Android Security

Android Security

Signal’s encryption verification process is now simpler and more secure

Open Whisper Systems, developer of the encrypted messaging app Signal, has made it easier for users to verify the privacy of their conversations.

Signal allows users to scan a QR code or compare a set of numbers to verify that their conversations are secure, so long as both users must have the app and are connected to the internet.

In its latest update, the steps required to verify that connection has been reduced. Signal users only need to scan a single QR code for the conversation, instead of two, and the code no longer includes either party’s phone number, further increasing the level of privacy.

Of the previous process, Signal’s developer Open Whisper Systems said, “Even once the mechanics had been explained, it wasn’t typically clear how to proceed. User studies revealed that these comparisons often resulted in false positives, false negatives, and low success rates.” Open Whisper Systems hopes the new methodology will “reduce that confusion”.

See also:

What is the problem with IoT security? – Gary explains

1 day ago

Another simplification concerns app reinstalls. Users no longer need to verify a contact again to continue conversations. Signal now has an “advisory mode” – switched off by default – that tells them that the conversation is no longer verified, but doesn’t restrict users from taking part in the conversation. Open Whisper Systems said it may enable this feature as standard if it proves popular.

Signal’s popularity surged following the US election, with the app seeing a 400% increase in installations the week after Trump’s win. Edward Snowden publicly recommended the app in September of this year and warned of Google’s new messaging app Allo.