[HN Gopher] You can change your number ___________________________________________________________________ You can change your number Author : feross Score : 252 points Date : 2022-02-07 20:03 UTC (2 hours ago) (HTM) web link (signal.org) (TXT) w3m dump (signal.org) | asiachick wrote: | How about no need for a number at all!?!?? | [deleted] | SecurityLagoon wrote: | Can people please choose an appropriate title when posting. "You | can change your number" makes sense in the context of signal.org | but makes little sense on the front page of HN. The RSS feed | doesn't even include the domain for context. | dang wrote: | signal.org is part of the context of the title, since it's | displayed right next to it. Therefore, by your argument (which | I think is correct), the title does make sense on the front | page of HN. | staticassertion wrote: | signal.org is displayed right next to the title. | SecurityLagoon wrote: | Not on the RSS feed without me doing some jiggery to extract | it from the link and render it in my reader somehow. But | overall this isn't the worst example because it is on their | own domain - often it'll be on a medium domain or something | that provides no useful context. | samatman wrote: | I'm fairly sure that medium is treated specially, along | with github, twitter, substack, and a few others, in that | subdomains are displayed for those platforms. | | Certainly this list isn't complete, and just as surely the | moderators are open to adding to that list as contenders | enter the ring. | iratewizard wrote: | Sounds like an RSS feed issue. | nsajko wrote: | HN guidelines forbid changing the title. I proposed changing | this once, but the post didn't get traction. There was more | traction for that years ago though. | https://news.ycombinator.com/item?id=26300126 | slyall wrote: | I often change titles on submissions. Making them shorter for | instance. I also do change some to provide more context that | the original source didn't. | | An article has only 15 minutes in /new to attract enough | votes. Sticking with a crappy title nobody will click on | wastes everyone's time. Obviously don't go full clickbaity. | | Sometimes the HN mods change them back. | dang wrote: | > HN guidelines do not forbid changing the title. | | It's more nuanced than that. See | https://news.ycombinator.com/newsguidelines.html: " _Please | use the original title, unless it is misleading or linkbait; | don 't editorialize._" | [deleted] | saurik wrote: | This website has an extremely awkward policy about titles that | makes it so if you don't use the original title people get | angry. The policy though just doesn't make sense, sadly, as the | concept of titles is audience-specific (and even movies or | books, which might feel more organized, sometimes have | different audiences in different markets). FWIW, I did connect | it together as I saw "(signal.org)" and that was sufficient for | me in this specific case. | aspenmayer wrote: | FridayoLeary wrote: | If the original title is too vague, hyperbolic or long, i | will use a better title from another website. But normally | it's just confusing for people who expect one headline, to | find a different one. Generally company blog headlines fall | into the category of "extremely vague" and need improving. | dang wrote: | It _feels_ like the policy doesn 't make sense because people | only notice the cases they don't like. The cases where it | works just fine, which are the vast majority, go unnoticed. | That's by design, because it keeps things relatively smooth | and happy, but it has this weird side effect that the | annoyance cases build up like mercury in the 'policy' corner | of the brain. | | Worst yet, the title edits that _would_ annoy people if HN | had a different policy (and they would be legion) go | uncounted because we don 't allow them to happen in the first | place. Such a regime would be much less smooth, because for | each title edit you (i.e. anyone) happened to agree with, | there would be a lot more rubbing you the wrong way. | | The fundamental principle here is that on HN, being the one | to submit an article confers no special right to interpret or | frame it for others. We want the articles to speak for | themselves, and we want the front page to be as accurate and | neutral as possible ('bookish', to use PG's old word for | this). Misleading titles and clickbait titles get in the way | of that, so the HN guidelines ask submitters to change those. | Otherwise not. | | Threads are so sensitive to initial conditions that the power | to rewrite a title is literally the power to reframe the | entire discussion, and therefore control it. On HN, we want | the author of the article (or creator of a project) to have | that power, not the submitter. That really is fundamental-- | it's the reason why HN's front page is the way it is, and | therefore the reason why HN is the way it is. To change it | would be to mess with the DNA of this place and would soon | lead to a completely different forum. Maybe a good forum, but | not the kind that HN is trying to be. | | https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que. | .. | HNSucksAss wrote: | yusmary wrote: | All that is cool, but