AWS servers that run Signal collect the metadata.
Good advice in general, but there's a few mistakes in your article.
1. Signal doesn't collect metadata. Anytime. There's been a subpoena. The only thing Signal has been able to provide in reference to a requested phone number, was the date of account creation and the last date seem live on the network. So if someone's able to determine a particular phone number is using Signal, so what that person likes privacy.
2. When full username integration went live in February 2024, the digital footprint of a Signal user's phone number was drastically reduced. So with usernames, none of your contacts need to actually know your phone number, phone numbers are just used to establish an account in the first place. https://cdn.nostrcheck.me/015f514b98ad428a17943c74263731cdc1895051c895442ef9cd56547f0a09d5/41d8bb2bbb0f0cc0c19fa4f03537ed5560057026b9b92cb3b36f4b50c45eee9d.webp
In summary, what you said might be good advice, although a bit outdated. The best advice is to evaluate your threat model and act accordingly. Signal will likely be a big part of that.
Discussion
No replies yet.