I don't agree with the 200-bit estimate. Usernames will typically not be random and will have much less entropy.
Either way, I was not talking about brute-forcing a single username. What I suggested was that Signal could loop over the space of all possible usernames. Every other name would be a hit (i.e. exist) and reveal the account ID, possibly even the phone number, of that user.
Hell, couldn't regular users do the same? The blog post at least doesn't mention anything about rate limits when probing usernames.
Either way, I was not talking about brute-forcing a single username. What I suggested was that Signal could loop over the space of all possible usernames. Every other name would be a hit (i.e. exist) and reveal the account ID, possibly even the phone number, of that user.
Hell, couldn't regular users do the same? The blog post at least doesn't mention anything about rate limits when probing usernames.