What Happens When Governments Serve a Warrant on Signal?

Signal posted a summary of what happened when it receive a search warrant from Santa Clara County requesting data on one of its users.

Because everything in Signal is end-to-end encrypted by default, the broad set of personal information that is typically easy to retrieve in other apps simply doesn’t exist on Signal’s servers. Once again, this request sought a wide variety of information we don’t have, including the user’s name, address, correspondence, contacts, groups, call records.

As usual, we couldn’t provide any of that. It’s impossible to turn over data that we never had access to in the first place. Signal doesn’t have access to your messages; your chat list; your groups; your contacts; your stickers; your profile name or avatar; or even the GIFs you search for. As a result, our response to the subpoena will look familiar. It’s the same set of “Account and Subscriber Information” that we can provide: Unix timestamps for when each account was created and the date that each account last connected to the Signal service.

That’s it.

Can the FBI Intercept Signal Chat Messages?

Forbes recently published a report about court documents in a New York gun-running case that seem to imply the FBI can access encrypted Signal chats.

Court documents obtained by Forbes not only attest to that desire, but indicate the FBI has a way of accessing Signal texts even if they’re behind the lockscreen of an iPhone.

The clues came via Seamus Hughes at the Program on Extremism at the George Washington University in court documents containing screenshots of Signal messages between men accused, in 2020, of running a gun trafficking operation in New York. (The suspects have not yet entered a plea and remain innocent until proven guilty). In the Signal chats obtained from one of their phones, they discuss not just weapons trades but attempted murder too, according to documents filed by the Justice Department. There’s also some metadata in the screenshots, which indicates not only that Signal had been decrypted on the phone, but that the extraction was done in “partial AFU.” That latter acronym stands for “after first unlock” and describes an iPhone in a certain state: an iPhone that is locked but that has been unlocked once and not turned off. An iPhone in this state is more susceptible to having data inside extracted because encryption keys are stored in memory. Any hackers or hacking devices with the right iPhone vulnerabilities could then piece together keys and start unlocking private data inside the device

But this seems to be less about exploiting Signal but instead exploiting vulnerabilities on devices to gain access to Signal (and once you have access to the device, gaining access to messages is not going to be difficult).

Signal’s Moxie Marlinspike made this point on Twitter, responding to a more inflammatory version of the story from Zero Hedge,

The Freedom of the Press Foundation has an excellent article from earlier this year, Locking down Signal, that outlines best practices for using encrypted text apps like Signal while avoiding side-channel attacks, where attackers try to use malware or physically hacking a device (such as the FBI apparently did) to get at the messages. As the FPF nicely summarizes it,

The weak points in end-to-end encrypted conversations are the “ends”— the physical devices where the messages arrive in human-readable text.