WEBVTT - Which Messaging App is Truly Secure? 0:00:01.720 --> 0:00:07.440 Also media. 0:00:08.680 --> 0:00:11.800 Welcome back to it could happen here. I am Robert Evans, 0:00:11.880 --> 0:00:16.160 and this is a podcast about things falling apart. Sometimes 0:00:16.160 --> 0:00:19.040 it's about how to make things not fall apart, and 0:00:19.120 --> 0:00:22.360 other times it's more about enduring it. Today is more 0:00:22.400 --> 0:00:24.639 on the endurance side of things. And we're talking about 0:00:24.640 --> 0:00:27.440 a subject that we get a lot of requests about here. 0:00:27.920 --> 0:00:30.240 We've discussed this a year or so ago with one 0:00:30.240 --> 0:00:33.120 of our guests, a great Carl Pasarta. We're talking about 0:00:33.159 --> 0:00:36.839 like security culture, and particularly the aspect of security culture 0:00:36.840 --> 0:00:40.360 that involves digital devices and how to communicate with your friends' 0:00:40.360 --> 0:00:45.920 affinity groups, whomever via your phone essentially or your computer. 0:00:46.400 --> 0:00:49.080 This is a thing where there's a huge amount of 0:00:49.120 --> 0:00:52.599 disinformation as to which apps are safe. What does it 0:00:52.640 --> 0:00:55.960 actually mean to say that an app is encrypted? How 0:00:56.000 --> 0:00:58.840 far does encryption get you? What sort of like cultural 0:00:58.880 --> 0:01:03.920 things come alongside the actual, like physical reality of the 0:01:03.920 --> 0:01:06.160 security of the device in order to kind of make 0:01:06.319 --> 0:01:09.560 a comprehensive security profile. We're gonna be talking about all 0:01:09.560 --> 0:01:11.560 that today and hopefully giving you some good advice on 0:01:11.560 --> 0:01:14.240 what you can trust. Because I am the furthest thing 0:01:14.280 --> 0:01:17.360 in the world from a technical expert. We have two 0:01:17.440 --> 0:01:21.959 actual experts with us today. Carolyn Senders and Cooper Quinton 0:01:22.200 --> 0:01:25.800 have both recently published a paper alongside several other authors 0:01:26.560 --> 0:01:31.360 Leila Wagner, Tim Bernard, Ami Meta, and Justin Hendricks called 0:01:31.400 --> 0:01:34.720 what Is Secure? An Analysis of Popular Messaging Apps, and 0:01:34.760 --> 0:01:38.720 it's it's basically going over what is the actual level 0:01:38.760 --> 0:01:42.120 of security with a number of things like Telegram, you know, 0:01:42.200 --> 0:01:47.880 Telegram's private messaging system, Facebook Messenger, Apple Message, or I Message. 0:01:47.880 --> 0:01:51.200 I guess it's called and obviously signal and kind of 0:01:51.240 --> 0:01:54.080 as a spoiler, signal is your best bet, but that 0:01:54.200 --> 0:01:56.600 also isn't where you should end, right I think we 0:01:56.640 --> 0:01:58.760 want to also talk about kind of like why and 0:01:59.160 --> 0:02:01.680 to what extent that's the case. But anyway, I'm going 0:02:01.720 --> 0:02:04.520 to turn things over to Carolyn and Cooper now because 0:02:04.520 --> 0:02:07.840 I have talked enough about this. Hey guys, welcome to 0:02:07.880 --> 0:02:08.200 the show. 0:02:09.680 --> 0:02:11.760 Hey, Robert, thanks so much for having us on. 0:02:12.280 --> 0:02:15.119 Yeah ah, yeah, thank you so much, A big fan 0:02:15.360 --> 0:02:18.840 of the podcast, so always lovely, really lovely to be here. 0:02:19.320 --> 0:02:20.359 Yeah, thank you so much. 0:02:20.960 --> 0:02:23.840 Yeah, it's really lovely to have you both again. Listeners, 0:02:23.880 --> 0:02:26.600 if you want to take a look at this their paper, 0:02:26.600 --> 0:02:29.000 if you just google what is secure and analysis of 0:02:29.040 --> 0:02:32.000 popular messaging apps. You'll find the Tech Policy Press has 0:02:32.240 --> 0:02:34.760 a summary of it that's pretty quick. The full paper 0:02:34.840 --> 0:02:37.720 is eighty six pages or so. I also recommend reading that, 0:02:37.800 --> 0:02:40.240 but if you wanted to give this the summary a 0:02:40.240 --> 0:02:43.200 skin before you continue, that might help. But I kind 0:02:43.200 --> 0:02:45.760 of wanted to start by asking you, guys, what is 0:02:45.840 --> 0:02:49.600 it that makes Signal a good option for people? Right? 