Signal's new "Sealed Sender" will hide your identity from Signal


#1

Originally published at: https://boingboing.net/2018/10/29/sealed-sender.html


#2

I am a little confused; they’re not saying that they won’t know who sent messages to whom (which is more or less impossible), just that they won’t be able to see names and phone numbers etc. But I thought they already didn’t see that.

As I understand it, the app on my phone sends Signal a hash of my address book fields, so they can tell if I have person 87399’s phone number stored, and connect me to person 87399, without ever actually seeing the phone number in question. So if Signal knows my name and contact details, surely it would only be because the app chose to send them that info?


#3

My understanding so far is that, if someone recovered or intercepted just the message itself, they wouldn’t see any sender information with that message, just the encrypted message. (And the “delivery token”?)

Signal of course receives the message from your computer or device, and so it knows that you are sending and/or receiving some messages, and has connection information (IP address), which it could associate with the encrypted message perhaps though hopefully they don’t store that association for too long on their servers, but we have to take their word on that.

Still reading up on it though.

Is this generally accurate? Anyone who knows more about Signal please correct us.


#4

inquiring_minds_logo


#5

This topic was automatically closed after 5 days. New replies are no longer allowed.