top | item 45455761

(no title)

pelzatessa | 5 months ago

It is possible for them to say that they deleted the messages without actually deleting them though. One has to trust a pretty big company in order to not worry about the messages actually not being stored anywhere.

I'm not aware of all techniques that Signal uses to somehow make the message anonymous even when if the encryption would have been broken, but sealed sender seems to be one of them:

https://signal.org/blog/sealed-sender/

So at least there's that. Unless the encrypted sealed sender messages aren't somehow being fingerprinted by the IP address of client and the timestamps of connections. Signal probably also says that they don't log these, but with self hosted mailserver I wouldn't have to trust them on that too.

discuss

cristoperb|5 months ago

> One has to trust a pretty big company...

Or a medium-sized (~50 employee) nonprofit, anyway.

pelzatessa|4 months ago

Huh, it's true. I thought an organization that needs $50M yearly to function[1] would employ more people. Still, I think it's fair to call them "pretty big" looking on how much media exposure they get or their operating costs. Perhaps a bit misleading from my part with the "company" part, as I'm not english-native, every type of firm,company,foundation in my head translates to a "company", sorry about that, will be more clear next time :)

[1] https://www.wired.com/story/signal-operating-costs/