0:02:49.600 --> 0:02:52.040 Because I think most folks you describe it as sort 0:02:52.040 --> 0:02:55.240 of security folklore, right, the stuff that you hear about 0:02:55.280 --> 0:02:58.320 security from your friends, and if you're not a technical person, 0:02:58.360 --> 0:03:00.680 you kind of just like trust what the folks around 0:03:00.720 --> 0:03:02.200 you were saying. And that was sort of how I 0:03:02.240 --> 0:03:05.040 got into Signal. Right, I'm not a technical person, but 0:03:05.080 --> 0:03:07.240 people I knew and trusted who were were like, this 0:03:07.280 --> 0:03:08.080 is your best option? 0:03:08.760 --> 0:03:09.639 Yeah, thank you so much. 0:03:09.760 --> 0:03:11.840 That's such a good question, and I think Cooper and 0:03:11.880 --> 0:03:15.480 I probably have similar but also like very different answers 0:03:15.560 --> 0:03:15.880 to it. 0:03:16.360 --> 0:03:18.320 Cooper, I can go first if you want. 0:03:18.960 --> 0:03:20.560 One of the things I love about Signal is it's 0:03:20.560 --> 0:03:24.200 just really easy to use. It's in and encrypted, it's 0:03:24.200 --> 0:03:26.640 a messaging app. There's not a lot of stuff on it, 0:03:26.680 --> 0:03:29.360 but you can do a lot with it, so you 0:03:29.360 --> 0:03:32.720 can do video calls, you can send actually pretty large 0:03:32.720 --> 0:03:33.799 files like PDFs. 0:03:34.120 --> 0:03:35.680 You can have drag and drop stuff. 0:03:36.080 --> 0:03:39.720 It's like such a low threshold for use for users 0:03:40.040 --> 0:03:42.160 because it is a messaging app, but it does so 0:03:42.200 --> 0:03:45.280 many different kinds of things. But then related to that, 0:03:45.320 --> 0:03:48.920 it's also actually quite minimal. So the paper which everyone 0:03:48.960 --> 0:03:52.120 should read and we'll probably get into this later. Different 0:03:52.160 --> 0:03:58.800 apps like Telegram or Facebook's Messenger app, for example, have have. 0:03:58.840 --> 0:04:00.840 This thing we've been calling feature bloat. 0:04:01.360 --> 0:04:04.160 They are messaging services that actually feel a bit more 0:04:04.240 --> 0:04:06.480 like social networks if you look at the amount of 0:04:06.520 --> 0:04:08.840 stuff that's on there, and by stuff, I don't just 0:04:08.920 --> 0:04:11.880 mean like stickers, I mean if you look at there's 0:04:11.920 --> 0:04:15.080 all these sort of specific and strange settings you can 0:04:15.160 --> 0:04:17.920 use to have all different kinds of messages and all 0:04:17.920 --> 0:04:21.120 different kinds of privacy settings, and all privacy settings are 0:04:21.160 --> 0:04:25.640 really really great. Because Telegram and Facebook Messenger are not 0:04:25.960 --> 0:04:28.840 encrypted by default, actually some of those settings can make 0:04:28.880 --> 0:04:31.279 you feel more secure when you're not so. Kind of 0:04:31.279 --> 0:04:33.159 the beauty of Signal is that out of the box, 0:04:33.680 --> 0:04:37.279 it's incredibly secure. It's an inn encrypted They're not holding 0:04:37.279 --> 0:04:40.360 any data about you. I believe the only only day 0:04:40.400 --> 0:04:42.920 they hold is like when you've like when a phone 0:04:43.000 --> 0:04:46.120 number or a profile has downloaded signal, like when you've 0:04:46.279 --> 0:04:50.600 when you've signed up. But again it's it's incredibly easy 0:04:50.640 --> 0:04:54.159 to use. And another thing is, you know, if this 0:04:54.240 --> 0:04:56.039 was a few years ago, we've been looking at wire 0:04:56.120 --> 0:04:56.679 for example. 0:04:56.680 --> 0:04:58.440 One of the nice things about Signal. 0:04:58.200 --> 0:05:00.800 And this might be controversial to some, is that it 0:05:00.839 --> 0:05:03.640 does follow modern design patterns and standards. So if you're 0:05:03.720 --> 0:05:07.240 using an iOS or Android version, like there are buttons 0:05:07.279 --> 0:05:09.880 in places where you expect them to be. Signal is 0:05:09.880 --> 0:05:15.040 not perfectly designed, but it is quite usable. Yeah, So 0:05:15.080 --> 0:05:17.240 for me, that's kind of what I think makes it 0:05:17.279 --> 0:05:18.400 makes it really wonderful. 0:05:18.680 --> 0:05:21.840 Yeah, it's definitely as much as I love it, and 0:05:21.880 --> 0:05:24.880 it's my like standard messaging app I do every now 0:05:24.920 --> 0:05:26.559 and then run into the thing where like my friends 0:05:26.560 --> 0:05:28.640 will call me through Signal, which is great if you 0:05:28.640 --> 0:05:31.160 need a call to be secure, but it's not nearly 0:05:31.200 --> 0:05:33.280 as good, Like it drops a lot more often than 0:05:33.320 --> 0:05:35.720 a regular phone call, and I'm like, we're just trying 0:05:35.760 --> 0:05:37.680 to meet at the movie theater. It's okay if the 0:05:37.800 --> 0:05:40.800 nsay noes right, Like I've. 0:05:40.640 --> 0:05:42.800 Definitely had that with friends where I'm like, I'm like yeah, 0:05:42.800 --> 0:05:46.640 I'm like, we're just calling to talk about like your dog. 0:05:47.120 --> 0:05:48.320 It's probably fine. 0:05:48.560 --> 0:05:50.839 Yeah, the FBI can have this stuff. 0:05:51.160 --> 0:05:54.800 Yeah, please send, please send, please send dog picks through 0:05:55.279 --> 0:05:56.479 all all messaging apps. 0:05:57.760 --> 0:06:00.839 You know. But on that note, it's uh, right, writing 0:06:01.080 --> 0:06:05.480 usable software that is also secure is really hard, right, 0:06:05.520 --> 0:06:09.560 And like as a like as cryptographer, I'm not a cryptographer, 0:06:09.640 --> 0:06:13.479 but like as somebody cryptographer adjacent, we got that wrong 0:06:13.600 --> 0:06:17.480 for a long time, right, Like before Signal the problem, 0:06:17.680 --> 0:06:20.359 you know, there were the the the sort of most 0:06:20.520 --> 0:06:24.919 used encryption methods were probably uh PGP email, which is 0:06:24.920 --> 0:06:28.159 a method for encrypting email, and off the record chats, 0:06:28.240 --> 0:06:31.760 and both of those none of those ever got to 0:06:31.920 --> 0:06:35.320 the sort of level of user base that Signal and 0:06:35.640 --> 0:06:40.240 and certainly not WhatsApp have, right, And and that's largely 0:06:40.320 --> 0:06:44.880 because they were pretty much unusable, like PGP, almost entirely 0:06:44.960 --> 0:06:49.360 unusable even by cryptography professionals, right, even by computer security 0:06:49.360 --> 0:06:54.080 professionals like ourselves. OTR chat total pain in the butt, right, 0:06:54.200 --> 0:06:58.679 like just just a real nightmare to use. So, like Signal, 0:06:58.880 --> 0:07:01.239 there are still some rough edges, and we talked about 0:07:01.240 --> 0:07:04.280 some of those in our paper. But overall, I think 0:07:04.320 --> 0:07:06.560 that the big the big innovation they've had is just 0:07:07.200 --> 0:07:10.000 remembering that what people want to do on a chat 0:07:10.040 --> 0:07:12.840 app is not encrypt things. What people want to do 0:07:12.880 --> 0:07:14.800 on a chat app is they want to they want 0:07:14.800 --> 0:07:18.040 to chat right. And and the second that that that 0:07:18.120 --> 0:07:20.320 the security sort of gets in the way of that, 0:07:20.880 --> 0:07:23.000 people will stop using it and go find something that's 0:07:23.040 --> 0:07:26.000 more usable. And it seems like that's been Signals sort 0:07:26.040 --> 0:07:30.320 of guiding star and it's and they've you know, doing 0:07:30.360 --> 0:07:33.040 the doing the most secure thing that you can will 0:07:33.120 --> 0:07:38.720 still being fun and usable to actually just chat on right. 