Vinnl 4 days ago

All they'd learn that way is that that phone number has a Signal account, when it was registered, and when it was last active. In other words, it doesn't tell them whether it's part of a given Signal group. (See https://signal.org/bigbrother/.)

Reply View 0 replies
Grisu_FTP 5 days ago

I might be misremembering or mixing memories but i remember something about them only storing the hash of the number.

So the FBI cant ask what phone number is tied to an account, but if a specific phone number was tied to the specific account? (As in, Signal gets the number, runs it through their hash algorythm and compares that hash to the saved one)

But my memory is very very bad, so like i said, i might be wrong

Reply View 4 replies
  • account42 4 days ago

    It would be absolutely trivial for the FBI to hash every single assigned phone number and check which one matches. Hashing only provides any anonymity if the source domain is too large to be enumerable.

    Reply View 3 replies
    • kreetx 4 days ago

      Brief research says that Signal does store phone numbers.

      Regarding hashing: while unsalted phone number hashes would be easy to reverse then I doubt that any hashing scheme today is set up like that.

      Reply View 2 replies
      • account42 4 days ago

        You don't even need to think about how the hashing scheme and salt is set up. If Signal can check if a phone number matches the hash in any reasonable amount of time (which is the whole point of keeping a hash in the first place) then the FBI can just do that for all phone numbers with very realistic compute resources once they get Signal to cough up the details of the algorithm and magic numbers used.

        Reply View 0 replies
      • lblume 4 days ago

        Well, Signal would have to disclose the salt of course.

        Reply View 0 replies