> Since communication is done via TLS all the way to GIPHY, the Signal service never sees the plaintext contents of what is transmitted or received. Since the TCP connection is proxied through the Signal service, GIPHY doesn’t know who issued the request.
> While this does hide your IP address from GIPHY and your search terms from Signal, there are some caveats. The GIPHY service could use subtleties like TLS session resume or cache hits to try to correlate multiple requests as having come from the same client, even if they don’t know the origin.
> Since communication is done via TLS all the way to GIPHY, the Signal service never sees the plaintext contents of what is transmitted or received. Since the TCP connection is proxied through the Signal service, GIPHY doesn’t know who issued the request.
> While this does hide your IP address from GIPHY and your search terms from Signal, there are some caveats. The GIPHY service could use subtleties like TLS session resume or cache hits to try to correlate multiple requests as having come from the same client, even if they don’t know the origin.
edit: more here https://signal.org/blog/signal-and-giphy-update/
previous discussion: https://news.ycombinator.com/item?id=12853248