Useful idiots

:: computer, orwell, security

The authors of the Signal messaging system are acting as useful idiots for state security and police services: while they are almost certainly not working for them or funded by them, what they are doing is extremely convenient for them.

There is a conspiracy theory that Signal is in fact created by some state security service: this is pretty obviously silly. Instead, I think that the people who create and endorse Signal are acting as useful idiots for various state security and police services.

useful idiot, noun
a naive or credulous person who can be manipulated or exploited to advance a cause or political agenda

The art of the possible

The people who work for state security and police services, unlike their political masters, understand cryptography. And in particular they understand that the mathematics of cryptography makes it effectively impossible to stop people from using cryptographic communication systems which can not usefully be broken. The only ways this could be prevented would be either to forbid people access to general-purpose computers, which is not practical, or to ensure that all such computers are compromised at a low level which is also not practical1.

In other words they understand that people will be able to communicate with each other in such a way that this communication can not be overheard in bulk, and that there is nothing they can do about that.

What they can do is to compromise individual communication links: once they’ve worked out that, for instance, two people who are of great interest to them are talking to each other they can work to compromise the systems that these people are using to communicate – installing things like key-loggers, rootkits or both, which will sniff the communications before they are encrypted. Doing this is a lot of work and probably requires a significant amount of traditional tradecraft: by far the easiest way to do it will be by gaining physical access to the devices they want to compromise and doing so without arousing suspicion, for instance.

Their difficulty, then, is filtering the people that they want to overhear sufficiently badly from the huge mass of people that they don’t care about. This is where Signal comes in.

Useful idiots

Signal is a tool which allows encrypted communication between individuals and groups. There is no reason to believe that this communication can be broken.

But Signal has been designed in such a way that it is inherently unsafe: it uses phone numbers for identifiers and its contact discovery works in such a way that anyone who knows your phone number can know if you are a Signal user, whether or not you know their phone number. This approach means that if you have Signal installed then you will get a notification whenever anyone who is in your phonebook installs Signal, whether or not you are in their phonebook. This was done intentionally, and presumably as an attempt to drive growth in users with the eventual aim of making money from the large userbase.

This makes Signal a seriously bad choice for, for instance, people who are suffering abuse or being stalked. The moment you install Signal in order to talk to someone who might help you, the person you are being abused by or who is stalking you can know this, and you won’t know that they know.

On the other hand this is very convenient for state security and police services. They don’t care about the cryptographic security because they know that people can use tools which they can’t attack. But finding someone’s phone number (all someone’s phone numbers) is a pretty easy thing to do if you’re a state security or police service, and Signal’s contact discovery then means that they can silently trawl through people they might be interested in and work out who has Signal installed.

What this means is that, assuming Signal tends to be used by people who really do have something to hide2 it works as a filter which allows state security and police services to identify people who are likely to be of interest to them from larger lists of people.

The coronation of the idiots

Until recently it has been rather unclear how Signal’s authors intend to use the product to attempt to make themselves very rich. Well, they’ve just answered that question: they are going to glue a cryptocurrency into it, so it will be possible to make anonymous payments to and from Signal. Conveniently Signal’s authors have an ownership stake in the cryptocurrency involved: something which should not be very surprising3.

So Signal’s authors have now revealed their proposed solution to their underpants gnome problem: they intend to make money from Signal by making money from the transactions people make using it. Lots of people have been saying that this is a bad idea: why entangle a messaging system with a payment system? Well, they’re just not thinking very hard about this because the answer is terribly simple: they are being entangled so Signal’s authors can make money.

So, what kind of person would be particularly interested in a tool which allows encrypted communication (with disappearing messages, even), and allows anonymous, secure payments? People who deal in illegal goods would be. If you’re dealing in illegal drugs, or illegal pornography, or anything similar, Signal will soon look like a tool designed especially for you.

But, really, it turns out to have been designed for someone else. If you are a state security or police service, soon you will be able to look at a list of people who you suspect may be dealing in illegal goods, use Signal’s contact discovery to find the people who have it installed, and now you have a shorter list of people who are much more likely to be of interest to you.

Signal is the tool that state security or police services would have built, but they didn’t have to do so: some useful idiots built it for them.

  1. It is, inevitably, the subject of other conspiracy theories. 

  2. Rather than the sort of people who wear ‘tactical’ watches so they can pretend they are in the special forces. 

  3. It does at least appear that MobileCoin, the cryptocurrency Signal will use, does not use Bitcoin’s ‘proof of work’ approach which is currently causing significant carbon emissions.