Signal unstable: Alternatives to the encrypted messaging application
 
 

Several users of Signal, the messaging and voice calling application supported by Open Whisper Systems’ encryption protocol, reported on Saturday that they were no longer able to send or receive messages while tethered to Egyptian ISP addresses.

While the exact reason for the interruption remains unclear, Open Whisper Systems, which is also the application’s developer, has stated that there is no issue with its servers. “Everything is functioning normally on our end, so something might be up on the local networks in Egypt,” the company’s twitter account wrote in response to IT specialist Amr Gharbeia’s question.

Open Whisper Systems has communicated with several actors in an attempt to diagnose the problem, notably Open Observatory of Network Interference (OONI) – an international network monitoring internet censorship, traffic manipulation and signs of surveillance operating under the Tor Project – and journalist Wael Eskandar. In its most recent assessment, the company has suggested that the interruption in traffic is being caused by a TCP reset injection issued from a third party, which effectively changes a data packet TCP header, a sign to the packet’s endpoints that they should immediately stop using the TCP connection and not send any more packets using the connection’s identifying numbers.

Ahmed Gharbeia, an authority in digital and online security, says that the difficulties experienced while using Signal differ from network to network and according to the time of attempted use. Gharbeia tentatively attributes the interruption in service to malfunctions in the application or to non-centralized interference from the state, which may have caused the crash.

As the application remains unstable and will likely continue to be unavailable, Mada Masr has indexed some of the available alternatives through which to conduct secure conversation.

The importance of decentralization

Ahmed says that there are a number of applications that operate using encryption protocols similar to Signal’s, all of which also use open source software. While the applications, including Signal, are rooted in different theories and deploy various configurations, they rely on centralized servers, a fact that Ahmed says increases the likelihood that their data center will be targeted or disabled.

Explaining the concept in more detail, Amr emphasizes that there should be a greater shift toward solutions that deploy decentralization in the development of communication platforms in line with the decentralization of Internet servers.

“The internet, as we know it now, is the descendant of a project dating back to the 1960s, which was developed by the Defense Advanced Research Projects Agency (DARPA), an agency under the US Department of Defense,” Amr says. “The primary objective of the internet’s design was the creation of a communications network without centralized control points that could be targeted. Thus, the network would have a greater capacity to remain operational, even after a nuclear attack on the United States,” which is the main difference between internet connections and phone lines.

The design feature introduced in the midst of the Cold War to address fear of an imminent nuclear attack has taken on new meaning in an age of mass surveillance, functionally allowing messages to travel from sender to recipient, according to Amr, without the need for a central switchboard.

However, Amr notes that cybernetic systems have become increasingly centralized over the past several decades.

“Internet use today relies on phone networks, for example, while the services that we use on the internet – such as search engines and social networking sites – are extremely centralized, whereby one giant company, such as Google or Facebook, provides a service to billions of people,” Amr says. The monopoly over traffic, he adds, allows these corporations to have broad influenced over their users and the data.

Amr is a general proponent for decentralization as a mode of politics and policy, arguing that its basic tenets can be extended to a range of industries – from transportation and banking to utilities – to ensure justice and promote a stronger economy.

Alternatives to Signal

Ring, a messaging and voice calling application that relies on open distributed hash table (OpenDHT) technology, is one of the applications that uses a decentralized network and encryption protocol. Ahmed explains that the system relies on consecutive links in a network, which act as instantaneous delivery agents.

“OpenDHT acts like a decentralized addresses book, which is exactly like asking somebody you know for the address or number of another person that you have heard about and want to communicate with, but don’t have their contact information,” Ahmed says. While acknowledging that Ring is slightly harder to use than other chat programs, he says its role is important, as its use and development open the door to another type of inter-connectivity.

Kontalk is another messaging platform, which provides an open-source encryption protocol and relies on a number of servers to provide a safe connection.

If uses are looking for something that is similar to Signal, Ahmed recommends Whatsapp, as the messaging application has adopted Open Whisper Systems’s encryption protocol. “The problem with Whatsapp,” Ahmed cautions, “is that it is owned by Facebook, and that it lacks an authentication mechanism between the parties engaged in a conversation.”

Telegram is another alternative, but technical specialists do not frequently recommend using the messaging client, as its developers have refused to make their source codes public. Amr adds that there are questions about its director’s dealings with the Iranian government.

Despite the absence of any evidence suggesting the government caused the interruption in Signal’s functionality, the Egyptian state has previously attempted to solidify its control over and disable telecommunications services.

Internet users in Egypt have faced numerous technical problems over the past month on safe communication channels, including the Secure Shell (SSH), HTTPS and the Tor Browser. Recent OONI probes and reports reveal that Egyptian internet service providers – TE Data, Noor and Vodafone – have been involved in blocking access to several websites, disabling the HTTPS security feature, injecting pop-up advertisements into the browser interface and disseminating malware.

Translated by Jano Charbel

AD
 
 
Mohamed Hamama