zlacker

The method is explained here: https://signal.org/blog/private-contact-discovery/

Yes, it's hashes of phone numbers instead of the phone numbers themselves, but that's a detail. Phone numbers are easy to brute-force especially for people the protesters are worried about, as well as easy to build rainbow tables for.

>>est31+(OP)
I think you might want a better way of phrasing that: it’s not the “full contact list” - most people would assume that includes names and all of the other metadata - and since it’s rate-limited there’s an interesting trade off where it’s not easy to brute-force but it is targetable if you are trying to track specific known people.

>>acdha+A
The name, profile pic, etc. is less relevant than the social graph itself. State actors already have phone number <-> name mappings at least about their own residents. If you are just curious about who's visa applications to deny because according to data collected by your IMSI-catcher many of their contacts have participated in an anti-government protest, then the name etc. isn't really relevant.

>>est31+(OP)
I would disagree with the "that's a detail" statement. Properly salted hashes make building a social network graph much more difficult. It's only relatively easy to brute-force a single number.

>>jwr+d6
I don’t think they are salted. When someone joins signal they are compared to your hashes. That is how you get notified that one of your contacts have joined signal.

If they were all individually salted, there would be no way to compare against new joiners.

>>est31+Q1
Yes, I know. My point was that a better term might help you make your point without sounding like you’re claiming something different.

>>est31+(OP)
It's truncated hashes, not full hashes. So you don't see exactly which phone number it is, you get a bucket and the client checks if the full hash is in the bucket. Which is far from perfect, but it's a little better than the full hash.