0:07:38.800 --> 0:07:40.960 And I think that that has served them quite well. 0:07:41.800 --> 0:07:45.840 Yeah, I think there's it's it's so important. One of 0:07:45.880 --> 0:07:47.960 I think one of the things that that contributes to 0:07:48.040 --> 0:07:52.400 good overall security is setting yourself up for success, which 0:07:52.440 --> 0:07:54.960 means setting yourself up for a system that can function 0:07:55.040 --> 0:07:56.920 well if you're lazy, which is one of the nice 0:07:56.960 --> 0:07:58.800 things that you know, with Signal, you don't have to 0:07:58.840 --> 0:08:01.120 worry about like opting in and out and like selecting 0:08:01.120 --> 0:08:03.840 a bunch of stuff. It's pretty safe, especially for a 0:08:03.840 --> 0:08:07.040 normal person's uses right out of the box, which is 0:08:07.160 --> 0:08:10.040 huge and kind of in the same line, as that 0:08:10.160 --> 0:08:13.200 is the fact that because Signal doesn't store metadata, you're 0:08:13.200 --> 0:08:16.760 not relying upon them being like committed you know, anti 0:08:16.760 --> 0:08:20.440 state actors or whatever like, because they don't have access 0:08:20.480 --> 0:08:22.840 to the thing that for example, Facebook will hand over 0:08:22.920 --> 0:08:25.560 to the cops if the cops just like breathe in 0:08:25.600 --> 0:08:26.160 their direction. 0:08:28.040 --> 0:08:30.680 Yeah, that's that's exactly right, And that's that is that 0:08:30.760 --> 0:08:32.760 is the other really cool thing about Signal. You know, we, 0:08:33.400 --> 0:08:36.560 as Carolyn said, the only data that Signal gives over 0:08:36.640 --> 0:08:40.480 in response to uh A subpoena is the time that 0:08:41.040 --> 0:08:43.319 the phone number signed up for Signal account and the 0:08:43.400 --> 0:08:45.760 last time it connected to the Signal server. And the 0:08:45.800 --> 0:08:49.600 reason we know that is because Signal publishes transparency reports 0:08:50.080 --> 0:08:53.199 with the full text and full response of any subpoena 0:08:53.240 --> 0:08:56.480 that they get, so like we can actually just see 0:08:56.760 --> 0:08:59.280 in the responses that all they've given over is these 0:08:59.320 --> 0:09:01.920 two pieces of information, because that's all they have, and 0:09:01.960 --> 0:09:05.319 they've done some pretty clever things to make that be the. 0:09:05.280 --> 0:09:08.840 Case, right, And that's actually so different than how other 0:09:08.960 --> 0:09:13.160 companies are I think reporting on either subpoenas or any 0:09:13.200 --> 0:09:13.640 kind of. 0:09:15.280 --> 0:09:17.040 Weight that law enforcement puts on them. 0:09:17.400 --> 0:09:20.160 So for our report, I don't remember how much it's 0:09:20.200 --> 0:09:23.120 it's mentioned in the report actually, but we did go 0:09:23.240 --> 0:09:28.440 through and look at Apple Meta and I think Google 0:09:28.520 --> 0:09:31.040 like in their own transparency reports to try to get 0:09:31.040 --> 0:09:34.000 a sense of how how that would stack up in 0:09:34.040 --> 0:09:38.120 comparison to Signals. I think in some cases it's saying 0:09:38.280 --> 0:09:42.640 like they received some kind of like notification, but like no, 0:09:43.880 --> 0:09:47.840 nothing really clear or specific on like what they received 0:09:47.880 --> 0:09:50.640 from law enforcement or government, but rather just that they 0:09:50.720 --> 0:09:52.640 received one. And so that's also the really great thing 0:09:52.679 --> 0:09:55.600 about Signal is you are getting all of this information 0:09:56.000 --> 0:10:00.400 that you're not getting from other companies or PLATF forms. 