←back to thread

Signal adds a payments feature with a privacy-focused cryptocurrency

(www.wired.com)
544 points josh2600 | 2 comments | 06 Apr 21 16:23 UTC | HN request time: 0.424s | source
Show context
bilal4hmed ◴[06 Apr 21 18:44 UTC] No.26715700[source]
With Signal not releasing their server code and now this, I regret using and asking a good chunk of my base to move to Signal.
replies(8): >>26717453 #>>26717696 #>>26717707 #>>26717779 #>>26718534 #>>26719231 #>>26719566 #>>26720799 #
1. challengly ◴[07 Apr 21 01:32 UTC] No.26719566[source]
Same. It's extremely concerning. Where's the transparency? If the backend has been compromised and turned into a honeypot, how would we know?
replies(1): >>26720474 #
2. pa7ch ◴[07 Apr 21 04:03 UTC] No.26720474[source]
That would only compromise metadata as signal is e2e encrypted and the client has always been opensource and up to date.

All the SGX stuff is about making metadata more private for features that absolutely must be done serverside. So a compromise in SGX is more an issue if Signal itself becomes adversarial or gets compromised. Most services only rely on this for security and don't use things like SGX to hide things from themselves.