A couple of months ago I spent some time reading code from Signal (libsignal, Android/iOS apps, server, etc.) and came across some interesting issues, which I reported to @Security. This post describes the case of the UNENCRYPTED_FOR_TESTING hardcoded username in Signal's TLS Proxy implementation, a debugging-only feature that could be 'exploited' (though the impact is very limited) in Signal for Android. So, what happens when an active actor tries to block your connection to Signal’s servers? Signal offers different alternatives, including community-supported Signal TLS Proxies. The Signal TLS Proxy Signal provides plenty of information on how , and when , to use a Signal TLS Proxy. Signal TLS Proxy is a simple relay proxy implemented using nginx and ‘ssl_preread’. Depending on the received SNI, nginx will relay the connection to the specific server. https://github.com/signalapp/Signal-TLS-Proxy/blob/main/data/nginx-relay/nginx.conf ... stream { map $ssl_prer...