• poVoq@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    3 years ago

    If you use additional measures to protect yourself it becomes a bit more difficult to correlate the info, but they still also know when a specific client with a specific phone number connects to their network. So maybe they have to run that timing attack over a few hours, but the end result is the same.

    • chiefstorm@lemmy.ml
      link
      fedilink
      arrow-up
      1
      arrow-down
      2
      ·
      3 years ago

      Not to point out the obvious, but if someone uses a burner phone to initially setup their signal account, that is another big layer of privacy

        • chiefstorm@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          3 years ago

          Oh shit, well I had no idea. Hell, I know in China you used to easily get a burner number, but now it is restricted… Well listen, that certainly changes the conversation.

          Do you know if there are any pay-as-you-go phone plans in Europe ?

          • poVoq@lemmy.ml
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            3 years ago

            Yes, but nearly all countries require you to register the SIM cards with your government ID.

    • Dreeg Ocedam@lemmy.ml
      link
      fedilink
      arrow-up
      1
      arrow-down
      3
      ·
      3 years ago

      they still also know when a specific client with a specific phone number connects to their network

      I don’t think so. I didn’t really fully understood how sealed sender worked until now and only trusted Signal to implement it properly. I’m currently reading this which explains how it works and it seems to provide similar guaranties to what I assumed. The server can only have the IP of the sender. There seem to be some issues, but it’s not as trivial as you seem to think it is. They may also have implemented the mitigations since.