Comment by zahlman
No cryptography will protect a group that allows a traitor to join. The fundamental problem is vetting, and you really just can't do that remotely.
No cryptography will protect a group that allows a traitor to join. The fundamental problem is vetting, and you really just can't do that remotely.
Apparently, one member of the group uploaded a personal photo as an avatar.
I've also heard of side-channel attacks on Signal that could allow for profiling a user's location, which with the FBI's resources could presumably eventually result in identification.
Sure, I was not talking about Signal. Something like Bitmessage[1] can.
Bitmessage is/was awesome, but it fundamentally doesn't scale.
Every user has to attempt decryption of every message sent by any sender. Later they cobbled on some kind of hokey sharding mechanism to try to work around this, but it was theoretically unmotivated and an implementation minefield (very easy for implementation mistakes in the sharding mechanism to leak communication patterns to an observer).
Bitmessage would be great if we had something like Schnorr signatures (sum of (messages signed with different keys) = (sum of messages) signed with (sum of keys)) that could tell you if any of the sum of a bunch of messages was encrypted to your secret key. Then you could bisection-search the mempool.
Not traitor, but compromised user. Given enough targets, one of them will have their device compromised. Of course the FBI has access to things more powerful than pegasus I'm sure (Just guessing).