[HN Gopher] Keep your phone number private with Signal usernames
___________________________________________________________________
Keep your phone number private with Signal usernames
Author : Josely
Score : 749 points
Date : 2024-02-20 18:01 UTC (4 hours ago)
(HTM) web link (signal.org)
(TXT) w3m dump (signal.org)
| superkuh wrote:
| Now that moxie is no longer there how about getting rid of the
| requirement for personally identifying phone numbers as IDs at
| all?
| thrtythreeforty wrote:
| Out of the loop: what happened to Moxie?
| monetus wrote:
| I hope someone corrects me if I am wrong, but around two
| years ago he backed out of any responsibilities (ceo) after
| he bundled mobilecoin into the app.
| nlitened wrote:
| Does it mean that he just cashed out this way?
| monetus wrote:
| That that was his intention is the impression he left,
| with people like me at least - a quick glance shows its
| price only went down after he stepped down. Who knows how
| much he has invested/made - \ _ ( tsu ) _ / - I don't
| hold it against him if he is a true believer. I feel like
| integrating it makes as much sense as Twitter becoming a
| payment processor, but hey.
| evbogue wrote:
| Moxie is currently completing New Year's resolutions that his
| friends have assigned him: https://moxie.org/stories/year-of-
| the-challenge/
| HumblyTossed wrote:
| I'm a huge fan of Signal, but I'm disappointed that this still
| means that I cannot have the same account on two phones (work and
| personal).
| nwsm wrote:
| Would signing into Signal on a work device not negate most of
| the security benefits of using Signal? Genuine question; I am
| only vaguely familiar with Signal.
| fsflover wrote:
| You should be able to choose your own threat model.
| growse wrote:
| You can. There's a plethora of e2e messaging apps out there
| all catering to different threat models.
| HumblyTossed wrote:
| I'm not a CIA operative, so, I'm willing to take that risk.
| izacus wrote:
| No.
| Vinnl wrote:
| The interesting thing is that it _is_ possible to share the
| account on multiple devices, as long as only one of those is a
| phone. You can sign in to and chat from that account just fine
| on the desktop app, even if your phone is off.
|
| (I guess theoretically you could run something like
| PostmarketOS on a phone to run the desktop app, but you know
| what I mean.)
| HumblyTossed wrote:
| My current work-around is just to use a group chat and have
| both work and personal accounts part of the chat.
| Fortunately, I only need to be able to chat with a few people
| (family) while off with the work phone so this isn't that big
| of a hassle, but it's something I wish I didn't have to do.
| sgarman wrote:
| Yeah, this is still my top requested feature. I have two
| phones, one is data only sim. I just want to be able to
| signal from both of them just like how I can on my mac and
| PC.
| busymom0 wrote:
| > as long as only one of those is a phone
|
| Do you know why this limitation?
| Vinnl wrote:
| Unfortunately I don't. If I were to guess, I'd expect it's
| just a matter of the engineering hours that would need to
| be invested not being worth it at this time, given how few
| people they expect to need it.
| JoshTriplett wrote:
| That's useful but not quite sufficient for this use case,
| though. The different devices currently have no way to sync
| chat history, so you'd lose all your old chats.
|
| What I'd love to have is the ability to connect my phone and
| my laptop to the same Signal account, have them automatically
| sync chat history between each other, and then in the future
| if I add a new phone (e.g. because I've upgraded) my phone
| can sync from my laptop and get all of my message history.
| jcul wrote:
| Yeah, would like this too.
|
| Whatsapp added this recently and it is very convenient. You can
| link a companion device in the same manner you sign into
| WhatsApp web.
|
| A kind of hacky workaround (that I used to use for both signal,
| WhatsApp and others) is to set up a server with matrix bridges
| running and bridge your signal, WhatsApp etc. so then you can
| install the one matrix client on all your devices.
|
| But as most apps do support multiple devices these days, bar
| signal, it doesn't feel like it's worth the effort. And I seem
| to remember the signal bridge in particular being a little
| buggy.
| imkh wrote:
| I'm sure it will become possible soon. The code is already
| there on iOS, as the app also work on iPad, but hidden behind
| the internal feature flag [0]. Same with Android [1]. If your
| second device in an Android, you can already use it now with
| [Molly](https://github.com/mollyim/mollyim-android).
|
| Also, WhatsApp recently added this feature, so the expectations
| from potential new users who switched is now there.
|
| [0] https://community.signalusers.org/t/allow-android-ios-
| device... [1] https://community.signalusers.org/t/allow-
| android-ios-device...
| Vinnl wrote:
| > Note that even once these features reach everyone, both you and
| the people you are chatting with on Signal will need to be using
| the most updated version of the app to take advantage of them.
|
| > Each version of the Signal app expires after about 90 days,
| after which people on the older version will need to update to
| the latest version of Signal. This means that in about 90 days,
| your phone number privacy settings will be honored by everyone
| using an official Signal app.
|
| Which is also an example of a challenge for open ecosystems where
| everyone can create apps.
|
| I understand that it doesn't outweigh the benefits to everyone,
| but it is a valid reason.
| vlovich123 wrote:
| Protocol ratcheting, but 90 days would be quick if there's a
| lot of apps.
| LoganDark wrote:
| Does this mean the protocol still exposes your phone number and
| it's hidden only by the client side?
| varenc wrote:
| The answer is almost certainly no. It means the old APIs that
| expose phone numbers will stop working in 90 days. And old
| clients along with them.
|
| I have not investigated this at all, but I have enough faith
| in Signal/Whisper Systems to be optimistic.
| londons_explore wrote:
| The way they say "privacy settings will be honored by
| everyone using an _official_ Signal app. " kinda suggests
| they're gonna let third parties keep getting this info...
| contact9879 wrote:
| They won't. It'll be similar to message timers or delete
| for everyone. You can revoke sharing your number and it
| will be hidden in official apps but third party apps
| won't magically forget the number that was previously
| shared. However if you choose not to share your number
| from the start, no one will be able to see your number.
| hot_gril wrote:
| Found out the hard way that the old versions do stop
| working. You don't even get message notifications if your
| app is out of date.
| jcollins1991 wrote:
| Yup, I was on an international trip with hardly any data
| allowance when all of a sudden my messages stopped
| sending, and I couldn't receive any new ones... That'll
| never happen with SMS. I love Signal, but some of their
| product decisions have been questionable.
| hot_gril wrote:
| Their decisions seem right for the use case of a secure
| messaging app, but I don't care about that use case and
| would rather use a non-e2ee app that'll be reliable, not
| lock me out, and work seamlessly across devices. Also,
| for those who truly care about e2ee, it's pointless if
| you aren't checking all the safety numbers out-of-band.
| freedomben wrote:
| Yes, this is a compromise on the CIA triad. It prefers
| integrity and confidentiality over availability.
|
| That is a fine decision to make for a security-minded
| app, but signal has always presented themselves as a full
| alternative to SMS and other messaging systems where
| availability is prioritized over confidentiality and
| integrity. It should really be made more clear so that
| users are making an informed decision. They could also do
| wonders for the user experience by having the app inform
| the user of the problem and how to remedy it.
| hot_gril wrote:
| Yeah, but I wouldn't call SMS super available either
| since it relies a lot on the ends too. Had a lot of those
| drop when I traveled. Something like Facebook Messenger
| has a whole server storing messages, so it's solid,
| you'll receive them later even if your phone breaks.
| hot_gril wrote:
| Hackers can always create apps.
| verandaguy wrote:
| This is a common, but terrible argument. Anyone can (mis)use,
| make, or weaponise technology given enough time and funding.
| Following this reasoning to its logical extreme, nobody
| should ever do anything.
|
| The problem something like this solves is to raise the bar
| somewhat and discourage a fraction of those who would.
|
| Done right, that fraction will be significant.
| hot_gril wrote:
| It's not a big expensive task to look at what data an app
| is sending/receiving. Anyone with minimal reverse-
| engineering skill will know how to intercept HTTPS to/from
| their own phone in 5 minutes. Signal uses some other
| protocol, but it's also doable, also it's open source
| anyway.
|
| The conclusion isn't that Signal should be closed-source,
| it's that Signal's servers should not trust the clients not
| to be tampered with. So after 90 days, they will remove
| phone numbers from the protocol for users who have hidden
| them, breaking old clients, which is fine. What is the
| alternative solution you're thinking of?
| unethical_ban wrote:
| I wish it were more obvious that Signal expires its apps every
| 90 days.
|
| My mom couldn't receive signal calls on the backup phone I gave
| her. I had disabled auto-updates since apps break UI sometimes
| and she gets confused by things moving around.
|
| When I visited, I opened the signal app and was told I had to
| update.
| KennyBlanken wrote:
| It's patently unforgivable that a message would not be
| delivered because the client is out of date.
|
| The Signal team is incredibly clueless and arrogant toward
| its userbase. It seems to simply not have occurred to them
| that many people rarely/never have wifi, may not be on AC
| power when they are on wifi which means the phone may not
| check for / apply updates, etc.
|
| In the US, cellular is often expensive and slow.
|
| In underdeveloped countries where software like Signal could
| be really important, all this is even more true.
|
| We get shit crammed down our throats to protect the most
| obscure edge cases for the smallest percentage of the most
| vulnerable users - such as not being able to sync messages
| between devices - but then they pull shit like this which has
| a huge impact for people in rural areas and underdeveloped
| countries?
| __MatrixMan__ wrote:
| Delivering a message to a client which is known to be less
| secure than the sender expected it to be is unforgivable.
|
| Refusing to deliver is inconvenient.
| jjav wrote:
| > Delivering a message to a client which is known to be
| less secure than the sender expected it to be is
| unforgivable.
|
| That is inconsistent with the threat model of a messaging
| system!
|
| Inherently, a messaging system will deliver a plaintext
| copy of the message to the recipient(s). Wouldn't be much
| of a messaging system otherwise.
|
| Once you sent something and it was delivered in plaintext
| to the recipient, the information disclosure risk is
| completely out of your control (and out of control of the
| application in use). The recipient is free to leak it
| however they wish.
|
| If you don't trust the recipient to keep it private,
| don't send it.
| eszed wrote:
| Just curious, since I'm not really active in this space,
| but wouldn't the threat model of most concern be that an
| external actor breaks (maybe an outdated version of) the
| app or protocol? This would leak data without you or the
| recipient being any the wiser. It seems like that's the
| threat the app-expiry policy is intended to address.
| jjav wrote:
| You could update the protocol version if and when a
| protocol weakness is discovered and then stop talking the
| previous protocol version after a transition period.
|
| No need to continuously expire apps in the absence of a
| protocol breach.
| Klaus23 wrote:
| We are talking about 85 MB four times a year to keep the
| application up to date and running smoothly. Don't be
| ridiculous.
| vel0city wrote:
| > In the US, cellular is often expensive and slow.
|
| Mint will sell you a plan for 5GB of data for $15/mo. Its
| not that expensive to have a basic cellular plan. And
| that's assuming you're not poor enough to have your
| cellular plan almost entirely subsidized. And also assuming
| you're pretty much _never_ anywhere with wifi.
|
| In the vast majority of markets in the US it'll take a
| minute or less to download, it'll probably take more time
| unpacking on your device and installing.
| gnicholas wrote:
| I have been bitten by this in the past. At least now they
| give warnings in-app that the app will expire soon. But if
| you don't use the app regularly, you wouldn't even know.
| Also, I'm not aware of any other apps that die in this way,
| so it's not like people are in the habit of periodically
| checking the app to make sure they're still on a version that
| can receive incoming messages.
| smt88 wrote:
| Is Signal considered to be (or attempting to be) an open
| ecosystem?
|
| My understanding is that Signal (the app) is private, not
| anonymous, centralized, and closed.
|
| The underlying protocol is open and could be used for an open
| ecosystem, but I didn't think Signal aspired to do that.
| lima wrote:
| The apps and most of the backend are open source too, not
| just the protocol.
|
| The important distinction is that it's not _decentralized_
| like XMPP or email, which is a conscious decision: it would
| become very difficult to change it to add new features and
| they 'd be left behind by closed-source competitors (see:
| XMPP).
| ezst wrote:
| I see that it is a ton of wishful thinking and FUD on the
| side of Signal to claim that: XMPP is alive and kicking,
| has all the features one needs, runs everywhere, at scale,
| offers the same or better crypto, better privacy, better
| resilience and is more sustainable. When Signal will
| inevitably fail/turn against its users/enshittify itself or
| get acquired, all federated and P2P protocols will keep on
| going. For decades. That's the kind of communications
| systems we should be demanding in the present era, nothing
| less.
| kiwijamo wrote:
| Yet I'd wager most HN readers have a grand total of zero
| XMPP contacts. Myself included. Proving the GPs point.
| kaanyalova wrote:
| Both the app and the server is open source
|
| https://github.com/signalapp/Signal-Android
| https://github.com/signalapp/Signal-Server
|
| There are forks like Session which doesn't require a phone
| number to sign up
|
| https://github.com/oxen-io/session-android
| smt88 wrote:
| I understand this, but Signal doesn't attempt to tolerate
| third-party apps on their servers as far as I know. They
| don't support interoperability.
| godelski wrote:
| You can run Signal app forks on the Signal server. Molly
| is a popular one. You just can't create new servers. I
| wish you could, but I get the reasoning of not wanting
| honeypots. But that doesn't stop you from running your
| own network of Signal servers. So I don't see anything
| stopping anyone. I mean Mullvad runs their own stuff and
| I don't see half the complaints about them. I've always
| been curious why Signal is so unique here. If 1/100th the
| people that made these concerns developed a open
| community of signal servers, I'm sure we'd have a viable
| alternative network. What's stopping everyone?
| Vinnl wrote:
| They've described what they're attempting to be here:
| https://signal.org/blog/the-ecosystem-is-moving/
| greyface- wrote:
| The author is no longer CEO, though, and there are a lot of
| "I" statements in the post. Is it still accurate? Has the
| current CEO made any comment on it?
| sdenton4 wrote:
| It's a great encapsulation of why Signal is not
| federated, and, unless you find the current CEO stating
| otherwise, is unlikely to change. Changes like the one
| detailed in the link simply wouldn't be possible to roll
| out efficiently in a federated ecosystem.
|
| Signal has consistently focused on helping /most/ users
| do what they want with the app without sacrificing
| security. This change - away from requiring phone numbers
| - helps plug one of the biggest criticisms, both on the
| security and product side. Nothing about their mission
| requires federation, so I respect that they haven't
| sacrificed their mission in order to do it.
| fsflover wrote:
| Matrix debunked these arguments:
| https://matrix.org/blog/2020/01/02/on-privacy-versus-
| freedom...
| rstuart4133 wrote:
| [delayed]
| rvz wrote:
| > Until now, someone needed to know your phone number to reach
| you on Signal. Now, you can connect on Signal without needing to
| hand out your phone number. (You will still need a phone number
| to register for Signal.) This is where usernames come in.
|
| How about no phone numbers for registration at all?
| fsflover wrote:
| How about switching to Matrix? (I already did and am happy.)
| tptacek wrote:
| Matrix doesn't have the same threat model as Signal, and
| isn't a 1:1 replacement for it. Matrix is great (maybe
| optimal) for things that would otherwise be Slack channels.
| fsflover wrote:
| I don't understand which different threat model you mean.
| Could you elaborate? To me, it's the same: private, end-to-
| end encrypted chat with rooms.
| tptacek wrote:
| Signal:
|
| * Gives the servers virtually no control over
| communications between parties.
|
| * Goes through huge pains to minimize serverside metadata
| storage.
|
| * Is a sealed system end-to-end; the client and the
| server are part of a single coherent design that together
| make promises about privacy and security that apply to
| _every_ user of the system; Matrix is a protocol
| ecosystem.
|
| A good example of this is group messaging: Matrix servers
| control group membership. In Matrix, group membership is
| key management; a Matrix server decides who can decrypt
| your group messages. That's not how Signal works! But I
| don't think anybody seriously thinks Signal is a
| replacement for a large Slack.
| fsflover wrote:
| > * Goes through huge pains to minimize serverside
| metadata storage.
|
| And yet uses AWS:
| https://news.ycombinator.com/item?id=39414322
| tptacek wrote:
| And? It could run on NSA servers and it shouldn't in
| theory much of a difference. (I would not use Signal if
| it ran on NSA servers).
|
| The threat model assumes attackers have maximal control
| of the server environment.
| baq wrote:
| Assume US AWS servers are NSA servers.
