Signal is primarily known for its default use of end-to-end encryption. But instant messaging also provides other settings to further enhance its security.
This is Signal’s main asset: end-to-end encryption by default. If this mobile application is not the only one to offer this protection in an instant messaging service, it is the one that arouses the highest degree of confidence: the source code is open, its designer is a well-known figure in the cryptography community. and the project is framed by a protective legal form.
To put it quickly, end-to-end encryption is a method involving mathematical calculations that makes conversations and files unreadable if you don’t have the decryption key. This formula is used when the message is encrypted on the user’s terminal and decrypted on that of the recipient, both representing one end of this link.
In this way, the chat channel is made inaccessible to any third party, whether it is the company providing the service, the Internet service provider, a network administrator or even law enforcement. Even if the messages are intercepted, they are in an unusable format. To find its meaning, only considerable means could possibly change the situation.
The point is that end-to-end encryption is not designed to address all problems: typically, it cannot do anything against attacks that occur at the end of the chain, i.e. at the end of the chain. smartphone. If it is stolen from you, and it is freely accessible, without a lock code, there is no difficulty in launching the application and carrying out the various conversations, in the clear.
Locking the application
The good news, however, is that Signal does provide a few more options to reduce the level of risk at the end of the line. These are available in the app settings. You also have to consider the security specific to iOS and Android, depending on the operating system you use: PIN code, diagram to be traced, password or even biometric unlocking.
You can also specifically lock Signal with the protection you are using to prevent access to your smartphone. This can be useful if you have someone grab the phone out of your hands to see the contents. If the app is locked at this time, it will not be possible to access it, even if the OS lock screen has passed.
The option can be found by following these steps:
- Launch the application and go to the menu, whose icon displays vertical ellipses, at the top right of the screen;
- Choose “Settings”, then “Privacy”;
- Under “App security”, check “Screen lock”;
- You can optionally set an inactivity delay before locking the screen (with a minimum of one minute).
Another protective measure – if activated beforehand – may be the use of ephemeral messages. The name is self-explanatory: it designates messages that self-destruct after a while (5 seconds to a week, with several intermediate steps).
Once the message has expired, the conversation keeps no record of it, not even a mention that looks like a message existed. On the other hand, there is still a mention of activation and deactivation of the option which appears on the screen, as well as the duration of the parameter which has been chosen. The option of ephemeral messages is radical to hide past exchanges, but you will no longer have history.
Other security options
Signal offers other security and privacy options, which are found in the same place as the app lock. It is possible to activate a setting that blocks screenshots. However, this is not absolute protection: a camera can take the screen for example. And if all the other protections have fallen, it will not be difficult to go to deactivate it in the settings.
Signal can also instruct keyboards installed on the smartphone not to use personalized learning, based on what you write. Note however that this instruction will not necessarily be followed by the keyboard. For the option to give its full potential, you must first install a keyboard that will respect the chosen decision.
Third security option that may be of interest: in the advanced settings, Signal offers to make its server available to relay phone calls. This way, the contact who tries to reach you is not able to see your IP address, but that of the server. Signal warns, however, that this setting adversely affects call quality.
The continuation in video
Source: Numerama by www.numerama.com.
*The article has been translated based on the content of Numerama by www.numerama.com. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!