📍 Your Phone # Leaks Your Location on WhatsApp/Signal

Sending messages? Delivery times expose your exact spot—80%+ accuracy even within the same city. Combine with "Careless Whisper" (❤️ reactions track screen/activity) = complete location + behavior map.

The Attack:

Attacker sends messages → measures response delays

RTT (round-trip timing) fingerprints your network location

Works on Signal, Threema, WhatsApp—all have E2EE but metadata leaks

https://arxiv.org/abs/2411.11194

The Fix:

Providers: Add random delays (seconds). Users: Disable read receipts, use burner numbers, switch to usernames when possible.

Research: NDSS 2023 paper on delivery timing attacks

https://www.ndss-symposium.org/wp-content/uploads/2023/02/ndss2023_s188_paper.pdf

#privacy #security #bitcoin #surveillance #whatsapp #signal #cryptography #nostr #freedom #decentralization #anonymity #infosec #cybersecurity #privacymatters #foss #censorship #zeroknowledge