On Sun, Mar 14, 2021 at 3:55 PM Peter Fairbrother <[1]peter@tsto.co.uk>
   wrote:

     Afaik no direct cryptanalytic attack against the PGP Blackberries
     has
     ever succeeded, though several hardware-, phishing-, software-,
     security- and law- based attacks have.

   Given that every real world example finds a weaker place to attack than
   the encryption, is there anything about the Signal app that is more
   inherently secure than any of these?
   It would seem that there's no real protection against someone in
   control of the network deploying a back door onto your device that
   siphons off the messages after they are decrypted (or the decryption
   keys themselves), and it seems like that's a way easier way to get the
   messages than actually bothering to talk with the app developer.
   Furthermore, unless everyone involved is willing to go to jail, it
   seems there's no real protection against compelling the software
   developers to ship a backdoor.  Even being open source with verified
   builds only confirms that a specific update has a specific version --
   the next update, or your friend's update, might have a different
   build.  Indeed, being open source makes it easier for an attacker to
   craft a build with a back door, and then convince Google to deploy it
   to their target.
   Ultimately e2e seems like a real way to force lawyers to bring any
   discovery requests straight to you for civil suits (because no civil
   suit could realistically convince Google or Verizon to ship a back door
   to your phone, whether by a custom build or a fake OS update).  But it
   feels like security theater to assume e2e provides really any
   protection at all against serious criminal suits, and certainly nothing
   approaching national security.
   -david

References

   1. mailto:peter@tsto.co.uk