Is Signal safe and still private on an IPhone?
-
Basically just the title, delete this if it's not the right community.
I hate iphones and apple stuff for obvious reasons. But I am forced to use it to some degree. I just want to get a community consensus on any problems with signal being shared, seen, monitored, or sent to apple servers or icloud while being used on an iphone.
It's only as safe as Apple, which is to say you can't trust them. If you have AI enabled it'll be scanning everything (to include signal) to learn your habits and assist you "better".
-
Basically just the title, delete this if it's not the right community.
I hate iphones and apple stuff for obvious reasons. But I am forced to use it to some degree. I just want to get a community consensus on any problems with signal being shared, seen, monitored, or sent to apple servers or icloud while being used on an iphone.
on an iPhone
Lol. No
-
Basically just the title, delete this if it's not the right community.
I hate iphones and apple stuff for obvious reasons. But I am forced to use it to some degree. I just want to get a community consensus on any problems with signal being shared, seen, monitored, or sent to apple servers or icloud while being used on an iphone.
Theoretically: fuck no. Private operating system, not open source code, installation source is Apple itself, Apple helps law enforcement, Prism scooped up all unencrypted data.
Practically: signal wouldn’t keep developing an iOS app if there was hard evidence Apple couldn’t be trusted, Apple gives plenty of options for your data to not be collected in plain text and given to law enforcement (turn off iCloud backups, turn off biometrics, lockdown mode, advanced data protection) but not default because they’re trying to balance being a luxury product with compliance, as a luxury product it’s used by rich people and rich people love their privacy (citation needed), Apple is the only practical choice if you don’t get a google pixel, FBI is always fighting them on allowing full phone encryption, they rolled out a contact encryption key verification feature for their own iMessage.
Signal explicitly doesn’t allow its files to be uploaded to iCloud. You practically will be fine using it on iOS. Unless you are in China which has its own iCloud/Apple servers, or the UK where Apple disabled advanced data protection.
Apple provides encryption for its customers, but not by default. All its encryption features hint to me that they would prefer not having anything to hand over to the hundreds of law enforcement agency’s around the planet, but don’t want to piss them off by making it default. This aligns with it being a hardware and service company, vs the advertising company Google.
Privacyguides has a page on steps you can take in your iPhone to harden it.
-
iPhone isn’t safe
I cannot wait to get rid of mine
It is a listening device for the oligarch class
It is their property even tho you paid for it.
Tim Cook is instrumental in the fascist encroachment in our lives.
But so is android. Most of us are unfortunately stuck with one or the other for now.
-
But so is android. Most of us are unfortunately stuck with one or the other for now.
This looks promising https://puri.sm/products/librem-5/
-
This looks promising https://puri.sm/products/librem-5/
Damn, I think they've actually come down on their price lately. They're a full $300 less than I paid for my Pixel.
-
But so is android. Most of us are unfortunately stuck with one or the other for now.
Not if you're running a FOSS ROM (at least you'd hope that is the case).
-
This looks promising https://puri.sm/products/librem-5/
Those specs are atrocious for that price
Just get a cheap used pixel and use Graphene OS
Puri.sm is running a scam
-
What should a screenshot that is about 12 years old prove or not prove? Technology has advanced significantly since then. Over the past decade, we've developed a range of new encryption algorithms, improved password hashing methods, TLS 1.3, post-quantum cryptography, and much more. The "Game of Trust" can be extended indefinitely, but using a 12-year-old screenshot as evidence for a situation in 2025 is questionable.
-
Basically just the title, delete this if it's not the right community.
I hate iphones and apple stuff for obvious reasons. But I am forced to use it to some degree. I just want to get a community consensus on any problems with signal being shared, seen, monitored, or sent to apple servers or icloud while being used on an iphone.
No, Apple bent the knee for concessions on tarifs. If you live in the US the chance your comms are backdoored on iOs is 100%.
-
Those specs are atrocious for that price
Just get a cheap used pixel and use Graphene OS
Puri.sm is running a scam
-
Theoretically: fuck no. Private operating system, not open source code, installation source is Apple itself, Apple helps law enforcement, Prism scooped up all unencrypted data.
Practically: signal wouldn’t keep developing an iOS app if there was hard evidence Apple couldn’t be trusted, Apple gives plenty of options for your data to not be collected in plain text and given to law enforcement (turn off iCloud backups, turn off biometrics, lockdown mode, advanced data protection) but not default because they’re trying to balance being a luxury product with compliance, as a luxury product it’s used by rich people and rich people love their privacy (citation needed), Apple is the only practical choice if you don’t get a google pixel, FBI is always fighting them on allowing full phone encryption, they rolled out a contact encryption key verification feature for their own iMessage.
Signal explicitly doesn’t allow its files to be uploaded to iCloud. You practically will be fine using it on iOS. Unless you are in China which has its own iCloud/Apple servers, or the UK where Apple disabled advanced data protection.
Apple provides encryption for its customers, but not by default. All its encryption features hint to me that they would prefer not having anything to hand over to the hundreds of law enforcement agency’s around the planet, but don’t want to piss them off by making it default. This aligns with it being a hardware and service company, vs the advertising company Google.