0:10:01.040 --> 0:10:04.400 Yeah, you know, I wanted to kind of in the 0:10:04.480 --> 0:10:07.280 same subject and going back to we kind of opened 0:10:07.280 --> 0:10:11.320 this introducing the concept that y'all introduced me to. I 0:10:11.320 --> 0:10:13.480 guess I was aware of this, but not the terminology 0:10:13.520 --> 0:10:16.080 security folklore, and I wanted to chat a little bit 0:10:16.080 --> 0:10:18.040 about kind of the most recent example of this something 0:10:18.320 --> 0:10:20.560 a lot of folks have probably been wondering about since 0:10:20.559 --> 0:10:23.200 we started talking about Signal, which is that roughly a 0:10:23.240 --> 0:10:27.320 week before y'all and I sat down to talk about this, 0:10:28.320 --> 0:10:32.280 a kind of viral info meme started coming through that 0:10:32.400 --> 0:10:36.200 was like Signal has a zero day exploit, which is 0:10:36.559 --> 0:10:40.320 basically a hole that a hacker found in an Apple program. 0:10:40.520 --> 0:10:43.880 That is that can't expose you. You have to turn off 0:10:45.160 --> 0:10:47.720 link previews, right, which is that when you when someone 0:10:47.760 --> 0:10:50.040 sends you like a link to an article in Signal, 0:10:50.240 --> 0:10:53.800 you get a little preview not dissimilar to how it is. 0:10:54.360 --> 0:10:56.720 And I think to be fair, just based on my 0:10:56.880 --> 0:10:59.559 very limited knowledge, that is, when I think about, like, 0:10:59.600 --> 0:11:01.840 what are potential holes in Signal, I don't think it's 0:11:01.880 --> 0:11:05.680 unreasonable to be concerned about that specific feature. But that 0:11:05.920 --> 0:11:09.040 warning was not what it kind of seemed to be basically, 0:11:09.120 --> 0:11:10.679 or not as accurate as I think a lot of 0:11:10.720 --> 0:11:11.760 people took it as being. 0:11:11.800 --> 0:11:12.080 I don't know. 0:11:12.160 --> 0:11:13.840 I'll let I'll tell I'll turn it over to you, guys. 0:11:13.840 --> 0:11:15.280 I think that's the next thing I want to talk about. 0:11:15.600 --> 0:11:18.480 I'll turn it over to Cooper, who had you had 0:11:18.679 --> 0:11:21.600 a Uh, you have a lot of feels about that. 0:11:21.880 --> 0:11:25.640 I have so many feelings about this. I was working 0:11:25.679 --> 0:11:26.680 on this all weekend. 0:11:26.800 --> 0:11:30.520 So this yeah, so this copy pasta I'm calling this 0:11:30.600 --> 0:11:33.800 like this signal copy pasta yeah, which is a term 0:11:33.880 --> 0:11:37.960 from you know, four Chan and other horrible internet places, 0:11:37.960 --> 0:11:39.640 but some. 0:11:40.120 --> 0:11:42.440 Media audience is probably Internet enough. 0:11:43.240 --> 0:11:45.600 Yeah, I'm gonna guess a good half of the people 0:11:45.640 --> 0:11:47.880 listening at least got that message. 0:11:47.920 --> 0:11:52.080 Yeah yeah. And it's it's like, first of all, this 0:11:52.240 --> 0:11:55.760 is not if you if you had a zero day 0:11:55.760 --> 0:11:57.560 in Signal, which is it, which is an exploit for 0:11:57.600 --> 0:12:00.360 Signal that has been unpatched but has not been patched 0:12:00.360 --> 0:12:02.560 by the vendor so you can actively exploit it. There 0:12:02.600 --> 0:12:06.360 are no people in the world who would choose to 0:12:08.520 --> 0:12:12.760 quietly leak this over you know, over vague signal texts. 0:12:13.000 --> 0:12:15.960 There are two types of people. One uh, you know, 0:12:16.200 --> 0:12:19.559 people like us that would bring this to Signal immediately 0:12:19.600 --> 0:12:22.320 and get them to patch it to protect the you know, 0:12:22.400 --> 0:12:25.079 millions of high risk users that you signal, or to 0:12:25.360 --> 0:12:27.520 the type of people that would go sell this exploit 0:12:27.960 --> 0:12:30.440 to some horrible company that would use it, you know, 0:12:30.520 --> 0:12:32.920 sell it to to Saudi Arabia or something and use 0:12:32.960 --> 0:12:35.800 it to kill activists. Right, Like there is and there's 0:12:35.840 --> 0:12:39.160 no in between. There's nobody that is going to quietly 0:12:39.240 --> 0:12:43.840 leak