| tptacek wrote:
| You get that it's the literal opposite, right? There are
| actual rules, whether you believe NSA follows them or
| not, about NSA interfering with US servers. Not only are
| there _no_ rules applying to overseas servers, but
| interfering with those servers is literally NSA 's
| chartered mission.
| baq wrote:
| I'm not in a position to know anything except unconfirmed
| rumors about the NSA.
|
| Hence my position remains unmoved.
| tptacek wrote:
| Ok! Either way: immaterial to Signal.
| windexh8er wrote:
| For users who want strong security in messaging, yet an easy
| way for anyone to use the platform Signal has a much better
| user experience. Over 95% of my messaging is on Signal.
| Almost none of those users will benefit in any way by
| switching to Matrix. While it's a great ecosystem, it's also
| too much work for people who don't want those features or
| flexibility.
| autoexec wrote:
| For users who want strong security is messaging signal
| should not be considered because they lie to users about
| their risks, and they store sensitive data in the cloud.
| It's easy to use and not a bad chat/IM system, but I would
| never trust it to protect your data.
| tapoxi wrote:
| My parents, in-laws, grandmother-in-law, and entire extended
| family is on Signal. It's the extended family group chat,
| video calls with grandparents/great grandparents, and the
| baby photo feed. That's mostly because you just install it
| and it works.
|
| I have no idea how to get my extended family on a Matrix
| homeserver without extensive handholding. I can barely figure
| it out myself and I was a huge XMPP nerd that ran my own
| ejabberd server for years.
| flockonus wrote:
| That would welcome a world of spam. Sybil identities is
| currently an unsolved problem, the mitigation is the
| requirement of unique scarce resources (like phone number in
| this case)
| rvz wrote:
| > Sybil identities is currently an unsolved problem, the
| mitigation is the requirement of unique scarce resources
| (like phone number in this case)
|
| Then let your phone number receive the spam instead?
| bpfrh wrote:
| No, the phone number needs to be known by the other party
| and you need to accept the "friend" request.
|
| It prevents the creation of an unlimited number of signal
| accounts by a single user with no cost to the user but cost
| to signal and other signal users.
|
| edit: Your are probably right in that it does not change
| the risk of spam for a single user, as you could guess the
| phone number or just iterate over all known phone numbers
| and try to connect to them.
|
| requiring phone numbers only solves the cost problem for
| signal(The company/legal entity) and lowers(hopefully) the
| amount of spam that would get send.
| flockonus wrote:
| fww i get a lot of spam in Telegram, but none in Signal
| (same phone number), so whatever they are doing by my very
| limited benchmark is going well.
| tazu wrote:
| You can restrict who can message you first ("start a
| conversation") to Contacts on Telegram, not sure how spam
| is an issue. I hope Signal does the same thing.
| insane_dreamer wrote:
| so one person can create 1000s of accounts?
| fsflover wrote:
| Recent discussion: https://news.ycombinator.com/item?id=39413417
| dang wrote:
| Thanks! Macroexpanded:
|
| _Signal v7.0.0 with phone number privacy_ -
| https://news.ycombinator.com/item?id=39413417 - Feb 2024 (107
| comments)
| bertman wrote:
| If I'm reading this correctly, this also means that a person that
| _already has_ my phone number in their contacts will
| _necessarily_ be able to link my number to my username after they
| have scanned my QR code.
| stavros wrote:
| Not if you've selected to hide your number, looks like.
| bertman wrote:
| But will the other person really have two distinct chats with
| me in their list then? One with my username and one with my
| phone# ?
| stavros wrote:
| It depends on whether you want your number to be
| discoverable. In either case, they'll only have one chat,
| with your username.
| bertman wrote:
| Yeah, so they will indeed be able to link my phone number
| to my username, even if the number is set to "hidden".
|
| This sounds unfortunate, but I guess there's no way
| around this as long as Signal insist on keeping phone
| numbers as primary identifier.
| stavros wrote:
| How will they be able to link your phone number to your
| username? They can't do anything with your number unless
| you choose to.
| bertman wrote:
| >How will they be able to link...
|
| By "link" I mean they immediately _know_ what person the
| username belongs to iff they already had that person 's
| phone number because the chat that is initialized after
| they scan the QR code is just the old chat being
| continued.
| stavros wrote:
| But if they have my number, why would I be worried that
| they know my username? The username is there so I can
| avoid sharing my number, not the other way around.
| bertman wrote:
| >not the other way around
|
| Exactly. I think that's important to know before people
| start giving out their Signal handles left and right
| because they think they're anonymous now.
| stavros wrote:
| Ah, that's what you mean. Yeah, if you want to be
| anonymous to Signal itself, I don't think that's
| possible. If you want to be anonymous to people, I think
| you can delete and recreate your account. I think that
| might do the trick.
| jcul wrote:
| I don't think this is the case.
|
| If you set your privacy to nobody and someone saves your
| phone number, to them it will appear that you do not have
| a signal account, even if they start chatting with you
| via your handle.
| jenny91 wrote:
| I've been a Signal beta tester on iOS for as long as I remember,
| knowing that they were going to introduce usernames, and I wanted
| to get my (relatively common) name as my username. Now they
| finally introduced it, but they require it to end in at least 2
| digits "a choice intended to help keep usernames egalitarian and
| minimize spoofing".
|
| Edit: this is not actually a serious problem for me, don't worry!
| Rather, I think it's funny. And honestly I kind of like having
| the numbers required, it's a good idea. It does remove a lot of
| the vanity from usernames.
| canaus wrote:
| I don't think this is necessarily something to lose sleep over.
| giantrobot wrote:
| I can't wait to talk to elonmusk420! I'm sure it'll be the real
| Elon. His online antics are such anyone with that username will
| instantly trigger Poe's Law. Getting rid of phone numbers as
| identifiers is a good idea but I think it would be better to
| just assign user IDs or generate hashes based on user inputs or
| something.
| vel0city wrote:
| > generate hashes based on user inputs or something.
|
| Because friend codes were so popular on Nintendo.
|
| Hey add me real quick, my id is 12716472-83647281746-8172649!
| Or use the hash code, 0x28A56ED9! Super easy to remember, way
| better than giantrobot22 or vel0city66.
| KennyBlanken wrote:
| Given nintendo's user base includes a LOT of children who
| are very young, the long codes may have been a feature, not
| a bug - the equivalent of a child latch - to slow
| down/discourage young users from adding people themselves
| so their parents have a better idea of who they are
| interacting with.
| vel0city wrote:
| Don't get me wrong I get there were intentional reasons
| for it in regard to friend codes and I don't necessarily
| fully mind with that in mind in that use case. I do kind
| of wish there was an "I'm 13/18+, let's take the training
| wheels off" feature though.
| JoshTriplett wrote:
| I expect it's more a combination of several factors:
|
| - if we don't have usernames we don't have to deal with
| obscene usernames, trademarked usernames, impersonation
| claims, and similar
|
| - if we don't have usernames and our generated friend
| codes aren't guessable, we don't have to worry about
| people getting random unexpected friend requests from
| people they don't know
| giantrobot wrote:
| The issue there is "veI0city66". Depending on the font that
| capital "I" might look identical to a lower case "l". A
| hash with an alphabet that doesn't include homoglyphs would
| reduce ambiguity.
|
| There's also the "weedlordbonerhitler69" issue. A user name
| that seemed hilarious at 16 likely seems less hilarious at
| 26.
|
| If users were identified with a hash derived from an input
| user name you could type in "weedlordbonerhitler69" and
| what would be displayed is a hash on the client side. The
| contact add UI could simply return the UID for the input
| username. So you could give out the UID or username and
| another user could still add you.
| baq wrote:
| I'm politely putting it away into the not-a-problem drawer.
| stavros wrote:
| Well, I got stavros.01, if anyone wants to chat.
| Marsymars wrote:
| Usernames are only used for the initial connection, so
| "getting" a username doesn't really gain you anything other
| than the "username" you give to people who don't already have
| you as a contact: "a username is not the profile name that's
| displayed in chats, it's not a permanent handle, and not
| visible to the people you are chatting with in Signal"
| hnarn wrote:
| It's an excellent design choice, it more or less completely
| eliminates "vanity names" and the "value" of shorter names.
| kelvie wrote:
| As you may already know, getting a commonly used username is
| also somewhat of a curse (do you like getting "forgot your
| password" emails every hour?)
|
| Or tons of (mistaken) conversation requests?
| ThePowerOfFuet wrote:
| At least 8675309 ends in two digits!
| password4321 wrote:
| > _require it to end in at least 2 digits_
|
| ... notes HN user jenny91
| entropie wrote:
| Is there a usuable desktop app existing by now, or still mobile
| use only?
| enriquto wrote:
| There is desktop electron app that works mostly OK (as far as
| electon apps go). Unfortunately, you need a mobile phone with
| the signal app to start using it.
| Vinnl wrote:
| I _think_ (but don 't quote me on this) that you don't need
| the Signal phone app to start using it. As long as you have a
| phone that can receive text messages, I think you can also
| enter the confirmation number into the desktop app.
| enriquto wrote:
| You are probably right. But I'm so afraid to lose my
| message history that I'm not willing to do an experiment to
| replicate this.
| vel0city wrote:
| When my phone gets turned off I get a signal can't connect
| error message on the current desktop app. I don't know if
| that's just how my account and desktop app is linked, but
| that's my current experience.
| Vinnl wrote:
| Oh huh, that is weird - I _can_ use Signal Desktop even
| with my phone turned off, that I am certain of.
| vel0city wrote:
| Actually, I retract my earlier statement. I just
| successfully sent a message on Signal while my phone was
| turned off. I'm not sure when that changed or if its
| different on other machines, but I've definitely seen the
| yellow warning of not being available to send messages on
| a different computer in the past month or two.
| imkh wrote:
| The Desktop app is definitely independent from your
| primary device, once it's been linked. The WhatsApp
| desktop app used to require a connection to your phone,
| but even they updated it recently to the same
| architecture as Signal, where each device connects
| directly to the server.
|
| If you don't open the Desktop app for a few weeks though,
| there is a "syncing" step where it fetches the recent
| messages queue from the server (can't remember the exact
| number, might be the last 1000 messages or all messages
| from the last 30 days or something similar).
| myself248 wrote:
| Also, if you forget to open the desktop app for a few weeks,
| it breaks the link and you have to go get your phone anyway.
|
| And it doesn't show any messages that came in on the phone
| during that time, so you're missing context and in practice
| you just have to use the phone for everything anyway.
| baq wrote:
| Depends on your definition of usable. It sends and receives
| messages and has been for years now.
| windexh8er wrote:
| There's been a desktop option since 2015. And the Electron
| based app since 2017.
| tamimio wrote:
| So basically copying telegram way. That being said, why does
| Signal still require a phone number in the first place? Exactly,
| because when needed, it will be used to be linked back to your
| real identity, it has nothing to do with spam or anything, Signal
| isn't a social media with public posts and what not, it is a
| messaging app.
| unethical_ban wrote:
| It is a way to increase usability for casual users, decrease
| spam by requiring some other source of identity tied to real
| existence (emails are easier to generate than throwaway phone
| numbers).
|
| It may decrease privacy philosophically, but it isn't
| nefarious.
|
| If you want a private messaging platform with zero prerequisite
| identity, use Briar.
| tamimio wrote:
| > It is a way to increase usability for casual users
|
| You can keep it as an option.
|
| > decrease spam by requiring some other source
|
| Phone numbers never been a good way to counter spam, just
| look at social media, you can buy phone numbers in bulk these
| days, not to mention spam might work in social media because
| there's the concept of "public space" where everyone shares
| and talk, so it does make sense for some bad actors to spam
| or even trying to influence others, that's not the case in
| messaging app, because first I need to know your "unknown"
| username that I can't see it elsewhere, and second, the
| efforts are worthy for such unsolicited message, which in
| case it was, you can get a burner to send it. The point is
| requiring a phone number to counter spam doesn't work, and it
| doesn't make sense either for messaging apps.
|
| > If you want a private messaging platform with zero
| prerequisite identity, use Briar.
|
| Well, personally I don't use Signal, never will in its
| current state, but they always try to promote it as privacy
| messaging app while still relying on a broken system known as
| GSM.
| usrusr wrote:
| A lot of spammers opt for media that does not require the
| effort of obtaining a phone number. It's the bike lock
| model: no bike lock is ever safe, but as long as your bike
| is parked next to bikes with a weaker lock, you have a
| pretty good chance of not having to walk home on foot.
| jacoblambda wrote:
| > It may decrease privacy philosophically, but it isn't
| nefarious.
|
| It doesn't decrease privacy. It decreases anonymity which is
| distinctly different.
|
| > If you want a private messaging platform with zero
| prerequisite identity, use Briar.
|
| Or Session which is a fork of Signal that runs it's own
| network using standard PKI instead of a phone number for
| identities and a decentralised message delivery/onion routing
| system.
| smallerfish wrote:
| > It is a way to increase usability for casual users,
| decrease spam by requiring some other source of identity tied
| to real existence (emails are easier to generate than
| throwaway phone numbers).
|
| You either end up discriminating against users who have to
| use VOIP for whatever reasons (and there are legitimate
| reasons) by blocking VOIP numbers, or your barrier to entry
| for spammers is almost negligible. It's not a good system.
|
| If you want to prove that users are humans, use a webcam and
| an id, or delegate the task to some bigcorp who already has a
| similar system. If that's too much for you in terms of
| privacy, you shouldn't be attempting to prove that users are
| humans in the first place. Maybe you should prevent spam via
| product driven solutions, e.g. whitelisted contacts.
| novok wrote:
| For the people who really don't want a phone number, make
| them pay via mobilecoin. Lets them raise money and prevent
| spam.
| callalex wrote:
| >it has nothing to do with spam or anything
|
| What experience do you have to have gained this confident
| knowledge?
| verisimi wrote:
| Would they be able to resist a secret court order?
| stavros wrote:
| An order to what? Hand over a random phone number?
| anigbrowl wrote:
| As if you can't get a whole lot of information on most
| people with just their phone number. The number of people
| whose Signal ID is built off a burner phone ad no longer
| traceable back to them is miniscule.
| growse wrote:
| > As if you can't get a whole lot of information on most
| people with just their phone number. The number of people
| whose Signal ID is built off a burner phone ad no longer
| traceable back to them is miniscule.
|
| Yes, but what are you going to do with this information?
| All you know is how long they've been a signal user and
| when they last connected.
| heavyset_go wrote:
| You correlate that with the chat logs you've secured from
| a phone that's been confiscated or subpoenaed.
|
| The metadata itself is just as valuable as the content of
| the messages.
|
| If you want to prove that criminal A was in
| correspondence with criminal B, that's how you do it.
|
| As per this comment, they store much more than just the
| last connection time[1].
|
| [1] https://news.ycombinator.com/item?id=39445791
| growse wrote:
| If you got the physical device and the data on it
| (unencrypted), then what do you need the server for?
| toomuchtodo wrote:
| No tech professional is going to resist people with
| legalized force showing up at their door.
| tamimio wrote:
| That's why you design a system that doesn't require such
| info in the first place, if you don't have it, nothing to
| hand over.
| xboxnolifes wrote:
| That doesn't explain why it has nothing to do with spam.
|
| If you know how to build an anonymous communication
| platform, that is convenient to use, _and is also_ spam
| resistant /proof, you have the miracle platform idea.
| insane_dreamer wrote:
| that already exists; IRC for one. But not particularly
| user-friendly for everyone (requires presence).
| Vinnl wrote:
| That's why Signal only stores your phone number (and when
| you last connected) - they know nothing about your real
| identity, so they can't link it back to you.
| heavyset_go wrote:
| And then when you're faced with potential criminal suits
| and/or the security state coming after you for "national
| security" reasons, you implement the tracking the
| government wants so you don't potentially go to trial
| and/or prison.
| miohtama wrote:
| In Sweden they have some spine to do this
|
| https://mullvad.net/en/blog/2023/4/20/mullvad-vpn-was-
| subjec...
| toomuchtodo wrote:
| True, but edge case. Spine and fortitude are rare.
| Sanzig wrote:
| Signal publishes their responses to court orders already:
| https://signal.org/bigbrother/.
|
| Obviously doesn't include warrants they may have received
| where a gag order is in place, but you can see from the
| responses they do publish that they only store phone
| number, initial registration date, and last connection
| date.
| _zoltan_ wrote:
| this seems to have stopped in 2021?
| autoexec wrote:
| They love to brag about the times when they were asked to
| hand over data and they had to tell the feds that they
| couldn't because that kind of data was never collected or
| stored in their systems in the first place. They still
| love to brag about it, but it's no longer true. They now
| collect and permanently store in the cloud exactly the
| kind of data that the police and feds were asking them to
| provide. Your name, your phone number, your username,
| your profile picture, and most importantly a list of
| everyone you have contacted with signal.
|
| This is in direct opposition to the very first line of
| their privacy policy which lies when it states "Signal is
| designed to never collect or store any sensitive
| information." and they've refused for years now to
| correct that lie and update their policy to detail all
| the new data collection they're doing.
| roughly wrote:
| Do you have details on this? Given that usernames just
| came out, I don't expect they're storing many of them,
| but I'm interested in specifically a source for "a list
| of everyone you have contacted with signal"
| autoexec wrote:
| This has been true for many years now. At the time it
| caused a major uproar among the userbase (myself
| included) whose concerns were almost entirely ignored.
| Their misleading communication at the time caused a lot
| of confusion, but if you didn't know that Signal was
| collecting this data that should tell you everything you
| need to know about how trustworthy they are.
|
| Here's some reading from the time of the change:
|
| https://community.signalusers.org/t/proper-secure-value-
| secu...
|
| https://community.signalusers.org/t/dont-want-pin-dont-
| want-...
|
| https://old.reddit.com/r/signal/comments/htmzrr/psa_disab
| lin...
|
| https://www.vice.com/en/article/pkyzek/signal-new-pin-
| featur...
|
| Note that the "solution" of disabling pins mentioned at
| the end of that last article was later shown to not
| prevent the collection and storage of user data. It was
| just giving users a false sense of security. To this day
| there is no way to opt out of the data collection.
|
| My personal feeling is that Signal is compromised and the
| fact that the very first sentence of their privacy policy
| is a lie and they refuse to update it to detail their new
| data collection is a big fat dead canary warning people
| to find a new solution for secured communication. Other
| very questionable Signal moves that make me wonder if it
| wasn't an effort to drive people away from the platform
| as loudly as they were allowed to include the killing off
| of one of the most popular features (the ability to get
| both secured messages and insecure SMS/MMS in the same
| app) and the introduction of weird crypto shit nobody was
| asking for.
| tamimio wrote:
| I never used signal or wandered in their communities, but
| wow, thanks for sharing that!
| autoexec wrote:
| I was a user and a fan. Spent years recommending Signal
| to others. People are pretty used to software turning to
| shit but it still sucks to have to reach out to tell
| people they should look for alternatives to the software
| I'd once recommended to them.
|
| I swear if VLC ever turns evil I'm giving up on
| recommending software forever (in the meantime, check out
| VLC if you haven't already!).
| tamimio wrote:
| > I was a user and a fan. Spent years recommending Signal
| to others.
|
| I don't blame you, I think it did start with a good
| promise initially, but I believe just like anything
| centralized that turns big, it will become evil.
|
| > in the meantime, check out VLC if you haven't already!
|
| The player? Or is that a new messaging app? For messaging
| I usually use Matrix/simpleX/Session.
| autoexec wrote:
| The media player. It's probably the oldest application I
| use that's gotten nothing but better with time.
| growse wrote:
| There's a big difference between "collecting and storing"
| and "collecting and storing an encrypted version of".
|
| If there was such a hoo-hah and it was trivial to patch
| out, I expect we'd have a thriving patched fork up and
| running by now.
| ThePowerOfFuet wrote:
| Sealed sender.
| autoexec wrote:
| Even before they added all the data collection and cloud
| storage 'sealed sender' didn't do much to protect users.
|
| "Even under the sealed sender, observers said, Signal
| will continue to map senders' IP addresses. That
| information, combined with recipient IDs and message
| times, means that Signal continues to leave a wake of
| potentially sensitive metadata. Still, by removing the
| "from" information from the outside of Signal messages,
| the service is incrementally raising the bar."
| (https://arstechnica.com/information-
| technology/2018/10/new-s...)
|
| A couple years after that "incremental" improvement
| Signal started keeping everything forever in the cloud
| which means that today governments can get a signal
| user's information just by brute forcing a PIN
| roughly wrote:
| I do love that the two responses to this question are a
| confident assertion that they surely wouldn't do that and
| yours posting evidence they do.
| autoexec wrote:
| At this point that's entirely unclear. Because they're
| keeping your data in the cloud my guess is that the US
| government can easily access that data and any other
| government can get anyone's data as long as they can guess
| the person's PIN. You can find a discussion on the problems
| with their security here:
| https://community.signalusers.org/t/proper-secure-value-
| secu...
| Vinnl wrote:
| > why does Signal still require a phone number in the first
| place?
|
| From https://signal.org/blog/signal-is-expensive/
|
| > We use third-party services to send a registration code via
| SMS or voice call in order to verify that the person in
| possession of a given phone number actually intended to sign up
| for a Signal account. This is a critical step in helping to
| prevent spam accounts from signing up for the service and
| rendering it completely unusable--a non-trivial problem for any
| popular messaging app.
|
| I'm not sure why you need to assume that it will be linked back
| to your real identity; I haven't seen anything that indicates
| any motivation to do something like that. I'm all for being
| cautious, but being overly cynical can lead to letting perfect
| being the enemy of the good.
| tamimio wrote:
| For the spam part, I commented below how's that doesn't work
| and it doesn't even make sense for a messaging app.
|
| > I'm not sure why you need to assume that it will be linked
| back to your real identity;
|
| I'm not assuming, only North America (edit: and some European
| countries) doesn't require an ID for a phone number (1), and
| even in here, you would use it in other services that are
| linked to your real ID like banks or paying the phone bill
| online. The concept simply boils down to as soon as you find
| an account's phone number, it's a game over for that said
| privacy.
|
| (1) https://www.comparitech.com/blog/vpn-privacy/sim-card-
| regist...
| hnarn wrote:
| > The concept simply boils down to as soon as you find an
| account's phone number, it's a game over for that said
| privacy
|
| You completely misunderstand what kind of privacy Signal
| aims to achieve. Signal protects you from eavesdropping and
| data hoarding, two major privacy issues with solutions like
| Facebook Messenger for example.
|
| They do not and have never claimed to offer a service where
| "privacy" means nobody knows who anyone is, it isn't Tor
| and I wouldn't want it to be.
|
| If you don't like the goals and design choices of Signal,
| just use another service.
|
| There are benefits of the choices they've made, namely
| ensuring that most users of the service are "real people",
| which I think is great. It's not a social network, it's a
| messaging app between friends that solves issues presented
| by alternatives like SMS or Instagram; that's it.
| tamimio wrote:
| > Signal protects you from eavesdropping and data
| hoarding
|
| Do they?! We can ask Tucker Carlsons about that https://w
| ww.reddit.com/r/signal/comments/16evuej/did_the_nsa...
|
| As long as you can't host and use your own server, you
| should never assume that.
|
| > There are benefits of the choices they've made, namely
| ensuring that most users of the service are "real people"
|
| You communicate with your colleagues and clients over
| emails and you know they are real, you probably play
| games too and use discord and you know they are real,
| meanwhile you can be talking to bot in twitter that they
| are registered with a "real" phone number.
| Sohcahtoa82 wrote:
| > Do they?! We can ask Tucker Carlsons about that https:/
| /www.reddit.com/r/signal/comments/16evuej/did_the_nsa...
|
| A lot of people in the comments have things to say about
| that video.
|
| Personally, I wouldn't trust anything that comes out of
| Tucker's mouth.
| tamimio wrote:
| Focus on the issue, not the person (Tucker), you might
| not trust a person which is fair, but you are still
| trusting Signal's server, you can NEVER know if they have
| a memory injection backdoor running in there, you can
| audit the code as much as you want and it still passes,
| yet, the messages are compromised.
| luuurker wrote:
| There are ways of getting messages without breaking
| Signal or using a backdoor. One of them is getting the
| messages from the other party(ies) involved. You can't
| protect yourself from this even if you self host.
| Something else that might happen is you ending up with
| your phone hacked because you're talking with someone
| close to Putin.
|
| The only way to know for sure is for you to create an
| alternative service, write all code yourself, and host
| everything without ever leaving your server alone. And
| even then you can't be sure you haven't been hacked.
|
| On a side note, if we're getting information from someone
| that lies a lot and often leaves out details that don't
| fit the narrative, then perhaps we should also look at
| the person, not just the issue.
| tamimio wrote:
| > One of them is getting the messages from the other
| party(ies) involved. You can't protect yourself from this
| even if you self host.
|
| You certainly can, the self destruction messages are one
| of the ways, sure, it is not the only solution as you
| need to make sure the OS is secure itself too, but
| definitely helps in that case, no messages stored at rest
| and all are encrypted in transit.
|
| > Something else that might happen is you ending up with
| your phone hacked
|
| Which is essential to have a messaging platform that
| allows multi-client/cross platform, say running that app
| on a hardened OS is an option and possible compared to
| only iOS with a phone a number for example.
|
| > write all code yourself, and host everything without
| ever leaving your server alone.
|
| You don't need to write it yourself, as long as you can
| read it, and host it knowing no other services are spying
| on that server, should be miles ahead of other apps like
| signal, sure, you can still have that server breached,
| but first you need to know where's that server, or even
| you are using this messaging app in the first place,
| contrary to Signal for example, all I need is checking if
| you use it by the phone number. Not to mention it will
| make it harder for whoever is trying to spy on you, if
| most people ran their instances, but that's a little bit
| more of a dream as the average person won't, but at least
| the option should be provided.
| godelski wrote:
| Signal makes the app open source and you can build it
| yourself and use it. The messages are E2EE so we don't
| need to trust the server in the same way because they
| aren't being decrypted there. They can't have the key.
| They could be logging the messages and metadata, but
| that's a different argument. And it really would come
| down to the NSA being able to hack AES with a quantum
| encryption (though I don't think this was out at that
| time). So I have pretty good reason to trust signal
| despite there still being some gray areas that I could
| still want more light on. It's just that we're the
| shadows are I'm unconvinced it could undermine the whole
| system. You can't fit an elephant in the shadow of a
| mouse.
|
| On the other hand Tucker isn't even being consistent in
| his telling of the story. He says that he hasn't told
| anyone and makes a big deal to even mention his wife, so
| we think even his closest confidants. But then what
| message did he send over signal that was extracted? The
| personal notes? There's also much more reasonable
| pathways for the NSA to get that information. If he's
| researching and just storing notes on signal he's still
| leaving breadcrumbs somewhere. He's a popular news host
| so I'd be surprised if the NSA hasn't tried to compromise
| his whole phone, and signal only protects your messages
| in transit. The only evidence we have is his word that
| someone from the NSA told him. Which itself would be
| really weird because it'd completely undermine that
| capability or imo a more likely explanation is someone is
| lying. Gov does disinformation all the time and
| convincing people a secure channel isn't seems pretty
| useful since they'll turn to easier methods.
|
| So I don't have to rely on my distrust of Tucker or his
| history of misinformation. If this was my only and first
| encounter there's more than enough for me to be
| suspicious in just his telling.
| eimrine wrote:
| > Signal protects you from eavesdropping and data
| hoarding
|
| How on Earth collecting a phone number may be considered
| as not data hoarding?
| hnarn wrote:
| Are you misunderstanding what data hoarding means on
| purpose or do you really think it's equivalent to the
| business model of say Google or Meta?
| __MatrixMan__ wrote:
| It's a lot less like data hoarding than keeping a
| separate copy of your social graph. What is an adversary
| going to do with a list of phone numbers that are known
| to have signal accounts and nothing else?
| nrabulinski wrote:
| Because they don't know anything except the phone number
| so all they have is a list of phone numbers which maybe
| people use. Quite different from Facebook reading
| everything you send, for example
| kuschku wrote:
| They either already store or would be able to log
| everything about who is sending messages to whom, and
| when.
|
| That's the vast majority of what intelligence agencies
| actually care about. They rarely care about message
| contents anymore.
| growse wrote:
| Nope. https://signal.org/blog/sealed-sender/
| kuschku wrote:
| > On the opposite end of the spectrum, users who want to
| live on the edge can enable an optional setting that
| allows them to receive incoming "sealed sender" messages
| from non-contacts and people with whom they haven't
| shared their profile or delivery token. This comes at the
| increased risk of abuse, but allows for every incoming
| message to be sent with "sealed sender," without
| requiring any normal message traffic to first discover a
| profile key.
|
| By default, the first message between someone and you
| clearly identifies who is communicating with whom. That's
| enough.
| hprotagonist wrote:
| we know specifically that signal does not do this.
| kuschku wrote:
| We assume they don't log this data.
|
| We don't know whether an intelligence agency is listening
| in on their servers and logging this data.
|
| Assuming an eavesdropper that can defeat TLS or is
| listening via DMA attacks on the signal servers,
|
| - you can log initial signup or login, which allows you
| to connect user id and phone number
|
| - you can log the first time a chat is created, which
| allows you to build a social graph of which person is
| connected to which other people
|
| - even with sealed sender, you still know the identity of
| the receiver and the IP address of the sender, which is
| often enough to figure out who is in contact with whom
|
| This would be enough dragnet surveillance to
| automatically figure out the contacts of people you've
| already identified as threats. You'd also have enough
| evidence to get a sealed court order to do targeted
| surveillance on these people.
| codedokode wrote:
| A list of phone numbers and little money is easily
| exchanged to names and addresses on black market in many
| countries.
| rglullis wrote:
| Matrix and XMPP also provide privacy without requiring a
| phone number
|
| (Or a phone, even)
| leotravis10 wrote:
| That's a fact, and many people use XMPP and Matrix more
| because of that. We need to stop relying on phone number
| identifiers as described here: https://dessalines.github.
| io/essays/why_not_signal.html#phon...
|
| The news today is a step in the right direction for sure,
| but more needs to be done if they want more privacy and
| anonymity-focused people to use it. This section on what
| makes a good messaging platform still resonates: https://
| dessalines.github.io/essays/why_not_signal.html#what...
| abdullahkhalids wrote:
| You lose anonymity. You do not lose privacy, which is still
| secured by the message encryption.
| codedokode wrote:
| Neither Signal nor Telegram allow to pay a small amount in
| cryptocurrency to prove you are not a spammer. This shows
| that they are really interested in knowing who is their user.
| windexh8er wrote:
| Definitely not a copy of Telegram. I'm not actually sure what
| the draw is with Telegram but given it's origins I'll choose
| Signal over Telegram.
|
| If you read the thread the linkage between a phone number and a
| Signal account cuts down on fake accounts significantly - which
| has nothing to do with "social media" but it does have a lot to
| do with SPAM as you've incorrectly stated. I understand why
| it's not ideal, but there are tradeoffs in both directions.
| It's unlikely that usernames are going to expose users more
| than they currently are if they're already using Signal. And
| it's also unlikely that this new feature changes much, but I
| welcome the ability to prevent users from associating my known
| number to my Signal account. In this way the security model has
| improved considerably.
| anigbrowl wrote:
| Telegram's privacy is questionable but its UI is absolutely
| outstanding.
| xk_id wrote:
| I know right? Telegram is one of my favourite iPhone apps,
| hands down, purely on the basis of the interface. It's also
| incredibly performant, which means a lot considering I use
| a 6S model from 2015. In comparison, the last discord
| update became literally unusable, for performance reasons
| (it was so bad, i ended up deleting it).
| mardifoufs wrote:
| Telegram has channels and groups that work in a weird but
| very useful way. That's mostly the draw for me, not really
| the private messaging. Though the UX is just amazing, even
| for private messages. Everything is just super neat and where
| you expect it to be. I'd still probably not use it if it
| wasn't for how channels work
| mattl wrote:
| Does Telegram still have a feature where you can see who
| nearby you is using Telegram? That to me is a reason alone to
| not install it.
| Shank wrote:
| This feature requires you to press the button that says
| "make myself visible" -- and then it shares location. Like
| most apps, you can deny the location access at a system
| level and never worry about it.
| mattl wrote:
| It has been a long time since I've used Telegram but why
| else would I have had that enabled?
| iamkd wrote:
| The interesting thing is that it does share your location
| when you open that screen even before you click that
| button. I don't know why they did it, but it is
| definitely a shady thing.
