This is a companion discussion topic for the original entry at https://neat.tube/w/ovLQTWQeWrydaEBoSBPspX
Thanks for the mention of the talk in Bangalore, it came up in my feed originally but this video reminded me to go watch it, excellent talk.
Signal still requires phones numbers, which means you have a trackable device, and your identity is findable. I would like secure communications which is not tied to a device, which has no links to me personally, which I can access from anywhere in the world. If I want to say about a political group, I want to do that without worrying about a hammer banging on my head.
You may wish to look at options such as Threema and Session, which do not require the use of a telephone number to create an account.
i see your point, because i used to think in the same way. however after doing some research i found out that this concern is a minimal threat if any.
lets say signal looks up who your phone number belongs to or the fbi demands signal to give out all of the data they have about your phone number.
all they have actually stored about your number (= account) are the date and time of your account creation and the date and time of the last time you have connected to their servers.
for evidence watch this video:
signal end to end encrypts not only the content but also almost all metadata. this includes who is talking to whom, profile names, profile abouts, profile pictures, contact lists and so on.
everything gets encrypted / decrypted in the client which is open source, so there is no need to even trust signals servers.
signal threats its own like an untrusted third party that should have access to as little data as possible. it is build up from the ground for this purpose. even if the signal team wants to access data about your account they couldnt because of how signals E2EE works.
i recommend you to watch this video:
even if signal or an agency like the fbi demanding signal to give out data knows that the phone number you registered with belongs to you, they are not able to connect it with any data except the date and time of your account creation and the date and time of the last time you have connected to signals servers.
While I agree that Signal is a great messaging platform and think it has the best chance (it and Matrix) of reaching the mass market, I do think there is some flaws with a phone number based system.
Signal requires a phone number for a simple reason: anti-spam. If they don’t verify their platforms aren’t being used to spam numbers, form bots, and rack up Signal’s already enormous bill. However, this can lead to downsides. Imagine this situation:
Your and your friend (Bob) live in a country where free speech is not allowed, so you both, after seeing recommendations for Signal, install the app. You are extremely careful and never share your viewpoints anywhere but Signal. However, Bob is not so smart and ends up getting arrested for sharing their opinion on a non-ETE platform or by being reported by someone Bob thought was a friend. When the authorities search Bob’s phone, they see that Bob chatted with you over Signal. They can easily see the phone number that is tied to your account. Even if you both have set your messages to delete, they can use this information to get info from your carrier about you. Now, you are under government surveillance and all it takes is one more slip up and you will end up like Bob. (Or if your country is unfair/doesn’t respect rights, you might be arrested for even just being associated and communicating with Bob through Signal) Even if Bob doesn’t get arrested, baybe Signal itself is banned in your country and your ISP reports you to the authorizes when logs show you accessing servers used by Signal.
See how phone number verification and non-anonymous systems can be problematic? Things like Session fix this by not requiring a phone number and also through routing messages through Tor. Again, I think Signal is a great system and for most people it is perfectly enough privacy for their threat model.
For achieving this, you need to buy a phone and SIM card with cash and without is card. Then you should not install banking or govt or any apps that can expose your real identity. I can make the list very long, so before getting worried of being tracked just using your signal number for the registration, there are many issues to consider. Lastly, you cannot be tracked down because your signal number but because your operator shares your location. In that case, you can buy another card after activation or use it with WiFi.
This is absolutely theoretical and wrong. If there is a possibility of your device getting seized, you don’t a luxury of not knowing the technical issues. At least, somebody should make a good setup and you need to have a good awareness. For countries without free speech, it’s generally difficult to buy a SIM card without id. If you can, buy two. One for signal, one for ordinary use. If they arrest you and you are important figure, they can get information with drugs or torture. So, this is not doing a good threat modelling, but making wrong assumptions.
There are hundreds of different attacks to get data from the physical device. Besides, Session does not have PERFECT SECRECY. Just take your recovery code and login in with another device. You will see the messages sent in the last week. That’s far more worse than exposing your number.
thats not the situation my answer was about.
but even if you would be in such a situation there are measures you can take.
you only need the number for sign up, so you could use an online sms service for that. there are free public ones and if you want to be really carefull use something like crypton.sh.
if you are in a country without free speach you should also consider very good physical security. buy a google pixel with the titan m and flash grapheneos on it. this way its almost impossible to break in without a multimillion dollar zero day exploit chain, a firmware / hardware backdoor or a encryption breaking quantum computer.
also there are hardened forks of signal like molly which has tor support and protects your local database (including e.g. your contacts) with a passphrase which stops other people from accessing signal even if they have access to your device.
in the end being anonymous to other people and hiding from the government is not what signal tries to achieve. its goal is to provide a secure and private, not anonymous, messaging app everyone can use.
besides that the worries about sharing your phone number with others gets mitigated by usernames next year.
Right, I’m not saying that Session is the perfect solution and it definitely isn’t the best for general public use. I was just commenting on how Signal’s system could lead to the de-anonymization of users who don’t go the extra mile to make sure they are safe from government overreach.
I love Signal and think the project is a great way to mass put privacy in the hands of the people by offering a secure, private, and convenient way for people to communicate. Their community is also extremely welcoming and friendly.
I mean, good, I guess. I doubt this will help me convince anyone to adopt it (especially since they cut SMS support, which I’m still salty about - easily the biggest selling point, and now it’s just another encrypted messenger).