this for you know, just for fun with vague details. Right. So, 0:12:43.840 --> 0:12:46.640 so this this message set up red flags immediately, and 0:12:47.480 --> 0:12:51.280 like it's because I really do not like lying previews, 0:12:51.320 --> 0:12:54.000 And in our paper we discussed some of the issues 0:12:54.040 --> 0:12:56.800 that we have with link previews. You know, we think 0:12:56.840 --> 0:13:00.360 that they can they can leak some information about your 0:13:00.840 --> 0:13:04.319 chats to the owner of the website. Right. We think 0:13:04.360 --> 0:13:06.680 it's a kind of a large attack service. It's not 0:13:06.800 --> 0:13:07.719 super necessary. 0:13:08.120 --> 0:13:11.640 Would you mind explaining to actually the audience to like 0:13:12.240 --> 0:13:15.840 a little bit about what what we found when looking 0:13:15.880 --> 0:13:16.880 at link previews. 0:13:17.520 --> 0:13:20.880 Yeah. So, the way that link previews work is when 0:13:20.920 --> 0:13:23.719 you the way that they work on Signal and on 0:13:23.760 --> 0:13:27.480 WhatsApp is that when you send a link to somebody, 0:13:28.120 --> 0:13:32.400 the Signal app or WhatsApp goes and like fetches the 0:13:32.440 --> 0:13:34.520 web page that that you know for that link, Right, 0:13:34.559 --> 0:13:37.000 It goes and downloads, you know, downloads the content of 0:13:37.040 --> 0:13:41.079 that link and gets a There are some there's some 0:13:41.120 --> 0:13:45.080 special HTML tags that describe, you know, sort of what 0:13:45.120 --> 0:13:47.200 the page is about, what the title of the page is, 0:13:47.240 --> 0:13:49.400 and like an image for the page. And it gets 0:13:49.480 --> 0:13:51.280 those tags and it puts them all together in this 0:13:51.280 --> 0:13:53.839 little package and then sends that all as part of 0:13:53.920 --> 0:13:57.120 the signal message. So when you put a link in Signal, 0:13:57.160 --> 0:13:59.120 your phone actually goes out and gets that web page, 0:13:59.120 --> 0:14:04.360 and it gets that web page with a what's called 0:14:04.360 --> 0:14:07.040 the user agent, which is like a piece of text 0:14:07.080 --> 0:14:11.079 that's attached to the request that uniquely that that identifies 0:14:11.120 --> 0:14:15.280 it as being a request from Signal and from like 0:14:15.320 --> 0:14:18.680 from signal and from your IP address. Right, So when 0:14:18.679 --> 0:14:20.880 you put a link in, the owner of that website, 0:14:20.880 --> 0:14:23.200 whoever has the logs for that website can know that 0:14:24.280 --> 0:14:27.240 somebody at your IP address is using signal and sending 0:14:27.320 --> 0:14:31.440 this link over signal. What we're what our concern is 0:14:31.440 --> 0:14:32.360 is that if that. 0:14:32.280 --> 0:14:37.960 Link is unique, then anybody else who visits that link 0:14:38.400 --> 0:14:42.560 can be inferred to be somebody that you are talking 0:14:42.600 --> 0:14:43.280 with over. 0:14:43.200 --> 0:14:47.720 Signal, right, And so like this can be this can 0:14:47.760 --> 0:14:51.920 be a good an interesting a source of intelligence for 0:14:53.040 --> 0:14:56.680 website owners, especially for big websites that can easily generate 0:14:56.760 --> 0:14:59.800 unique links with like tracking parameters at the end of 0:14:59.800 --> 0:15:04.320 the right, Like when you share a Instagram post and 0:15:04.560 --> 0:15:06.560 like at the end it's like question mark I G 0:15:06.920 --> 0:15:09.320 S H I D equals you know, a long string 0:15:09.360 --> 0:15:12.200 of numbers and letters, right, or a Twitter post where 0:15:12.320 --> 0:15:15.160 you know T equals a long string of letters and numbers. Right. 