On 1/25/21, David Barrett <dbarrett@expensify.com> wrote:
Incidentally, for anyone following along, here's a great thread I had on Twitter regarding this:
https://twitter.com/dbarrett/status/1353768706141163520
My current summary of Signal's primary design goal is:
Perhaps I'm looking at it the wrong way. Signal's primary design goal seems to be to *enable* truly effective self-destructing chats (which means enabling them to self-destruct at every layer), to limit the damage from device compromise. That is their primary differentiated feature.
Given that the device is the weak link (ie, the most likely place that a key would be compromised), and without self-destructing chats the device has a complete record of all past messages, then there's really no point to all the double-ratchet stuff (which exists purely to limit the damage of any individual key being compromised) because in the process of compromising any key, you also compromise *all messages* (obviating your need for the key in the first place).
Does that seem a fair summary?
Sorry for over-replying. I'm trying to catch up and don't want to figure out all the replies with strategically placed errors different from my errors. I would summarise Signal totally differently: Signal is the only popular cryptographic messaging system where actual norms that people care about are respected. Most message systems just do stupid things, and lie to you when you call them out on it, and it's frustrating and infuriating. It is obviious that Signal is not motivated by profit, but rather their users and functionality. They have an automated system that gives their donated money to people who contribute improvements.