I remember a time when visiting a website that opens a javacript dialog box asking for your name so the message “hi <name entered>” could be displayed was baulked at.
Why does signal want a phone number to register? Is there a better alternative?
Privacy: they know who you are but they don’t know what are you doing/when are you doing. Anonymity: they don’t know who you are.
Session is what you want. But you have to directly shares each others public keys to connect
There is a lot of FUD here. It’s just like anti-vaxxers claiming vaccines make you autistic or have microchips in them: they don’t understand what they’re talking about, have different threat models, and are paranoid.
Messages are private on signal and they cannot be connected to you through sealed sender. There have been multiple audits and even government requests for information which have returned only the phone number and last connection time.
Messages are private on signal and they cannot be connected to you through sealed sender.
No. Signal’s sealed sender has an incoherent threat model and only protects against an honest server, and if the server is assumed to be honest then a “no logs” policy would be sufficient.
Sealed sender is complete security theater. And, just in case it is ever actually difficult for the server to infer who is who (eg, if there are many users behind the same NAT), the server can also simply turn it off and the client will silently fall back to “unsealed sender”. 🤡
The fact that they go to this much dishonest effort to convince people that they “can’t” exploit their massive centralized trove of activists’ metadata is a pretty strong indicator of one answer to OP’s question.
So, they do not need our phone numbers but they still demand it.
Despite this, escaping WhatsApp and Discord, anti-libre software, is more important.
Privacy ≠ Anonymity ≠ Security
They implemented an alt method IIRC but you must go out of your way to search and find it. I just recall seeing a bunch of post headlines about using email or something like that a year or so back.
They send an initial SMS message that is a main expense and funded by some rich person and donations. I think that has some significance to encryption or something but I’m not sure of the details. I could be wrong on that one, it has been years since I read the details.
Your wrong, except the rich person part. That rich guy is the WhatsApp founder, who got the money by selling their users to Facebook.
Everything is a balancing act. Privacy, anonymity, and security aren’t the same things. They’re sometimes, and in some aspects always, difficult to achieve without compromising one of the other two.
When you add in the goal of quick, easy setup to make the service useful in the first place. Doesn’t matter how good the service is at the trinity if nobody is willing to use it. Signal just errs on security first, privacy second, anonymity third.
Spam prevention
And discovery.
It’s not an argument. Think about regular mobile numbers, are they preventing spams? No.
Are you seeing spam on signal? Do you even know why spam is possible on phone networks and what the difference is between phone networks and the internet?
Because Signal has a low user base. Why Spam on Signal, if you can reach everyone with an SMS?
I don’t know what is spam for you, but when you get three message requests from three girls respectively named Tania, Clara and Ella that are contacting you about you carrier or your management skills, I call it spam.
The way that Signal integrates phone number is odd because it opens up the spam door. O understand why Signal use phone numbers this way (to make “normies” adopt Signal more easily like WhatsApp would do) but it not the best to kind of contaminate the network with the traditional cell network
The point, I believe, wasn’t about spam but likely got derailed. It was probably about the phone number requirement being unnecessary. I’ll just add that even if it is, it’s a measure geared towards common users that often need to recover access to their accounts through means they’re already familiar with, as is a verification SMS. It’s not the safest nor the most private, but it’s easier to deal with for most people. Whoever wants something that doesn’t depend on a SIM or eSIM should try Briar and SimpleX. None of these will be a perfect solution for every single person though.
What kind of spam are you talking about
Scams, girls wanting to chat with you, incredible money opportunities…
It’s focused on ensuring there is no middleman between you and the other party, but it does not have a goal to provide anonymous messaging. Sadly.
THATS WRONG! Signal Server can just do a man in the middle as you try connecting to your contact for the first time. You need to verify the fingerprint manually which is not very obvious and present in the UI. In SimpleX.chat you automatically verify the fingerprint, as its the way to establish the chat to your contact and is included in the way you distribute the contact to you.
no middleman
Signal is not P2P
No but it’s e2ee.
Of course. Sorry, but I meant no middleman as in minifying the role of the server in your messahing. Signal’s goal is to ensure the server cannot have access to your messages and its only role is to receive and send data.
Signal IS the middleman.
If you want to be mainstream a) you can’t have spammers, scammers, and all the other scum of the earth and b) finding your contacts in the app HAVE TO be plug and play. Literally no normie will bother adding with usernames or whatever.
finding your contacts
Wrong, it is not optional, does not stop spam and the worst way to try.
Do not let this derail us. Escaping to libre software is the best return on investment.
Do not let this derail us.
Nothing is derailing you personally. Why are you repeating this to others?
I believe you can delete your phone number once you’re up and running, but yeah that seems like an anti-feature.
I see an option to change it, not delete. It’s still attached to a SIM card which requires identity verification in many states.
You’re right. That is odd.
When anyone get a copy of your data, nothing will bring it back.
I’m sure that just sets the database column
hide_phonenumberto TRUE.
Privacy ≠ anonymity
Our numbers are not private from Signal. Do not let this derail us. Escaping to libre software is the best return on investment.
It’s libre software. Go host the server and change the clients to connect to your custom server and distribute to the users you need.
edit: nvm i re-read what you wrote
i agree it does mostly fulfill the criteria for libre software. perhaps not in every way to the same spirit as other projects, but that is indeed a separate discussion.
h̶o̶w̶ ̶m̶a̶n̶y̶ ̶c̶o̶m̶m̶u̶n̶i̶t̶i̶e̶s̶ ̶a̶r̶e̶ ̶d̶o̶i̶n̶g̶ ̶t̶h̶a̶t̶ ̶r̶i̶g̶h̶t̶ ̶n̶o̶w̶?̶ ̶i̶ ̶s̶u̶s̶p̶e̶c̶t̶ ̶y̶o̶u̶ ̶m̶a̶y̶ ̶b̶e̶ ̶d̶r̶a̶s̶t̶i̶c̶a̶l̶l̶y̶ ̶u̶n̶d̶e̶r̶s̶t̶a̶t̶i̶n̶g̶ ̶t̶h̶e̶ ̶b̶a̶r̶r̶i̶e̶r̶s̶ ̶f̶o̶r̶ ̶t̶h̶a̶t̶.̶ ̶b̶u̶t̶ ̶w̶o̶u̶l̶d̶ ̶b̶e̶ ̶d̶e̶l̶i̶g̶h̶t̶e̶d̶ ̶t̶o̶ ̶b̶e̶ ̶p̶r̶o̶v̶e̶n̶ ̶w̶r̶o̶n̶g̶.̶.̶.̶
The barrier is that only you and your friends would be using that Fignal or Xignal or whatever home installation, and for that practically, for ease of use, it’s simpler to host Matrix which even a complete idiot can do.
You could change it to use multiple servers but changing app is faster.
So, escaping WhatsApp and Discord, anti-libre software, is the most important part.
Agreed, escaping WhatsApp and Discord is the most important part.
How? i wanted to do that but the client doesn’t let you use another server? Host file ?
Are you saying I have to literally rebuild and distribute my own client APK if I want to use my own server? There’s no “settings” in the existing client where you say what server you want to use, like every email client has? That sounds obnoxious.
If you don’t trust Signal to run an unmodified server without malicious modifications, then why would you trust their build of the APK?
To truly be safe from Signal’s influence you would need to audit the source code and build it yourself.
Personally I have no problem using Signal’s servers
To truly be safe from Signal’s influence you would need to audit the source code and build it yourself.
Usually I only install APK’s from F-Droid, which always builds its apps from source, rather than using the developer’s APK. I’m uncomfortable that Signal doesn’t seem to be on F-droid, and I’m in fact hesitant to install it from anywhere else. I’m not currently set up to build Android apps myself. I’m a fairly unsophisticated Android user.
You can use Obtainium and get it straight from Github.
Signal on Android has had reproducible builds for years now.
Sources: Github Readme, Official blog post
Thanks. I’m not a sophisticated Android user and so far have just stayed with installing stuff from F-droid. If the official build matches the F-droid build, that’s great. At some point I want to spend some time bringing up Android build tools, but I have too much other stuff going on right now.
I just checked and I installed Signal from F-Droid.
It says Repository: Guardian Project on the app page.
Interesting, I wonder why it’s not in the main F-droid repo. Thanks.
One of the design goals is that they don’t have a user database, so governments etc can’t knock down their door demanding anything. By using phone numbers your “contacts” are not on their servers but local on your phone.
That’s WRONG they have a Database of every Phone number registered to them and metadata like the last time they logged in. You send all your contacts numbers to signal so they can respond who is also using Signal.
During registration they want a phone number to send a verification code. I know I am me. They don’t need to verify that.
They do. Otherwise anyone can register with your phone number and start messaging as if they were you.
If you want more privacy you’d need something like Simplex.
They need to verify using a phone number because otherwise other people could sign up using your phone number and pretend to be you? What?
They can only sign up using your phone number if they do require a phone number. If they didn’t ask for a phone number then how would people sign up using your phone number?
Signal’s internal identifiers are, of course, not phone numbers. And you can download their server and host it without requiring phone numbers for registration. Just they simply can’t afford it, they need to prevent bots from registering and sending messages somehow. A group message is stored in Signal as many times as there are group members, for example.
