• piracysails@lemm.ee
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    4 months ago

    I agree with you but I think that signal was built as to not trust the server either way.

    • poVoq@slrpnk.netM
      link
      fedilink
      arrow-up
      3
      ·
      4 months ago

      That’s what they like you to think yes. But it is only the message content and not the various forms of metadata that is protected by their encryption scheme.

        • poVoq@slrpnk.netM
          link
          fedilink
          arrow-up
          1
          ·
          4 months ago

          Seal sender is a nice idea, but since you can easily run timing attacks on centralised infrastructure it is pointless for Signal, or rather you have to trust them that their infrastructure is not compromised.

          They also store device ids for push notifications via Google/Apple.