
So how do we do this? Presumably by tightly binding physical identity to your device and then proving possession (with some other bells and whistles). Not coincidentally that’s exactly what age verification is. Weird how corporate and gov’t priorities suddenly align, right?
Read 10 tweets
Matthew Green is on BlueSky Profile picture
Aug 5
Trying to plan a seminar on the topic of “how do we maintain privacy in the coming dystopia” and it’s kind of a thing.
Over the past thirty years we’ve done amazing thing technologically when it comes to anonymity and privacy, and to some extent it was “all theoretical” that we’d need it. That’s all behind us.
So here we are in the bad timeline. Social networks want to jam AI into your encrypted messages; governments want to access your private messages; everyone you maybe once hoped to rely on is either planning to sell you out or else trying to find the fastest way to monetize you.
Read 5 tweets
Matthew Green is on BlueSky Profile picture
Jul 29
I cannot tell what’s going on with Google here. washingtonpost.com/politics/2025/…
Specifically, Google when asked by a US senator could easily have denied that the UK was pressuring them, but instead said this. Image
If you call someone in their home and ask them if someone has a gun to their head, and they say “I can’t talk about that” then you call 911 because that’s what common sense tells you to do.
Read 6 tweets
Matthew Green is on BlueSky Profile picture
Apr 24
It is insane how scary the threat models of encrypted messaging apps providers are.
You have these apps with billions of users. Some of those users are doing huge financial transactions. Some are politicians. Some are coordinating literal national security operations. And all these messages go through a few vulnerable servers.
I think older people (that includes me I guess) think that messaging apps are like AOL Instant Messenger, not used for anything important. It’s completely insane how much of our society now runs on them, and what a total disaster it would be if a couple of major apps were broken.
Read 11 tweets
Matthew Green is on BlueSky Profile picture
Mar 27
Ok, look people: Signal as a *protocol* is excellent. As a service it’s excellent. But as an application running on your phone, it’s… an application running on your consumer-grade phone. The targeted attacks people use on those devices are well known. Image
There is malware that targets and compromises phones. There has been malware that targets the Signal application. It’s an app that processes many different media types, and that means there’s almost certainly a vulnerability to be exploited at any given moment in time.
If you don’t know what this means, it means that you shouldn’t expect Signal to defend against nation-state malware. (But you also shouldn’t really expect any of the other stuff here, like Chrome, to defend you in that circumstance either.)
Read 5 tweets
Matthew Green is on BlueSky Profile picture
Mar 25
You should use Signal. Seriously. There are other encrypted messaging apps out there, but I don’t have as much faith in their longevity. In particular I have major concerns about the sustainability of for-profit apps in our new “AI” world.
I have too many reasons to worry about this but that’s not really the point. The thing I’m worried about is that, as the only encrypted messenger people seem to *really* trust, Signal is going to end up being a target for too many people.
Signal was designed to be a consumer-grade messaging app. It’s really, really good for that purpose. And obviously “excellent consumer grade” has a lot of intersection with military-grade cryptography just because that’s how the world works. But it is being asked to do a lot!
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(