Just realized my encrypted messaging app was leaking metadata in a way I never noticed

Last Tuesday I was checking my Signal backups on my laptop and saw that the timestamps basically told someone exactly when I talked to my lawyer last month. I mean, the messages themselves are secure, but the metadata from my chat logs gave away a ton of info. I spent an afternoon turning off all the extra data sharing options and deleting old backups. Has anyone else found hidden metadata leaks in their privacy tools that caught them off guard?

2 comments

2 Comments

gavin_kim320d ago

Yeah the metadata problem is worse than most people realize. Signal's pretty good but those timestamps and contact lists can still paint a clear picture of who you talk to and when. I found similar stuff in my old Telegram backups that basically showed my whole social graph.

fiona_sullivan2920d ago

That timestamp thing is EXACTLY what bugs me about it. Did you look at whether the metadata from backups also included the duration of your calls or just the raw timestamps? Because I found on my own setup that even deleting the backup file didn't fully wipe the cache on my phone - there were leftover fragments in the app's local storage that still showed the time and contact info for calls from weeks ago.