A bigger weak point is having weak encryption like Session has. Also, you cannot obtain metadata from Signal. They’ve gone to great length to prevent that. Signal servers don’t even know who is talking to whom.
That’s a pretty big claim to make with zero additional information.
Since 2018, Signal has been encrypting the sender data with a key that isn’t known to the server. Messages do not contain unencrypted metadata. I’m not sure how you expect the FBI to do this with the information available to the Signal servers.
I am pretty sure that if asked, the serverside protections can be circumvented - I think in one Github issue they even confessed that Sealed Sender is not bulletproof and is “best effort”. I prefer to assume that if everything goes through a single server, and they know what and when each account does upon connecting - they can correlate the identities if they want to.
It is a centralized weak point that US feds can easily extract meta data from to obtain your social network etc
A bigger weak point is having weak encryption like Session has. Also, you cannot obtain metadata from Signal. They’ve gone to great length to prevent that. Signal servers don’t even know who is talking to whom.
That’s a pretty big claim to make with zero additional information.
Since 2018, Signal has been encrypting the sender data with a key that isn’t known to the server. Messages do not contain unencrypted metadata. I’m not sure how you expect the FBI to do this with the information available to the Signal servers.
I am pretty sure that if asked, the serverside protections can be circumvented - I think in one Github issue they even confessed that Sealed Sender is not bulletproof and is “best effort”. I prefer to assume that if everything goes through a single server, and they know what and when each account does upon connecting - they can correlate the identities if they want to.
at role does the signal server play?
If this is a question that you need answered then I’m
notsure you’re qualified to declare that Signal is insecure.