3 comments

[ 4.6 ms ] story [ 21.9 ms ] thread
Once shared, the data remains in the signal servers, accessible to anyone with subpoena. Even if there will be an option to turn it off, the damage is already done.

Or may be I am missing something?

>accessible to anyone with subpoena

I assume it's encrypted.

Well, it is encrypted with a pin. Unless you make a long pin or switch to optional alphanumeric, the contact list is just protected by SGX and a short pin.

The SGX works like the iPhone auto-wipe. But it is in an online service with lots of juicy data in one place, so the target is bigger. A vulnerability could leak your contact list.