Signal's Moxie Marlinspike calls out Pavel Durov's 'Trump logic'
- Oops!Something went wrong.Please try again later.
- Oops!Something went wrong.Please try again later.
Onstage at TechCrunch Disrupt SF 2017, Signal's at times elusive privacy revolutionary Moxie Marlinspike spoke modestly about how his secure text message app is taking over the world.
Marlinspike directly addressed the controversy that Telegram Messenger founder Pavel Durov stirred up earlier this year when he basically accused Signal of collaborating with the U.S. government.
"Pavel Durov wants to frame privacy as a question of trust. He has this sort of Trump logic that only billionaires can be trusted because they can’t be bought," Marlinspike said.
The encryption of Signal (=WhatsApp, FB) was funded by the US Government. I predict a backdoor will be found there within 5 years from now.
— Pavel Durov (@durov) June 8, 2017
During our team's 1-week visit to the US last year we had two attempts to bribe our devs by US agencies + pressure on me from the FBI.
— Pavel Durov (@durov) June 11, 2017
"We’ve received very little attention from law enforcement," Marlinspike said when asked how often government agencies come knocking, an event that Durov claims is a frequent occurrence. "We’ve only ever received one subpoena and we published the full request."
Marlinspike reiterated that the whole point of end-to-end encryption is that users no longer need to trust anyone if the protocol works — and Signal does. He remained open about the fact that Signal received a grant from the U.S. government's Open Technology Fund, which he notes is at least a few degrees removed from American intelligence operations, leaving him far from beholden to any three-letter agencies.
By all accounts, Durov's accusation is bogus. Signal's open protocol, implemented now in products by companies like Facebook and Google, is still regarded as robust across the security community. Telegram, on the other hand, is observably less secure, failing to even make basic security choices like default encryption standard while marketing itself toward less technically proficient users who probably won't notice the difference, putting them at risk in the process.