Impressive writeup! A bit shocking that Signal does not take this more seriously. Basically it allows a whistleblower to be pinpointed to city-level in many places.

And to say they never intended to hide this kind of data between two parties is contrary to their "relay call" feature that has been there for years to not leak your IP address to your call partner in p2p calls.

I also don't get why Signal attachments in private chats need to be hosted on a CDN with caching: they are basically only downloaded once by one person and deleted after that. So why not simply run one or two servers for attachments per continent. Is so much bandwidth saving achieved through local caching?