Privacyguides has a page on steps you can take in your iPhone to harden it.
Signal explicitly doesn’t allow its files to be uploaded to iCloud. You practically will be fine using it on iOS. Unless you are in China which has its own iCloud/Apple servers, or the UK where Apple disabled advanced data protection.
What difference does ADP make if your Signal chats are never stored in iCloud? Are they stored in cloud backups?
-
No, Apple bent the knee for concessions on tarifs. If you live in the US the chance your comms are backdoored on iOs is 100%.
As an empiricist I cringe at any statement given with 100% certainty.
-
As an empiricist I cringe at any statement given with 100% certainty.
Cool, shit is bad for you if you eat it, 100%.
Go try that now.
-
Signal explicitly doesn’t allow its files to be uploaded to iCloud. You practically will be fine using it on iOS. Unless you are in China which has its own iCloud/Apple servers, or the UK where Apple disabled advanced data protection.
What difference does ADP make if your Signal chats are never stored in iCloud? Are they stored in cloud backups?
You’re correct, it doesn’t make a difference in regards to signal.
I meant it more as a general iPhone use. Your iPhone with ADP off is uploading everything to Apple iCloud unencrypted. By default only your passwords & health app data is encrypted.
-
Basically just the title, delete this if it's not the right community.
I hate iphones and apple stuff for obvious reasons. But I am forced to use it to some degree. I just want to get a community consensus on any problems with signal being shared, seen, monitored, or sent to apple servers or icloud while being used on an iphone.
iOS fails to include a libre software license text file, like AGPL. We do not control it, anti-libre software.
-
Basically just the title, delete this if it's not the right community.
I hate iphones and apple stuff for obvious reasons. But I am forced to use it to some degree. I just want to get a community consensus on any problems with signal being shared, seen, monitored, or sent to apple servers or icloud while being used on an iphone.
Surprised no one else has chimed in with this yet - but what is your threat model? Are you conducting terrorist activities? Good luck. Are you wanting private messaging between you and your friends - it’s probably fine - definitely better than texting. I will temper this with just keep in mind anything you send to someone could be screenshot, their partner could see it etc. You need to figure out who your potential adversary is before deciding if a communication channel is “safe”. First ask yourself “safe from what?”.
-
Basically just the title, delete this if it's not the right community.
I hate iphones and apple stuff for obvious reasons. But I am forced to use it to some degree. I just want to get a community consensus on any problems with signal being shared, seen, monitored, or sent to apple servers or icloud while being used on an iphone.
Honestly, Signal itself is secure, but iOS? Forget iOS. Why do people cling to a closed-source operating system? Get a Pixel and flash #GrapheneOS or something!
-
Basically just the title, delete this if it's not the right community.
I hate iphones and apple stuff for obvious reasons. But I am forced to use it to some degree. I just want to get a community consensus on any problems with signal being shared, seen, monitored, or sent to apple servers or icloud while being used on an iphone.
Terms like "safe" and "private" are not binary.
Are the contents of your Signal conversations on an iPhone private with regard to mass surveillance conducted by governments and ISPs? Probably. Apple uses security and privacy as marketing points, and there are a whole lot of people looking for vulnerabilities in its products who are incentivized to disclose them (possibly with a delay for patches). Signal itself takes steps to prevent data leaks to less secure parts of the OS and other apps.
Would your conversations remain private in the face of a targeted attack against your device by a nation state willing to spend a significant amount of time and money when you're using Signal on an iPhone that's presumably used for purposes other than secure conversations with a small set of people you know? Almost certainly not.
-
Basically just the title, delete this if it's not the right community.
I hate iphones and apple stuff for obvious reasons. But I am forced to use it to some degree. I just want to get a community consensus on any problems with signal being shared, seen, monitored, or sent to apple servers or icloud while being used on an iphone.
I clicked the little rainbow star to see what people not federated with my instance are saying.
You’re getting a ton of bad input and inaccurate or irrelevant information.
Do not rely on community consensus to establish proper use guidelines.
As another person stated: signal chats don’t go to icloud. You have nothing in the slightest to worry about on that front.
People are bringing up prism and push notifications. It is mandatory for companies operating in the us to comply with us government prism spying requirements. Turn on ADP. Read past the slide presented as supposedly damning evidence against one or another company if you want to understand better law enforcements processes over a decade ago. Push notifications are plaintext and represent cause in some cases. This is not unique to apple. If you think you are one of those people, turn them off.
Turn on lockdown mode. Update your phone. Turn on automatic updates. The ways people physically and remotely compromise ios are often stopped by those three things.
If you don’t already, restart your phone daily. It puts the phone in a restricted state called before first unlock that requires that non resident programs have to reload and in almost all cases have to reestablish themselves to the host os.
If you’re worried about your signal chats getting recorded, turn on the disappearing feature. The other person is the weakest link, not the technology. Do contact verification. Assume your chats are infiltrated and talk to people about illegal stuff in person like the scions of American industry do. This is not unique to apple.
Be safe out there.
