Because analysing network traffic wouldn't allow an adversary to see what you're sending with Signal, but they could still tell you're sendig a secure message.

What the Guardian is doing is hiding that secure chat traffic inside the Guardian app, so packet sniffing would only show you're accessing news.

deleted by creator

analysing network traffic wouldn't allow an adversary to see what you're sending with Signal

How are they analyzing network traffic with Signal? It's encrypted. And why does it matter if they know you're sending a message? Literally everyone using Signal is sending a message.

Timing of messages. They can't tell what you send, but can tell when

No they can't.

E: if someone wants to provide evidence to the contrary instead of just downvoting and moving on, please, go ahead.

deleted by creator

It isn't.

Similar to other apps, CoverDrop only provides limited protection on smartphones that are fully compromised by malware, e.g., Pegasus, which can record the screen content and user actions.

It's a red flag to those who think you're going to share internal info.

Messaging protocols already resemble the frameworks that come out from time to time. And their effectiveness is due to the fact that they require a certain quota of users.

It's just a secure messaging app with a direct line to Guardian journalists. How to use 911 or special numbers when you're not feeling well.

For one, ease of access. Say you’re trying to break a story, who are you going to message with signal? Because you’re going to need to get that contact info somehow right?

Snowden is permanently stranded in Russia. That’s not exactly a great example of an anonymous source.

Except that signal is blocked by many companies Mobile Device Management. The one that don’t can typically see who has the app installed. This provides a new clever way to maybe whistleblow

It's called traffic analysis

Say you’re trying to break a story, who are you going to message with signal?

...The Guardian?

Because you’re going to need to get that contact info somehow right?

Use your browser? These are strange questions.

Snowden is permanently stranded in Russia. That’s not exactly a great example of an anonymous source.

Did you notice that I used the past tense?

Use a different device? Use Molly? Use any number of other apps? What's to stop the MDM from blocking The Guardian app?

It's called encryption

Packet data has headers that can identify where it's coming from and where it's going to. The contents of the packet can be securely encrypted, but destination is not. So long as you know which IPs Signal's servers use (which is public information), it's trivial to know when a device is sending/receiving messages with Signal.

This is also why something like Tor manages to circumvent packet sniffing, it's impossible to know the actual destination because that's part of the encrypted payload that a different node will decrypt and forward.

I run a cryptography forum

Encryption doesn't hide data sizes unless you take extra steps

Yeah this is insanely good