Caria Giovanni - Harpocrates5d ago

Static + dynamic analysis of Signal's APK. The good news first: Signal is genuinely exceptional.

Rust core (libsignal_jni.so), post-quantum hybrid Double Ratchet (Kyber-1024 + X25519), Direct ByteBuffers with immediate zeroing after PIN/username hashing, Intel SGX attestation for SVR — MREnclave verification means even a compromised Signal server can't extract your PIN hash.

But two things stood out:

1. Firebase is always there. Google receives IP + notification timestamps regardless of message content. If you need metadata privacy, Signal still leaks presence data to Google's infrastructure.

2. Certificate revocation endpoints hit http://g.symcd.com in plaintext. An ISP or state-level observer can fingerprint Signal usage from DNS queries and HTTP traffic to those CAs — without touching message content.

Conclusion: strongest crypto engineering in consumer messaging. The attack surface isn't the cryptography. It's the operational dependencies.

Soon the full analysis

#infosec #AndroidSecurity #Signal #privacy #ReverseEngineering #postquantum #mobileforensics

Show threadJan5d ago
@Harpocrates Did you compare this with #Molly ?
Show threadCaria Giovanni - Harpocrates

@jan
Not yet — Molly is on the list precisely because of the Firebase dependency I flagged. The UnifiedPush implementation is the interesting delta to audit. If the metadata leak vector is eliminated at the transport layer, the threat model changes significantly.

Watch this space.

Mar 16 at 11:24amWeb