Although, it’s worth noting that this was largely a stunt. The US did not have the ability to actually invade Venezuela or to topple the government.

It’s worth noting that Khamenei was the main reason Iran did not develop nuclear weapons up to now. With him gone, that becomes a much more likely scenario.

Yeah, there are network effects at play here. Getting people to move off a platform is very difficult because they need their contacts to move to, and their contacts need theirs in turn. Some people are willing to use multiple messaging apps, but most don’t. I’d argue that’s why it’s important to promote alternatives to Signal. The more popular they become the easier it is to get people to move to them.

I don’t think a nuclear holocaust would help things, but I sure would love to see China start cutting trade off.

The question here is why not get people to switch to a better platform like SimpleX or even matrix with something like Element. I don’t find that Signal does anything better in practice.

The oil glut people were talking about never actually materialized, and prices will almost certainly go through the roof with the main shipping route being closed.

For the record, I absolutely do hate living in a world where conspiracy theorists got things mostly right but for completely wrong reasons.

Pretty much yeah, and they’ve had a really good marketing campaign too. They got a whole bunch of prominent tech influencers incessantly pushing it, and it just feels like a massive astroturf campaign to me. Like you said, if a random person pitched this idea, they’d be laughed at, but you get some people with clout to do it, and it sticks because everybody respects them and trusts them.

yeah that’s the whole article 🤣

orly?

Our forces are active and British planes are in the sky today as part of coordinated regional defensive operations to protect our people, our interests, and our allies - as Britain has done before, in line with international law.

I don’t think we’re saying anything new here. I’ve explained my point and the problem with Signal collecting phone numbers. You can make your own decisions on whether you think that’s acceptable practice or not.

Except you have no idea what’s actually running on the server. Only people who operate it know.

Citation for what exactly? Go read up on how networking works, entire textbooks are available. The server has access to all the data the client sends it. How do you think you get paired with another person to chat, by magic?

No, I don’t think we live in an ideal world. I repeatedly said you ultimately have to use the platform that your contacts use. I’m merely pointing out that you should understand the trade offs.

It’s not really a partial solution, it’s just sophistry to obscure the problem. The fact that I’ve had this same discussion with many people now, and it always takes effort to explain why sealed sender doesn’t actually address the problem leads me to believe the the actual problem it’s solving is not of making the platform more secure. The complete and obvious solution to the problem is to not collect personally identifying information in the first place.

You have a very charitable view of Signal making the base assumption that people running it are good actors. Yet, given that it has direct ties to the US government, that it’s operated in the US on a central server, and the team won’t even release the app outside proprietary platforms, that base assumption does not seem well founded to me. I do not trust the people operating this service, and I think it’s a very dangerous assumption to think that they have your best interests in mind.

I also find it really weird how aggressively Signal is being pushed everywhere, and how any criticism of it gets dismissed or ridiculed. It feels a bit like a cult at this point.

Sure, you can absolutely decide that it’s a reasonable trade off, but your original claim was that sealed sender addressed the problem. Sounds like you’re now acknowledging that’s not actually the case…

That’s precisely why organized labour has been systematically dismantled in the US. Back in the day there were strong unions, mutual support groups, and so on. These systems are key for workers to be able to take collective action like general strikes.

Again, I think people should be aware that there are alternatives to Signal, and be able to make an informed decision on the trade offs that matter to them. My personal view is that there are absolutely better platforms than Signal, but if people understand the potential risks with Signal and use it because it’s convenient or their other contacts use it, etc., that’s entirely up to them. It’s just not what I would personally recommend if people want privacy.

Again, sealed sender has nothing to do with it. If I run a server, I have access to the raw requests coming in. I can do whatever I want with them even outside Signal protocol. You can’t verify that my server is set up to work the way I say it is. You get that right?

You’re confusing what Signal team says their server does, and the open source server implementation they released with what’s actually running. The latter, you have no idea about.

The core issue is trusting the physical infrastructure rather than just the cryptography. The protocol design for sealed sender assumes the server behaves exactly as the published open source code dictates. A malicious operator can simply run modified server software that entirely ignores those privacy protections. Even if the cryptographic payload lacks a sender ID, the server still receives the raw network request and all the metadata attached to it. Your client has to talk to the server and identify itself before any messages are even sent.

When your device connects to send that sealed message, it inevitably reveals your IP address and connection timing to the server. The server also knows your IP address from when you initially registered your phone number or when you requested those temporary rate limiting tokens. By logging the raw incoming requests at the network level, a malicious server can easily correlate the IP address sending the sealed message with the IP address tied to the phone number.

Since the server must know the destination to route the message, it just links your incoming IP address to the recipient ID. Over time this builds a complete social graph of who is talking to whom. The cryptographic token merely proves you are allowed to send a message without explicitly stating who you are inside the payload. It does absolutely nothing to hide the metadata of the network connection itself from the machine receiving the data.