I use Signal for the vast majority of my texting, which is great. I use it for some calls, and I’d like to use it for more, but I find the performance hit and miss with latency sometimes being an issue.
It occurred to me recently that, hey, VPNs add latency. Mullvad is wonderful but it may be worsening the latency issues. I’ve definitely noticed way more latency any time I turn on multihop, but even with single hop it’s hit and miss. Luckily Mullvad offers split-tunneling on desktop & Android.
Are there any meaningful privacy ramifications to running Signal outside of my VPN via a split tunnel?
All I can think of are:
Signal will get my ‘real’ IP address which, if I’m trusting them anyways, shouldn’t matter.
My ISP / cell carrier will see activity to Signal which, in theory, should all be encrypted and inaccessible.
Is there anything else I’m missing?
I wish I could tunnel JUST encrypted calls outside of the VPN but alas. Maybe split-tunneling won’t even help; I’ll have to do some A-B testing to find out. But I’d love Signal calls to be more dependable so I’d have to fall back to unencrypted calls less often…
To the second point, if you are concerned about being physically tracked by local adversaries, a computer on local public wifi networks that only connects to a VPN provider and Signal will be pretty unique.
This is a pretty niche scenario that probably doesn’t apply to most people. I just want to point out that it isn’t only your ISP with the metadata about your traffic, but also any people on the same network as you. Only using your home network or cell network could mitigate this risk.
If you’re on Android, then split tunneling is not the way to go because you will have to disable the killswitch. You need to put Signal in a different user profile or private space that doesn’t have a VPN.
If you’re on iOS, VPNs are leaky anyway, so there shouldn’t be any problems with excluding Signal from routing through a VPN.