In other words, no one (whether nefarious actors, or even Signal itself) will be able to access that data, at least theoretically. To accomplish this task, it’s utilizing an Intel processor feature known as Software Guard Extensions, or SGX. Originally designed for DRM, the tech essentially allocates a “secure enclave” in a processor that is kept isolated from the rest of a computer’s operating system. The code running in that enclave is designated a unique key that only Intel can control.
In the case of the app, SGX will be fitted to Signal’s servers. That way, when your contacts pass through the them, they’ll also be kept in this secure enclave for processing, and will vanish afterwards. If the test feature works as it should, Signal will basically be kept out of your information — as will everyone else. The feature is expected to roll out over the next few months, once the test run is out of the way.
Although the new option sticks to Open Whisper System’s privacy commitments, it is still in its early stages. And, as Wired reports, the server-side use of SGX is relatively untested. To ease concerns, OWS is making the private contact discovery service open source, allowing the security community to nitpick it for possible exploits. All the crypto heads out there can get the low-down on the tech by reading Signal’s blog post.