… but why require numbers in the first place.
But your phone number is, and thus every agency can get your full name and address and location.
and then every phone number on your phone by arresting you and searching your phone.
This sounds like it’s a problem no matter what method of communication you use, unless you keep no address book and memorize everything.
Nope
Yes but only yours. That’s still better and only having to knock on one door to get everything.
You are not the only person using Signal.
If I’m the target, then this is enough.
Bots. If it makes you feel better, you can disable other people finding you via phone number and just give them your username. All messages are private.
But the police request the meta data of all messages from your phone number that the company has and they’re required by law to give them it.
You should go properly read the requests from law enforcement they have received and exactly what information it contains. It’s public. Then evaluate if it matters for yur threat model. Security doesn’t exist in a vaccum.
These are all the court orders Signal has complied to and details all the information they give up
https://signal.org/bigbrother/
TLDR; they only give the last time the account connected to Signal servers and the time of account registration or re-registration
Secret sender stops any real amount of information about messages being connected to you
Its encrypted
Messages are e2e encrypted. Metadata is not encrypted.
Edit: I feel the need to qualify this statement. Metadata about your connection may be encrypted at rest but is decryptable given that signal is released metadata to authorities with a warrant/subpoena.
Yes it is. Signal isnt PGP email. A lot of work went into protecting metadata.
what? can you show a source? I think you mixed it up with Matrix
People told you a few times to go look for yourself what Signal can give away. Its protocol descriptions are pretty understandable.
The whole bloody reason it’s always recommended is because it’s absolutely the best thing in terms of yes, encrypting metadata. It’s state of the art, level above that bullshit you’re thinking.
Unfortunately, that also means that hosting it takes lots of resources, which means they have to screen bots and mults somehow. Phone numbers are one way. Paid accounts are another.
Phone numbers are one way. Paid accounts are another.
Rubbish. How would this stop bots? Bots are created to make money. What makes you think creators don’t have a phone number, or be prepared to pay to spam.
Phone numbers cost money, which means they’re not easy to create in bulk, and therefore banning or blocking spam numbers is much easier than if it was open sign up.
One account per phone number versus infinity of accounts without.
signal accounts… signal accounts everywhere!
They can “request” it all day long. Signal doesn’t store them beyond the time needed to deliver to the end user device, and while (temporarily) stored, it’s encrypted in a way Signal’s service cannot read.
The phone carrier at least here in the US is required to store the call data for 18 months, according to the one that I use.
What does that have to do with Signal?
The claim is that Signal’s phone verification step doesn’t cause privacy problems because Signal (purportedly) doesn’t retain the phone numbers after verification. That claim is falsified because the phone carrier stores the call record even if Signal doesn’t. They store it because of the same law that makes them turn it over to Big Brother on demand. The phone verification step is, therefore, a privacy problem. Obviously there are similar issues with IP routing, but at least I can use a VPN with an endpoint in another country.
The “record” is a SMS verification code. All that will tell the government is that you registered for Signal, nothing else.
Telling the govt that you registered for Signal sounds like a bad failure as far as I’m concerned, e.g. if you are a user in a repressive regime. Do you think Trump would like to get his hands on a list of all the Signal users in the US? Probably yes. What would he do with the list? IDK but it has to be bad. So it should be an objective of Signal to make it impossible for anyone to create such a list.
Anyway, it sounds like Signal has wised up and is getting rid of the phone number requirement. I don’t understand why people here keep defending the misfeature. I’ve heard such things explained as “system justification” but I still don’t understand it. All of us make poor decisions all the time, but we should at least make some effort to recognize them, and fix them when possible.
No, that wasn’t the claim. Phone numbers are used for sign up, but the post’s OP was talking about messaging meta data. Messaging meta data doesn’t go through your carrier and is encrypted.
If you check the publication of signal’s cases where they had to hand out data, and in reverse the FBI leak that listed analysis of all messenger apps by what data they were able to acquire in most cases, Signal came out as one of the top options.
Oh I see what you mean. But a big enough data dump from the phone carriers identifies all of Signal’s users, not good.
huh? so the phone number is encrypted in a way that can’t be read, but an sms is sent to the phone? … a separate company sends the text on behalf of signal? so that separate company logs the phone number, the timestamp and who knows what else.
Signal doesn’t use SMS anymore, and all messages are sent over encrypted Internet protocol. Any servers in between won’t see the phone number, it’s not needed to deliver the message, it’s using an IP address at that point and the entire message metadata is encrypted. Signal is the only one that can see the phone numbers, which they use to identify multiple clients as a single user and route messages accordingly.
