• I Cast Fist
      link
      fedilink
      English
      015 days ago

      Packet data has headers that can identify where it’s coming from and where it’s going to. The contents of the packet can be securely encrypted, but destination is not. So long as you know which IPs Signal’s servers use (which is public information), it’s trivial to know when a device is sending/receiving messages with Signal.

      This is also why something like Tor manages to circumvent packet sniffing, it’s impossible to know the actual destination because that’s part of the encrypted payload that a different node will decrypt and forward.

      • Ulrich
        link
        fedilink
        English
        0
        edit-2
        15 days ago

        Packet data has headers that can identify where it’s coming from and where it’s going to

        Wouldn’t you have to have some sort of MITM to be able to inspect that traffic?

        This is also why something like Tor manages to circumvent packet sniffing

        TOR is what their already-existing tip tool uses.

          • Ulrich
            link
            fedilink
            English
            015 days ago

            Does it matter? How would you get access to such information?

            • @papertowels@mander.xyz
              link
              fedilink
              English
              0
              edit-2
              15 days ago

              If the header isn’t encrypted it’d be easy to inspect, and thus easy to determine where it goes, which is why it matters.

              Based on your questions, it sounds like you’re expecting the network traffic itself to be encrypted, as if there were a VPN. Does signal offer such a feature? My understanding is that the messages themselves are encrypted, but the traffic isn’t, but I could be wrong.

              • Ulrich
                link
                fedilink
                English
                -115 days ago

                If the header isn’t encrypted it’d be easy to inspect

                Easy for whom? How are you getting access to the traffic info?

                • @papertowels@mander.xyz
                  link
                  fedilink
                  English
                  015 days ago

                  You’re talking about encryption and signal because you’re worried about folks whose network you’re connected to being able to invade your privacy, right?

                  I’d say it’s a pretty reasonable suggestion to say we start with those guys. If you don’t worry about those guys, who do have access to traffic info, then why bother with encryption?

                  • Ulrich
                    link
                    fedilink
                    English
                    -115 days ago

                    You’re talking about encryption and signal because you’re worried about folks whose network you’re connected to being able to invade your privacy, right?

                    LOL no? I’d never blow the whistle on my employer from my desk. Even if I did, I would connect to a different network.

                    I recognize other people are not as conscious as I am of that vulnerability but you asked about me, specifically.

                    If you don’t worry about those guys, who do have access to traffic info, then why bother with encryption?

                    Any number of other people. Primarily the government.