Not particularly technically inclined so this question may be stupid, but suppose an intelligence service found some backdoor into Signal, wouldn’t they try to keep that information hidden from Signal? So in theory the chat could be vulnerable already?
to add even more to what’s already been said, even if Signal’s infrastructure was compromised and they could see messages traveling through their servers, each one is encrypted, the keys are rotated with every message (cracking one, which is nearly impossible, doesn’t give you access to previous or future messages), and thanks to Sealed Sender, only the recipient knows who a message came from. There are many other layers that they’ve engineered to ensure they can’t know anything about you, like private contact discovery, using secure enclaves, remote attestation, etc.
You dont just find backdoors in real encryption. They’re placed there intentionally. Signal already had governments demanding backdoors and they said no.
To add to the other comment and give an analogy: say you’re concerned that I secretly possess keys to the back door of your house and I can freely come and go. It’s technically possible. But two questions are important; how come you’ve never seen me in your house or any signs I’ve been there? And secondly, why do me and my friends keep asking you to give us your back door key?
Not particularly technically inclined so this question may be stupid, but suppose an intelligence service found some backdoor into Signal, wouldn’t they try to keep that information hidden from Signal? So in theory the chat could be vulnerable already?
to add even more to what’s already been said, even if Signal’s infrastructure was compromised and they could see messages traveling through their servers, each one is encrypted, the keys are rotated with every message (cracking one, which is nearly impossible, doesn’t give you access to previous or future messages), and thanks to Sealed Sender, only the recipient knows who a message came from. There are many other layers that they’ve engineered to ensure they can’t know anything about you, like private contact discovery, using secure enclaves, remote attestation, etc.
You dont just find backdoors in real encryption. They’re placed there intentionally. Signal already had governments demanding backdoors and they said no.
To add to the other comment and give an analogy: say you’re concerned that I secretly possess keys to the back door of your house and I can freely come and go. It’s technically possible. But two questions are important; how come you’ve never seen me in your house or any signs I’ve been there? And secondly, why do me and my friends keep asking you to give us your back door key?