[danielheath]

In the case of signal, they would have to forge the SGX enclave signature (by an intel held key) or release a client that didn’t validate that sig. Definitely possible but if I had an SGX bypass I’d want to use it on something known to be high value, and releasing a non-verifying client would at least be noticeable on android and desktop.

[viraptor]

You don't need to release a non-verifying client. Just one that generates a key which is known to the other side. What about existing clients? "Your identity in the database became corrupted and can't be recovered. Would you like to generate a new key and continue using the service?" or just release a version which is both verifying and lying to you about which key has been verified... or a low effort "hey, new phone, key changed".

[danielheath]

Sure. My point was more that - at least on android - you can compare decompiled binaries with the open source implementation, presumably making it reasonably likely that it’d be noticed and reported on.

[wizzwizz4]

Unless they decline to publish their source code for over a year, again. https://github.com/signalapp/Signal-Android/issues/11101

[stormbrew]

I think the latter (manipulating the client) is far more likely than the former, and I think it would also be pretty difficult to detect in practice. But the point is less "I think they will do this" than "there is still an element of trust here, even if it is a much harder hoop to jump through." I don't think any situation where signal does anything like this is likely.