Yes, I read it. Information about your IP address is leaked, as that's how Cloudflare routes you to a given datacenter.
And I strongly disagree that being able to uncover somebody's rough geographic location is not a privacy problem.
I wouldn't be surprised if this, for example, lets you deduce if somebody is currently home, at work, or commuting (as all three ISPs might be hitting different Cloudflare datacenters). That's not information everybody is comfortable broadcasting to the world.
> Privacy isn’t an optional mode — it’s just the way that Signal works. Every message, every call, every time [1]
While I don't consider this a critical bug requiring an immediate technical remediation from Signal, this should definitely be either fixed or called out in the documentation at some point.
Weather predictions are the weather channel's entire brand, but people understand the concept well enough to know that this doesn't mean it's infallible. There is a limit to how many warning stickers we need in the world. If you want to rely on a particular feature, maybe check that the product supports said feature. Signal does encryption, not onion routing
And I strongly disagree that being able to uncover somebody's rough geographic location is not a privacy problem.
I wouldn't be surprised if this, for example, lets you deduce if somebody is currently home, at work, or commuting (as all three ISPs might be hitting different Cloudflare datacenters). That's not information everybody is comfortable broadcasting to the world.