alt Hacker News> Signal's default setup is more usability focused while supporting E2E
If images/attachments were e2ee, this problem probably wouldn't exist, right? or are the images on cloudflare encrypted?
Edit: I should clarify. I didn't mean the encryption itself fixes the problem, but rather that: If this were handled like the text messages we send (not via cloudflare CDNs) then this wouldn't exist. I get that attachments are quite some bytes bigger than text but shouldn't the security guarantees be the same?
Replies
From what I know* (heavy on the asterisk there), they are. I'm guessing at their setup at this point, but it sounds like the "large" data is probably being stored (while encrypted) in a different way / separately than the messaging. Since it's supposedly E2E (not gonna pretend I've hand verified it), it's decrypted on the device, but it needs to be grabbed in the first place from said separate place.
So, I'm guessing the images are encrypted where they're stored. And from his post it sounds like it doesn't happen with the messages, so the motivation for using CloudFlare probably is around egress pricing, or they could be using CloudFlare R2 for storage as well.
I actually also wondered about this because if Signal does not encrypt attachments and delivers them via CloudFlare and that would suck as CloudFlare could just look into all them.
It seems that signal is indeed encrypting all attachments and therefore the encrypted attachments are cached and served via CloudFlare.