Privacy

4027 readers

2 users here now

A community for Lemmy users interested in privacy

Rules:

Be civil
No spam posting
Keep posts on-topic
No trolling

founded 1 year ago

MODERATORS

iopq@lemmy.world

127

Signal’s New Usernames Help Keep the Cops Out of Your Data (theintercept.com)

submitted 6 months ago by ooli@lemmy.world to c/privacy@lemmy.world

19 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] jet@hackertalks.com 23 points 6 months ago* (last edited 6 months ago) (10 children)

Unless signal demonstrates they can't link usernames to phone numbers, I call BS.

Privacy by policy is great, but it's not zero knowledge. Since they designed the system to ultimately identify people to phone numbers there will always be the potential they are logging all the username phone numbers hash lookup tables

[–] viking@infosec.pub 14 points 6 months ago (4 children)

The article states that they are only saving a hashed copy of the currently set username, if any. While they might in theory keep more than that on hand, their policy has always been to minimize accessible data, and have responded in kind whenever subpoenaed, which is at least a very strong evidence.

The code is also fully open source for both server and client, so you could independently validate it yourself.

[–] MeanEYE@lemmy.world 2 points 6 months ago (3 children)

Are you sure code for server is open source? I thought only the client was.

[–] dwraf_of_ignorance@programming.dev 2 points 6 months ago

I think you are confused between telegram and signal.

load more comments (2 replies)

load more comments (7 replies)