Download Signal for Android
Download Signal for Apple
Download Signal for other Platforms
In 2013 Edward Snowden revealed that the United States government was spying on millions of American through phone wire taps, messaging wiretaps, and email wiretaps.
Because of this many people are moving their communications to encrypted messaging tools like Signal Enrypted Messaging
The pandemic (panic) drove unprecedented sign-ups on the encrypted messaging app, as people started communicating more online. Then, nationwide protests over police brutality prompted another round of records. Signal saw about one million downloads world-wide in May, according to analytics firm App Annie.
Protesters have flocked to the app. Even though people who organize and participate in protests are protected by the First Amendment, they often seek secure communication, out of caution. And if they do get into legal trouble, Signal is designed to limit the information the messaging service can give to the authorities.
That is what initially attracted privacy die-hards to Signal. In a 2015 talk, the app’s creator, Moxie Marlinspike, declared, “Privacy is at an all-time low, and surveillance is at an all-time high.” Signal was intended as the antidote.
In the intervening years the app has grown in popularity, with 32.4 million installs, according to data analytics firm Sensor Tower. It also has become a very useful, albeit bare-bones, messaging app. While Signal isn’t one of a kind— Facebook Inc.’s WhatsApp and Apple Inc.’s iMessage have similar end-to-end encryption—experts say Signal is the most secure.
If you aren’t already on Signal, you might be wondering: Should I be? This guide will help you answer that.
What exactly is Signal?
It’s a messaging app. It’s also a technology—Signal’s encryption protocol is used by platforms such as WhatsApp, and it is open-source, which allows any security researcher to scrutinize its code for flaws and verify that the encryption is as secure as Signal claims.
How does end-to-end encryption work?
Encryption turns your messages and calls into a string of gibberish. Only the intended recipient is able to decrypt the message—no one else, not even the app’s maker. In fact, end-to-end encryption is so secure that it has drawn the ire of government officials, who say encrypted messaging apps make it difficult to track down criminals.
Even if you aren’t a criminal or concerned about government surveillance, there’s a strong argument for using encryption. It protects you from malicious actors keen on intercepting business secrets or credentials, as well as companies wanting to serve you personalized advertising.
Just remember, encryption doesn’t prevent a message’s recipient from taking a screenshot or passing it along, or from someone seeing your messages by gaining access to your phone. (Always use a strong passcode.)
What can I do on Signal?
You can send text and audio messages to individuals or groups, and make one-on-one voice or video calls over the internet or a data connection. Everyone involved must be on Signal.
There are mobile apps for Android, iPhone and iPad, as well as desktop apps for Mac, Windows and Linux. There is no support for Chrome OS on Chromebooks.
Recently, Signal introduced a blur tool, which can be used to obscure faces or sensitive information on documents. To use it, tap on the camera icon from the main page of the app. Take a picture or select a photo from your library, then tap the checkered-circle blur icon.
Blurring sensitive parts of a picture
How can I make Signal messages even more private?
Disappearing messages: Select a conversation, and tap your contact’s name. There you can set a time between five seconds and one week, after which viewed messages will automatically delete.
View-once media: This mobile-only feature automatically removes a photo or video from a conversation once it has been viewed. From the main app page, tap the camera icon. Take a photo or select one from your library. At the bottom left of the screen, tap to switch the infinity-symbol icon to the “1x” icon.
Signal PIN: This prevents someone else from registering your phone number on Signal, an attack known as SIM swapping. Tap on your profile icon (top left), then Privacy, then enable Signal PIN.
Is Signal really better than WhatsApp and iMessage?
Both WhatsApp and iMessage offer end-to-end encryption by default, and it’s likely you already use at least one of them. So is Signal the superior app?
First you should compare what the apps are gathering.
Signal’s core mission, privacy, is evident throughout the design of the app. For example, when someone initiates a video call on Signal, your video isn’t automatically turned on when you pick up. You accept the call, then turn on your camera.
The app also doesn’t log much information (metadata) about the nature of the messages themselves. “Signal makes it a point to keep as little data as possible while still being able to provide service,” said Lujo Bauer, professor of computer science at Carnegie Mellon University.
In a recent blog post, Mr. Marlinspike boasted that the only data the U.S. government was able to obtain from a 2016 grand jury subpoena was the date of an account’s creation and the date of last use, nothing else.
One-Time Use photos
WhatsApp, on the other hand, tracks things like who you contacted and when, said Prof. Bauer. A spokeswoman said Facebook doesn’t provide WhatsApp data to law-enforcement agencies retroactively—the company only shares the transaction log data collected after it receives a valid legal request.
Apple also retains some metadata from iMessage (aka the Messages app). When you enter a phone number to message someone, Apple verifies whether the number is iMessage-compatible. A date and time of that lookup, along with the phone number, is saved for 30 days, then deleted. An Apple spokeswoman said Apple can’t determine if any communication took place—only whether a user looked at a contact or initiated an iMessage.
While that might not seem like much, metadata can easily serve as evidence. “Just knowing who the contacts of a target are can expand an investigation,” said Mary Fan, a law professor at the University of Washington.
Cloud backups, while convenient, are yet another potential vulnerability with popular apps. Media and messages stored in the cloud aren’t protected by end-to-end encryption on either WhatsApp or iMessage.
All Signal data is stored locally, which means when you buy a new phone, you need to manually transfer your old Signal messages over.
Because Signal isn’t owned by a tech giant and is backed by a nonprofit foundation—with $50 million from WhatsApp co-founder and Facebook ex-executive Brian Acton —it likely won’t ever show you ads.
Why might I not I use Signal?
WhatsApp and iMessage have more features. To name a few: temporary location sharing, which is useful for meetups, and group video chat—up to 8 on WhatsApp and 32 on Apple’s embedded FaceTime service.
Signal also doesn’t have those apps’ massive user base. WhatsApp has two billion users and Apple has sold nearly two billion iPhones. Your friends and family are more likely to use those companies’ messaging services. “I often find that whatever is the most convenient for people is what they’re most likely to use successfully,” Prof. Bauer said.
In other words, WhatsApp and iMessage are still more private and secure than plain SMS text messaging, and if that’s where your contacts are, then they are still a good option.