0:15:15.240 --> 0:15:17.880 That makes a unique link, and then anybody who visits 0:15:17.920 --> 0:15:20.880 that same link can be determined to be somebody that 0:15:20.920 --> 0:15:27.400 you're speaking with over Signal, so and also WhatsApp and so. 0:15:27.400 --> 0:15:33.080 So for that reason, we we we think that Signal 0:15:33.160 --> 0:15:36.640 and WhatsApp should turn link previews off by by default 0:15:37.520 --> 0:15:40.800 because we think that that's an unncessary information. Link Signal 0:15:40.840 --> 0:15:45.560 and WhatsApps pushed back on that is that link previews 0:15:45.640 --> 0:15:51.040 are a core feature that people demand and if they 0:15:51.200 --> 0:15:53.440 if they were to turn off link previews by default, 0:15:53.960 --> 0:15:56.800 they're worried that people would leave the platform for less 0:15:56.800 --> 0:15:59.360 secure platforms like Telegram. 0:16:00.480 --> 0:16:00.640 Yeah. 0:16:00.640 --> 0:16:02.600 I mean, I don't want to tell them their business, 0:16:02.600 --> 0:16:05.920 because I'm sure they have data on this, but I've 0:16:06.000 --> 0:16:10.920 never thought about link previews as being a thing that 0:16:11.000 --> 0:16:11.800 I needed. 0:16:12.920 --> 0:16:15.480 It's like, yeah, I think it's I think it's one 0:16:15.520 --> 0:16:18.560 of those things. And you know, we haven't necessarily done 0:16:18.840 --> 0:16:24.120 like extensive general design research in this right, Like we 0:16:24.200 --> 0:16:27.600 haven't surveyed like three thousand people in the US. We 0:16:27.640 --> 0:16:31.080 haven't had like a Pew Research survey across countries and 0:16:31.200 --> 0:16:32.880 be like, what are your thoughts on link previews? 0:16:33.760 --> 0:16:34.920 But I would. 0:16:34.600 --> 0:16:38.400 Probably argue because it is it is included in so 0:16:38.560 --> 0:16:40.200 much of modern messaging. 0:16:39.800 --> 0:16:43.000 Apps that we now assume it's like a core feature. 0:16:43.840 --> 0:16:45.880 One thing I will give Signal that I think is 0:16:45.920 --> 0:16:48.760 amazing that other apps don't do, and this is true 0:16:48.800 --> 0:16:52.800 of WhatsApp is pretty much every feature except for encryption, 0:16:52.920 --> 0:16:55.920 you can there's something you can toggle or turn off. Right, 0:16:56.000 --> 0:17:00.440 So like link preview already was available for people to 0:17:00.440 --> 0:17:05.080 turn off on Signal, WhatsApp does not allow that, and 0:17:05.840 --> 0:17:09.920 it seems like they're making no moves to allow that 0:17:09.960 --> 0:17:12.680 future to be optional to turn on or off. 0:17:13.000 --> 0:17:13.880 But that is I will say. 0:17:13.880 --> 0:17:15.639 One of the things that's really lovely about Signal that 0:17:16.080 --> 0:17:20.680 is so different from modern design and modern like big 0:17:20.720 --> 0:17:23.480 tech platforms and just platforms in general, is that those 0:17:23.640 --> 0:17:26.720 a lot of features are optional, whereas you know, WhatsApp 0:17:26.720 --> 0:17:29.399 in metas sort of stance on design is that a 0:17:29.400 --> 0:17:31.920 lot of things are not optional, that those are things 0:17:32.000 --> 0:17:35.439 users would want. Why would we make foundational elements like 0:17:35.480 --> 0:17:40.359 link previews optional? And you're just like starting like gesturing wildly, 0:17:40.480 --> 0:17:42.560 but like you know, it's like, well, you don't know 0:17:42.560 --> 0:17:44.720 what people want, and I mean, what's the harm in 0:17:44.760 --> 0:17:46.320 turning off some of some of these things? 0:17:46.400 --> 0:17:46.560 Right? 0:17:47.200 --> 0:17:50.320 You know, like maybe maybe people don't want to receive gifts. 0:17:50.400 --> 0:17:52.320 I don't know, maybe they don't want to receive stickers. 0:17:52.359 --> 0:17:55.040 Why don't you like let them have that option. What's 0:17:55.040 --> 0:17:56.000 the harm that could happen? 