|
|
|
|
|
|
by rOOb85
1900 days ago
|
|
|
> The server implementation however is only based on trust in the people running the servers. They literally chose a zero server trust model when designing the protocol. NSA could be running modified signal servers and it wouldn't make a difference. Your messages would still be safe since all the magic happens on the clients. The servers just route the encrypted data, it's all just 1's and 0's to them. > And there, openness about the code at least gives a few hints about what is going on there, enabling me to trust at least a little more than not-at-all. Do we even know if signal was running updated server code in production? Maybe they have been running the same code that was on github this whole time. |
|
|
Only the message contents. Everything else, like time, identities, communication networks is still at risk. What you are saying is very misleading since you completely neglect to mention the importance of all that non-content metadata.