[craigmart]

You are speaking of metadata as if all metadata is equal. Signal does collect phone numbers (even though, since usernames have been introduced [1], this can be made opt in from now on), but not the contacts or social graph, neither many other relevant metadata [2]. What they can gather from this, is only when the specified phone number registered to signal services and its last connection to the server [3].

So, if you can call "metadata exchanging app" an app that simply has a list of numbers registered to the service, without any metadata assigned to them except their last access, the same label could be assigned to a much larger number of services.

It may not be anonymous, but it can hardly be disregarded as private.

[1] https://signal.org/blog/phone-number-privacy-usernames/

[2] https://signal.org/blog/sealed-sender/

[3] https://signal.org/bigbrother/central-california-grand-jury/

[hifromwork]

>but not the contacts or social graph, neither many other relevant metadata [2].

Assuming you trust them (notice all your links point to signal.org own publications). Most of the privacy people are cautious/paranoid and assume that everything that can be collected is collected. Even assuming a lack of malicious intent, what's stopping NSA from hacking into Signal's infrastructure and logging who's talking to who along with timestamps? That's not to say I don't trust signal (it's the best mainstream solution right now), but it could do better to hide metadata from the protocol.

[input_sh]

> Even assuming a lack of malicious intent, what's stopping NSA from hacking into Signal's infrastructure and logging who's talking to who along with timestamps?

Sealed Sender, the second link in the comment you've replied to. The indicator is off by default, but you can enable it under Settings → Privacy → Advanced. If I remember correctly, it doesn't work for the very first message you exchange with someone, but then it turns on and remains on.

In layman terms, it turns "from A; to B; content: <encrypted>" into "to B; content: <encrypted>". Their infrastructure doesn't need to know the "from" part to serve its purpose, so they strip it away.

If it was the other way around, they'd have to give that info to the (US) court. Same as any other US-based business, it's not optional, they can't ignore such requests, they can't lie, otherwise they'd be placing themselves in legal troubles for a random nobody that happens to be using their product. So, when I see this page, I fully believe them: https://signal.org/bigbrother/. If I didn't, my first step would be to look up those court cases from alternate sources.

[craigmart]

The point is that you don't have to trust them because the client (where the relevant cryptography is performed) is open source and the fact that my links point to signal.org is completely irrelevant, those blog posts are just ways to advertise facts that are freely verifiable. You can read the source code to check the implementation of sealed senders or how the social graph is handled.

NSA can hack into Signal's infrastructure, and what they will be able to gather are the same information provided by Signal in reply to subpoenas (the whole list here https://signal.org/bigbrother/), because everything else is end-to-end encrypted.