Signal Encrypted Messaging Comes to Desktop

In March when Moxie Marlinspike and Open Whisper Systems released the iOS version of the Signal encrypted messaging app, the noted security researcher promised to expand its reach and among other things, eventually release a desktop version of Signal.

That vision was realized on Wednesday with the public availability of the Signal Desktop beta, written by Open Whisper Systems’ Lilia Kai Markham. Signal’s calling card is its simplicity, and Marlinspike promises the desktop version to carry the same flag. For now, Signal Desktop is a Chrome app and links only to Android devices. Much like the experience with Apple’s iMessage desktop app, Signal Desktop links with mobile devices and displays incoming and outgoing messages on all devices.

“As always, everything is end-to-end encrypted and painstakingly engineered in order to keep your communication safe – allowing you to send high-quality private group, text, picture, and video messages for free,” Marlinspike wrote yesterday in making the announcement.

Marlinspike told Threatpost that Signal Desktop will add iOS app support “real soon now.”

Signal Desktop source code is available on Open Whisper Systems’ Github page and Marlinspike hopes that security experts will review its protocols and implementations.

Signal is a favorite among security experts and the privacy conscious, and it arrives at an interesting time for encrypted messaging. Law enforcement in the U.S. in particular has made an issue of the challenges encrypted messaging poses to active criminal and national security investigations. The topic was heavily debated in the days following the Paris terror attack on Nov. 13 where politicians and law enforcement immediately speculated that the attackers plotted and communicated over encrypted apps such as WhatsApp, none of which was confirmed.

Closer to home, FBI director James Comey has made repeated calls to Silicon Valley to help law enforcement figure out what he has dubbed the “Going Dark” problem. Since Apple and Google have relinquished control over encryption keys and have put them on iOS and Android devices, law enforcement has no legal way to compel the companies to turn over user data with a warrant or other court order.

FBI general counsel James Baker, echoed those thoughts during a Boston security conference on Nov. 4.

“This is about rule of law and the fundamental rights we have from the Constitution, creating laws that enable government to obtain the results of surveillance in ways that are consistent with constitutional rights,” Baker said. “Today, that’s not happening. We are not able to use what’s available today with a 4th Amendment warrant. We do what the law requires, show up with a court order, and can’t get the fruits of surveillance because of encryption.”

Yet since the Snowden revelations exposed the government and law enforcement’s surveillance overreach, the focus on private communications has intensified and advocates have gone to great lengths to demonstrate that human rights activists, journalists, and individuals in oppressed countries rely on encrypted messaging not only for privacy, but for personal security.

“We’d like to bring the technical reality in line with people’s expectations and assumptions. People expect and assume that their correspondence is private, and are shocked and outraged when it is inevitably compromised,” Marlinspike said. “Our hope is to fix that, so that when people feel like they’re corresponding privately, they really are.  Basically, we’d like to make mass surveillance impossible.”

This article was updated Dec. 3 to reflect that Lilia Kai Markham wrote Signal Desktop.

About author:

Comments are closed here.