- cross-posted to:
- hackernews@derp.foo
- cross-posted to:
- hackernews@derp.foo
We estimate that by 2025, Signal will require approximately $50 million dollars a year to operate—and this is very lean compared to other popular messaging apps that don’t respect your privacy.
I am not concerned with the people I’m actively chatting with having my IP address.
If you’re using it for personal correspondence with people you know and trust, that’s probably fine. However, a secure and private communications platform should support more extreme use cases as well.
If you’re a journalist, for example, you might need to communicate with people you do not know or trust. You could realistically be talking to someone who wants to kill you, or who is being monitored by people who want to kill you, particularly if you are covering high-profile political issues or working with whistleblowers (or are yourself a whistleblower). Even revealing information as broad as what city you’re in (which would be revealed by your IP address) could be a risk to your physical safety.
Even though I do not personally face such high-level threats in my life, I feel better using services that allow for the possibility. Privacy is a habit, and who knows what tomorrow might bring?
A MitM sniffer would be able to see the source and destination IP addresses, not just the person you’re chatting with. Even if the data is encrypted, P2P is still vulnerable to a layer 3 attack.
Will the same apply if you’re in a lot of open group chats though?
Depends on who is in the group chats. Primarily I am concerned with keeping them out of the hands of corporations, eg: Google, Meta, MS, AWS, etc. to be added to giant databases and used to profile me or unjustly subpoenaed by the gov.