Because everything in Signal is end-to-end encrypted by default, the broad set of personal information that is typically easy to retrieve in other apps simply doesn’t exist on Signal’s servers.
Tl;dr: Signal gave the court timestamps for three out of nine phone numbers that the court demanded data on. The timestamps were the dates three phone numbers last registered their accounts with Signal. That’s it. That is all the data there was to give.
This is why I use Signal. This is why I donate monthly to Signal.
Well, i’m not fluent in legalese, but isn’t the search order also exclusively asking for those two datapoints and nothing more?
They’re not asking for message timestamps e.g. or other metadata.
Maybe the court already knew that Signal doesn’t have any data to hand over beyond the registration dates?
That seems likely the case based off the series of previous warrants & subpoenas where they kept having to explain that they didn’t have any of that other shit to give.
That is not what I’m trying, no. Sorry if it came across like that.
My point is, that this isn’t an effective proof of a zero knowledge approach. In their blogpost, Signal says they don’t store anything, but this specific instance of a search warrant doesn’t serve to prove that.
It is great of them that they publish when and what they are asked to disclose, that practice is definitly appreciated. I do trust Signal, it is my main messenger.
This is just not the stresstest @[email protected] makes it out to be in the top comment, imo.
Thanks for the additonal link. It’s interesting that Signal didn’t provide the last time the user connected to Signal here, as that was information which was requested and information that they have…
Nope. The search order asked for all the usual telecom info (see Attachment A), but Signal doesn’t retain most of that data, so all they were able to provide were registration date and last seen date.
I tried to donate to signal, but they didn’t accept my wise.com virtual credit card. That’s the only type of payment I am willing to provide online, can’t help it.
Yeah, currently it’s kind of a pain to donate to them. I’m pretty sure it can only be done directly through the app and it’s been a little buggy for me in the past; e.g. where the app claimed I wasn’t a monthly donor when, in fact, I am.
Tl;dr: Signal gave the court timestamps for three out of nine phone numbers that the court demanded data on. The timestamps were the dates three phone numbers last registered their accounts with Signal. That’s it. That is all the data there was to give.
This is why I use Signal. This is why I donate monthly to Signal.
Battle tested privacy services <3
Well, i’m not fluent in legalese, but isn’t the search order also exclusively asking for those two datapoints and nothing more? They’re not asking for message timestamps e.g. or other metadata.
Good catch. It does look like that. Maybe the court already knew that Signal doesn’t have any data to hand over beyond the registration dates?
That seems likely the case based off the series of previous warrants & subpoenas where they kept having to explain that they didn’t have any of that other shit to give.
Are you trying to turn this into “So, they got exactly what they wanted! Signal cooperated and are thus not secure!”?
That is not what I’m trying, no. Sorry if it came across like that.
My point is, that this isn’t an effective proof of a zero knowledge approach. In their blogpost, Signal says they don’t store anything, but this specific instance of a search warrant doesn’t serve to prove that.
It is great of them that they publish when and what they are asked to disclose, that practice is definitly appreciated. I do trust Signal, it is my main messenger.
This is just not the stresstest @[email protected] makes it out to be in the top comment, imo.
Here ya go:
https://signal.org/bigbrother/northern-california-order/
Thanks for the additonal link. It’s interesting that Signal didn’t provide the last time the user connected to Signal here, as that was information which was requested and information that they have…
Nope. The search order asked for all the usual telecom info (see Attachment A), but Signal doesn’t retain most of that data, so all they were able to provide were registration date and last seen date.
I tried to donate to signal, but they didn’t accept my wise.com virtual credit card. That’s the only type of payment I am willing to provide online, can’t help it.
Yeah, currently it’s kind of a pain to donate to them. I’m pretty sure it can only be done directly through the app and it’s been a little buggy for me in the past; e.g. where the app claimed I wasn’t a monthly donor when, in fact, I am.
There’s other ways to donate to Signal, including crypto listed on their website.
Oh good to know, thank you!