[ddihfygdgf]

signal does what you say and keep the convience of connecting people via phone numbers, if you optin.

but they still have a closed server... so who knows what really is logged where.

still infinitely better than whatsbook/telegram/appleID/google/microsoft alternatives

[namkt]

Signal uses (or used?) SGX for remote attestation, which presumably lets the client verify that the code running on the server is a build of the OSS code and not a modified version. But I don't know the details or if this is reliable.

SGX and remote attestation described here:

https://signal.org/blog/private-contact-discovery/ https://signal.org/blog/secure-value-recovery/

[kibwen]

It should be possible to independently verify Signal's attestation, but I don't know if anyone has done it. Before you go and say "what's even the point then", the point is that this gives Signal plausible deniability for when the TLAs show up asking for user info.

[viccuad]

I wonder, how could one use SGX for remote attestation when they didn't publish the source code for more than a year just to get their insiders' knowledge cryptocoin deployed.

[worldsavior]

A closed/open source server doesn't matter since you can't actually confirm if the open source version is actually running.

[kibwen]

If it's open source and has a reproducible build, then you can audit the codebase, compute the hash, then verify an attestation from the secure enclave that the code is running in.

[worldsavior]

So you need to trust the server to return a valid, unmodified hash?

[kibwen]

In the case of the above, you're not trusting the server, you're only trusting the CPU manufacturer. Attestation happens within the secure enclave inside the CPU, at which point having physical access to the machine doesn't (well, shouldn't, if it's correctly implemented) give you any insight into what code it's running or what data it's operating upon.

[worldsavior]

How can you know which CPU is running? Also, the software could easily change the output of the security chip (secure enclave is only on apple devices).

[kibwen]

Part of the attestation process involves receiving a cryptographic signature from the CPU vendor. They can only fake it if they break the cryptography. And enclaves (or "trusted execution environments") aren't only on Apple chips, AMD and Intel have their own implementations.