I don't want Signal to advertise my | presence to anybody that has my phone number when I first log in | after a fresh install. | | I have only a handful of people that know and we negotiated that | face to face prior, Signal breaks that trust | vmception wrote: | At this point I just pay for an additional line since VOIP | numbers are being discriminated against. So just a few people | will have that number. | | On the other side of associating me with people, I'm also | looking for an Apple iOS update that lets me upload _just some_ | contacts, when an app asks. | [deleted] | einpoklum wrote: | Yeah, those announcements on Signal and Telegram are super- | annoying and awkward. | | You draw the attention of people with whom you have perhaps | decided to let the relationship cool, and suddenly: "Hey, | [YOURNAME] is here! Remember him? And how you have unfinished | business? Why don't you message him right now?" :-( | advisedwang wrote: | Can you explain this a bit more? Am I correct in understanding | that you feel it hurts you when your contacts find out that you | have signal installed, hence why signal shouldn't do it? What | is the impact of someone who has your phone number knowing you | are available over Signal? | | Are there communities out there where someone being on signal | is a red flag? | runnerup wrote: | > Are there communities out there where someone being on | signal is a red flag? | | Absolutely. Outside of the tech industry, people have a | "reason" for using Signal. My wife remarked one day that one | of her coworkers (a plant operator) suddenly appeared on | Signal. I mused that he is probably cheating on his wife. She | found out a few weeks later that my hunch was correct. | | Other people I've seen on it I've been able to deduce that | they're using it for drug purchases (simply by process of | elimination, nothing else made sense) even when I didn't | already know they were into recreational drugs. | | In some circles, Signal is used just for general | conversation. But in most, it's not. So being on it is a | pretty strong signal that you're doing something 'important' | on it...and usually its easy for friends and neighbors to | narrow down what that is. | enriquto wrote: | > What is the impact of someone who has your phone number | knowing you are available over Signal? | | Don't know about Signal, but Whatsapp does the same thing | (advertise to your contacts that you have a whatsapp account) | and I find it _extremely_ offensive. | | Context: I am an ardent anti-whatsapp activist, thus I don't | have a whatsapp account. This activism has created quite a | stir in my family and made a lot of people angry, yet I stick | about it. I have forced many of my close family and friends | to use a different communication channel with me, and I have | lost the contact of quite a few acquaintances. When my dad | died a few months ago, her wife needed to talk to me (and I | needed to talk to her quite a lot). She was not really in the | mood for listening to my techno-activism platitudes, and I | was not in the mood to perform them, so I had to open a | whatsapp account. Since all the people who I had forced to | stop using whatsapp to talk to me would have felt alienated | by this at this point, I needed to take a new phone number to | talk to my stepmom via whatsapp. | | This is a concrete example of why advertising the fact that I | have a whatsapp account is an extremely annoying anti- | feature. I'm sure there are similarly legitimate reasons for | disliking the same feature in Signal. In any case, for a | platform that has the privacy of users as one of its main | tenets, this is a clear-cut case of anti-privacy feature. I | can imagine reasonable people avoiding Signal precisely for | this. | SonicShell wrote: | people i know irl commented "oh nice are you buying weed?" | when they saw i joined, its really stupid for an app thats | about privacy to do that. | valleyer wrote: | This is just a shade away from the typical "nothing to hide, | nothing to fear" argument, and is in my opinion equally | invalid. | | Let people decide for themselves what in their lives is OK to | share with others. You don't need to know the reason why. | samatman wrote: | Either you don't understand how Signal works vis a vis | phone numbers, or you're expecting something unreasonable. | | The behavior which is reliably objected to by someone on | HN, every time Signal is mentioned, is that the app sends a | user an alert when someone in their contacts list is on | Signal. | | Phone numbers are the only resolution mechanism in Signal. | Should that change? Separate question. | | Having someone's phone number is by definition a way to | contact them. Registering for Signal is by definition | agreeing that anyone who searches for your phone number can | send you a message on Signal. | | What is the privacy violation in pushing awareness of that | affordance? What about pull-only is better? | | Signal does what I want it to here, and my trouble | understanding why someone would be ok with everything about | Signal _except the push notification on join to people who | have your number_ is genuine. | | It's easy for me to understand why people