Our great sponsors
-
Why does it need a cryptocurrency built into the messenger exactly? [0]
[0] https://github.com/dessalines/essays/blob/master/why_not_sig...
-
>Signal also notably isn't self-hostable: there's no way to run your own signal server, and control your data. Marlinspike ruthlessly shuts down anyone attempting to build alternate clients or servers that could communicate with the main one.
That is perfectly wrong. As a maintainer of https://axolotl.chat, a third-party signal client initially built for Ubuntu Touch but which runs on almost everything now, I can tell you that our client is speaking without any problems to the official Signal servers, and also that the code of the server is available and is running fine, we used it to test our code.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
We should make a distinction between the server tampering with message content and message metadata. Message content is protected by well-scrutinized and auditable client code. However, there's nothing stopping a malicious server from logging a bunch of extra metadata on top of what they claim to log, which would be very interesting for nation states. And the extra-metadata scenario is the one being criticized, I think.
If you trust Intel SGX (or other secure enclaves) it is theoretically possible for the server to attest to the client that a particular hash of code is running. (Typically the reverse process is used, to attest to a server that a client is running whatever DRM code the company wants.)
Signal already uses SGX to implement contact search [1]. The actual algorithm is performed in plaintext in the enclave.
Now, you might counter that SGX is full of holes, and I would agree with you.
-
