Do we relly know the server actually does this when you can't run your own Signal server instances you have compiled yourself from source code ?
Do we relly know the server actually does this when you can't run your own Signal server instances you have compiled yourself from source code ?
Short answer is no.
Signal provides content-privacy by design with E2EE. Signal provide metadata-privacy by policy, i.e. they choose to not collect data or mine information from it. If you need metadata-privacy by design, you're better off with purpose-built tools like Cwtch, Ricochet Refresh, OnionShare, or perhaps Briar.
I thought you could compile from source and run Signal server instances, but there is no federation, so you would need a client that points to your server and you could only talk to other people using that client.
https://github.com/signalapp/Signal-Server
They use remote attestation based on SGX. So, assuming SGX can be trusted, yes. See https://signal.org/blog/private-contact-discovery/
and assuming you have a practical way to
- verify the attestation
- make sure it means the code they have published is the attested code
- make sure the published code does what it should
- and catch any divergence to this *fast enough* to not cause much damage
....
it's without question better then doing nothing
but it's fundamentally not a perfect solution
but it's very unclear if there even is a perfect solution, I would guess due to the characteristics of phone numbers there isn't a perfect solution
Well, no - as long as someone you trust is able to do that verification, that's good enough.