None of my friends use Signal, so I'm in four group chats where I'm the only member (Journalists from The Atlantic notwithstanding). One is for transferring files between devices, one is for notes, one is for reminders, and one is for frequent backups of things like my browser bookmarks.
Sticking with the snail mail analogy, what happens when two pen pals keep sending mail to each other from their homes without including return addresses in their envelopes? The postal service might not know who exactly is sending each piece of mail but, over time, they would know that Address A in Lower Manhattan, New York, keeps on getting one-way mail from the post office in 3630 East Tremont Avenue, the Bronx, New York; and Address B in the Bronx keeps on getting one-way mail from the post office in 350 Canal Street, Lower Manhattan.
I mean, no, all they know is that they ALL users get one way mail all the time?
The "over time" in "but, over time, they would know that..." does a lot of heavy lifting. Would they? How would they know that?
Sure, if there were only two participants in the system, I would agree. But we have way more than 2 users on signal.
Someone logging timestamps for messages received on both ends of a conversation would be able to determine that two people are probably talking to each other given enough data. Signal is probably not doing that, but Signal's other security guarantees provided by an open source client that encrypts communications end to end hold even if the organization was infiltrated or taken over by a bad actor. The anonymity of participants in a conversation is not protected as strongly as the contents of messages.
Steadily growing userbase, 70m active users last year. At any time of the day, seems like timestamps will only show what time each user is usually awake.
Wasn't Signal only able to disclose first and last timestamps when a user has connected to their servers when receiving legal requests? I just assumed their protocol made it so that they can't do it, or they theoretically can but don't store such logs.
At the blinding speed of technology development in today's timeline, I rarely go back more than a couple years. It's usually stale and outdated even just 2 years ago.
The Signal messenger introduced “Sealed Sender” in 2018 to keep their server infrastructure ignorant of who is sending a message to a set of recipients. It is particularly important because the Signal server knows the mobile number of each account, which is usually associated with a passport identity.
Even if chatmail relays do not ask for any private data (including no phone numbers), it might still be worthwhile to protect relational metadata between addresses. We don’t foresee bigger problems in using random throw-away addresses for sealed sending but an implementation has not been agreed as a priority yet.
What is Delta Chat? Delta Chat is a reliable, decentralized and secure instant messaging app, available for mobile and desktop platforms. Instant creation of private chat profiles with secure and i...
not_me
in reply to Clot • • •like this
Maeve likes this.
ORbituary
in reply to not_me • • •don't like this
Anomaly ☑️ doesn't like this.
not_me
in reply to ORbituary • • •Crampi
in reply to not_me • • •Too bad its creator seems to like Trump mstdn.social/@rysiek/114630877…
I prefer deltachat delta.chat/
Michał "rysiek" Woźniak · 🇺🇦 (@rysiek@mstdn.social)
Michał "rysiek" Woźniak · 🇺🇦 (Mastodon 🐘)not_me
in reply to Crampi • • •ᴍᴜᴛɪʟᴀᴛɪᴏɴᴡᴀᴠᴇ
in reply to not_me • • •aurelar
in reply to Crampi • • •LambdaRX
in reply to Clot • • •FoundFootFootage78
in reply to LambdaRX • • •DetachablePianist
in reply to FoundFootFootage78 • • •FoundFootFootage78
in reply to DetachablePianist • • •it_depends_man
in reply to Clot • • •I don't really get it,
I mean, no, all they know is that they ALL users get one way mail all the time?
The "over time" in "but, over time, they would know that..." does a lot of heavy lifting. Would they? How would they know that?
Sure, if there were only two participants in the system, I would agree. But we have way more than 2 users on signal.
Zak
in reply to it_depends_man • • •PiraHxCx
in reply to Zak • • •pogodem0n
in reply to Clot • • •Blizzard
in reply to Clot • • •Clot
in reply to Blizzard • • •RodgeGrabTheCat 🇨🇦🏴☠️
in reply to Clot • • •Clot
in reply to RodgeGrabTheCat 🇨🇦🏴☠️ • • •irmadlad
in reply to Blizzard • • •Cooper8
in reply to Clot • • •Does Delta Chat / Arcane Chat suffer from the same vulnerability?
arcanechat.me
delta.chat/en/
ArcaneChat
arcanechat.meQuestionMark
in reply to Cooper8 • • •From delta.chat/en/help#sealedsende…
Delta Chat: FAQ
delta.chatCooper8
in reply to QuestionMark • • •🦄🦄🦄
in reply to Clot • • •Kami
in reply to 🦄🦄🦄 • • •GrapheneOS is being attacked too, by the French government and law enforcement in particular.
Funny coincidence: .ml is a French instance.
EDIT: just to be clear, I DO think it's a coincidence, especially since other posts in this community are pro-graphene and pro-signal.