| EVa5I7bHFq9mnYK wrote:
| Telegram? Neither ICQ (1996), nor Skype (2003) required phone
| numbers. That's a later trend, part of general enshittification
| of internet.
| mattl wrote:
| How much spam did you get on ICQ? I remember getting a lot.
| tgsovlerkhgsel wrote:
| Because the social graph sitting in people's phone address
| books isn't easily replicated, and using phone numbers is
| basically the only chance of overcoming the chicken-and-egg
| problem with network effect.
| heavyset_go wrote:
| > _why does Signal still require a phone number in the first
| place?_
|
| Governments won't go on a crusade against Signal as long as
| they keep records of who is using their platform to commit
| crimes.
|
| Signal won't commit to being an anonymous platform likely for
| that reason.
| leotravis10 wrote:
| Yep, plus I (and many others) feel the US government is
| satisifed with the information that Signal provide to the
| government and it has to follow juristictions such as NSLs: h
| ttps://dessalines.github.io/essays/why_not_signal.html#a-si..
| .
| sneak wrote:
| You can use burner voip numbers, it doesn't need to be a gsm
| sim in your phone or tied to your identity in any way.
| noja wrote:
| Great! Now can we have backups so we don't lose our messages if
| our phone gets stolen or breaks?
| p2004a wrote:
| But there are backups available in signal app
| vinay427 wrote:
| There are no backups available on the iPhone/iPad app, only a
| device-to-device transfer while setting up a new device
| assuming your previous device and new device are both
| iPhones/iPads. This is despite support for apps storing files
| to the filesystem that was added some years ago now, and many
| other apps on those platforms supporting backups of custom
| file formats (or JSON, etc.).
|
| https://support.signal.org/hc/en-
| us/articles/360007059752-Ba...
| yreg wrote:
| I'm currently facing this issue.
|
| The process to transfer the history is to scan a QR code
| displayed on the new phone by the app on the old phone.
|
| Well, the camera on my old iPhone is broken. The phone has
| 3 other working cameras, but I cannot switch which one the
| app uses...
| ibejoeb wrote:
| Backups have existing for quite some time: settings -> chats ->
| backups
|
| update: only on android. turns out there are quite a few
| caveats for backup. See https://support.signal.org/hc/en-
| us/articles/360007059752-Ba...
| noja wrote:
| Nope. Latest version.
| ibejoeb wrote:
| Backup functionality was removed in the latest version?
| jacoblambda wrote:
| No. iOS builds don't support it.
| frereubu wrote:
| I don't see that option in Settings > Chats on my iPhone.
| What device are you using?
| vinay427 wrote:
| My cousin comment [1] provides a bit more detail, but this is
| not available on iOS/iPadOS despite Apple allowing apps to
| save files to the filesystem and many other apps supporting
| this for years now.
|
| [1] https://news.ycombinator.com/item?id=39445286
| bsimpson wrote:
| I see it, but it just looks like it uses internal storage. So
| far as I know, there's no Drive File Stream/Dropbox sync for
| Android, so you'd still lose your shit if you weren't
| manually backing them up somewhere.
|
| I doubt that's a habit many people will develop for a setting
| they didn't even know existed.
| MadnessASAP wrote:
| It's not going to help a casual user but I solved the
| problem by putting the Signal backup in a Syncthing shared
| folder. It's been a workable solution at least 2 phone
| swaps now
| XorNot wrote:
| It tries to keep 2 copies and so uses 2x the space on
| your phone. If you're sending a lot of images and video,
| then it becomes impractical quickly.
| izacus wrote:
| Please stop peddling this horrible experience as a form of a
| valid backup. A process that requires full manual interaction
| and requires you to know ahead of time when your phone will
| break or be stolen is not a useful backup process.
| growse wrote:
| Eh? My Signal auto-backups every night to a device folder
| which I then replicate off with Syncthing. How is that
| requiring "full manual interaction"?
| freedomben wrote:
| I think GP is being a little too harsh, but I also think
| you're being a little too generous. If it requires a
| third-party tool like sync thing, then it seems like a
| hard point to argue that signal has Auto backups. It's
| better than nothing, but it is definitely not as seamless
| as most users would expect from a backup solution.
| growse wrote:
| It doesn't "require" Syncthing, I just choose to use it.
| I could choose to keep it on my device, or upload it to
| Dropbox or something else. Even keeping it locally is
| still a backup that protects against the device
| corrupting it's local database or accidentally getting
| uninstalled / cleared.
|
| There's no single obvious thing called "this is what
| everyone wants from backup".
| freedomben wrote:
| > _My Signal auto-backups every night to a device folder
| which I then replicate off with Syncthing_
|
| > _It doesn 't "require" Syncthing_
|
| I'm talking about your solution, and yes it does seem to
| require syncthing, unless you are using some fourth party
| tool that sets up syncthing automatically for you, and in
| that case it still isn't built in to Signal.
|
| There are other possible solutions, but you used your
| solution as an example. If you have a different solution
| that doens't require syncthing and also doesn't require
| manual intervention (i.e. Signal app can automate the
| process), please share it. Remember what the comment said
| that we are replying to:
|
| > _Please stop peddling this horrible experience as a
| form of a valid backup. A process that requires full
| manual interaction and requires you to know ahead of time
| when your phone will break or be stolen is not a useful
| backup process._
|
| Did you not have to manually setup syncthing (or some
| other sync tool) to get it working? Or do you know of
| some way to do that with just Signal?
|
| Unless you are saying that Signal has a built-in backup
| solution that doesn't require manual intervention (like
| configuring some sort of third-party syncing service)
| then you aren't rebutting anything.
| growse wrote:
| If we're widening the definition of "manual intervention"
| to "I have to configure my device to do what I want",
| then yes. Setting up backups is a task that requires a
| manual intervention.
|
| You want signal to fully automate the process of
| configuring your device with an arbitrary third party
| service to send backups to with zero "manual
| intervention"? I think you're asking for the moon on a
| stick.
| izacus wrote:
| It's pretty safe to say that most users will want a type
| of "backup" that actually leaves the device so the data
| doesn't disappear if your phone falls out of your pocket
| and breaks or gets stolen.
|
| It's after all, a device that's carried around and much
| easier to destroy than pretty much any other.
|
| For most of population (you know, the ones we all want to
| get onto Signal so they stop using Meta and Apple stuff)
| not losing their valuable pictures, memories and
| conversations is way above the paranoia of some
| theoretical government official deciding to give up while
| trying to unlock your phone.
| growse wrote:
| I don't think that's a safe assumption at all. And even
| if it were, there's eleventy billion different ways to
| have the data leave the device and wind up somewhere
| else.
|
| Should Signal support/implement all of these? Some of
| them? Which ones?
| anigbrowl wrote:
| They're pretty bad. You can't specify where the backup goes,
| so if you are running low on storage space (eg if you have a
| lot of photos or videos to back up) and add an SD card, tough
| luck because you can't save there. The best you can do is
| manually export your media (also without any choice over
| where it goes) and then manually move it to the SD card to
| make space on your internal storage. They say this is for
| security but if an attacker is in a position to export your
| backup, they are already in your signal account.
|
| Same story with the PIN signal requires if you haven't used
| it in a few hours. It's the same as your phone PIN and there
| isn't anywhere you can change it, so it's just security
| theater.
| ThePowerOfFuet wrote:
| > Same story with the PIN signal requires if you haven't
| used it in a few hours. It's the same as your phone PIN and
| there isn't anywhere you can change it, so it's just
| security theater.
|
| This is not the Signal PIN. It sounds like you have the
| Screen Lock option enabled.
|
| https://support.signal.org/hc/en-
| us/articles/360007059792-Si...
| enriquto wrote:
| Oh, please, stop already with this phone number nonsense. I want
| to use signal from my computer, without need for a mobile phone
| at all. (Also, to be able to easily synchronize history between
| different computers).
| mekoka wrote:
| I'd willingly provide a copy of an official ID to rid my Signal
| and Whatsapp accounts from the phone number. I mean, if it's good
| enough for the mobile company, why not just skip the middleman?
| cl3misch wrote:
| I figure the verification process is pretty expensive.
| teekert wrote:
| I love signal but am just a tad disappointed, I was planning to
| finally sign my brother up via his PC (he refuses a smartphone).
|
| I tried element, somehow that keeps kicking him out, or I need to
| validate new sessions or something.
| fsflover wrote:
| Ask for support on Matrix forums or rooms. Worked for me.
| Vinnl wrote:
| Does he have a normal phone number? I thought you should also
| be able to receive a confirmation code there from the desktop
| app.
| bonton89 wrote:
| No idea about signal, but I haven't encountered any recent
| verification that worked on anything but a non-VoIP mobile
| number. My landline is useless for this and it isn't even
| VoIP.
| skeptrune wrote:
| I am very excited about this
| mikece wrote:
| Small step in the right direction but I want to be able to SIGN
| UP with a username and no phone number. Wake me up when _that_
| happens.
| yreg wrote:
| Ok, which alternative would you prefer? A government issued
| crypto birth certificate proving you are an actual human?
|
| Or sama's crypto eyeball scanning thing? (WorldCoin?)
| FlamingMoe wrote:
| I couldn't believe it when I first signed up for Signal and
| people who had my number were * sent notifications * that I had
| just signed up. This could've included people I had blocked on my
| phone.
| myself248 wrote:
| Same. One included an unstable individual who I was happy had
| forgotten me. Suddenly he messages me out of nowhere -- "Oh
| hey, you still exist! And you just installed Signal.... hmm,
| given what day it is, I'm guessing you're at such-and-such
| event?"
|
| Absolutely unacceptable.
| FirmwareBurner wrote:
| I think the Signal devs hadn't thought this through at all
| and just blindly copied what Telegram was already doing
| thinking it must be cool and trendy with the masses, without
| understanding their core user base at all.
|
| Same with prioritizing stories, stickers and crypto payments
| as core features of Signal when that's not what most of their
| users care for. Meanwhile there's still no official way to
| port your existing chat history on PC and iOS to your new
| device, or support for Android tablets. Obviously, stickers
| are more important.
| tptacek wrote:
| Signal (and Signal's phone number model) predates Telegram.
| It was designed as an SMS and WhatsApp replacement; that
| is, it was originally designed to replace insecure phone-
| number-addressed systems.
|
| Obviously, the cryptographic guarantees of the two systems
| aren't even close to comparable.
| FirmwareBurner wrote:
| May be. But that feature wasn't there since 2014. Signal
| has adopted a lot of "social media" feature from WhatsApp
| and Telegram over the years.
| tptacek wrote:
| They're messengers. They have messenger features. The
| details of how those features are implemented is what
| matter. Last I checked, Telegram doesn't even have
| encrypted group messaging, and it has a serverside
| database of who's talking to who.
|
| I don't know what "feature" you're talking about not
| existing until 2014, but before Open Whisper Systems, the
| thing we call Signal was "TextSecure", a literal SMS
| replacement.
| FirmwareBurner wrote:
| _> They're messengers. They have messenger features. _
|
| And some are better at being messengers than others.
| tptacek wrote:
| This is true. At every point where Telegram and Signal
| had the choice between being a pleasant messenger
| experience or being secure and private, each made
| decisions consistent with all their previous decisions.
| tjoff wrote:
| For some definition of secure and private.
|
| Forcing you to use your phone number and then the same
| second you created your account go behind your back and
| spam everyone you just did so is neither private nor
| something many would associate with secure.
|
| I guess something doesn't have to be secure if you can
| pretend it is public.
|
| Of course Signal has carefully designed their goals to
| allow them to do that but in doing so that is a straight
| up asshole move in a context where they should be seeking
| trust?
|
| Absolutely mind bending.
|
| This is a great improvement, but they have already proven
| they can't be trusted with anyone's phone number so it is
| a damn shame they still won't allow you to create an
| account without one.
|
| It is a decent service otherwise, but my fricking god I
| hope they at some point realize the harm they've done.
|
| Up until today I've been ashamed of suggesting signal.
| Hopefully that will change with this feature.
| tptacek wrote:
| My general experience in discussing this over the last 10
| years is that nerds like us generally find it absolutely
| mindbending when privacy services make decisions in the
| interests of ordinary people, such as using the phone-
| number-based addressing ordinary people already use in
| order to minimize serverside metadata. But I think it
| mostly just speaks to how carefully people _aren 't_
| thinking about the project's goals, and the fixation they
| have on their own goals. A lot of people are just super
| angry they can't write their own TUI for Signal.
| tjoff wrote:
| That argument might have had _something_ to stand on if:
|
| 1. Users were properly informed
|
| 2. Users were given the option to opt-out
|
| And _please_ don 't pretend being annoyed about not being
| able to write third party client is in the same realm,
| that is just disingenuous.
| tptacek wrote:
| I'm pretty comfortable with how sturdy my argument is,
| but that doesn't mean I think you have to agree with it.
| tjoff wrote:
| I'm interested to know how you believe basic honesty (1)
| or choice (2) would violate Signals goals, or impact them
| negatively.
|
| And I'm not talking about something obnoxious like a
| cookie-banner here, something in the fine-print would go
| a long way.
| kelnos wrote:
| Having to share your phone number does not meaningfully
| affect security and privacy. Being able to sign up
| without a phone number enables anonymity. Anonymity and
| privacy are related, to be sure, but anonymity is not
| required for privacy.
|
| I think it's a mischaracterization to say that they spam
| "everyone" when you create an account. They only tell
| others who a) have you in their contact lists, and b)
| have an account with Signal too. I agree, though, that
| they should be more transparent about this, and require
| that you opt in to this behavior.
|
| Personally, though, I don't mind it; for the most part
| this is how I've discovered other contacts on Signal, and
| vice versa. But I can understand why it makes some people
| uncomfortable.
|
| What I find "absolutely mind bending" is that this is
| such a big deal-breaker for people such as yourself.
| While I wouldn't call it a nothingburger, it's -- to me
| -- at most a simple error in assuming what people are
| comfortable with.
| slim wrote:
| TextSecure and Redphone did not upload your contacts to
| the cloud. No need to be a security expert to know that
| it's unwise to leak user state to contacts. In fact
| textsecure (now Silence) is the first SMS app to have a
| different colors for each contact to help the user avoid
| mistakingly messaging the wrong person.
| metalliqaz wrote:
| Stickers are more important because just like every other
| tech company, growth is the only way to stay in business.
| You can just run a business on delivering a good product to
| your customers anymore. You have to grow constantly, which
| means bringing in new customers which, by definition,
| aren't part of the core user base. It's gross and
| depressing and it enshitifies everything
| FirmwareBurner wrote:
| _> You can just run a business on delivering a good
| product to your customers anymore._
|
| Who said Signal was a good product to begin with? And who
| though adding sticker would improve market share?
|
| Casual users value UX and porting their chat history and
| VoIP calling vastly more than they value E-2-E
| encryption. You can't talk about growth when you fail to
| deliver on these fronts first. That's how Telegram and
| WhatsApps rule the market.
|
| Adding stickers won't move the userbase needle when you
| already lost your potential users at the lack of chat
| history and UX.
| baq wrote:
| > And who though adding sticker would improve market
| share?
|
| My daughter loves stickers.
| FirmwareBurner wrote:
| That's not the point. The point is if stickers make
| people love Signal. Sticker are popular on other
| platforms as well but because those platforms are popular
| not because they have stickers.
| WolfeReader wrote:
| What fantasy land are you posting from? Signal has 40
| million users as of 2022 (this was the first stat I found
| on a quick DDG search, which is all the effort your post
| deserves).
|
| Also: "Who said Signal was a good product to begin with?"
| LOL. Just read the comments on this link bro.
| FirmwareBurner wrote:
| _> Signal has 40 million users as of 2022_
|
| How does Signal count it's active userbase? Like I said,
| me and almost everyone else I know have it installed but
| don't regularly use it because most people don't really
| like it versus the established Telegram and Whatsapp.
| WolfeReader wrote:
| Signal is known to store two points of data per (hashed)
| phone number: the first login date, and the most recent
| login date. The second point is sufficient to get a user
| count.
| FirmwareBurner wrote:
| Having a "most recent login" doesn't prove someone is an
| active user. I use it about once every two days, am I
| also an active users? Compare that to WhatsApp which most
| people use multiple times a day or even multiple times
| per hour, and you get the picture of how popular or lack
| thereof Signal is by comparison.
|
| Like I said, a lot of people have Signal, but very few
| use it as their primary messenger on a regular basis, and
| more of a "it's just there in case one of those tech
| nerds who told me to install it decided to message me on"
| WolfeReader wrote:
| "I use it about once every two days, am I also an active
| users?"
