Signal Creator Marlinspike Wants To Do For AI What He Did For Messaging 34

Posted by msmash on Tuesday January 13, 2026 @11:29AM from the how-about-that dept.

Moxie Marlinspike, the engineer who created Signal Messenger and set a new standard for private communications, is now trialing Confer, an open source AI assistant designed to make user data unreadable to platform operators, hackers, and law enforcement alike. Confer relies on two core technologies: passkeys that generate a 32-byte encryption keypair stored only on user devices, and trusted execution environments on servers that prevent even administrators from accessing data. The code is open source and cryptographically verifiable through remote attestation and transparency logs.

Marlinspike likens current AI interactions to confessing into a "data lake." A court order last May required OpenAI to preserve all ChatGPT user logs including deleted chats, and CEO Sam Altman has acknowledged that even psychotherapy sessions on the platform may not stay private.

Signal Creator Marlinspike Wants To Do For AI What He Did For Messaging

This discussion has been archived. No new comments can be posted.

Load All Comments

Search 34 Comments Log In/Create an Account

Comments Filter:

",,,psychotherapy sessions on the platform" (Score:4, Insightful)

by Valgrus Thunderaxe ( 8769977 ) writes: on Tuesday January 13, 2026 @11:35AM (#65920800)

Why is this even happening to begin with?

- - Re: ",,,psychotherapy sessions on the platform" (Score:2)
    
    by jddj ( 1085169 ) writes:
    
    But they're getting essentially random and unvetted information from a chat bot. That ought to be illegal.
    Something only a crazy person would do...
    - Re: (Score:2)
      
      by Kokuyo ( 549451 ) writes:
      
      While I did check back with doctors, it was ChatGPT that put me on the right track. I've been happy for three weeks straight. I hqven't had that in 20 years because not a single doctor had the idea to prescribe a drug that is on the market since at least the 80s...
      This is while I have a psychiatrist who didn't seem overly interested in my suicidal thoughts before Christmas. And no, where I leave changing psychiatrists isn't easy.
      So yeah, ChatGPT has cost me several hundreds (because verifying the producrs
      - Re: ",,,psychotherapy sessions on the platform" (Score:1)
        
        by Qwaniton ( 166432 ) writes:
        
        What was your breakthrough? Elaborate. This information has been available for you to read pretty much forever. Why didn't you do your homework?
    - Re: (Score:2)
      
      by Gilgaron ( 575091 ) writes:
      
      That's a good joke, but also... this is kinda like saying 'medicine is too expensive' and having an AI randomly synthesize "popular chemicals" to try
  - - Re: (Score:2)
      
      by Too Late for Cool ID ( 1794870 ) writes:
      
      Regulations on "therapy" and "counseling" vary. It's not considered practicing medicine everywhere. If those are regulated, you can always call yourself a "life coach."
      - Re: (Score:2)
        
        by spacepimp ( 664856 ) writes:
        
        If a doctor states they are practicing medicine, it is an indication that they are professionally engaged in the business/performance of that pursuit. Did I need to say this or did I miss the sarcasm?
  - professional (Score:2)
    
    by Tomahawk ( 1343 ) writes:
    
    That's a funny way to spell "actual"...
- Not that this would happen right now... (Score:2)
  
  by EndlessNameless ( 673105 ) writes:
  
  I would whole-heartedly support a ban on AI chatbots providing medical advice until their operators accept liability for malpractice and acknowledge their duty to comply with HIPAA.
  Which will not happen any time soon, not for free public services.
  People get crazy ideas about how private, trustworthy, or knowledgeable AI is. The truth is the same for all three traits: good enough to make you feel safe, and bad enough to be dangerous.
Competitor (Score:2)

by Himmy32 ( 650060 ) writes:

While I think it's good to have more good options, Proton's Lumo is an established product that already does what Confer is trying to do by a time tested privacy protecting organization.
- Re: (Score:2)
  
  by Pinky's Brain ( 1158667 ) writes:
  
  Doesn't use SEV/TDX/TDISP with remote attestation though.
  Though TDISP is going to rely an expensive server farm, only supported on Blackwell for the moment (transport/GPU level TEE, Confer doesn't seem to be using it yet).
What about freedom? (Score:3)

by Pinky's Brain ( 1158667 ) writes: on Tuesday January 13, 2026 @12:44PM (#65921036)

What will the terms of use be? How will payment go? How much information will users have to hand over to get access? Mr. privacy is not anonymity doesn't seem a big freedom lover to me?
What if some public service which he doesn't like start using it? (Porn, right wingers, whatever.) Is he going to do traffic level analysis to find and ban them?

