|
|
|
|
|
|
by ballenf
2970 days ago
|
|
|
How is Amazon "one of the two parties" to my Signal message to a friend? An infrastructure provider, a carrier maybe, but a party to? I'm not against Amazon's decision, but I disagree with anyone framing this as Signal trying to deceive its users. What they're doing isn't too far removed from me using a VPN to deceive Comcast regarding my use of "their" services. That is, if we're going to get loose with our metaphors. |
|
|
The Signal client on your phone is connecting to a load balancer that Amazon owns. In the initial handshake it lies about what website it is trying to contact, claiming to be looking for an Amazon shopping site. Once the connection is fully established it says "just kidding I am actually trying to reach the Signal server hosted in AWS."
They are abusing a bug in Amazon's front end load balancers, having them route traffic in a way that wasn't intended. This is a warning to knock it off, while Amazon works on fixing that bug.