don't like that a | phone number is inherent to Signal, don't much care for it | myself. But it's unrelated. | Zedseayou wrote: | At least personally, the privacy violation is most clear | if you are not part of a community that uses encrypted | messaging by default (nearly everyone I know who uses | SMS/FB messenger). The fact that someone I know has | downloaded Signal then reveals that they now care about | using encryption, which usually has the very obvious | inference that they are involved in activism/have | journalistic sources/other more nefarious activity that | they care about encrypting. You can usually figure out | which it is if you know anything else about that person. | I would not know this if Signal didn't push the | information to me, since I am not going to constantly | search my entire contact list to find this info. | [deleted] | subb wrote: | Whether or not I use Signal is private info, which is | separate from my phone number info. Signal is mixing the | two as if it was the same. | | A username kinda restore that, but it could be taken a | step further and ask for a secret token when adding | contacts. That way you know exactly who has you in their | contact list, and this token could be revoked (equivalent | of blocking the person). | toastercup wrote: | There are subcultures that are not widely accepted where this | is an issue. Take the furry subculture as an example. You | might not want your family or college pals to see your furry | profile picture and pseudonym, but you also might not be | aware of the implications of using a messaging service where | the primary ID is your phone number. Many people hand out | their phone numbers permissively, as historically, they | weren't very "personal" on their own - save for identifying | your real name. For many people, having/juggling multiple | phone numbers to maintain distinct identities is beyond their | technical expertise and simply won't happen in most cases | (especially on Telegram, where VOIP numbers are prohibited). | | I don't know precisely how Signal does things, but I know | this can be an issue on Telegram - and I assume they work | similarly. I can see a lot of reasons folks might not be fans | of phone-number-as-ID, especially when it alerts folks that | you've joined, or gives folks who merely possess your phone | number an easy way of viewing your profile details. | | I think the first quality E2EE messaging service that | provides users an alternative to phone-as-ID could give | Telegram/Signal (not that the former is necessarily E2EE) a | serious run for their money among privacy-conscious users and | members of fringe communities. | XorNot wrote: | Signal doesn't advertise a profile. It advertises a phone | number - everything else is data you have locally. It will | send a profile picture if you set one but that's it. | itake wrote: | Does it advertise your username? If I don't have the name | of the contact, will Signal share my username or does it | just say "this number in your list has joined signal, and | here is their profile?" | c1yd3i wrote: | Have you tried not being cringe? | pndy wrote: | That's exactly what happen to my SO and I can see how this can | be an issue to many people. The unexpected and unwanted convo | with a particular person happen just because he had mobile | number saved in phone's address book and despite of not giving | Signal access to contacts, the presence of SO was announced. | kypro wrote: | If you want to change your number and for no body to know it | sounds like you could still do that, you'll just have to create | a new account. | dheera wrote: | This is why I hate any service that uses a phone number as an | ID. | | I use a virtual number for Signal and any such services, and | it's a different virtual number than the one I give to humans. | jMyles wrote: | How do you reconcile this with the ability to see, when you | start to message someone, if they're using signal? | | Can't a person who wants to know if you are on signal do so | simply by starting a message to you? | | Are you suggesting that simply making this less convenient on | the client will somehow discourage someone who is determined to | figure this out about you? | stjohnswarts wrote: | That would be a really nice option now that you mention it. | Like a "fresh start" where you could pick who can actually see | that you're on signal especially with a new number/phone. Lots | of people are often a negative in your life. | scotty79 wrote: | Why would supposedly secure communicator use actual phone number | as identifier is beyond me. | | And everybody does that, either phone number or email. | | The only software I could find for anonymous communication was | old Polish communicator http://gg.pl which uses arbitrary numbers | as identifiers | | I understand that startups are scared that they won't be sble to | build up userbase from scratch but come on! Discord and Slack did | it. | raspyberr wrote: | Signal started off as a secure SMS replacement. Also, they | mainly used numbers so they could leverage the social graph of | phone contact lists. That way they didn't need to store any | social graphs on their systems. | palata wrote: | Two words: threat