Hacker News new | ask | show | jobs
by jlund 2877 days ago
The Contacts permission is completely optional, and contact information is never stored: https://signal.org/blog/private-contact-discovery/
1 comments
ppjet6 2877 days ago
This seems like smoke and mirrors to me:

  Traditionally, in Signal that process has looked like:
  
    The client calculates the truncated SHA256 hash of each phone number in the device’s address book.
    The client transmits those truncated hashes to the service.
    The service does a lookup from a set of hashed registered users.
    The service returns the intersection of registered users.
The phone number space is really not this big.
link
detaro 2877 days ago
They acknowledge that in literally the next paragraph, and the entire post is about how they improved on that old state of things. How is that "smoke and mirrors"?
link
ppjet6 2877 days ago
Right, my bad. This does look like a sensible solution
link
Boulth 2877 days ago
Is this solution deployed in production? The source code says "beta".
link