0:17:56.200 --> 0:17:56.440 Yeah? 0:17:56.720 --> 0:17:58.520 Yeah, yeah, I couldn't agree more. 0:17:58.560 --> 0:18:01.119 Yeah. Two things I want to say that one is 0:18:01.240 --> 0:18:03.760 one is that and first we should acknowledge that this 0:18:03.920 --> 0:18:05.840 it turns out that there was no zero day, there 0:18:05.880 --> 0:18:10.040 was no vulnerability. Yeah, this was absolutely just something that 0:18:10.040 --> 0:18:13.960 that spread virally out of nowhere. I'd be really interested 0:18:13.960 --> 0:18:16.600 to find out what the origin of this copy of 0:18:16.640 --> 0:18:19.119 past I was, but I haven't. I haven't been able to. 0:18:19.200 --> 0:18:20.639 But it's I'm. 0:18:20.520 --> 0:18:21.840 Curious about that as as well. 0:18:21.880 --> 0:18:23.560 Because I was in another group threw that was like, 0:18:23.600 --> 0:18:25.960 we really need outside auditors to look at these. 0:18:25.800 --> 0:18:27.840 And I was like, we have a whole report that 0:18:27.960 --> 0:18:29.919 we wrote that didn't look at this. 0:18:30.920 --> 0:18:34.840 Speaking of outside auditors, I gotta pause you guys just 0:18:34.840 --> 0:18:37.760 a second, because it is time for an ad break, 0:18:38.400 --> 0:18:42.600 So please spend your money and then come back to 0:18:42.680 --> 0:18:59.080 learn more. Ah and we're back. Okay, sorry about that, Cooper, Carolyn, 0:18:59.640 --> 0:19:02.000 you make continue as you were. 0:19:02.400 --> 0:19:04.480 The other thing I was, I was going to say 0:19:05.080 --> 0:19:09.520 that the idea that anybody would leave WhatsApp because they 0:19:09.560 --> 0:19:13.800 stopped having link previews is completely preposterous to me. Like 0:19:14.080 --> 0:19:21.600 Clownish has over two billion users. They are the you know, 0:19:21.720 --> 0:19:26.240 in a position to set the standard for what people 0:19:26.280 --> 0:19:31.440 expect from a messaging app, and so like they could 0:19:31.520 --> 0:19:35.840 do things like turn on disappearing messages by default and 0:19:35.920 --> 0:19:38.320 change that culture. They could do things like turn off 0:19:38.320 --> 0:19:41.440 link previews by default and change that culture. Like, they 0:19:41.440 --> 0:19:44.159 could do these things, and you know they would you know, 0:19:45.280 --> 0:19:50.600 they would not lose enough users to even notice or 0:19:50.640 --> 0:19:51.159 care about. 0:19:51.320 --> 0:19:51.439 Right. 0:19:51.520 --> 0:19:53.760 Yeah, they are the only people in the position in 0:19:53.800 --> 0:19:57.080 the world, in the position to decide what the culture 0:19:57.119 --> 0:19:59.159 should be, and this is what they've decided the culture 0:19:59.200 --> 0:19:59.600 should be. 0:20:00.240 --> 0:20:00.680 Totally. 0:20:01.040 --> 0:20:03.040 I hate to break it to you, but if WhatsApp 0:20:03.320 --> 0:20:05.879 just got rid of link previews, I'm just throwing my 0:20:05.960 --> 0:20:09.040 whole phone into the garbage garbage can, getting rid of it. 0:20:09.040 --> 0:20:11.159 Just tossing it back to a landline. 0:20:11.560 --> 0:20:12.080 Yeah, I'm just. 0:20:12.000 --> 0:20:14.240 Gonna eat it into a river. I feel like I 0:20:14.280 --> 0:20:17.360 don't need this anymore. Actually, I'm going back to carryer pigeons. 0:20:17.400 --> 0:20:18.919 That's how far back I'm going to go. 0:20:19.280 --> 0:20:21.280 I mean that that does kind of lead into the 0:20:21.280 --> 0:20:23.480 next thing I wanted to talk about, which is sort 0:20:23.520 --> 0:20:28.760 of the other wing from security folklore, which is security nihilism. 0:20:29.400 --> 0:20:32.160 And yeah, this is kind of you introduce this when 0:20:32.200 --> 0:20:35.400 talking about sort of if you do try to engage 0:20:35.480 --> 0:20:37.760 somewhat with the technology, or if you wind up just 0:20:37.800 --> 0:20:39.760 kind of in the position I think most lay people are, 0:20:39.840 --> 0:20:42.240 where you know, maybe you have some friends who know more, 0:20:42.440 --> 0:20:44.200 or maybe you have some friends who think they know more, 0:20:44.240 --> 0:20:46.760