model. | scotty79 wrote: | I don't get it. I find my interlocutor knowing my phone | number a severe threat to my privacy. | bt1a wrote: | Sure - that's why Signal is for secure communication | between individuals who have some level of trust. There's | nothing stopping your interlocutor from leaking all of the | messages you send to them, what's the big issue with them | having your number? | godelski wrote: | You're confusing privacy with anonymity. Privacy is people | not being able to read what you are writing. Anonymity is | being... anonymous, unknown. Signal is keeping your | conversations private but they are not keeping your account | anonymous. | scotty79 wrote: | My anonimity is huge contributing factor to my sense of | privacy. | | I don't care if you seen my dick if you have no way of | knowing it was mine. | pomian wrote: | That looks like a great app. Thanks. Can you send SMS to a | regular number with this? | gardnr wrote: | Can I sign up without a number? Why does Signal require an | identifier that is very difficult and perhaps illegal to make | anonymous? | usea wrote: | How can I use this without a phone or phone number at all? If I | am concerned about privacy, why would I give them that access and | information when it's not necessary for the service? Surely they | are only trying to gather information on their users. Whether | it's being sold, breached, or used for ad targeting, I am not | interested. It comes across as a scam. | | I cannot take seriously any claims made by the company or its | employees / owners. None of it can be used as evidence of their | goodwill or what they do with my data. They have an interest in | deceiving me. | wyager wrote: | Check out Wired; it's a signal clone, but they don't require | phone numbers (just emails) and it seems to be built a lot | better in many ways (e.g. allowing multiple accounts on one | device). | palata wrote: | How does it compare in terms of privacy? I mean Signal's | private contact discovery, private groups, private profiles, | sealed sender, etc? | colordrops wrote: | This is for proctecting your data from other end users. Signal | still needs your number to provide to three letter agencies. | sa1 wrote: | On the contrary, they started out with phone numbers so that | they could avoid storing user data on their servers. | | The whole plan to finally have usernames comes down to their | use of Intel SGX. | goatsi wrote: | Using phone numbers as identifiers for encrypted messages is | the core feature of Signal. It was marketed from day one as a | drop in SMS replacement. Initially it even used SMS as the | transport for encrypted messages. It was literally called | "TextSecure". This is why I have always found the attacks on it | using phone numbers to be amusing. | [deleted] | shishy wrote: | I don't think it's so nefarious... phone numbers were just the | easiest way for them to create a portable social graph without | requiring users to re-discover if anything changed. Plus, it | looks like this move is going to push them in a direction where | phone numbers won't be required (as they've indicated | previously is in the works). | colordrops wrote: | Ok, but now that it's not tied to phone numbers anymore why | do you still need one to sign up? | | And why has this been "in the works" for years? It's | certainly not _that_ hard to implement. Many less capable and | mature messengers work without a phone number. | palata wrote: | I am pretty sure it's harder than you think, while keeping | Signal's UX and privacy level: | https://signal.org/blog/secure-value-recovery | Vinnl wrote: | It _is_ still tied to phone numbers; you can now just | change which one. | | It's hard to implement it in a privacy-preserving way. Many | other messengers of similar scale implement it by storing | your social graph unencrypted on their servers. | its_bbq wrote: | Signal is about as reputable as you can get for e2e encrypted | chat | iratewizard wrote: | Signal is high up, but matrix is higher in my book. | palata wrote: | Genuinely interested: can you elaborate on what metadata | the matrix servers have access to? Say, don't they know who | I am writing to, when and which groups I belong to? | | Signal does not, and that's guaranteed by the client code | (i.e. no need to trust anything on the server for that). | ttybird2 wrote: | _" and that's guaranteed by the client code"_ | | This is not true. This is not guaranteed even by the | "sealed sender" feature that signal has. | stjohnswarts wrote: | You can't. Every engineering choice is a compromise. I don't | know why everyone assumes that these choices are always | malevolent. I guess you can just not use it? Lots of us use it | everyday without issues. If you want something that suits all | your needs there are PLENTY of libraries out there for you to | throw together your own adhoc distributed encrypted messenger. | I have done it a couple of times myself just for fun. | [deleted] | tapoxi wrote: | They're working on usernames, but what's the privacy concern | around using your phone number? Is it to be pseudononymous? | | My use case for Signal is friends and family, and it was easy | to get everyone onboard because we all have