|
| Yes. I think your definition of "active user" is non-
| standard.
| FirmwareBurner wrote:
| Is it? My definition of active, is "do you use Signal as
| your main messenger or in that ballpark".
|
| If you only use it a couple of times per week you're not
| really an active users when messenger apps on average get
| used multiple times per day.
|
| So I don't think I;[m unreasonable at all to compare
| Signal to the average messaging apps in term of screen
| time.
| WolfeReader wrote:
| Yes, that is definitely a non-standard definition of
| "active user". It's not really a relative term - if
| you're signed in and sending/receiving messages, you're
| an active user.
| kiwijamo wrote:
| By your definition I don't have any active messenger!
| elevation wrote:
| Nothing about Signal is haphazardly borrowed from Telegram.
| The feature we're discussing was chosen to help Signal to
| grow from a few thousand users to 50M+ without needing to
| build a social graph on Signal servers.
|
| This mechanism may not be ideal for all users, and it's
| possible that Signal has now outgrown it, but without it,
| there would be no Signal as we know it today.
| FirmwareBurner wrote:
| _> The feature we're discussing was chosen to help Signal
| to grow from a few thousand users to 50M+ without needing
| to build a social graph on Signal servers._
|
| How did _THAT_ feature help Signal grow?
|
| You only receive that spammy message if you already have
| Signal installed and your contact already has it too.
|
| Signal grew a lot in 2021 (in Europe) because of the
| pandemonium created by Meta when they announced a change
| in WhatsApp Privacy Policy so everyone rushed to install
| Signal but the initial surge, was short lived.
|
| Moving the clocks forward to today, looking at my
| extended network of family, friends and acquaintances,
| almost everyone has Signal installed, but most don't use
| it anymore as it's too frustrating and feels dead, so
| everything is still on WhatsApp, especially groups. All
| the Signal groups I have, originally meant to replace the
| WhatsApp groups, slowly died out and people stopped
| posting on them or following them, defaulting instead
| back to the WhatsApp groups.
|
| You don't fix this lack of retention with stickers and
| spammy messenges.
| shafyy wrote:
| Let's see if and how Signal will become interoperable
| with WhatsApp later this year...
| baq wrote:
| Tell me more?
| dylan604 wrote:
| I was all excited about Signal, but rarely use it because of
| this very feature. Once it started sending me notices about
| other users, I was extremely not happy. I was very hesitant
| since one of the first things it did was ask for access to
| contacts. I'm still pissed at myself for allowing it.
| dkjaudyeqooe wrote:
| One of the many reasons to never sign up for a service that
| requires your phone number, or have a special number just for
| this purpose.
| smt88 wrote:
| I've seen this on Telegram but never on Signal. I use Signal on
| both iOS and Windows.
| 2024throwaway wrote:
| I uninstalled Signal and haven't looked back due to the
| constant `X from your address book has joined Signal`
| notifications that you can't disable.
| miken123 wrote:
| Except that, you can actually disable them.
|
| https://support.signal.org/hc/en-
| us/articles/360007061452-Do...
| 2024throwaway wrote:
| Well that's new then. You used to not be able to.
| pitaj wrote:
| There's a setting for it on Android at least:
|
| Settings > Notifications > Notify When > Contact joins
| Signal
| mardifoufs wrote:
| I think you can turn that off with telegram, but I'm not sure
| if it's still the case.
| dsp_person wrote:
| https://github.com/signalapp/Signal-Android/issues/7409
|
| > We've discussed at length why this is not possible, but if
| you have more thoughts then please visit the forums. Please try
| not to open duplicate issues in the future, even if you feel
| like something is important.
|
| I wonder why this is "not possible"
| px43 wrote:
| The list of phone numbers with signal accounts is basically
| public. It kind of has to be. When a new number gets added
| and it matches someone in your address book, your app will
| tell you that one of your contacts has joined. People have
| always had the ability to turn off that feature, but that's
| not what the feature request seems to be asking.
|
| People seem to be asking for a way they can join Signal
| without their number showing up in the registry of Signal
| users. This is why it's "not possible".
|
| edit: This may have changed today. I'm now seeing an option
| that lets me hide my number from the registry. This means
| that even someone with my phone number will not be able to
| message me on Signal, which seems like a good deal to me.
| photonthug wrote:
| After I realized this happened to me, I uninstalled signal. But
| because of the way signal jumps in and replaces normal sms, I
| found out later that signal users were no longer
| sending/receiving plain text messages to/from me properly. I
| forget the details but it was really frustrating.. first it ate
| my contact list and contacted them, then after I uninstalled it
| held those contacts hostage, breaking comms with them because
| those users didn't know they were still signaling me, not using
| a normal text message. I text, they reply with signal, I can't
| ask them to uninstall their app, so now if I don't reinstall
| the app myself or borrow a friends phone to try and reconfigure
| it then I guess we're now out of touch forever? It's not
| privacy-friendly to replace or hide built in functionality,
| it's just an attempt to coerce people and to bolster your user
| numbers.
| sigmar wrote:
| >now if I don't reinstall the app myself or borrow a friends
| phone to try and reconfigure it then I guess we're now out of
| touch forever? It's not privacy-friendly to replace or hide
| built in functionality, it's just an attempt to coerce people
| and to bolster your user numbers.
|
| yeah, you need to authenticate to delete the account (aka
| deregister). How else would they verify that you are the
| owner of the account you want to delete?
| photonthug wrote:
| So because they elected to blur the line between their own
| opt in service and a built in service, I have to jump
| through extra hoops to properly opt out and get my comms
| back up? That's if you even realize any of this is
| happening. Whether it's down to design or to negligence,
| that's a pretty hostile user experience and it feels
| deliberate, especially since they pawed through my Contacts
| to "help" me into this position. I felt disrespected and no
| longer very confident in their stated values/mission. Hard
| to use or recommend after something like that
| ThePowerOfFuet wrote:
| Signal has not supported SMS for quite a while now.
| photonthug wrote:
| It would be interesting to know whether signal decided to
| fix the awful UX I'm describing or if the android/iOS app
| stores noticed the abuse and disallowed it
| lynndotpy wrote:
| This and the iPad "We'll remind you later" iPad notification
| nag are significant problems. I am a big supporter of Signal,
| but it's certainly hostile to those escaping an abusive
| situation. Usernames are a step in the right direction at
| least.
| avsteele wrote:
| Yes, this drove at least two people I know/encouraged to use it
| off the platform. When people see this they also think that
| Signal snooped their contacts. Very bad.
| greysonp wrote:
| Hi there, engineer on the Signal Android app here. Just an FYI
| that the notifications are generated on the receiving client by
| detecting that one of their contacts newly showed up as a
| registered user -- they're not "sent out" by you when you
| register or anything. Also, these notifications have defaulted
| to being disabled for the last 1.5 years or so. So only people
| who go into their settings to manually turn them on should be
| seeing them at this point.
|
| That said, the complaint around this is usually that people
| don't want others to know that they use Signal. And
| unfortunately there was no way to _really_ do that (until now),
| because if you open your chat list, you'll see all of your
| registered contacts. But in the 7.0 release, we added the
| ability to hide yourself from being discoverable by phone
| number at all. So for people who don't want anyone else to know
| that their phone number is registered with Signal, they now
| have that option.
| dylan604 wrote:
| > But in the 7.0 release, we added
|
| great, but what about all of those people that installed
| before 7.0 and had it already happen to them? "oops" doesn't
| help. at. all.
| GuB-42 wrote:
| How come it wasn't the default right from the start?
|
| How can a privacy oriented company not see the privacy
| implication of this? Sometimes, you want to be forgotten by
| some people, and Signal is telling them you are still there
| and active on that number. I remember reading a story about
| someone getting into real trouble for that.
|
| Without "usernames", the proper way to handle it would have
| been to not let anyone know you are on signal when they look
| up your number. To get into contact, send a message, then the
| recipient will receive a notification with the message and an
| option to rely. If the recipient doesn't respond, from the
| sender point of view, it should be as if the account didn't
| exist.
| nalekberov wrote:
| Oh yeah, privacy oriented messaging app requires phone number for
| sign up. Telegram has this feature for years already? It seems to
| me that they are positioning themselves as privacy saviours just
| because they are non-profit organization and their app is open
| source.
| cl3misch wrote:
| It is privacy with respect to government surveillance and the
| like. Not the kind where you mistrust your contacts.
| miramba wrote:
| Maybe in the US you don't need to mandatory register a phone
| number with a valid id, in most of the world you have to. If
| anyone can require the phone company to reveal your identity,
| it's the government.
| autoexec wrote:
| Not really the case with signal anymore. if you want privacy
| you should look elsewhere.
| yreg wrote:
| Care to elaborate?
| autoexec wrote:
| I posted links to a lot of information here:
| https://news.ycombinator.com/threads?id=autoexec#39445866
|
| The TL;DR is that they collect and forever store
| sensitive data in the cloud, meaning that the US gov
| could almost _certainly_ access that data and any other
| government could access any one person 's data too just
| by brute forcing a PIN
| nalekberov wrote:
| BTW I am probably getting downvotes from Signal's fanboys who
| refuse to do their research.
| gtvwill wrote:
| Went for IT job with Intel gov mob. Got asked to use signal for
| interviews. Can't trust signal anymore. Definitely backdoored.
| atoponce wrote:
| The source code is open source. Please point to the lines of
| code where the backdoor exists.
| areoform wrote:
| Signal is one of the great undertakings of our time. And it's one
| of the last bastions of internet freedom.
|
| A free-to-use global communications platform that doesn't censor,
| respects user privacy from the ground-up, and is run by a non-
| profit foundation that is faithfully dedicated to its mission.
| https://signal.org/bigbrother/.
|
| We should support it. If you haven't already, then consider
| signing up for a recurring donation to the Signal Foundation. I
| try to give what I can afford, because I believe that digital
| freedom is essential for the progress of all humankind,
| https://signal.org/donate/
|
| Without such projects, our civilization will stagnate and die in
| darkness.
| miramba wrote:
| Requiring a phone number is like asking for an id. What does
| signal offer that whatsapp doesn't? Serious question.
|
| Edit: Ok, ok, I was wrong, signal does have advantages over
| whatsapp.
| nicce wrote:
| WhatsApp does not provide real encryption - all the metadata
| is unencrypted!
| KomoD wrote:
| And they're also owned by Facebook, not exactly a company
| that should be trusted
| Vinnl wrote:
| It encrypts your metadata (the most important data) and
| doesn't use it to manipulate you. It's a non-profit. And now
| you can use it without exposing your phone number to other
| users.
| pyramid301 wrote:
| Whatsapp only e2e encrypts message contents. The only thing
| Signal knows about you at any given time is the time of
| account creation and the date of your account's last
| connection to Signal servers. That's tied to your phone
| number. They don't know who you chat with, the contents of
| those messages, your phone contacts, anything.
|
| I'd get a chuckle out of comparing that with the privacy of
| Whatsapp.
| croes wrote:
| No data sharing with FB
| purplejacket wrote:
| Again: Metadata. WhatsApp records a timestamp of every
| message you send/receive, and who the other party is. Signal
| only records two pieces of metadata: timestamp of when you
| signed up, timestamp of the last time you sent a message.
| revicon wrote:
| Whatsapp message content can be pulled via a subpoena along
| with a lot of other private data. Signal's can not.
|
| FBI doc on what messaging apps can provide via subpoena
| pulled by a FOIA request...
|
| https://propertyofthepeople.org/document-detail/?doc-
| id=2111...
| rmgk wrote:
| That link says for WhatsApp:
|
| > Message Content: Limited*
|
| > * If target is using an iPhone and iCloud backups
| enabled, iCloud returns may include WhatsApp data, to
| include message content
| arp242 wrote:
| > Whatsapp message content can be pulled via a subpoena
| along with a lot of other private data. Signal's can not.
|
| Your own link does not say that. At all. It directly
| disputes that.
| godelski wrote:
| I think this link is better
|
| https://signal.org/bigbrother/
| __MatrixMan__ wrote:
| People who subpoena Whatsapp know who your friends are.
| cja wrote:
| 1. Facebook owns WhatsApp and uses it to collect data about
| people, such as who they communicate with, how and when. They
| also know about many of the websites you visit and what you
| do there. They know everything you do on Facebook, Facebook
| Messenger and Instagram. They buy mountains of data about us
| from other sources. By analysing all of that data they can
| probably do a reasonable job at guessing the content of your
| WhatsApp messages.
|
| 2. WhatsApp tries to get every user to accept the option to
| backup messages and photos to Google Drive, where they sit
| unencrypted and accessible by Google. Even if you reject that
| option yourself, your correspondents are likely to have
| enabled it (if only just to stop WhatsApp from nagging about
| it) and so your messages are available for Google to read.
| Example of why this can be bad:
| https://www.vice.com/en/article/zm8q43/paul-manafort-
| icloud-...
|
| 3. Google Photos asks WhatsApp users if they'd like it to
| back up their WhatsApp photos. Even if you reject that
| option, your correspondents may have enabled it and so your
| photos are stored online unencrypted and accessible by
| Google.
|
| 4. Why should we limit what Google and Facebook know about
| us? Google and Facebook influence our behaviour for the
| benefit of their paying customers. Their computer systems are
| too powerful for our minds. They work against us, not for us.
| Companies like Facebook will come to be seen like tobacco
| companies, except that the harm is as from mind altering
| drugs. There is a documentary on Netflix called The Social
| Dilemma which explains this well. The polarisation of
| societies and the spread of conspiracy theories are some of
| the effects. The only defence is to disengage.
|
| 5. Read about Chinese-style social credit to understand why
| you want companies like Facebook and Google to know as little
| about you as possible. This is a good overview:
| https://nhglobalpartners.com/wp-
| content/uploads/2021/10/chin...
| joshuaissac wrote:
| > backup messages and photos to Google Drive, where they
| sit unencrypted and accessible by Google
|
| WhatsApp provides an option (off by default) to encrypt the
| backup with a password so that it cannot be decrypted by
| Google.
| ninkendo wrote:
| My 2C/, as someone who tried using WhatsApp once and ran away
| screaming:
|
| WhatsApp requires you to give it access to all your contacts
| (your entire address book) in order to use it at all. This
| information is uploaded straight to Facebook's servers where
| they'll inevitably use it to place your WhatsApp account in a
| social graph so they know who you are based on your contacts.
| I found this to be unacceptable so I uninstalled it.
| dijit wrote:
| Yeah, nah, it might be fashionable but I'm not 100% convinced
| that it's not an operation intended to be a lightening rod for
| "private" communication.
|
| Given how tightly they control development, disallow third-
| party clients, disallow federation, disallow self-hosting
| servers, have a history if disallowing use without google play
| and have hid huge development features from the public (mobile-
| coin) despite being open source. etc;
|
| The idea that it's _a great undertaking of our time_ is so
| bombastic that it 's guaranteed to be false even if you truly
| believe that they are completely altruistic (which I'm willing
| to believe but it's not coming easy to me based on the above).
|
| "What's better"? Matrix. Which seeks to solve all of my points,
| the only thing lacking is market share which honestly is
| partially caused by these "easy to use" services which trade
| off everything else, which also consumes developer mind-share
| even if you're unwilling to acknowledge that. (devs are
| motivated to solve issues for friends, family and themselves if
| they are exposed more frequently to systems and services that
| are sub-par).
| tgsovlerkhgsel wrote:
| The reason Signal is successful is because it at least
| _somewhat_ reliably works, while Matrix is the worst of
| fiddleware.
|
| https://blog.koehntopp.info/2024/02/13/the-matrix-
| trashfire.... explains why Matrix is lacking market share,
| and I think Signal's decision to be aggressively closed is
| due to a justified fear of becoming that.
| sitzkrieg wrote:
| the matrix protocol immediately fell over on syncing huge
| channels etc tho
| jeltz wrote:
| They have fixed that with sliding sync but not all
| clients support that yet.
| NavinF wrote:
| > but not all clients support that yet
|
| The mantra of every network that stays mediocre
| riedel wrote:
| I don't know if there is a straightforward correlation. I
| agree that my first Matrix experience was also not that
| satisfactory, but my university switched from XMPP to
| Matrix. I really liked conversations and quicksy. It just
| worked for me out of the box even with OTR stuff. However,
| it seems that there was not enough development on the
| server side, which I guess it led to the switch by our
| computing Center. Also the whole German health system as
| well as the army is switching to Matrix. I still think it
| is completely over engineered but it has a decent push.
| arp242 wrote:
| I think this is a false dilemma; you can have the high-
| quality implementations _and_ be more open.
|
| I've criticized Matrix before for their "protocol-first"
| approach and "too neutral" stance towards clients (which
| they've changed somewhat it seems; previously [1] was a
| table of clients with no clue what to choose, now it at
| least has "featured clients"). I feel they repeated the
| same mistakes as XMPP, which has not improved their client
| list.[2] Protocol nerds will say that's a good thing, but
| all it really does is ensure your protocol remains marginal
| because most people just get confused. People choose
| software, not protocols.
|
| But you can write a high-quality client _and_ a
| specification _and_ allow people to write their own apps.
| IMHO Signal is needlessly restrictive. Sure, focus on your
| own implementation and the quality of that first. 100% the
| right decision. But there 's no reason to not at least
| allow _some_ things down the line. Signal is just a few
| months shy of their tenth birthday - they 're well past the
| "ensure the quality of our official client"-phase.
|
| [1]: https://matrix.org/ecosystem/clients/
|
| [2]: https://xmpp.org/software/
| chaps wrote:
| At the end of the day, the problem with this model is
| that it _expects_ free labor to take over the next part.
| Which might work for a little bit -- until it doesn 't.
| Then you have the situation we're currently in where
| everything related to matrix is mediocre.
| wulfeet wrote:
| That was a fun read :-)
| zcmack wrote:
| in a world where iOS users won't install another free app
| from the app store because they already use iMessage, matrix
| is like asking for your friends to perform calculus just to
| talk to you.
| dijit wrote:
| Sure, but I don't see whatsapp/telegram as worse
| realistically if you've already lost at that level.
|
| Signal is very much in the same area of: "trust us".
|
| With a caveat that they also say: "here's a bunch of
| information on why you should: but you can't _really_
| verify any of it and we have proven bad faith before- also
| we have an army of people who will pile-on if you call us
| out for not being actually verified, so, just trust us- we
| are the secure messenger and all those scary things are
| just so we are easy to use ".
| tamimio wrote:
| Pretty much, Signal is more dangerous for giving that
| false sense of privacy while you need to trust them just
| like other messaging apps, no thanks.
| buzzerbetrayed wrote:
| > Signal is more dangerous...
|
| Definitely not true. Facebook literally censors private
| conversations. You simply can't send certain text strings
| to your friends. That is _far_ more dangerous than
| relying on a third party that claims to be protecting
| your privacy. Especially since all signs point to them
| being honest.
| aembleton wrote:
| What strings can't I send over WhatsApp?
| Nab443 wrote:
| I read somewhere here that, in the case of what's app
| more metadata is shared with meta, and telegram doesn't
| have E2EE by default for groups. Didn't check though.
| godelski wrote:
| You're correct. There are more security features with
| signal too like the server stuff. It's true that they
| don't update the code enough but the parent is being
| overly critical. It's not like WhatsApp is giving us
| access to the server in any form. So it's not a fair
| comparison. (Edit: Also, the app can be built from source
| and you can verify that the communication isn't happening
| in a way where the server could decrypt it. So it's not
| too big a deal that the server isn't perfectly up to date
| on public commits)
|
| To their point, there are benefits to federated systems.
| But I've yet to see a federated system have moderate to
| large usage without becoming centralized. Think email.
| And until this problem can be solved you're still left
| with a "trust us" problem. There's no trustless system
| out there, yet. But hopefully it comes in the future. In
| the meantime, signal is the best if you also want to
| communicate with anyone that can't tell you if a stack is
| FIFO or LIFO (or even know those acronyms).
| godelski wrote:
| Funny enough the best way I found to convince iOS users to
| talk to me on signal is by telling them it's like iMessage
| but cross platform. Sure there are differences but most
| people aren't using those features. I do think signal could
| really benefit by just linking signalstickers.com into the
| app since that's the biggest complaint I actually get.
| parl_match wrote:
| Signal has its problems, some of them sever. It's also buying
| "us" much needed time to build out federated and self-hosted
| chat platforms.
|
| I truly believe they are altruistic, although it is
| unrealistic to expect that to last forever.
|
| By the way, some of the claims you made about their "bad
| actions" are actually false. And Matrix is still incredibly
| annoying to work with for "normies" and only recently got
| first-class E2EE and retention policy, both things needed for
| a secure chat experience. And btw, those things aren't deeply
| supported in the ecosystem, and also it doesn't have client
| feature flag alerting (to allow good intentioned clients to
| de-facto report they don't support certain security
| features).
|
| I do think Matrix (or something like it) is the future, but
| it's certainly not the present.
| pimlottc wrote:
| *severe
| pests wrote:
| Just because a project is open source doesn't mean everything
| the team works on or releases will be in the public eye, nor
| does it even imply that it has to be open source as well.
| theultdev wrote:
| That's not what this is about.
|
| It's not just _any_ open-source project.
|
| It's a privacy-orientated open-source project.
|
| They could at least BSL the server code and allow others to
| verify the server code and host but not compete.
| growse wrote:
| > They could at least BSL the server code and allow
| others to verify the server code and host but not
| compete.
|
| This is exactly what they do (except they use AGPL):
| https://github.com/signalapp/Signal-Server
| mindslight wrote:
| I agree about the passing utility of Signal [0] but Matrix
| (which I do use) is a barely adequate dumpster fire. They
| spent all this effort developing a generic synchronization
| protocol, but yet didn't include native encryption _in 2014_
| and had to bolt it on as an afterthought? And the last time I
| tried to find a native client it seemed like they were all
| still using web engines for rendering (inherently slow and
| insecure), presumably because the markup is too complex to
| make straightforward native apps.
|
| [0] I don't even use Signal. My tack is to isolate and
| contain my "mobile phone" device as much as possible (when
| I'm home it generally stays next to the door on a charger).
| Whereas Signal has been designed around that single device as
| a critical part of my life. When I can sign up using only a
| username, and use Signal from a native client or web browser
| without any sort of Android device in the picture, then I'll
| be interested.
| godelski wrote:
| I really like the idea of federation, but I haven't seen it
| be successful in practice. I can't think of a federated
| service that isn't also highly centralized. This was a big
| problem for cryptocurrencies and it's not like email isn't
| almost all Microsoft or Google. Mastodon has been struggling
| as well.
|
| While I think there are better services to be private and
| secure from a technical perspective, there's one killer
| security and privacy feature that Signal has that on one else
| does: usability. It's pretty hard to get my grandma onto
| Matrix, but it isn't hard to get her on Signal. The truth of
| the matter is that you can't have private and secure
| conversations if there is no one on the other side. So while
| I really do like Matrix and the like, I think of them as more
| alpha or beta type projects. I don't find that the bashing of
| Signal is helpful (like we also do with Firefox) because all
| it does is creates noise for people that don't understand the
| bashing is coming over a nuanced and biased point of view
| (we're mostly highly tech literate here on HN, it is a
| bubble. But people still read our comments that aren't). End
| of the day, if we aren't getting 1 click server installs (or
| literally everyone is a host), federated systems are going to
| become highly centralized at some point. PGP's always failed
| because the easiest way to hack a PGP email was to reply that
| you couldn't decrypt. It wasn't appropriate for the masses
| even when it wasn't difficult to use. Don't get me wrong, I
| love Matrix, but it's got a long way to go to get mass
| adaptation.
|
| Fwiw, I remember a user awhile back offering a bounty for a
| decentralized pathway in Signal[0]. The idea was to create an
| AirDrop like system to help with things like local file
| sharing but then extend the project forward to create a mesh
| network. Seems like a reasonable idea to me. I think it may
| be more advantageous to try to push Signal in the right
| direction than rebuild from scratch. I'd highly encourage
| people with other opinions to participate in the Signal
| community because it is a crazy echo chamber in there and for
| some reason the devs treat it as a strong signal.
|
| [0] https://community.signalusers.org/t/signal-airdrop/
| Evidlo wrote:
| There is still a huge difference between a totally
| centralized system and partially federated one.
|
| An analogy is the U.S. is a two-party system, but most
| would consider this significantly different than the one-
| party system in North Korea or Russia.
|
| A federated system with a few large players is still much
| better than a centralized one.
| godelski wrote:
| I agree with all this, but only to a certain extent. The
| big disadvantage of a centralized system is the ability
| to control an entire ecosystem. The same reason we
| dislike monopolies. It's because monopolies of any kind
| have the ability to abuse their power, though that
| doesn't mean they do. I mean browsers are "decentralized"
| and that doesn't stop Google from exerting significant
| control, especially considering most browsers are
| chromium (I find it weird people say to fight Chrome by
| switching to a different color of Chrome).
|
| Like I said, I'm all for Signal becoming federated. It's
| why I dropped that link to the airdrop feature request.
| I'd also be in favor of people running their own servers.
| I mean the server code is available, you just can't
| connect it with the main network. So as far as I see it,
| there's nothing stopping this from happening. I see a lot
| of people complaining but I'm not aware of any major
| roadblocks. That doesn't mean there aren't any, but I'm
| just not aware of any. And fwiw, there are alternative
| Signal clients like Molly[0]. So at least the app can be
| disjoint from the official ecosystem.
|
| [0] https://github.com/mollyim
| chaps wrote:
| Easy to use is important and it's a shame that you're
| downplaying that. More accessible than PGP/OTR? Sure. But
| maybe by a hair's width of an alligator's back.
|
| If I am working with a source who gets frustrated by the
| impenetrability of communicating with me because I _insist_
| they use matrix while they 're not technical and likely
| impatient, then that person will be much more likely to use a
| fallback method such as SMS or email, and they'll do it
| without warning. It's legal risk, period. My job is to make
| sure that they can share information with me as easily as
| possible and during a particularly sensitive period of that
| person's life, usually. Matrix, as a sibling post highlighted
| well, is too difficult for this use-case. That is an enormous
| failure for a use-case of sensitive information sharing.
| uraniumjelly wrote:
| XMPP cries in a corner. I wish XMPP had more accessible (to
| the general public) desktop clients. Conversations is great,
| but speaking from experience, people aren't going to want to
| use Gajim because it looks like it's ten years old (even
| though that's a good thing ;). XMPP needs better clients in
| general. The last time I used Profanity it had very annoying
| bugs about sending and saving OMEMO encrypted files.
| snickerer wrote:
| We really should convince Moxie Marlinespike to push the
| implementation of an out-of-the-box working bridge between
| the Signal client and the Matrix network. With e2e
| encryption, of course.
| input_sh wrote:
| I think we're definitely approaching time when Signal /
| WhatsApp / Facebook Messenger / Google Messages / Matrix /
| etc will all become at least somewhat interoperable, and
| it's gonna happen _very_ fast (~Q3), mostly because EU 's
| Digital Markets App is basically forcing them to. (Well
| okay, only Meta-owned platforms are forced to.)
|
| Matrix did an interoperability talk on FOSDEM (https://fosd
| em.org/2024/schedule/event/fosdem-2024-3345-open...) and
| it's basically confirmed
| (https://www.wired.com/story/whatsapp-interoperability-
| messag...) there was some experimental work done on
| connecting WhatsApp (and ergo every other Signal protocol
| compatible app) and Matrix.
| Evidlo wrote:
| From Moxie himself (excerpt from Github issue):
|
| > It is unlikely that we will ever federate with any
| servers outside of our control again, it makes changes
| really difficult.
|
| > ... I understand that federation and defined protocols
| that third parties can develop clients for are great and
| important ideas, but unfortunately they no longer have a
| place in the modern world. ...
|
| Also, hasn't Moxie basically left Signal?
| sneak wrote:
| They don't and can't disallow third party clients. The client
| is GPL.
| striking wrote:
| https://github.com/LibreSignal/LibreSignal/issues/37#issuec
| o...
|
| > If you think running servers is difficult and expensive
| (you're right), ask yourself why you feel entitled for us
| to run them for your product.
| kelnos wrote:
| Matrix?! As someone who runs is own Matrix homeserver, oh,
| man, no way. Matrix is super fiddly, unreliable, and user-
| unfriendly (and I say this as someone who has at times agreed
| that Signal can be user-unfriendly).
|
| Matrix also is just not particularly private. Servers control
| and know far too much about users, and pretty much no
| mainstream client enables E2E encryption by default. Matrix
| is an impressive piece of technology, but it has a long way
| to go before it's as usable for an average mobile phone user
| as Signal is.
| godelski wrote:
| > We should support it. If you haven't already, then consider
| signing up for a recurring donation to the Signal Foundation.
|
| I always like to remind people that you can also donate through
| your employer and many will match. This is a great way to
| multiply your donation and everybody wins. Your org is going to
| donate x amount a year anyways and so might as well "vote" on
| where some of this money goes.
| oezi wrote:
| While I am thankful that Signal exists and is a considerate of
| privacy concerns I don't think their decisions are always
| right.
|
| For instance, I would love to see picture sent to me by my
| spouse automatically saved to camera roll. Signal has no option
| for this because it could put the privacy of me and the sender
| in jeopardy.
| godelski wrote:
| They have a community forum with a feature request system.
| Though I'll admit it's a big echo chamber there. But every
| new user adds a new voice and I can't see how that isn't a
| good thing.
|
| Fwiw, I want this feature too. And others. I've submitted
| feature requests in the past. I even asked that usernames add
| QR codes and links. I'm not sure if I was heard, but hey, the
| feature is there and even some of the echo people were
| against it.
| kiwijamo wrote:
| WhatsApp has this feature and it drives me nuts. My roll is
| full of crap people (especially chat groups) send me and I
| have to clean it up every now and then. I surely hope Signal
| doesn't do this and keeps the current approach of allowing
| users the option to download the images they want, when they
| want.
| jjav wrote:
| > And it's one of the last bastions of internet freedom.
|
| I don't want to be too negative on Signal since they do some
| good work and I do use it.
|
| But freedom? No. It is another completely proprietary platform.
| A better one, but still proprietary, so the antithesis of
| internet freedom.
|
| For example just earlier this month the Signal client overnight
| stopped working on my old Mac because they decided to no longer
| support older OSX releases. So I can longer use it on that
| machine, my primary desktop.
|
| If Signal was in any way open or free (as in freedom) I'd just
| compile my own client to speak an open protocol and be back in
| business. But no, Signal is just a proprietary service with a
| proprietary client.
| gruez wrote:
| >If Signal was in any way open or free (as in freedom) I'd
| just compile my own client to speak an open protocol and be
| back in business. But no, Signal is just a proprietary
| service with a proprietary client.
|
| Isn't the source code available? What's preventing you from
| compiling your own copy?
| dingnuts wrote:
| The server is centralized -- you might be able to stand up
| your own but it doesn't matter because you can't use it to
| talk to anyone else who isn't using your custom built app
| that uses your server
| gruez wrote:
| In other words you're complaining that it's not
| federated? That point has been relitigated in other parts
| of this thread so I don't want to go down that path. More
| to the point, I don't think that's what the parent post
| is talking about. He's complaining how he can't run
| signal on his outdated machine, not that he can't run his
| own private server.
| warwren wrote:
| Here u go
|
| https://github.com/signalapp/Signal-Desktop
| godelski wrote:
| As far as I'm aware, everything is open[0]. Only issue I know
| of is that the server code isn't consistently up to date and
| you can't run your own. But you can compile the app and
| desktop clients yourself. I guess there's also the issue of
| reproducible builds but AFAIK this is a play store issue and
| doesn't seem that problematic since you can compile from
| source. I mean they even have a commit from 4 days ago for
| the Android app.
|
| [0] https://github.com/signalapp
| jjav wrote:
| > Only issue I know of is that the server code isn't
| consistently up to date and you can't run your own.
|
| Why can't you run your own? Sounds like it is not entirely
| open. (Never looked into it, so would be interesting to
| understand what is missing.)
|
| > But you can compile the app and desktop clients yourself.
|
| This has been talked at length here in HN before, they
| prohibit any clients other than their proprietary binary
| distribution.
|
| If that has changed, I'd be thrilled. Can anyone point at
| it having changed?
| numeri wrote:
| I believe what the grandparent comment meant was that you
| can't run a server that participates in the public
| network, not that you can't run a private server. That
| was my prior understanding, at least.
|
| I might very well be wrong, and if so, someone please
| correct me.
| godelski wrote:
| That is correct. I should have been clearer in my
| distinction. You can run your own server but that server
| won't connect to the official Signal network. You're
| completely fine to run your own[0]. FWIW I've seen other
| software roll their own servers and use the Signal
| protocol. I mean WhatsApp uses the Signal protocol but I
| think they've diverged a lot since.
|
| [0] There's always talk about the big deal breaker for
| Signal being that it isn't federated. So I've always
| wondered why this passion isn't used to generate a
| federated Signal network and is more focused on Matrix
| (who only recently started being E2EE). I don't know how
| these things work, I'm not that kind of programmer, but I
| can't see why you couldn't modify the server code to work
| in a federated fashion and edit the app code to be able
| to connect to both? I'm actually interested to know why
| if someone actually has an answer.
| gruez wrote:
| >they prohibit any clients other than their proprietary
| binary distribution.
|
| source?
| imkh wrote:
| There are quite a few forks that connects directly to the
| Signal servers,
| [Molly](https://github.com/mollyim/mollyim-android) being
| the most well-known I believe.
|
| From my understanding, they're not a fan of it (not sure
| if it's officially against their TOS or not) but they
| don't go out of their way to stop them. At least as long
| as you don't use the Signal name and make it clear you're
| not an official app.
|
| Even in this blog post about usernames, they clearly make
| sure to mention them: "This means that in about 90 days,
| your phone number privacy settings will be honored by
| everyone using an _official Signal app_. "
| BHSPitMonkey wrote:
| Signal has documentation on how to reproduce their Play
| Store builds and compare them with what you've installed
| locally:
|
| https://github.com/signalapp/Signal-
| Android/blob/main/reprod...
| j0hnyl wrote:
| I believe signal is completely open source...
| a1o wrote:
| > old Mac
|
| > older OSX
|
| How old OSX are we talking? Is it older than current Xcode
| with Sonoma supports? If it's that, then you have your
| answer. If you want to daily drive and older machine Linux or
| even Windows should be fine, but this is not really the way
| with Apple hardware - if it was, Xcode would make this easier
| for the developer. For reference, you can still build for
| Windows Vista using current Windows 10 SDK - I haven't tried
| Windows 11 SDK, so not sure how things are there.
| purpleblue wrote:
| I thought I read that Signal has some funding by the US
| government. Was that not correct?
| godelski wrote:
| That's correct, but so what? So does Tor. The US isn't a
| single unified entity. They get some funding from groups that
| promote encryption. Gov still wants encryption for their own
| people and for people in authoritarian countries (it's hard
| for normal people to overturn an authoritative government
| when all communications are watched. No need to discuss CIA).
| But also remember there's plenty of US gov groups that attack
| Signal too. Just saying "US funded" isn't strong enough on
| it's own. The gov has it's hands in everything so it's too
| noisy. You'd need to make an argument about it's dependency
| on that money, which they aren't. Records are public btw,
| they are a nonprofit.
| tw04 wrote:
| They need to actually listen to users. Signal needs to support
| SMS, they need to support backups, they need to support easily
| migrating to new devices. I don't care if it makes me slightly
| less secure, make it a checkbox in the client that I agree if I
| enable the features, I'm a moron because some nation state
| could abuse it.
|
| Otherwise, it'll always be niche. I'm never getting non-
| technical friends and family to adopt a messaging app that
| isn't unified for SMS and secure messaging. When they say
| "users might not know they're sending insecure SMS messages" -
| fine, you own the client. Make the client bright red with a
| flashing "INSECURE MESSAGES" across it for all I care. It's not
| hard to inform a user in 2024 that they are sending a less
| secure message.
| newaccount74 wrote:
| Signal has so many footguns that I stopped recommending it. I
| know more than one person who lost all their messages and
| pictures when they switched phones.
| arichard123 wrote:
| I once did work for a UK politician and got a notification when
| they signed up.
| hnarn wrote:
| So?
| arichard123 wrote:
| Well I don't think I should be told what apps they use
| WolfeReader wrote:
| Good choice on their part.
| shp0ngle wrote:
| This is the interesting part. For me.
|
| > Note that if provided with the plaintext of a username known to
| be in use, Signal can connect that username to the Signal account
| that the username is currently associated with. However, once a
| username has been changed or deleted, it can no longer be
| associated with a Signal account.
|
| The "no longer associated", I will need to get Signal word for
| that, right. (You cannot cryptographically prove something was
| deleted, right.)
|
| But it's good enough I guess
| smt88 wrote:
| You shouldn't need to cryptographically prove that an old
| username is unavailable. You should be able to simply send a
| request to Signal servers asking if it's available and receive
| "no" as a response.
|
| You'd have to take their word that this wouldn't change,
| though.
| snambi wrote:
| This is fantastic.
| EastSmith wrote:
| When they announced usernames I thought I will be able to install
| Signal on my TV desktop (linux) and send / receive messages from
| to it (links, files, etc).
|
| Now that I know it still needs phone number I assume it will need
| to be unique so my use case fails.
|
| For the record, I am still a happy Signal user and a monthly
| supporter, thank you very much.
| tapoxi wrote:
| There's a contact in Signal called "Note to Self" that you can
| use for this.
| hnarn wrote:
| Just hair splitting obviously but I don't think it's really a
| contact, it's just what the recipient shows as when you send
| something to your own number.
| WolfeReader wrote:
| I use Signal this way too. It's great for small messages and
| files. For larger files, you'd want SyncThing.
| Razengan wrote:
| Ol' MSN Messenger, back in 4000 BC, had solved everything
| already.
|
| All of the current messaging apps are spyware in one form or
| another.
|
| Why can't they function without access to the entire contacts
| list?
| tapoxi wrote:
| Signal doesn't store anything about your account on the server
| except last login time and when you registered. It doesn't
| store a contacts list, so it used your own, assuming you
| granted it access to do so.
|
| Contrast to MSN, which kept your contacts on the server, as
| well as information about your account, groups, your plaintext
| messages, etc.
| zelphirkalt wrote:
| Not sure if DeltaChat or Briar require access to contacts.
| Maybe those could be good for you?
| ThePowerOfFuet wrote:
| Signal has never had access to my contacts and works perfectly
| without it.
| gigel82 wrote:
| All I know is since they introduced this feature I received 4
| spam messages about crypto, whereas in the past several years I
| received 0 such messages. Overall a net negative for me.
| contact9879 wrote:
| You mean in the hour and a half it's been released...?
| gigel82 wrote:
| No, this happened over the past 2 months. I've received
| messages from accounts with female first names without any
| phone number (and obviously not in my address book). I
| suspect they were testing the username feature pre-release
| and bad actors already started taking advantage of it.
|
| It's 2 swipes to block and delete but a problem I never had
| to deal with before on Signal.
| hnarn wrote:
| I just donated the minimum amount to Signal through the app
| (~$3), I encourage all other users to do the same, because every
| time a Signal article is posted it's a reminder how dystopian IM
| would be if there was no realistic, privacy respecting option for
| "normal people".
|
| It's probably the only piece of privacy friendly software I've
| recommended to older relatives that actually stuck. It's not
| fancy, but it's solid, simple and does what it's supposed to.
| dylan604 wrote:
| well, technically, you donated ~$3 - 30%, yeah?
| hnarn wrote:
| what is your point?
| kilolima wrote:
| They are not usernames, so why do they call them that? They are
| more like disposable per-conversation identifiers.
|
| "Usernames in Signal do not function like usernames on social
| media platforms. Signal usernames are not logins or handles that
| you'll be known by on the app - they're simply a quick way to
| connect without sharing a phone number."
|
| Also, this is not finally the feature Signal users actually want
| - not having to sign up for Signal with a phone number and using
| a username instead.
|
| This new "feature" does very little to make signal more secure or
| private.
| IshKebab wrote:
| That was my first thought too. It's stupidly confusing to call
| something that acts nothing like a username a username. They
| clearly know that given the number of times they clarify how
| they work. Here's another:
|
| > Note that a username is not the profile name that's displayed
| in chats, it's not a permanent handle, and not visible to the
| people you are chatting with in Signal. A username is simply a
| way to initiate contact on Signal without sharing your phone
| number.
| XorNot wrote:
| Because a regular person, being given _not a number_ for
| something, is going to call it a username.
|
| Later explaining "you can have multiple usernames" is easier
| then trying to undo that conception. People are familiar with
| it. Your username is how you identify yourself on the
| computer in every context when it's not obviously your phone
| number.
| JoshTriplett wrote:
| It's absolutely a username. It can be _changed_ arbitrarily
| whenever you like, and you 'll probably in the future be able
| to have more than one name for the same underlying account,
| but it's still a username.
|
| Other services do this too. For instance, you can sign up for
| some services with an email, and that's what you use to sign
| in, and you might be able to find other people by email if
| they let you, but you don't necessarily get shown someone's
| email on their profile, just the display name in their
| profile. And (in a well-designed service) you can change your
| email address at any time.
| vorticalbox wrote:
| > They are more like disposable per-conversation identifiers.
|
| Why are then not just random when you go to the share screen.
|
| No real reason to let a person pick it
| vel0city wrote:
| The point is to make it easier to verbally tell your friend
| "I'm vel0city23 on signal, add me" and have them actually
| remember.
| afroboy wrote:
| How to you suggest to fight spam accounts without registering
| with a phone number?
| drexlspivey wrote:
| What's a spam account anyway? If I create a new account per
| conversation does that count as spam? It puts exactly the
| same strain on Signal servers.
| godelski wrote:
| A spam account is a fake account that sends spam. Like
| Bitcoin bullshit. Platforms like signal, Whatsapp,
| telegram, and others have an issue since you can just
| message literally every possible number. One way signal
| handles this is by not identifying that you even have an
| account unless you accept the message. There's also rate
| limiting and other stuff going on. But I'm pretty sure you
| know that a spam account is. If you really don't I'd love
| to learn how you use the Internet because I'd love to learn
| how to avoid these accounts. Twitter and Gmail loves to
| connect me with spam accounts.
| drexlspivey wrote:
| How does signal know that account X is sending Bitcoin
| bullshit if the messages are encrypted? Also I see you
| have a Keybase account, Keybase doesn't use phone
| numbers, how do they solve "spam accounts" ?
| godelski wrote:
| > How does signal know that account X is sending Bitcoin
| bullshit if the messages are encrypted?
|
| They don't. That's not what I intended to say, sorry for
| the miscommunication. It's just a common spam bot I see
| on things like Facebook, Insta, Twitter, TikTok, Reddit,
| email, etc. But Signal can stop you from sending 100
| messages a second. There are other ways to fight spam
| without needing to know any of the users or contents of
| the messages. A lot can be done from the minimal metadata
| that's required to perform communications.
|
| > Keybase doesn't use phone numbers, how do they solve
| "spam accounts" ?
|
| I don't know but I'm not a security expert. So you
| probably shouldn't be asking me. But if you got any
| questions about ML I'm qualified to answer some of those.
|
| I'm pretty sure a big reason Signal uses phone numbers is
| just because they built from Text Secure. It is also
| aimed at an audience less technical than Keybase's target
| audience. I mean Keybase is free and private but everyone
| still uses Slack or Discord. FWIW, Signal does write
| blogs about these things. So if you'd like to learn more
| I suggest reading those while you wait for someone much
| more qualified to answer your question. I think you'll
| get it answered much faster if you're less assertive. Or
| you could go the otherway and try the old tactic of
| confidently saying something outlandish and wait for
| people to correct you. But I think this is a more
| difficult method to get answers to a specific question.
| Your call though.
| chrisnight wrote:
| Why is the defining feature of being human the property of
| having a phone number?
|
| Spam is indeed a hard problem to solve, but the issuance of
| phone numbers is not designed to be used as human
| identification.
| vel0city wrote:
| Maybe they're not necessarily going for "all humans that
| exist everywhere under any circumstances" but instead
| "humans likely to have access to a phone number which can
| sometimes receive SMS."
|
| Not every app needs to cater to every single human and
| potential use case on the planet.
| godelski wrote:
| Is it? On Twitter and discord people see a different name than
| my username. Username tends to be more for connection and
| display name for identification. While I get the argument I
| don't see why this is a big deal.
| webdoodle wrote:
| > Also, this is not finally the feature Signal users actually
| want - not having to sign up for Signal with a phone number and
| using a username instead.
|
| Agreed. I don't own a phone of any kind, and would love to use
| Signal, but alas I can't because you need a telephone number,
| or a level 65 Necromancer to do the magic to sign up without
| it.
|
| * Magic: https://www.techbout.com/use-signal-without-phone-
| number-sim...
| jraph wrote:
| It does, because instead of having to share your phone number
| to Signal + all your contacts, you can share it with Signal
| only. It is an improvement. It doesn't address the case where
| you are not willing to share your phone number to Signal, but
| it addresses the case where you tolerate it but would like to
| discuss with someone with whom you'd rather not share your
| number.
|
| I hope it will allow creating groups without forcing members to
| have their phone numbers shared with everyone.
| sigmar wrote:
| Doesn't seem "disposable per-conversation" in my reading of the
| announcement. Seems like a permanent username that just doesn't
| get featured in the conversation.
|
| >Your profile name remains whatever you set it to.
| godelski wrote:
| This is fantastic! I also love that there is the QR code
| generator. It'll make connecting easier.
|
| I hope moving forward we can have multiple usernames and
| profiles. This would greatly increase privacy since we may have
| different identities in different social groups. Even on HN a lot
| of us have multiple personas. I find one of the big challenges is
| actually handling these different identities as most software
| only assumes you have one. Though it seems to be common on social
| media like twitter or instagram. But bitwarden still doesn't know
| how to differentiate microsoft logins lol
|
| Edit: I'd love in the future to also see things like self
| destructing or one time links. I don't think these should be hard
| to implement, especially if one can have multiple usernames.
| Certainly a limit like 3 would be fine with the numbers, right?
| Personally I wouldn't be upset if multiple names became a premium
| feature but I'd strongly prefer if it wasn't. I get that signal
| still needs money (https://news.ycombinator.com/item?id=39446053)
| LtWorf wrote:
| Telegram has had all of these features for a while... too bad
| it isn't as secure as signal or it'd be perfect, since it's
| also written in a real GUI toolkit and present in distribution
| repositories.
|
| I do wonder how telegram and signal are planning to finance it
| long term. Telegram is adding absurd paid features like
| exclusive animations, which won't earn nearly enough to cover
| the costs.
|
| I wonder where signal is about keeping the servers up, since
| they hate federation so much.
| contact9879 wrote:
| You're in luck because Signal had a whole blog post about
| long term financing a couple months ago.
|
| https://signal.org/blog/signal-is-expensive/
| nicce wrote:
| Good reminder that need to make a new donation.
| Nuzzerino wrote:
| Don't worry, telegram is now gatekeeping certain privacy
| settings behind the premium subscription like it's 2003.
|
| They also make it difficult to hide your pseudo identity from
| your phone contacts. I've had all the "discover contacts"
| settings turned off, and simply reinstalling the app caused
| people to be given my username without my consent. Settings
| somehow magically switched themselves back on and I couldn't
| turn them off until after the damage was done.
|
| There was no confirmation prompt. Pretty sure this happened
| to me more than once.
|
| Please don't ever compare Telegram with Signal.
| LtWorf wrote:
| Come on signal until today had no way to keep the phone
| number private. Which is the topic here.
| kome wrote:
| i've been using Telegram on and off since 2015 or so, and
| i've never shared my contacts. never! re-installing
| Telegram has never changed that setting.
|
| The real problem with cellphones is that a lot of privacy-
| threatening issues are literally one fat finger away. And
| clearly, that's a feature, not a bug. That's why I prefer
| to work and message on my laptop anyway.
|
| but again, Telegram has been, in many practical ways, much
| more privacy-oriented than all the other messengers,
| exactly because you don't have to share your phone number
| to participate in groups and chats.
| vel0city wrote:
| > But bitwarden still doesn't know how to differentiate
| microsoft logins
|
| To be fair to Bitwarden even Microsoft doesn't know how to
| differentiate between multiple Microsoft logins. As of at least
| a year ago, you can technically have different logins with the
| same username/email identifier, and different login prompts
| will behave differently.
| godelski wrote:
| Oh yeah it was more a joke than anything. Microsoft is just
| creating such a shitty environment. I can be logging in from
| my company portal where they know the identifier yet I still
| have to add @company.com. I mean I got one for my job, for my
| university, for conferences (CMT), and I swear I'm forgetting
| 30 others that I only use once in a blue moon.
|
| They also are real shady with yubikeys. You can't set them as
| default but you can set "security key." So the process ends
| up being it assuming you want to use Hello (which breaks my
| Outlook... wtf), clicking use another device, security key,
| clicking next, then finally typing in your credentials. The
| next part makes me real suspicious since all the other
| dialogues go to the next page without clicking next. Why just
| this page? It's some weird dark pattern bs.
|
| I'd call it malicious, but I think maliciousness requires
| intent. A chicken running around with its head cut off isn't
| really malicious if it runs into you.
| tcmb wrote:
| I like the idea, but they should have called it something else
| instead of ,usename'. Maybe ,connection string' or ,discovery
| phrase'. Right now they have to explain at length in what ways
| it's different from regular usernames.
| m12k wrote:
| "friendcode" seems to be pretty standard in multiplayer video
| games
| duxup wrote:
| Yeah that seems to be the standard and very descriptive.
| samstave wrote:
| HellDivers 2 LFG rn is all about sharing Friendcodes... you
| can get a ton of them on discord or reddit... but then you
| end up haveing a "friendcode" cybermentally-distributed DNS
| system for them over time.
|
| Six degrees will still exist.
|
| (funny weird thing is that with HD2's server issues due too
| demand, one way to harvest this would be to create a fake LFG
| host game and have tons and tons of accounts bang against
| your HellDiver-Pot - and get whatever you can scrape from
| that?
|
| ---
|
| OK - I actually went down this hole the other daty... you
| look at the reddit thread on helldrivers for LFG - or the
| discord...
|
| So on reddit, you just put .json at end of thread - DL the
| entire thread as json, now you have reddit id, location, play
| style, etc, details AND their friendcode on HD2... but since
| they can individually generate random friend codes on any
| game/system that allows such... you have a breadcrump (with
| enough attention span to just correlate all the shared info
| between these friend codes and data received...
|
| still - even with random friend codes - six degrees is still
| available, easily.??
|
| ---
|
| I _deeply_ hope they do a Tech Talk on the post-mortem of
| this lauch success spiral - its fascinating....
|
| But one thing I am really interested in, this is based on the
| Autodesk Engine, I know they co-dev-dog-fooded, but I hadnt
| really known of this engine at all... what little I do know,
| is that - its amazing...
|
| But I'd really like to know more about the arch and overall
| traffic flows etc of this game.
|
| Its beautiful see "problems" like this explode in like ~2
| weeks.
|
| What do internet traffic graphs look like since growth, per
| carrier?
| solardev wrote:
| Does it not have built-in public matchmaking?
| pfych wrote:
| The developers last game had an all time peak of 7,000
| users. They planned worst case scenario of 250,000 users
| for the sequel expecting more realistically 50,000 users.
|
| They're currently at 394,686 players on steam alone - not
| including Playstation players. The servers are doing
| their best right now.
| b1n wrote:
| Maybe "contactcode" would be better in this situation, as it
| doesn't imply any specific relationship between participants.
| weikju wrote:
| Not everyone I connect to on signal is a friend. same for
| e.g. journalists or government people who use Signal.
| WolfeReader wrote:
| "Connection string" already means something else. I'm partial
| to "Identifier", myself.
| msm_ wrote:
| But identifier already means something else (i'm used to
| identifiers being unique, constant, and useful for actually
| identifying someone).
| WolfeReader wrote:
| Good point!
|
| The former C++ programmer in me wants to call them "user
| pointers" but that would just confuse people who haven't
| learned pointers.
| nsxwolf wrote:
| Is ,comma-backtick` some personal quirk of yours, or is it some
| standard I'm not aware of?
| loeber wrote:
| European quotation marks commonly have the left one down low
| and the right one up high. The same applies for single
| quotes. But using comma-backtick is deeply unorthodox.
| fredoliveira wrote:
| > European quotation marks commonly have the left one down
| low and the right one up high
|
| Wouldn't say it's "common", because IIRC that's only the
| case in Germany and Austria.
| stavros wrote:
| It's ,comma-apostrophe', actually.
| godelski wrote:
| ,comma-apostrophe'? Only place I've see the backtick used
| for apostrophe is latex. And even then half the people
| don't know about it.
| stavros wrote:
| Sure, but there's no backtick in the GP's comment. Only
| an apostrophe.
| KingOfCoders wrote:
| The examples are iOS? My Android version looks like a totally
| different app?
| redder23 wrote:
| Took WAY too long. And you still need a phone number to sign up.
| Wire (that uses the Signal Protocol and also has video chat never
| needed your phone number AFAIK)
|
| Also, Signal loves to claim how secure it is, but they will never
| dare to tell you that participating in the Android and mainstream
| mobile systems nobody is secure. Especially not on Google Play.
| If the government wants to spy on you, they WILL! It does not
| matter if they can't decrypt your messages because they will be
| sucking the data right off your phone with invisible screenshots
| and AI transcribing the text or by other means like key logging.
| There are people who claim Pegasus does not even need you to
| click on some link anymore, all they need is your phone number.
| And Pegasus is for sure not the only thing out there.
|
| Signal and others create the illusion of privacy, there is no
| privacy on any smartphone with any kind of mainstream OS.
| Probably not even on the "hardened" de-googled Android forks.
| baq wrote:
| You have a different threat model than most of us. Get an
| iPhone and turn locked down mode on or don't is a phone at all.
| CptMauli wrote:
| over 200 comments and not one mention of Threema, come on!
| Shank wrote:
| > If you select "Nobody," the only people who will see your phone
| number in Signal are people who already have it saved to their
| phone's contacts.
|
| Can someone explain how this doesn't leak information? If I add
| someone via username and I randomly guess their phone number,
| does Signal leak it after the fact?
| jcul wrote:
| I was wondering about that too, I think the wording is just a
| little confusing.
|
| Further down it says:
|
| Selecting "Nobody" means that if someone enters your phone
| number on Signal, they will not be able to message or call you,
| or even see that you're on Signal. And anyone you're chatting
| with on Signal will not see your phone number as part of your
| Profile Details page - this is true even if your number is
| saved in their phone's contacts.
|
| So I think what they mean is if you've been chatting with
| someone before this update and they have already linked your
| phone number and signal account then setting to nobody won't
| revoke that.
|
| However if you initiate a chat with someone new using your
| signal handle, even if they have your phone number stored, they
| won't know it is you.
|
| Otherwise it seems like it would be easy to brute force
| someone's phone number!
| k8svet wrote:
| First, it is a mistake to call these usernames. Second, it's a
| big mistake because this is a cool feature.
|
| It's interesting to compare this feature to Session, where you
| also have randomized identifiers, but they identify you globally,
| and there's no way to give someone a handle to you that isn't
| linkable to other conversations. It sounds like Signal now offers
| that, which is actually the first time I've been intrigued by
| Signal.
| geniium wrote:
| Love what you guys are doing. Great jobs Signal!
|
| I have always wished to integrate a similar method in our phone
| first booking solution to keep the number private beetween host
| and particpant.
|
| Very inspiring!
| heavyset_go wrote:
| You still need a phone number to sign up.
| smithcoin wrote:
| Random aside: I saw the title and before reading it wanted to try
| and claim mine. I went on my phone, and this page was not even on
| my first google results page when I searched "how to use signal
| usernames", nor was anything remotely related to either topic.
|
| I was tired of reading all the comments on here about how 'google
| search' is terrible, I now believe it and will be looking into
| all the suggestions here.
| bun_terminator wrote:
| Signal is such a tragic story. They had it all during the great
| uprising against Whatsapp. Even my non-technical friends started
| switching to Signal. They were exploding, more than Telegram ever
| was. And then they added some crypto bs right at the height of
| their hype. Bummer, no second chances from me, and removed from
| all those friends phones as a direct effect. They blew it
| GaggiX wrote:
| We probably live in a different part of the world, but where I
| live no one who is not very techy knows about Signal, it was
| never close to Telegram or Whatsapp.
| bun_terminator wrote:
| Germany. Lots of privacy-focused minds. It became a bit of a
| topic during that crucial time when Whatsapp had some kind of
| scandal going on. I don't even remember the details. It was a
| chance of a lifetime for them. Well, in the end these apps
| are really all the same. I don't mind any of them really
| GuB-42 wrote:
| Also, they removed SMS support way too soon. That it was also a
| good SMS app was one of their main appeal.
| mynameisash wrote:
| I used Signal as my primary SMS app until that capability was
| stripped. It meant that so many of my conversations were
| Signal-by-default. But now, by attrition, most my
| conversations are back in SMS. I also find that simple things
| like programming the date and time of delivery - which Google
| Messages has - don't exist in Signal. (Or if they do, I have
| missed it because I'm no longer there unless I have to.
|
| I have SMS, Whatsapp, Signal, and Threema installed, and it's
| a hot mess of disparate networks. I hate it.
| scubbo wrote:
| That _is_ a tragic story!
|
| Thankfully, your experience is not universal. It's still the
| primary means of communication between me and the majority of
| my friends, technical and non-technical alike. I believe
| they've walked back (or, at least, not committed to) that
| crypto project - at least, I haven't heard anything about it in
| so long that I barely remembered what you were referring to.
|
| I'm skeptical of crypto too, but this sounds like an over-
| reaction that is cutting off your own nose to spite your face.
| bun_terminator wrote:
| I mean it's an incredibly over-saturated market. There are so
| many of these apps, they're all the same. There's little room
| for such errors IMO. But I'm willing to accept that it might
| have been an overreaction
| binkHN wrote:
| > A username on Signal ... must be unique and must have two or
| more numbers at the end of it; a choice intended to help keep
| usernames egalitarian and minimize spoofing.
|
| Amen.
| zolbrek wrote:
| Joe Rogan has no reason to complain about Signal now.
| dbg31415 wrote:
| Isn't Signal just a honeypot?
|
| https://www.kitklarenberg.com/p/signal-facing-collapse-after...
| everdrive wrote:
| The only killer feature I really want is the ability to use
| Signal without it being tied to a phone.
| sneak wrote:
| Spammers want this, too.
| saos wrote:
| Telegram has had this for a while no?
| v7p1Qbt1im wrote:
| Nice. Now please finally give us iOS cloud backups before i break
| or loose my phone and years of conversations get evaporated.
| simonklitj wrote:
| Just happened to me a couple of months ago. Cannot agree with
| you more.
| JoshTriplett wrote:
| I'd settle for full sync of chats between my own devices. If I
| can sync between my laptop and my phone, that's sufficient,
| since I already back up my laptop.
| infotainment wrote:
| The lack of any kind of backup/export for iOS is the main thing
| keeping me from recommending Signal.
|
| Sadly, from what I've seen in similar threads online, it seems
| the devs are opposed to backups in principle (they believe that
| chats should be ephemeral and backing up is antithetical to
| this).
| erichocean wrote:
| > _The lack of any kind of backup /export for iOS is the main
| thing keeping me from recommending Signal._
|
| "No one can read your chats, including you." -- Signal
| daneel_w wrote:
| So? Let us know when we can finally register and use an account
| without giving _you_ our mobile phone numbers.
| p4bl0 wrote:
| This new feature was already discussed here on HN a few days ago
| if some of you want to read the previous discussion:
| https://news.ycombinator.com/item?id=39413417
| petre wrote:
| Did this roll put? I have the latest version but no Phone number
| under privacy settings.
| 1vuio0pswjnm7 wrote:
| No SNI:
|
| https://web.archive.org/web/20240220182255if_/https://signal...
| nabaraz wrote:
| Most of the use-cases for requiring a phone number to sign up for
| a service e.g. Twitter, Signal seems to be to avoid spam. Atleast
| allegedly!
|
| What alternatives can be used instead, something that is easily
| accessible/available to the general public but not easy to obtain
| to create mass users?
| jonasdoesthings wrote:
| Instead of heavily limiting account creation, Discord for
| example limits the possibility to message users outside of your
| network by default. Only people you have added as friend or you
| share a server with are allowed to message you by default.
|
| For signal that would be harder to implement since it's more
| focused on 1o1 chats instead of groups, maybe if spam gets out
| of hand they could use a grey-listing approach like Instagram
| does where users outside your network get moved to the "message
| requests" inbox by default.
| Nuzzerino wrote:
| Discord, while overall better than Telegram for privacy, will
| flag your ip / device / identity and require a phone number
| for new accounts if you do something like use a message
| archiver to back up conversations. Took me years to get the
| block removed (but not for my work account). It was a privacy
| nightmare for me and when I had to get an account for work I
| had to sign up for an additional cell phone service, which
| cost me thousands to this day.
|
| I'm still nervous about making new accounts in case it
| triggers some process to lock me out of my one account that I
| don't have a phone number for. I couldn't join the baldurs
| gate 3 discord to find people to play the game with because
| it required a phone number on the account, which I was
| already forced to use for my work account.
|
| On the other hand, I'm glad they actually do enforce their
| rules, unlike Telegram (which is a haven for scammers, pedos,
| radical communists, open market drug dealers, and terrorists,
| not to mention the soul-depleting interactions I've had
| overall with chat rooms there)
| subarctic wrote:
| Has anyone figured out a way to copy your chats from android over
| to ios yet? I switched phones recently and don't want to lose my
| old messages, so I haven't moved signal over yet.
| lencastre wrote:
| My favorite feature from Threema now available on Signal. Next
| up... please make it easier to transfer databases between mobile
| phone upgrades, I'm looking at you iOS version.
|
| Still I would love that this feature generated QR codes without
| the unique disposable username in human readable form.
| lencastre wrote:
| Still I would love that this feature generated QR codes without
| the unique disposable username in human readable form.
| ruffrey wrote:
| Is there a way to keep your phone number private from Signal as
| well?
| a_gnostic wrote:
| This. And a way to pay signal anonymously? A workaround for
| some apps, is to have friends gift you support tokens.
| infotainment wrote:
| Agreed. It's ridiculous that they're even calling this feature
| usernames, since you still need a phone number, thus completely
| defeating the purpose of a "username".
| Pxtl wrote:
| The whole "your phone number is your user ID" was always the
| dumbest trend in instant messaging and I have no idea how it
| caught on.
| zuhsetaqi wrote:
| If I understand correctly it'll still not be possible to create
| an account without entering a phone number?
|
| For me this is a requirement to call a service a private service
| because in Germany at least every phone number is connected with
| a persons identity. To get a phone number you need to connect it
| to an identity using a identity card
| outime wrote:
| Same in Spain since 2004 Madrid train bombings IIRC.
| thisislife2 wrote:
| Yes, this is just Apple level bullshit - _trust us with your
| private data even though no law prevents us from exploiting it_
| ...
| stavros wrote:
| Damn, people will never be satisfied, will they. It's not
| meant to be an anonymous messenger, because those have spam
| issues.
| tentacleuno wrote:
| Signal has spam issues even with the phone number
| requirement, as I've experienced lately (though nothing on
| the scale of Twitter). I dread to think what the spam would
| be like without the requirement of a phone number.
| fsflover wrote:
| I never received any spam in Matrix.
| stavros wrote:
| That's like saying you've never seen any advertisements
| in the desert.
| nottorp wrote:
| ... but then Signal wouldn't have your phone number either.
| What they need it for is ... dubious if you ask me.
| tivert wrote:
| > ... but then Signal wouldn't have your phone number either.
| What they need it for is ... dubious if you ask me.
|
| The reasons they need it aren't really that dubious to me:
| they want to create a service that actual people will
| actually use, not just weird privacy geeks who never gave up
| on PGP. Using phone numbers allows for the kind of user
| discovery that most people expect in 2024, and requiring them
| inserts a barrier to mass account creation that can keep spam
| accounts down to a manageable level (especially given the
| whole point is they _can 't_ do content-based spam-filtering
| in the way that makes email managable).
|
| Personally, my understanding is they've always been trying to
| develop the maximally private _usable_ chat app, which
| requires some compromises from the _theoretically_ maximally
| private chat app.
| nottorp wrote:
| But then it's not private. It's linked to your phone
| number.
| WithinReason wrote:
| [delayed]
| wyre wrote:
| Luckily there are other messaging services that are
| private if you're going to be that pedantic about it.
| aqfamnzc wrote:
| The claim (which generally I'm inclined to believe) is that
| requiring a phone number drastically increases the cost to
| sending spam. That in turn drastically reduces the spam
| amount.
___________________________________________________________________
(page generated 2024-02-20 23:00 UTC)