The Signal messenger and protocol.

110 readers
5 users here now

https://signal.org/

founded 11 months ago
MODERATORS
1
 
 

Their website and F-Droid repo is unreachable now. No update about this on Mastodon and apparently they haven't updated the app in 3 months.

Some updates from their Matrix channel

They responded to the ticket

Thanks for reporting it. The domain automatic renewal failed because the credit card we used for payment was expired, and OpenCollective didn't issue a new card.

The domain is still ours, but the DNS services are suspended. We've already paid for the renewal (11 hours after the domain expired). Unfortunately, our registrar, Gandi, seems to need to take a manual action, and they haven't responded to our support requests yet. Today is bank public holiday in France.

2
3
 
 
4
 
 

Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud

5
6
7
8
9
 
 

From the official Dutch Intelligence and Security Service


information.

“Despite their end-to-end encryption option, messaging apps such as Signal and WhatsApp should not be used as channels for classified, confidential or sensitive information,” states Director of the MIVD, vice-admiral Peter Reesink.

Individual accounts

An interesting aspect of this Russian campaign is that it does not exploit any technical vulnerabilities of the messaging services. The attackers instead make malicious use of legitimate security features of the apps. Director-General of the AIVD Simone Smit states, “It is not the case that Signal or WhatsApp as a whole have been compromised. Individual user accounts are being targeted.”

To increase resilience against this Russian campaign, MIVD and AIVD have published a Cyber Advisory explaining how to identify and respond to attacks. The advisory also give instructions for Signal users on how to identify potentially compromised contacts.

All Signal users can personally check whether there are any potentially compromised contacts in their group chats. If you see any people who appear twice in the list of members (under the same or a slightly different name), this may be evidence of either a compromised account or a new account created by a victim.If you suspect this to be the case, report this to the information security department of your organisation. Together you can try to verify (preferably using a channel other than Signal or WhatsApp, such as an email or a telephone call) whether it is correct that the account in question appears twice in the chat group contact list. Should this not be the case, ask the group administrator to remove both accounts from the group chat, after which the legitimate account holder can request to rejoin the group. Please remain vigilant for group members who are not recognised by the rest of the group. The actor may occasionally change the display name of a compromised account to remain unnoticed in chat groups, for example to names such as 'Deleted account'. If a member’s display name changes, the group will receive a notification. When the change is the legitimate transition to 'Deleted account', no notification is sent. Actor-controlled accounts can also gain entry to the group via an obtained Group Link, of which the group always receives a notification. In all such unauthorised scenarios, ask the group administrator to remove the offending accounts from the chat.If there is any indication that the group administrator themselves may have been compromised, it is advisable to exit the group and create a new one.

10
11
 
 

I'm looking for an alternative to signal-desktop, with the following conditions:

  1. Designed for desktop (GUI or TUI, notification support, runs in background)
  2. Runs as main device, not requiring a linked signal app
  3. Supports most of the signal features (group chats, disappearing messages, usernames)
  4. Preferably integrated with pidgin, thunderbird, or another gui that I'm already using.

Does such an app exist? I have seen many forks of Signal, but most of them also seem to be for android. Previously, I had used signal-cli with an official copy of signal-desktop, but this is not satisfactory for a few reasons, mainly about the "remember to connect on your phone before 30 days" error.

12
13
14
14
Put a pin in it (signal.org)
submitted 5 months ago* (last edited 5 months ago) by nemeski@mander.xyz to c/signal@lemmy.blahaj.zone
 
 

In the latest version of Signal rolling out now, you can pin your most important messages to the top of your 1-1 and group chats.

15
 
 

Polls are now available in the latest versions of Signal for Android, Desktop and iOS which are rolling out now.

16
17
18
 
 

Filmed on 5/20/2025 with a live audience both in person and on Zoom.

About the speakers:

Meredith Whittaker is Signal’s President and a member of the Signal Foundation Board of Directors. She has over 17 years of experience in tech, spanning industry, academia, and government. Before joining Signal as President, she was the Minderoo Research Professor at NYU, and served as the Faculty Director of the AI Now Institute which she co-founded. Her research and scholarly work helped shape global AI policy and shift the public narrative on AI to better recognize the surveillance business practices and concentration of industrial resources that modern AI requires. Prior to NYU, she worked at Google for over a decade, where she led product and engineering teams, founded Google’s Open Research Group, and co-founded M-Lab, a globally distributed network measurement platform that now provides the world’s largest source of open data on internet performance. She also helped lead organizing at Google. She was one of the core organizers pushing back against the company’s insufficient response to concerns about AI and its harms, and was a central organizer of the Google Walkout. She has advised the White House, the FCC, the City of New York, the European Parliament, and many other governments and civil society organizations on privacy, security, artificial intelligence, internet policy, and measurement. She recently completed a term as Senior Advisor on AI to the Chair at the US Federal Trade Commission.