each other's phone | numbers already and didn't need to build a new list of | contacts. It's a drop-in Android-compatible replacement for | iMessage. | sgarman wrote: | Personally I don't have a privacy issue with it per se but I | have two phones, one is data only sim and I can't use signal | on that device with their current model. I guess because the | device is a "phone" whatever that means. If they do away with | this reliance on phone numbers hopefully we could get | something more flexible that allows me to use it on "phones" | without phone numbers. | tenuousemphasis wrote: | Did you try this? It should let you use Signal on two | phones | | https://signal.org/blog/ios-device-transfer/ | rhn_mk1 wrote: | > the privacy concern around using your phone number | | You have to give up your anonymity to get one in many places. | Trias11 wrote: | Just because "every platform and app is doing that" doesn't | mean secure communication solution should. | e12e wrote: | > what's the privacy concern around using your phone number? | | My phone number identifies my country, my address and my real | name - even if I restrict the listing, it's tied to my credit | card. It's tied to a sim card with separate geolocation data | to the GPS tracking Google does; even if I active signal from | eg a pine phone, the number is tied to a 4g base station. | | Ed: and its tied to my current place of employment, too. | | None of this is needed/wanted for my signal identity (for me | or signal). | | I could go out of my way to acquire a pseudonymous phone | number, but I guess I'd have to be able to use it somehow - | which seems pretty hard to keep anonymous. At the very least | I'd probably have to pay for it. | | Signal should be able to do better than PGP and five mix | master hops of 90s-era anonymous email... | | Or you get the old problem of those needing actual secure | communication using terrorist@phreak.suspicious.net.ru and | using signal just for "other" stuff.. | | Ed: note that this mostly about connecting with people on | signal that otherwise might not have my number, than about | (almost) random people that have my phone number discovering | that I'm on signal. | Trias11 wrote: | If I'd be a spying agency I'd do just that - develop "secure" | app that would collect unique identity of every user. | Verified phone number is a perfect unique ID. | | "Just give your phone number to us, and don't worry, we won't | share it with anyone!". | | That exactly what Signal does. | | Until they allow user-created ID's with no link to any | identity - the above concern stays. | tapoxi wrote: | But a phone number isn't supposed to be secret, it's | supposed to be given to people to contact them. I don't see | the nefarious use here. Can they determine I'm a Signal | user? Sure, but they can get that from IP address, App/Play | Store installs, etc. | ttybird2 wrote: | Phone numbers are associated with one's real-life | identity though. | rckt wrote: | Wow, so many discussions about removing the phone number | completely and now that's what we get instead. | smm11 wrote: | Signal installs via the app store, and you all are freaking out | that it might reveal your phone number? | | Okay, then. | Vinnl wrote: | Not necessarily, at least on Android: | https://signal.org/android/apk/ | netizen-936824 wrote: | Signal hosts an apk for download on their website. App stores | are not the only place to get applications | [deleted] | palata wrote: | To be fair, you can build it from sources, and I'm pretty sure | they provide an apk (they used to, at least). | Trias11 wrote: | STOP asking for my phone number to use your "secure" app. | | I don't want to disclose my phone number to any user, platform or | any app. | | Just please STOP. | [deleted] | YaBomm wrote: | Not sure why you need a phone number? besides government and/or | ad tracking. | | This is why I use Matrix/Element | [deleted] | _joel wrote: | What's a universal thing to the portable device that everyone | has got in their pocket? I agree it's sucky and really there | could be better ways, should be something none trackable and | perhaps offer opt-in discovery via phone book. | | Have the option of decoupling it entirely from the phone. | | The government can track you a lot easier than pinging via | signal btw. A lot easier! | Vinnl wrote: | > We built Change Number using the foundation of more exciting | features to come. | | Surely this is referring to the ability to use a non-phone number | ID, which they've hinted at before [1]. Looking forward to that, | only because I know many others are! | | [1] | https://www.reddit.com/r/technology/comments/kt91qk/comment/... | wyager wrote: | Based on the whole "mobilecoin" pump and dump scam they tried | to pull, I unfortunately expect this to be tied to some kind of | identity shitcoin. | godelski wrote: | I think the real question is what "usernames" will look like. | There were hints dropped that this could be stronger than a | typical username (like what HN has). I took a poll on | reddit[0][1] to see what people wanted. I was rather surprised | at how many wanted strong anonymity. I expected that the top | choice would be the weak anonymity, where people just have