Hacker News new | comments | show | ask | jobs | submit login

From the post:

"The Google Cloud Messaging service basically handles message handling from/to the user’s devices to the Signal servers. The GCM service then handles all the aspects of queueing all messages and delivery from/to users."

This is not true. Messages are delivered via Signal's own servers only. GCM messages are empty; their only purpose is to wake up your device. [1]

"The phone component of Signal is called RedPhone. The server component of this is unfortunately not open source [...] this is also probably the reason why secure encrypted phone calls don’t work in e.g. LibreSignal"

No. The reason for that is that the signaling for RedPhone calls is currently still done via GCM and not via Signal's own message transport.

Regarding microg: I've never heard of the need to re-compile kernels for that. I think most people use it with Xposed (admittedly, a giant hack, but it works).

[1] https://whispersystems.org/blog/goodbye-encrypted-sms/




Hmm. You seem to be right. Article corrected there to reflect that Signal is using empty GCM messages. I must have still had the old situation of TextSecure in my head when I wrote that. Nice to know re the reason Redphone doesn't work, thanks for that insight!


(had suggested the author add an endnote; they did)


Yes, I agree that's more transparent. I've added an endnote, and linked to it from the place where the edit was made.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: