All nation-state governments are just buying 0days from companies like NSO Group and Zerodium.
The question is are you a valuable enough asset that they are gunna burn their $50M 0day just to get your device.
I think Signal is pretty safe from such things. Better than for example Whatsapp. Which seems to be where a majority of these nation-states using their 0days and exploits on.
> All nation-state governments are just buying 0days from companies like NSO Group and Zerodium.
USA/Russia/Israel for sure have these programs.
> The question is are you a valuable enough asset that they are gunna burn their $50M 0day just to get your device.
You are at least an order of magnitude overshooting the price. Also what is the percentage of Android phones not on the latest security patches and pretty much wide open for known 0days? For sure 90%+.
This tech is available for anyone with enough money, there are plenty of bad guy rich people. An actual investigative journalist can easily make an enemy of a rich person.
> I think Signal is pretty safe from such things.
You base this information on what? If someone is executing code as root on your phone they can absolutely use the method describe in the Cellebrite article.
If someone has gained root you're done. Every application must be assumed to be unsafe at that point. This isn't news, and it doesn't mean signal is broken.
Good luck finding a messenger app that can help you when "they have root access to my phone" is in your threat model. Not sure what you expect Signal to do about this...
> There are no apps that resist the phone being rooted. Everyone is vulnerable to 0days by definition.
I don't know why everybody is repeating this as if I somehow don't understand that. My point is Signal is promoted as some sort of panacea by security professionals even though all that security can be bypassed, likely routinely by actual bad guys.
I mean that that Snowden specifically agitated about dragnet surveillance, so it's not at all surprising that he'd promote the encrypted messaging app that he thinks is the most effective against it.
Has he ever said that Signal is the end-all, perfect solution that will prevent all kinds of threats and provide perfect privacy? I am sure there is a lot of sloppy messaging out there, but an endorsement along the lines of "I trust Signal's encryption and that it's not backdoored" is not unreasonable
I think the problem here is that you have misinterpreted a recommendation that is using the median risk as a recommendation that is using the p100 risk. Allow me to correct that for you: security professionals are not recommending Signal as protection against the p100 risk. Hope that helps.
You can't say a firewall is insecure because someone installed it in a network where one can walk in freely and take the passwords off of the sticky note on the desk.
Are there not any apps that do this? I notice that signal unlocks when you unlock the phone; are there not e2e messaging apps that require authentication (whether passcode or biometric) on unlocked devices?
Just checked, Signal has this; does this actually serve to unencrypt the encryption key or is that still accessible as root?
The question is are you a valuable enough asset that they are gunna burn their $50M 0day just to get your device.
I think Signal is pretty safe from such things. Better than for example Whatsapp. Which seems to be where a majority of these nation-states using their 0days and exploits on.