What are you on about right now? I don’t mean that sarcastically, I really am wondering what your concern is. Are you concerned that because your phone number is associated with Signal that police will know you use Signal?
Signal doesn’t use SMS at all, once you have enrolled. The phone number is used to validate people and exclude bots, during registration. As others have noted, you can hide your number from other users, as well.
Signal is not perfect but we control its app, libre software. See SimpleX Chat.
First, we must defeat WhatsApp and Discord.
Why we need to defeat those first? We can go straight to SimpleX?
What SimpleX, Signal, or any app like this need first and foremost is traction, as new users generate more new users. One of Signal’s goals is usability (usually achieved by being simple, as in no complexity for the end user). In my opinion SimpleX lacks that. This is the same reason Signal needs a phone number: populating your contact list with users already on the platform
reason Signal needs a phone number: populating your contact list
Wrong, it is not optional.
Do not let this derail us. Escaping to libre software is the best return on investment.
You can go to Simplex (for sure a lot of people here already done it) but if only privacy nerds get to this place this is not a great solution. We (I’m talking about us using Lemmy and chatting on SimpleX) must convince people, starting by friends and family to stop using these fucking socials then at this point SimpleX will be considered as a viable alternative
Because the entire point of using communication programs is to communicate with people other than yourself.
Do not let this derail us. Escaping to libre software is the best return on investment.
My conspiracy theory brain goes:
Its funded by the government.
Yes, the messages themselves are encrypted, but they don’t need that, they have access to all the useful metadata.
They can find everyone near the site of a protest (via cell tower data), then find their signal accounts, then see who they are contacting, potentially revealing who the the other protestors and protest organizers are.
And if you need access to the messages, they don’t need to crack the encryption, they could just send pegasus to your phone (and they already have you phone number to do so), and they’ll have access to every message.
Then they just find those other protestors, also send pegasus to their phones.
I mean, the Signal code is technically legit, they just used a side channel (zero day exploits) to gain access.
But this is just a theory, I don’t have any evidence supporting this hypothesis.
Seems like a lot of unnecessary steps there
What are you doing to help others escape WhatsApp, anti-libre software?
Obviously Signal is the lesser evil, but don’t use Signal if you are planning a revolt is what I’m saying.
Obviously Signal is the lesser evil, but don’t use Signal if you are planning a revolt is what I’m saying.
or if you’re the US’ secretary of defense and you’re going to bomb Houthis
🤷
🤣 Absolute shitshow lmfao. Signal is not approved for war communications, that was a security breach (not to mention, adding the journalist), and he risked jepardizing his entire mission.
But on the other hand, having such incompetent fascists is a good thing for the resistance.
Put that at the start. This is c/privacy, not c/revolt.
They don’t need Signal to do any of this though, so this doesn’t seem like a very plausible theory.
True, they don’t exact need signal. But the thing with exploits is that, once found, they would be patched and they can’t use the same exploit again. So they can’t just be sending everyone in the country Pegasus. That would make it easier for it to be detected.
So with Signal’s help, they have a easier time to select a few targets. They can find out who is using Signal, and correlate that with other data like being near a protest site. Then they only need to target a few Signal users, instead of like sending Pegasus to 5000 protestors, they could find out that everyone is talking to this “John Smith” person, then send pegasus to that user and obtain a lot info And since its only few users being infected, its less likely for the fact that the conversations are comprpmised to be known.
I mean, without requiring phone numbers for Signal, they would have a harder time knowing who is using Signal, and they would end up having to infect all 5000 phones in the protest area, which mean now its much more likely for the spyware to be detected. With infecting just a few of the organizers, their spying can remain undetected for a long time.
As for everyone else not using Signal, they are likely to be using unencrypted messaging, so its not even necessary to infect their phones.
Why can’t they send Pegasus to everyone?
If they can create a fund and invent Signal, they can just make Pegasus part of AOSP and have every manufacturer be forced to install it silently
They could, but again, its easier to detect.
But if we are already under the assumption that Pegasus is so sophisiticated that it’s un-detectable. Its possible all this privacy talk is futile and they already have access to every device, which means Graphene OS is also pointless.
I honestly don’t know. If you are planning any anti-government activities, the only way to be totally safe is to not carry a smartphone (and obviously wear a mask to conceal your identity and all that) and use One Time Pad encryption and deaddrops for communications.
This is what the UK police do with WhatsApp data. Even though they can’t read the messages, they do use the connections of messages to suspicious characters as evidence including date and times, which also puts these other people in the spotlight, opening further investigations.
The UK police can also use ‘stinger’ devices that are “fake” mobile data towers to intercept mobile communications.
Your theory sounds legit
