Miguel-Signal
commented
1 year ago Hey, @zephirotalmasy,
In order to provide a globally accessible, reliable, and high-performance service for the millions of people around the world who depend on Signal, it's necessary for Signal to set up servers all around the world too. Having a geographically distributed network of servers is particularly important for end-to-end encrypted voice and video calls because latency can result in audio delays or degraded video connections that can quickly make the app unusable for real-time communication.
One of the hallmarks of end-to-end encryption is that it assumes that servers cannot be trusted and that internet connections might be monitored. Signal was designed accordingly. Because every message and every call in Signal is always end-to-end encrypted and secure, we can provide a globally accessible service that uses infrastructure from a variety of different bandwidth and hosting providers.
As much as we would like the world to be different, Signal is a nonprofit organization, and it is neither feasible nor realistic for Signal (or most high-availability tech) to maintain its own independent network of data centers in dozens of countries.
Instead, Signal places end-to-end encryption and privacy-preserving technology at the heart of everything that we do, which lets us use globally-distributed providers like Amazon Web Services, Cloudflare, Google Compute Engine, Fastly, Microsoft Azure, and other hosting services. Like Signal itself, these data center and infrastructure providers can never see or access the contents of any end-to-end encrypted messages or calls. To anyone but the sender and recipients, what’s stored on the servers is just blobs of indecipherable ciphertext.
In your case, the notifications that you're seeing in the appFirewall app correspond with connections to some of the virtual private servers that Signal has deployed on Google Compute Engine. These virtual servers are set up and configured by Signal, and because they are running on Google Compute Engine, we can take advantage of their fast networking hardware, fiber optic cables, bandwidth peering agreements, and other large-scale infrastructure features that we couldn’t afford to build on our own. Signal connects to these calling servers via their IP address, but appFirewall appears to perform a reverse DNS lookup in order to return a hostname. The default reverse DNS entry for every server on Google Compute Engine is <reversed-server-ip>.bc.googleusercontent.com, just like in your screenshot.
It's important to reiterate, however, that every message and every call in Signal is end-to-end encrypted. The servers that support voice and video calls in Signal cannot do anything other than route encrypted packets from one place to another, which helps people benefit from low-latency, end-to-end encrypted, and private communication no matter where they live, in ways that would otherwise be impossible.
I hope this was helpful, and we really appreciate the feedback, and the information you shared with us about how other people with jailbroken phones who are using the appFirewall app may be experiencing Signal right now. Given that this isn't a bug in Signal, we'd encourage you to post on our Community Forum if you'd like to continue the discussion or if you have any other questions.
Bug description
Please review the full issue description as provided on apple.stackexchange.com and crypto.stackexchange.com.
Steps to reproduce
Actual result: Describe here what happens after you run the steps above (i.e. the buggy behaviour)
Signal will request a firewall exception to allow communication with a gougleusercontent.com website.
Expected result: Just, not trying to disclose any metadata to anyone, especially not Google.
Screenshots
Device info
Device: iPhone 11 Pro, U.S. 64 GB on Verizon LTE
iOS version: iOS 14.3
Signal version: 6.22.0.9
Not a crashing bug, no crash log.