Comment by greyface-
2 years ago
The same is likely true of Signal, no? Traffic analysis on AWS' edge would tell you precisely who is talking to who, and user identities are tied to legal identities via phone numbers. Maybe Signal doesn't store this data serverside, but there are entities with both the capability and motivation to obtain it. I bet there are Signal XKEYSCORE selectors.
No, it's not. Traffic analysis is potent, but it is not a literal SQL database of who has talked to who when.
Signal's "sealed sender" feature means it doesn't even know who sent you the message (all they can see is an IP address):
https://signal.org/blog/sealed-sender/
Signal or any surveillor surrounding their servers (with or without Signal's cooperation) almost certainly has enough timing/traffic-shape info to reconstruct who-to-who logs.
"Sealed sender" (and some of Signal's other tactics) just demonstrate: Signal's main & disclosed codepaths aren't stockpiling the canonical metadata via the same blatant & undenied mechanisms of other services. Sufficiently sophisticated outside attackers, or insider threats, can construct nearly-equivalent logs via other means. (And: Signal seems reluctant to make choices, like truly ditching phone numbers as account IDs, that could limit these 'shadow' leaks.)
> all they can see is an IP address
That is precisely the, ahem, signal metadata.
1 reply →
So the problem is the same: trusting the server. At least small Matrix servers aren't huge targets for attacks, since they don't serve so many users.
Also on Matrix you can run your own server.
Signal doesn't know who's talking to you, it's called sealed sender:
https://signal.org/blog/sealed-sender/
6 replies →