Signal is vulnerable to timing correlation. An observer on the servers or on network devices nearby can easily infer the social graph of users: at what time they communicate, with whom and how often.
This is not a minor issue. Quote from the former CIA director: 'We kill people based on metadata'.
So the solution to that is get a lot of people on Signal because then that metadata is noisy. It's impossible to have a system with zero metadata but it's very clear that Signal is the best game in house. Timing attacks aren't solved by federation btw.
> the solution to that is get a lot of people on Signal
Wrong. Do they all use the very same server? No, and therefore timing attacks are still there.
> it's very clear that Signal is the best game in house
Wrong. There are protocols designed to provide good security in the first place, like Briar.
> Timing attacks aren't solved by federation btw
Also wrong. Federation makes timing attacks very difficult, especially when servers are delocalized because it increases the amount of access required by any global observer.
I'm going to stop replying. You clearly are not familiar with the topic.
Signal is vulnerable to timing correlation. An observer on the servers or on network devices nearby can easily infer the social graph of users: at what time they communicate, with whom and how often.
This is not a minor issue. Quote from the former CIA director: 'We kill people based on metadata'.