[dmw_ng]

I was recently shocked to discover media attachments sent on Signal are uploaded to either Google Cloud Storage or some other service sitting behind CloudFlare. The recipient device(s) fetch the uploaded keys to access the images. The net effect is that there is almost certainly a log file somewhere that correlates the IP addresses/user agents of conversation participants for a very large subset of all Signal users

The point is mostly there are plenty of security issues with existing systems that probably aren't easily fixed with another layer of crypto woowoo, and it makes me uncomfortable that crypto is used to justify marketing these systems as secure. How do you explain to a user that the JPEG compression implementation on their particular phone with their particular photograph has a unique on-the-wire transfer size that may already be enough to correlate them with their recipient? etc

[ezst]

If Signal wanted to lead by example on the privacy front, they would have stuck with their initially federated design, wouldn't require phone numbers, and wouldn't (have to) hide behind obscure and unverifiable workarounds (SGX enclaves, sealed senders, ...)

[palata]

How is the sealed sender feature obscure and unverifiable?