Its not a complete lie, as a similar system on a federated messenger where lots of different legal entities control the different client to server connections would really benefit from it (I hope someone will implement it for XMPP in the future), but due to the centralization of the Signal servers it is snake-oil as explained above.
I am not sure what you mean with “authenticate” in this context, but of course the signal servers receive TCP connection from a specific IP address at a specific point in time. If they also look at that TCP connection and authenticate the sender is mostly irrelevant, but I would guess they also do that to prevent network spam / flooding attacks.
Edit: I think a lot of the things Signal does is good so long as you trust them and assume not a single one of their employees is compromised by the NSA. I find that highly unlikely and thus have to assume Signal is run by a hostile actor and according to that such timing attacks are likely to happen.
If the only thing they have is an IP address it is much less info than the actual phone number of who sent the message. It can also be very easily prevented by using a VPN or the built-in anti censorship proxy.
If you use additional measures to protect yourself it becomes a bit more difficult to correlate the info, but they still also know when a specific client with a specific phone number connects to their network. So maybe they have to run that timing attack over a few hours, but the end result is the same.
Oh shit, well I had no idea. Hell, I know in China you used to easily get a burner number, but now it is restricted… Well listen, that certainly changes the conversation.
Do you know if there are any pay-as-you-go phone plans in Europe ?
they still also know when a specific client with a specific phone number connects to their network
I don’t think so. I didn’t really fully understood how sealed sender worked until now and only trusted Signal to implement it properly. I’m currently reading this which explains how it works and it seems to provide similar guaranties to what I assumed.
The server can only have the IP of the sender. There seem to be some issues, but it’s not as trivial as you seem to think it is. They may also have implemented the mitigations since.
Its not a complete lie, as a similar system on a federated messenger where lots of different legal entities control the different client to server connections would really benefit from it (I hope someone will implement it for XMPP in the future), but due to the centralization of the Signal servers it is snake-oil as explained above.
I am not sure what you mean with “authenticate” in this context, but of course the signal servers receive TCP connection from a specific IP address at a specific point in time. If they also look at that TCP connection and authenticate the sender is mostly irrelevant, but I would guess they also do that to prevent network spam / flooding attacks.
Edit: I think a lot of the things Signal does is good so long as you trust them and assume not a single one of their employees is compromised by the NSA. I find that highly unlikely and thus have to assume Signal is run by a hostile actor and according to that such timing attacks are likely to happen.
If the only thing they have is an IP address it is much less info than the actual phone number of who sent the message. It can also be very easily prevented by using a VPN or the built-in anti censorship proxy.
If you use additional measures to protect yourself it becomes a bit more difficult to correlate the info, but they still also know when a specific client with a specific phone number connects to their network. So maybe they have to run that timing attack over a few hours, but the end result is the same.
Not to point out the obvious, but if someone uses a burner phone to initially setup their signal account, that is another big layer of privacy
Burner phones which barely exist outside USA.
Oh shit, well I had no idea. Hell, I know in China you used to easily get a burner number, but now it is restricted… Well listen, that certainly changes the conversation.
Do you know if there are any pay-as-you-go phone plans in Europe ?
There are, but are linked to your personal ID which makes it not the same.
Yes, but nearly all countries require you to register the SIM cards with your government ID.
I don’t think so. I didn’t really fully understood how sealed sender worked until now and only trusted Signal to implement it properly. I’m currently reading this which explains how it works and it seems to provide similar guaranties to what I assumed. The server can only have the IP of the sender. There seem to be some issues, but it’s not as trivial as you seem to think it is. They may also have implemented the mitigations since.