privacyguides.org/blog/posts/warning-about-signal-proxies.md
Jonah Aragon 4bd9c6ca20
feat: Ensure all pages have proper descriptions (#2752)
Signed-off-by: blacklight447 <niek@privacyguides.org>
Signed-off-by: kimg45 <138676274+kimg45@users.noreply.github.com>
Signed-off-by: Daniel Gray <dngray@privacyguides.org>
2024-09-22 17:57:17 +09:30

2.2 KiB
Raw Permalink Blame History

date categories authors tags links license description schema_type
created
2022-10-15
News
jonah
PSA
Signal
Instant Messengers
Signal Configuration Guide
https://www.privacyguides.org/real-time-communication/signal-configuration-hardening/
Real-Time Communication
https://www.privacyguides.org/real-time-communication/
BY-SA You should be aware of a number of issues with Signals current proxy implementation. NewsArticle

A Warning About Signal Proxies in Iran and Other Oppressive Countries

People looking to use Signal Proxies to bypass censorship programs should be aware of a number of issues with Signals current proxy implementation. Currently, Signal does not tunnel all application traffic through the specified proxy, which means authorities could still track people using Signal.

This has been an issue since TLS proxies were added and has not yet been fixed:

The latest version of the Android app (v5.3.12 at this time) fails to route all the traffic to the TLS proxy. There are DNS leaks in the app, and its trivial for the censors to learn what IP addresses are connecting to Signal. [...]

When the app connects to the Signal server, it first looks up the IP of the Signal servers via DNS, and immediately after, it resolves the IP of the TLS proxy, also with DNS. This is an unexpected behavior that allows the censors to discover proxies by only monitoring the DNS traffic. [...]

There are also a number of other problems with their TLS proxies (such as outdated dependencies) which have not been resolved.

Currently, we believe Signals TLS Proxies are an incomplete solution to the problems they try to solve. Instead, we recommend using Orbot in conjunction with Molly, an alternative Signal client which natively supports SOCKS proxies, to fully tunnel your Signal traffic over the Tor network. For more information please check out our Signal configuration guide.