275
Signal boss warns app will exit Australia if forced to hand over users’ encrypted messages
(www.theaustralian.com.au)
this post was submitted on 29 Jul 2025
275 points (100.0% liked)
Australia
4405 readers
465 users here now
A place to discuss Australia and important Australian issues.
Before you post:
If you're posting anything related to:
- The Environment, post it to Aussie Environment
- Politics, post it to Australian Politics
- World News/Events, post it to World News
- A question to Australians (from outside) post it to Ask an Australian
If you're posting Australian News (not opinion or discussion pieces) post it to Australian News
Rules
This community is run under the rules of aussie.zone. In addition to those rules:
- When posting news articles use the source headline and place your commentary in a separate comment
Banner Photo
Congratulations to @Tau@aussie.zone who had the most upvoted submission to our banner photo competition
Recommended and Related Communities
Be sure to check out and subscribe to our related communities on aussie.zone:
- Australian News
- World News (from an Australian Perspective)
- Australian Politics
- Aussie Environment
- Ask an Australian
- AusFinance
- Pictures
- AusLegal
- Aussie Frugal Living
- Cars (Australia)
- Coffee
- Chat
- Aussie Zone Meta
- bapcsalesaustralia
- Food Australia
- Aussie Memes
Plus other communities for sport and major cities.
https://aussie.zone/communities
Moderation
Since Kbin doesn't show Lemmy Moderators, I'll list them here. Also note that Kbin does not distinguish moderator comments.
Additionally, we have our instance admins: @lodion@aussie.zone and @Nath@aussie.zone
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Does Signal not have data?
@9tr6gyp3
There is NO back-door to Signal.
@signalapp is blind to all communications. (Including, probably, this toot! 🤪)
Signal itself does NOT know who has messaged whom, nor when, nor how (e.g. the IP address is NOT known.)
If Signal was subpoenaed to produce my records, they could produce:
I'm *fairly* sure that is all of it.
(Please let me know if I'm wrong.)
@sunzu2
They likely keep the logs of IP addresses they can produce tbh
National Security laws would prevent them from disclosing this. This is just "natural" vulnerability along with a kyc'd sim card ;)
@sunzu2
Nope and I was wrong.
@signalapp is only able to produce LESS information than I previously stated.
That's it. Nothing else.
Signal does NOT log users' IP addresses.
See this for more information:
https://signal.org/bigbrother/santaclara/
@maniacalmanicmania @9tr6gyp3 @signalapp
Under National security laws if Signal is told to log and report, will log and report.
Sure it might exit smaller market, but if us told it to log, it will log.
In fact they force you to use a phone number BC phone is essentially KYC lite.
What you are saying is a trust me bro. From technical perspective signal can generate a heat man of who you are communicating and when. Store this info and turn it over.
That's the inherent defect when using centralized server infrastructure controlled by a company.
Go easy on the corpo kool aid and use some common sense.
SimpleX is trying to solve this issue but it ain't ready for main stream
@sunzu2
To do the things you are suggesting that Signal could be forced to do, Signal would have to rewrite its entire codebase as well as the client apps.
Fortunately, Signal is open source, and such changes would be noticed.
As it stands, it doesn't matter what is demanded nor by whom as the only user data, including traffic analysis, that Signal can currently reveal is insignificant.
Signal simply cannot disclose data it itself cannot access.
Yes, decentralised services are preferable, but Signal has probably the easiest onboarding experience for the average user, especially those new to the concept of E2EE.
@maniacalmanicmania @9tr6gyp3 @signalapp
Signal can't log you pinging their servers?
@sunzu2
Signal knows *when* a user wqs last connected, but not the IP address of that connection. The system has been specifically designed to minimise the meta data available for collection.
@maniacalmanicmania @9tr6gyp3 @signalapp
You repeating their propaganda, we are not talking about what they say they do, we are talking about what they can do.
They can log your activity that's the inherent weakness of signal along with forcing people to use KYCd phone mumbers.
@sunzu2
Read the Affidavit produced here:
https://signal.org/bigbrother/santaclara/
Read Signal's complete source code here:
https://github.com/signalapp
Once you understand the code, you'll understand "what they can do" and what they cannot do.
When you've identified any flaw in the code that runs the Signal servers that would allow IP logging, let me know. I'll be glad to file the bug report on your behalf.
@maniacalmanicmania @9tr6gyp3 @signalapp
They don't need to log your IP, you are using a phone number tied to your identity so does person you are talking to.
Under FISA order, signal would provide logs. FISA order come with gag clause that forbids any disclosure including in federal court. That's how national security laws work.
I am happy that you are very comfortable with signal but pretending like this is not an issue is either naive or you have other incentives to give people false sense of "security"
@sunzu2
"Under FISA order, signal would provide logs."
How would Signal do this? Logs of what?
Corresponding parties? Messages? They don't have them.
They'd have to rewrite their backend code to obtain them, and changes would also need to be made to the Signal client apps.
It would not matter if the FISA Court ordered that logs be produced in secret by Signal. Any such logs could not be obtained without significant changes to the way Signal works. Users would know.
Yes, Signal does have some shortcomings, but these are acceptable in most 'use cases' for most threat models.
Signal is best used as a private, E2EE alternative to SMS. Only a fool would use it for the *most sensitive* of communications. (Like, you know, discussing an impending military strike...)
We all know of the alternatives, including (but not limited to) SimpleX, Session, Briar, Element etc.
@maniacalmanicmania @9tr6gyp3 @signalapp
Logs of who you contact with time stamps ie meta data. That's the information national security agencies really only care about when doing bulk data collection.