[upofadown]

>How about not storing any information at all?

That wouldn't work for groups. Abusers could then destroy the groups with impunity for the purpose of censorship. Telegram is mostly about groups. Telegram is often used for activism.

Signal claims to not store data about who is talking to who. That doesn't mean that they don't. If they were, say, a secret subsidiary of the CIA they would act exactly as they are acting now. In general you can't trust the providers of these sorts of things. See Crypto AG...

[DownGoat]

To some degree you can trust them, as data request to Signal have been through the court systems which is public. You can actually look up and see what data they have turned over after receiving court orders to do so.

[globalise83]

Would a secret CIA subsidiary hand over data for a routine civilian court request? If anything not doing so would make their covert surveillance tool even more trustworthy and effective.

[gzer0]

The only information Signal can provide is [1]:

  * Time of account creation 
  * Date of the account’s last connection to Signal servers. 

That is all. If you want, the link below is the grand jury subpoena for Signal user data, Central District of California, in full.

[1] https://signal.org/bigbrother/cd-california-grand-jury/

[globalise83]

That's my point, if Signal were a CIA front with some kind of secret backdoor, it would probably not reveal that in response to a request from a Central District of California grand jury.

[Canada]

The signal code is public and has been widely reviewed. We know full well what the server knows regardless of what they say.

[hunter2_]

Suppose an update is rolled out in app stores, and many people update to it. Suppose this new version contains surveillance instead of matching the published/reviewed code. Won't there be some substantial period of time during which many messages can be stolen before somebody eventually goes on twitter to say "hmm, wireshark shows more data than I'd expect" and/or "hmm, I can't get the source to build quite like the store's new apk"?

[Canada]

Then we're screwed. All mainstream applications running on modern general purpose computers are vulnerable to this.

You don't like that? Stop busting their balls and produce an alternative operating system and application update framework which is not vulnerable.

[upofadown]

That means the end to end encryption (if you verify your identities) works. It says nothing about how much meta data Signal collects.

[Canada]

We know exactly how much metadata can be collected. You can just look at how the official client works. You can reverse engineer what the server has to do. This not a matter of uncertainty. Signal doesn't mention the collection of the push messaging device IDs explicitly. But that ID doesn't yield a government level adversary any advantage that they don't already have from knowing the phone number, so it doesn't matter. Contact intersection can be logged, then pre-imaged. We can't know. But we already know it can because we know how the clients work. That's it.

Signal doesn't claim cryptographic security against that metadata collection, but then there isn't currently any working system that can make such a claim, so why bust their balls over it?

[zelphirkalt]

That is at least an indication, but unfortunately not a proof. They could run modified versions on their servers, if they wanted.

[Canada]

No, it simply does not matter what modified version of their server they run. We know what the clients do, and we know what the servers can log. This is a fact as sure as day follows night, and that an apple will fall to the ground when dropped. It isn't even debatable. Your comment is incorrect, full stop.