Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://troet.cafe/users/pixelschubsi/statuses/114031532847332128">pixelschubsi (pixelschubsi@troet.cafe)'s status on Thursday, 20-Feb-2025 01:43:20 JST</a><a href="https://troet.cafe/@pixelschubsi" title="pixelschubsi@troet.cafe"><img src="https://gnusocial.jp/theme/gnusocialjp/default-avatar-stream.png" width="48" height="48" alt="pixelschubsi" style="position: absolute; left: 0; top: 0;">pixelschubsi</a><div><a href="https://hachyderm.io/@dalias/114031466703036078" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/38311" title="lauren@mastodon.laurenweinstein.org">Lauren Weinstein</a></li><li><a href="https://gnusocial.jp/user/40873" title="dalias@hachyderm.io">Rich Felker</a></li><li><a href="https://gnusocial.jp/user/137163" title="monocles@monocles.social">monocles</a></li></ul></div></section><article><p><a href="https://hachyderm.io/@dalias">@dalias</a> <a href="https://infosec.space/@kkarhan">@kkarhan</a> <a href="https://mastodon.world/@signalapp">@signalapp</a> <a href="https://monocles.social/@monocles">@monocles</a> <a href="https://mastodon.laurenweinstein.org/@lauren">@lauren</a> </p><p>Contact graph is who you are sending messages to. Signal servers can always see who receives a message and they can trivially see who sent a message if sealed senders is turned off (which, as is shown, can be done by the server). So Signal in fact has access to your contact graph.</p><p>They also have access to a bunch of other metadata, like the Apple/Google push token that is known to be used to spy on people: <a href="https://www.reuters.com/technology/cybersecurity/governments-spying-apple-google-users-through-push-notifications-us-senator-2023-12-06/" rel="nofollow noreferrer">https://www.reuters.com/technology/cybersecurity/governments-spying-apple-google-users-through-push-notifications-us-senator-2023-12-06/</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4562328#notice-8993007">In conversation</a><time datetime="2025-02-20T01:43:20+09:00" title="Thursday, 20-Feb-2025 01:43:20 JST">about 3 months ago</time> <span>from <span><a href="https://troet.cafe/@pixelschubsi/114031532847332128" rel="external" title="Sent from troet.cafe via ActivityPub">troet.cafe</a></span></span><a href="https://troet.cafe/@pixelschubsi/114031532847332128">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/1928914">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
pixelschubsi (pixelschubsi@troet.cafe)'s status on Thursday, 20-Feb-2025 01:43:20 JSTpixelschubsi
in reply to
@dalias @kkarhan @signalapp @monocles @lauren
Contact graph is who you are sending messages to. Signal servers can always see who receives a message and they can trivially see who sent a message if sealed senders is turned off (which, as is shown, can be done by the server). So Signal in fact has access to your contact graph.
They also have access to a bunch of other metadata, like the Apple/Google push token that is known to be used to spy on people: https://www.reuters.com/technology/cybersecurity/governments-spying-apple-google-users-through-push-notifications-us-senator-2023-12-06/
In conversationabout 3 months ago from troet.cafepermalink
Attachments
1. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice