Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Sealed sender doesn't really solve the metadata problem at all:

* https://www.ndss-symposium.org/wp-content/uploads/ndss2021_1...

Generally you need something like TOR to hide who is talking to who.




Interesting, I feared Sealed Sender might be susceptible to statistical analysis (hence my phrasing "reduce it a bit") but it's worse than I expected ("Signal could link sealed sender users in as few as 5 message"). Thanks for the link!

As for TOR, that wouldn't really help much, would it, given that the described attack is at the application level of Signal. Or are you talking about not using Signal altogether?


Yeah, I used TOR as a general example. Briar uses TOR for example to hide the connections between users.


Some other options

https://cwtch.im/ (has better UX and security than Briar) https://onionshare.org/ chat feature

Also https://github.com/maqp/tfc by yours truly if you need hardware-enforced endpoint security for your keys.


Related presentation from Network and Distributed System Security Symposium:

https://www.youtube.com/watch?v=HoN6FLC5Hss


Thanks, that was a very nice & accessible talk!




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: