| ▲ | mikkupikku 12 hours ago | |||||||||||||
How does Palantir defeat Signal's crypto? I suppose it could be done by pwning everybody's phones, but Palantir mostly does surveillance AFAIK, I haven't heard of them getting into the phone hacking business. I think Israeli corps have that market covered. | ||||||||||||||
| ▲ | autoexec 7 hours ago | parent | next [-] | |||||||||||||
My guess is that Signal has been compromised by the state for a very long time. The dead canary is their steadfast refusal to update their privacy policy which opens with "Signal is designed to never collect or store any sensitive information." even though they started keeping user's name, phone number, photo, and a list of their contacts permanently in the cloud years ago. Even more recently they started keeping message content itself in the cloud in some cases and have still refused to update their policy. All the data signal keeps in the cloud is protected by a pin and SGX. Pins are easy to brute force or collect, SGX could be backdoored, but in any case it's leaky and there have already been published attacks on it (and on signal). see https://web.archive.org/web/20250117232443/https://www.vice.... and https://community.signalusers.org/t/sgx-cacheout-sgaxe-attac... | ||||||||||||||
| ▲ | blurbleblurble 11 hours ago | parent | prev [-] | |||||||||||||
It doesn't, they're infiltrating the groups and/or gaining access to peoples' phones in other ways. | ||||||||||||||
| ||||||||||||||