None of my friends use Signal, so I’m in four group chats where I’m the only member (Journalists from The Atlantic notwithstanding). One is for transferring files between devices, one is for notes, one is for reminders, and one is for frequent backups of things like my browser bookmarks.
DetachablePianist@lemmy.ml
on 23 Nov 20:26
collapse
check out Floccus to sync your bookmarks across all browsers & devices. It improved my workflow significantly!
I’ve got my bookmarks synced, it’s just I want to be able to recover them if they’re tampered with by malware.
it_depends_man@lemmy.world
on 23 Nov 14:42
nextcollapse
I don’t really get it,
Sticking with the snail mail analogy, what happens when two pen pals keep sending mail to each other from their homes without including return addresses in their envelopes? The postal service might not know who exactly is sending each piece of mail but, over time, they would know that Address A in Lower Manhattan, New York, keeps on getting one-way mail from the post office in 3630 East Tremont Avenue, the Bronx, New York; and Address B in the Bronx keeps on getting one-way mail from the post office in 350 Canal Street, Lower Manhattan.
I mean, no, all they know is that they ALL users get one way mail all the time?
The “over time” in “but, over time, they would know that…” does a lot of heavy lifting. Would they? How would they know that?
Sure, if there were only two participants in the system, I would agree. But we have way more than 2 users on signal.
Someone logging timestamps for messages received on both ends of a conversation would be able to determine that two people are probably talking to each other given enough data. Signal is probably not doing that, but Signal’s other security guarantees provided by an open source client that encrypts communications end to end hold even if the organization was infiltrated or taken over by a bad actor. The anonymity of participants in a conversation is not protected as strongly as the contents of messages.
Steadily growing userbase, 70m active users last year. At any time of the day, seems like timestamps will only show what time each user is usually awake.
pogodem0n@lemmy.world
on 23 Nov 14:54
nextcollapse
Wasn’t Signal only able to disclose first and last timestamps when a user has connected to their servers when receiving legal requests? I just assumed their protocol made it so that they can’t do it, or they theoretically can but don’t store such logs.
At the blinding speed of technology development in today’s timeline, I rarely go back more than a couple years. It’s usually stale and outdated even just 2 years ago.
Cooper8@feddit.online
on 23 Nov 19:17
nextcollapse
Does Delta Chat / Arcane Chat suffer from the same vulnerability?
The Signal messenger introduced “Sealed Sender” in 2018 to keep their server infrastructure ignorant of who is sending a message to a set of recipients. It is particularly important because the Signal server knows the mobile number of each account, which is usually associated with a passport identity.
Even if chatmail relays do not ask for any private data (including no phone numbers), it might still be worthwhile to protect relational metadata between addresses. We don’t foresee bigger problems in using random throw-away addresses for sealed sending but an implementation has not been agreed as a priority yet.
threaded - newest
I switch just a week ago to simplex chat
Have fun talking to yourself.
Have enough with my contact in address book, that’s all I need
Too bad its creator seems to like Trump mstdn.social/@rysiek/114630877715286899
I prefer deltachat delta.chat
Ty, will have a look at it , most people here in europ are trump haters.
Most people in the US are as well but many of them don’t vote and the system is rigged in favor of Republicans.
If the tech works as it should, that’s what I care about the most.
Thankfully i don’t have this problem, almost all of my contacts use only proprietary messengers instead of this shady Signal.
None of my friends use Signal, so I’m in four group chats where I’m the only member (Journalists from The Atlantic notwithstanding). One is for transferring files between devices, one is for notes, one is for reminders, and one is for frequent backups of things like my browser bookmarks.
check out Floccus to sync your bookmarks across all browsers & devices. It improved my workflow significantly!
I’ve got my bookmarks synced, it’s just I want to be able to recover them if they’re tampered with by malware.
I don’t really get it,
I mean, no, all they know is that they ALL users get one way mail all the time?
The “over time” in “but, over time, they would know that…” does a lot of heavy lifting. Would they? How would they know that?
Sure, if there were only two participants in the system, I would agree. But we have way more than 2 users on signal.
Someone logging timestamps for messages received on both ends of a conversation would be able to determine that two people are probably talking to each other given enough data. Signal is probably not doing that, but Signal’s other security guarantees provided by an open source client that encrypts communications end to end hold even if the organization was infiltrated or taken over by a bad actor. The anonymity of participants in a conversation is not protected as strongly as the contents of messages.
Steadily growing userbase, 70m active users last year. At any time of the day, seems like timestamps will only show what time each user is usually awake.
Wasn’t Signal only able to disclose first and last timestamps when a user has connected to their servers when receiving legal requests? I just assumed their protocol made it so that they can’t do it, or they theoretically can but don’t store such logs.
Someone dug out a 2 year old article.
I saw this in hackernews bro😣
So? Its still a two-year-old outdated article.
It was on the trending page of hackernews so I thought it would be relevant. But ok I get your point
At the blinding speed of technology development in today’s timeline, I rarely go back more than a couple years. It’s usually stale and outdated even just 2 years ago.
Does Delta Chat / Arcane Chat suffer from the same vulnerability?
https://arcanechat.me
https://delta.chat/en/
From delta.chat/en/help#sealedsender
Thanks, that is very clear
Another hit piece on signal? Damn they must be doing something right.
GrapheneOS is being attacked too, by the French government and law enforcement in particular.
Funny coincidence: .ml is a French instance.
EDIT: just to be clear, I DO think it’s a coincidence, especially since other posts in this community are pro-graphene and pro-signal.