(no title)

There's a horrible conflation of concepts here. A pretty big one.

When people talk about cloud services, they generally mean part of an application that runs on the cloud that participates as a trusted actor in the application's trust model.

What people in the linked thread are realizing is that "signal has a server" and they are confused because they thought signal didn't have a server, or something.

So, what's important about Signals servers is that, outside of initial key exchange which is verified by two parties out of band, they are not a trusted entity, ever. When you send a message it goes through signals servers. When you sync your profile picture with other devices, same thing. The data transits signals servers. This is made possible because of cryptography. By encrypting the data in a way that is indecipherable by 3rd parties (Signal's servers included) your data is isomorphic to random noise. So, the only thing Signal needs to do is route the random noise to the right place. If it doesn't do that, it's a denial of service and about the only attack you're vulnerable to if you use Signal. Otherwise, the receiver gets the exact random noise that you sent, but only they can make sense of it because of the miracle of cryptography.

If you're really doing to throw a fit because Signal syncs a profile picture between your devices using the same level of crypto as is used for messaging then you're honestly crazy.

No. Signal did not "not have a cloud" and now they "have a cloud". Not by any reasonable interpretation of the events.

I just wanted to thank you for the information and the ensuing thread. Very interesting.