> You connect to AWS when you connect to Signal. That means the USA is the government with the most influence on Amazon to have taps placed or connection logs handed over.
I'm not an networking guy but can you explain this more? I'm actually curious and what better place to get actual info than HN? If you have a sealed sender then shouldn't this be impossible? Shouldn't the size of the message be sealed as well and when the message is received you'd see that 1) it is signed by a different key and 2) the message size doesn't match? Shouldn't this be rejected? 3) Shouldn't this also apply to any app because traffic is going to bounce through some US based (or US company owned) server? My understanding is that sending data from San Francisco to Berkeley can route through Seattle or Tokyo depending on optimal routing, server configurations, and loads.
> Other than, say, your real-life-identity-tied user ID of course.
This is why I'm excited for the usernames. They are promising them this year.
Agreed about being optimistic about usernames. I'm hoping it'll be what we expect, I hear different things from different people but frankly I also have been too lazy to actually look into it (I feel like I'm always the one doing the digging).
> Shouldn't the size of the message be sealed as well
To hide the volume of data being sent, you need to limit how much data you can send. How would you hide from the relaying server how much data you're sending without adding dummy data? And if you add 0-500 bytes of dummy data every 5 minutes, then whenever you send >500 bytes or send a message more often than once per 5 minutes, the server still knows that it was an actual message and its size, and you can start to do traffic analysis.
> Shouldn't this also apply to any app because traffic is going to bounce through some US based (or US company owned) server?
Um, when I message my friend whose Matrix homeserver I'm using, the traffic involved is:
1. DNS lookup of a .de domain (does not reveal message size or anything else, even if I were to use Google DNS and reveal my home server to a USA company)
2. TCP connection to a German server
3. More traffic to his German server
And same on the receiving side. Unless one of us travels to the Americas, it's not likely to ever pass through the USA. That isn't to say that American agencies might not collaborate with European agencies or even tap European land-based connections, but it's harder and would not be an option available to criminal (or civil, for that matter) investigations due to the disproportionality of the method.
> can you explain this more?
I'm not quite sure what's unclear about it, but I'll give it another general shot. Imagine you see this traffic log, where A/B/C/D are different IP addresses. You see various people sending data of various sizes (you don't know who's who, but everyone connects from their own IP address, or in networking terms, a TCP tuple). Since the server is just pushing messages from one contact to another, like if Alice messages Bob, it will always forward a message as soon as possible.
00:00 A -> server: [17 encrypted bytes]
00:00 C -> server: [29 encrypted bytes]
00:00 server -> D: [17 encrypted bytes]
00:00 server -> B: [29 encrypted bytes]
00:01 D -> server: [48 encrypted bytes]
00:01 server -> A: [48 encrypted bytes]
From this, I would assume (without knowing any contents or anything else) that the subscriber behind IP address "A" is talking to the subscriber behind IP address "D", and that "C" is talking to "B". Now you can start building a social graph, which according to a paper I recently read (I could maybe dig it up again) needs only a few nodes before they can tell who you are, or they just ask the ISP (or in the case of the Netherlands, query the CIOT database[1]).
If you think that a "sealed sender" might hide your IP address, the answer is no because the packets somehow need to make it across the network to the right devices (or to the server for that matter) and then the receiver decrypts it.
[1] https://nl.wikipedia.org/wiki/CIOT only available in Dutch. TL;DR central mapping system of IP addr -> subscriber info, available at the police's discretion, updated daily.
I'm not an networking guy but can you explain this more? I'm actually curious and what better place to get actual info than HN? If you have a sealed sender then shouldn't this be impossible? Shouldn't the size of the message be sealed as well and when the message is received you'd see that 1) it is signed by a different key and 2) the message size doesn't match? Shouldn't this be rejected? 3) Shouldn't this also apply to any app because traffic is going to bounce through some US based (or US company owned) server? My understanding is that sending data from San Francisco to Berkeley can route through Seattle or Tokyo depending on optimal routing, server configurations, and loads.
> Other than, say, your real-life-identity-tied user ID of course.
This is why I'm excited for the usernames. They are promising them this year.