Stéphan-Eloïse Gras is a researcher and entrepreneur specializing in the geoeconomics of AI. An assistant professor at CNAM-Paris, she explores AI technologies through the lens of software & critical data studies. She also serves on the board of Probabl, an AI company built around the popular open-source library scikit-learn. With 15+ years in the digital sector, she has led initiatives at the intersection of innovation, research, education, and emerging markets. As CEO of Digital Africa, she oversaw a €130M initiative supporting African startups. She also co-founded Africa 4 Tech and led OpenClassrooms’ strategic expansion in Africa. Her doctoral research traced the rise of AI through a music recommendation algorithm acquired by Spotify. She teaches at CNAM, Sciences Po, NYU, and Sorbonne and is currently writing a book on the geoeconomics of AI, describing LLMs as “belief-making machines.”

Rachel Donadio, the Library’s Curator of Cultural Programs, is a Paris-based writer, journalist and critic, a contributing writer for the Atlantic, a regular contributor to the New York Review of Books and a former European Culture Correspondent and Rome Bureau Chief of the New York Times.

This event was part of Ways of Seeing, a special series exploring the connections between storytelling, creativity, and the visual world.

19
 
 

In the past, if you broke or lost your phone, your Signal message history was gone. This has been a challenge for people whose most important conversations happen on Signal. Think family photos, sweet messages, important documents, or anything else you don’t want to lose forever. This explains why the most common feature request has been backups; a way for people to get Signal messages back even if their phone is lost or damaged.

After careful design and development, we are now starting to roll out secure backups, an opt-in feature. This first phase is available in the latest beta release for Android. This will let us further test this feature in a limited setting, before it rolls out to iOS and Desktop in the near future.

Here, we’ll outline the basics of secure backups and provide a high-level overview about how they work and how we built a system that allows you to recover your Signal conversations while maintaining the highest bar for privacy and security.

Secure Backups 101

Secure backups let you save an archive of your Signal conversations in a privacy-preserving form, refreshed every day; giving you the ability to restore your chats even if you lose access to your phone. Signal’s secure backups are opt-in and, of course, end-to-end encrypted. So if you don’t want to create a secure backup archive of your Signal messages and media, you never have to use the feature.

If you do decide to opt in to secure backups, you’ll be able to securely back up all of your text messages and the last 45 days’ worth of media for free.

If you want to back up your media history beyond 45 days, as well as your message history, we also offer a paid subscription plan for US$1.99 per month.

This is the first time we’ve offered a paid feature. The reason we’re doing this is simple: media requires a lot of storage, and storing and transferring large amounts of data is expensive. As a nonprofit that refuses to collect or sell your data, Signal needs to cover those costs differently than other tech organizations that offer similar products but support themselves by selling ads and monetizing data.

Anatomy of Secure Backups: Privacy First, Always

At Signal, our commitment to privacy informs which features we build and the ways that we build them.

Using the same zero-knowledge technology that enables Signal groups to work without revealing intimate metadata, backup archives are stored without a direct link to a specific backup payment or Signal user account.

At the core of secure backups is a 64-character recovery key that is generated on your device. This key is yours and yours alone; it is never shared with Signal’s servers. Your recovery key is the only way to “unlock” your backup when you need to restore access to your messages. Losing it means losing access to your backup permanently, and Signal cannot help you recover it. You can generate a new key if you choose. We recommend storing this key securely (writing it down in a notebook or a secure password manager, for example).

These choices are part and parcel of Signal’s guiding mission to collect as close to no data as possible, and to make sure that any information that is required to make Signal robust and usable cannot be tied back to the people who depend on Signal. This is why wherever there’s a choice between security and any other objective, we’ve prioritized security.

Enabling Secure Backups

If you want to opt in to secure backups, you can do so from your Signal Settings menu. For now, only people running the latest beta version of Signal on Android will be able to opt in. But soon, we’ll be rolling this feature out across all platforms.

Once you’ve enabled secure backups, your device will automatically create a fresh secure backup archive every day, replacing the previous day’s archive. Only you can decrypt your backup archive, which will allow you to restore your message database (excluding view-once messages and messages scheduled to disappear within the next 24 hours). Because your secure backup archive is refreshed daily, anything you deleted in the past 24 hours, or any messages set to disappear are removed from the latest daily secure backup archive, as you intended.

Backing up, moving forward

We’re excited to introduce secure backups, making sure you can retain access to your Signal messages even when your phone is lost or destroyed. But secure backups aren’t the end of the road.

The technology that underpins this initial version of secure backups will also serve as the foundation for more secure backup options in the near future. Our future plans include letting you save a secure backup archive to the location of your choosing, alongside features that let you transfer your encrypted message history between Android, iOS, and Desktop devices.

Secure backups are available in today’s Android beta release. A full public release, along with iOS and Desktop support, is coming soon.

20