- Re: (Score:2)
  
  by kubajz ( 964091 ) writes:
  
  All good questions, and I would kind of expect Moxie Marlinspike to not be surprised by them... For example, knowing who pays for the service and uses it is quite different from knowing what information they feed the service and what replies they are getting. I would not mind the first, I would mind the second. And yes, if you do not know what people are doing with your service, they can do illegal things - kind of like Signal does not prevent "right wingers" from using it.
  What seems interesting is the des
Yes let's add more overhead to the AI trainwreck. (Score:2)

by Fly Swatter ( 30498 ) writes:

AI is already consuming way too many resources and undoing all previous efforts to save the environment through energy efficiency measures. Let's add encryption overhead to the energy consumption footprint.
- Re: (Score:2)
  
  by spacepimp ( 664856 ) writes:
  
  By your logic, there should be no privacy because encryption uses power. Who deserves privacy in your opinion? I do agree we are wasting power on AI.
- - Re: (Score:2)
    
    by Fly Swatter ( 30498 ) writes:
    
    Is there, or is there not a mounting electricity generation shortage [slashdot.org]?
    
    Maybe you don't pay for your own electricity, but if you did you would know the rates have gone up nearly 50% in only a few short years - yes some was inflation but some is also to upgrade infrastructure and generation to feed the big AI data centers.
    
    - your FUD claim is mud.
Homomorphic encryption (Score:1)

by Posthoc_Prior ( 7057067 ) writes:

Note, haven't familiarized myself with the details of how the encryption of this platform works. Nonetheless, when I read this, I thought: this would be the perfect implementation of homomorphic encryption (HE). Briefly, HE allows cipher texts to be calculated on without decrypting them. For instance, a user could send an encrypted message to a cloud provider, it could then be calculated on in the cloud, without ever decrypting it, and the result could be sent back to the user, who could then decrypt the re
Adding strong privacy is cool, but... (Score:2)

by GameboyRMH ( 1153867 ) writes:

AI is pretty useless so I don't have a use for it no matter how private it is.
- Re: (Score:2)
  
  by TwistedGreen ( 80055 ) writes:
  
  What's your handle? You don't have an identity until you have a handle.
- Re: narcissism and dumb names (Score:2)
  
  by St.Creed ( 853824 ) writes:
  
  Since this is news for nerds, and nerds know him by his handle much more than by his actual name, using his handle is more useful than using his name.
  If I want advice on security, Mr Rosenberg doesn't carry quite the same weight as Moxie Marlinspike.
  Given the forum, I'd expect readers here to know that.
- Re: (Score:2)
  
  by unrtst ( 777550 ) writes:
  
  HAHAHHAHAH Said as an AC! FFS, you're not even exposing your alias.
They'll Never Allow It (Score:2)

by SlashbotAgent ( 6477336 ) writes:

I hope that he is successful and that it becomes wide spread.
But, they'll never allow it.
Does this matter? (Score:2)

by larryjoe ( 135075 ) writes:

When I send data to Google, my mistrust is entirely with Google. Sure, it's possible that government, network, and hackers could read my data, but relatively speaking, I don't care. My mistrust of Google far overshadows what the others might do. Google has access to 100% of my AI data all the time, and they have the financial motivation to misuse it.
Truly Private (Score:3)

by bill_mcgonigle ( 4333 ) * writes: on Tuesday January 13, 2026 @07:30PM (#65922492) Homepage Journal

I clicked through, it demanded a Google auth or email, I closed the window.
Truly private. OK, then.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Signal Creator Marlinspike Wants To Do For AI What He Did For Messaging 34

Signal Creator Marlinspike Wants To Do For AI What He Did For Messaging More Login

Signal Creator Marlinspike Wants To Do For AI What He Did For Messaging

",,,psychotherapy sessions on the platform" (Score:4, Insightful)

Re: ",,,psychotherapy sessions on the platform" (Score:2)

Re: (Score:2)

Re: ",,,psychotherapy sessions on the platform" (Score:1)

Re: (Score:2)

Re: (Score:2)

Re: (Score:2)

professional (Score:2)

Not that this would happen right now... (Score:2)

Competitor (Score:2)

Re: (Score:2)

What about freedom? (Score:3)

Re: (Score:2)

Yes let's add more overhead to the AI trainwreck. (Score:2)

Re: (Score:2)

Re: (Score:2)

Homomorphic encryption (Score:1)

Adding strong privacy is cool, but... (Score:2)

Re: (Score:2)

Re: narcissism and dumb names (Score:2)

Re: (Score:2)

They'll Never Allow It (Score:2)

Does this matter? (Score:2)

Truly Private (Score:3)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot