|
|
|
|
|
|
by Canada
1385 days ago
|
|
|
We know exactly how much metadata can be collected. You can just look at how the official client works. You can reverse engineer what the server has to do. This not a matter of uncertainty. Signal doesn't mention the collection of the push messaging device IDs explicitly. But that ID doesn't yield a government level adversary any advantage that they don't already have from knowing the phone number, so it doesn't matter. Contact intersection can be logged, then pre-imaged. We can't know. But we already know it can because we know how the clients work. That's it. Signal doesn't claim cryptographic security against that metadata collection, but then there isn't currently any working system that can make such a claim, so why bust their balls over it? |
|
|