Email or username:

Password:

Forgot your password?
Top-level
cholling

@scatty_hannah @Mer__edith @echo_pbreyer Thanks for the explainer. I'm glad to hear that Signal takes measures to ensure that neither they nor third parties can access my contacts, but their app still reads my contacts, and as I recall (it's been years since I signed up for Signal) this contact- reading is opt-out rather than opt-in.

Also, I believe the ability to have a Signal account not tied to a phone number is a relatively recent development?

4 comments
cholling

@Mer__edith @scatty_hannah @echo_pbreyer The app still has to have access to my contacts in order to generate the hashes. The *server* may not be able to read my contacts, but the *app* absolutely can. Otherwise there's no way it would be able to show me a list of my contacts that are on Signal.

Hannah

@Mer__edith @cholling @echo_pbreyer the linked text does say: "Clients transmit the encrypted identifiers from their address book to the enclave."

That would imply the *app* does need to read contacts.

Signal, *the company* and/or server operator will not be able to get access to those, though - as long as SGX is not broken.

Also a SGX breakage would not leak *previously* submitted identifiers, except when an attacker did know of a way to attack SGX before it gets known by the general public.

Hannah

@Mer__edith @cholling

Don't get me wrong, I think the approach Signal takes is very reasonable and probably a reason for its success.

It is good practical/*usable* security and users who need more privacy will face a lot of hurdles in operational security most of their communication partners probably won't take on - so it usually becomes a moot point.

Large adoption base is the biggest privacy preserving factor - and Signal is doing good there *because* of its tradeoffs.

Everyone of our communication partners who do have our phone number and still use WhatsApp, etc. will give a part of our social graph to those companies, no matter how good *our* operational security is.

@Mer__edith @cholling

Don't get me wrong, I think the approach Signal takes is very reasonable and probably a reason for its success.

It is good practical/*usable* security and users who need more privacy will face a lot of hurdles in operational security most of their communication partners probably won't take on - so it usually becomes a moot point.

Go Up