Some are quick to promote apps as being safe for your use just because they are encrypted. I will talk about how many of the popular apps that are commonly t...
You are missing the point. If you have a big list of suspect phone-numbers you can put them into Signal and it will show all that have their phone numbers registered with Signal.
Yes. That’s exactly what you get. A list of Signal users.
That is a metadata leak and quite a significant one.
Why is a user list in itself “a significant metadata leak”.
You would need other information for that, like groups, contacts, online times or anything else. But you don’t get that, so I can only repeat my question: what is the problem with it?
I explained that already in much detail elsewhere in this thread.
tl;dr as a Signal user you are a minority that is automatically suspect to law-enforcement and when this meta-data is overlapped with other meta-data is is easy to narrow down a list of suspects and get legal permission to deploy more intrusive surveillance methods. In addition once that more intrusive surveillance method is deployed on a device, it can read other linked phone-numbers from Signal group-chats and thus those people are also compromised because phone-numbers are always linked to government issued identities (either explicitly or due to payments).
Yes. That’s exactly what you get. A list of Signal users.
Why is a user list in itself “a significant metadata leak”. You would need other information for that, like groups, contacts, online times or anything else. But you don’t get that, so I can only repeat my question: what is the problem with it?
I explained that already in much detail elsewhere in this thread.
tl;dr as a Signal user you are a minority that is automatically suspect to law-enforcement and when this meta-data is overlapped with other meta-data is is easy to narrow down a list of suspects and get legal permission to deploy more intrusive surveillance methods. In addition once that more intrusive surveillance method is deployed on a device, it can read other linked phone-numbers from Signal group-chats and thus those people are also compromised because phone-numbers are always linked to government issued identities (either explicitly or due to payments).