• cjf@feddit.uk
    link
    fedilink
    English
    arrow-up
    3
    ·
    11 months ago

    Facebook might know who you’re messaging but that’s also true for Signal.

    Signal’s sealed sender does a good job at knowing you’re sending a message, but not who to. All it’ll know on the receiving end is that a message was sent to it.

    Of course people have found other methods of identifying this but sealed sender does cover most of the low hanging fruit.

    Signal does also purposefully attempt to find ways to not collect any metadata, whilst also making it more difficult for anyone attacking to the servers to find anything. (e.g. ORAM for Secure Enclave operations)

    My understanding is that meta used E2EE on your messages themselves, but everything else is up for grabs.

    • u_tamtam@programming.dev
      link
      fedilink
      arrow-up
      2
      ·
      11 months ago

      Don’t buy into this, this is just marketing. I’m not saying that Signal is acting in bad faith, only that they chose to design a communication silo with themselves at the helm instead of a federation of servers/providers united by the same protocol. Because of that, they own all accounts, and have the monopoly of messages being routing on the network. Of course there is no difficulty for them knowing who’s addressing whom, how often, with what kind of payload, by topology. “Sealed senders” and “secure enclave contacts discovery” is just techno babble meaning “trust us, bro. Especially because you have no choice, anyway”.