Prime Minister of France Élisabeth Borne signed a circular last week requesting all government employees to uninstall foreign communication apps such as Signal, WhatsApp, and Telegram by December 8, 2023, in favor of a French messaging app named 'Olvid. The guideline addressed to ministers, secretaries of state, chiefs of staff, and cabinet members proposes that they instead install and use the Olvid app made by a French company. BleepingComputer discussed the development with French journalists, who clarified that this isn't a ban on using foreign messaging apps but rather a recommendation to switch to locally developed software. Olvid supports end-to-end encrypted messages, uses a decentralized infrastructure, and doesn't require a phone number or any other personal data for registration. "The main consumer instant messaging applications occupy a growing place in our daily communications. However, these digital tools are not devoid of security vulnerabilities and therefore do not ensure the security of conversations and information shared through them," reads the PM's address, according to Le Point published excerpts. "To counter the threats that arise from using these applications, the French company Olvid has developed instant messaging which guarantees the protection of its users' data thanks to a decentralized directory and end-to-end message encryption while maintaining the same functionalities as current applications." Meredith Whittaker, President of Signal, took to Twitter to challenge the vague claims about security vulnerabilities in the app, labeling them unfounded and misleading. Security comparisons between Olvid and other messaging apps may be rendered moot due to Olvid's unique distinction of having ANSII "First-level security certification." This certification involves a thorough examination of the app's source code by the state's experts, and none of the other mainstream apps mentioned in this post have undergone the stringent evaluation process. This by itself elevates Olvid's security credentials beyond typical industry benchmarks and practically makes it a sound choice for use in the highest ranks of the French government. In addition to ANSII's approval, Olvid has also independently validated the design of its custom cryptographic protocols by cryptography professor Michel Abdalla. Finally, Olvid's symmetric cryptography is already quantum-resistant, while the project provides guarantees of its readiness to implement similar strength for its public-key cryptography as soon as NIST's public-key algorithms selection process is finalized. The exact reason behind the decision to suggest the use of Olvid within the French government remains unknown, and as French journalist Emile Marzolf told BleepingComputer, not everyone agrees with the PM's instruction. Marzolf revealed that during his conversation with the French Digital Department, they expressed dissatisfaction with the directive, finding the promotion of Olvid excessive while also conveying that Signal is an acceptable platform to them. Previously, in March 2023, the French government followed the example of many other Western countries to ban the use of the TikTok app on state officials' devices over fears of espionage. WhatsApp's new Secret Code feature hides your locked chats. Signal tests usernames that keep your phone number private. Decentralized Matrix messaging network says it now has 115M users. WhatsApp gets support for multiple accounts on the same phone. Signal says there is no evidence rumored zero-day bug is real.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 01 Dec 2023 18:15:19 +0000