an | alternative to phone numbers. But I think if that's what Signal | was rolling out then it would have been here already. So I hope | they make anonymous communication available to everyone. I | don't expect strong anonymity in the initial rollout, but I | hope that is what they are working towards. | | As I see it, there are three aspects to protected | communication: privacy (no one sees what you're saying), | anonymity (no one sees who's communication), and censorship | prevention (no one can shut down communication). If we get | strong anonymity in Signal then that is 2/3 and would be a | great leap forward for free speech _everywhere_. I expect | censorship prevention to be the hardest of these to tackle, | even with decentralization. | | [0] | https://www.reddit.com/r/signal/comments/skoaf6/poll_why_do_... | | [1] Yes, I realize there are issues with the poll. Polling is | hard. | viccuad wrote: | Oh, I'm surprised, after a decade stating that phone numbers | were great for ID. | stjohnswarts wrote: | I would much prefer a one time randomly generated GUID myself | that can be used to transfer to new phones or just trash if | you want a full reset on your signal contacts. Obviously 2FA | like TOTP or similar to change it. | tptacek wrote: | They're great compared to the alternative of simply storing a | plaintext register of every pair of communicating parties on | the server, which is how other messengers work. What's "good" | about phone numbers is that they're tied clientside to a | "buddy list" that everyone already keeps --- their contact | list. They don't want phone numbers on the merits of phone | numbers. | wolverine876 wrote: | Also, Signal envisions (or envisioned) contact lists as a | foundation for a distributed, secure, private social | network, under end-user control. It's an obvious solution | once you think about it (a signal of brilliance). | pishpash wrote: | That's doublespeak. They want phone numbers on the merits | of phone numbers being how people's private identities have | been registered with their contacts. And no, that's not a | great alternative, it's a huge negative. | tgsovlerkhgsel wrote: | They're also critical to getting people to move from | WhatsApp. | | Next time when Facebook pulls something user-hostile (e.g. | monetization with ads, yet another privacy policy change | for the worse, ...) some people will simply install Signal. | If they use phone numbers as (an) identifier, two people | who do this independently can immediately switch to Signal. | | If A convinces B to switch, and C convinces D to switch, B | and D can now talk to each other, reducing the pressure to | keep WhatsApp as more and more of your friends are | reachable on Signal. Even if you're using WhatsApp in | addition to Signal, with phone numbers as identifiers, | you're no longer contributing to the network effect that | makes it painful for your friends to switch from WhatsApp | to Signal. | | Given that network effect is what makes or breaks | messengers, phone numbers as the primary identifier are the | _only_ reasonable choice. | TacticalCoder wrote: | > Next time when Facebook pulls something user-hostile | ... | | In my opinion with or without FB putting anything more | hostile people are moving, in drones, to Telegram. I see | regular people (non-tecchies at all) in my friends' | circle joining Telegram regularly. | | I'm not saying TG is better than Signal but I think TG's | userbase is many orders of magnitude bigger than | Signal's. | panopticon wrote: | > _people are moving, in drones, to Telegram_ | | As an aside, the idiom is "in droves". | thaumasiotes wrote: | > They're great compared to the alternative of simply | storing a plaintext register of every pair of communicating | parties on the server, which is how other messengers work. | | > They don't want phone numbers on the merits of phone | numbers. | | I thought they were pretty vocal about wanting to use phone | numbers to save people from the pain and despair of having | to enter their friends' usernames into Signal, a pure UI | concern. | | The server needs to store each pair of communicating | parties if it wants to announce presence information like | AIM did. But that's unnecessary for a phone-based messenger | - everyone is always "present" at all times. | ttybird2 wrote: | This is not the only alternative though. | charcircuit wrote: | I've never used a contact list for my "buddies." We just | have each other added on Discord. | caslon wrote: | Discord keeps your friend information on their servers. | This is, like tptacek said, exactly what Signal is trying | to prevent. If servers get seized by the Feds, they don't | want to needlessly reveal who's contacting who for | everyone. | | It's about storing as little personal information as they | can. | theamk wrote: | Question: do you use Signal? If yes, are you backing | up/syncing your contact list? If yes, are you worried | about Feds coming for your backup/sync provider? | caslon wrote: | If that happens, that's not a disastrous thing. That | means _one_ person reveals who they 're talking to in | general, not just on Signal. It doesn't mean that the | millions of Signal users _all_ lose that privacy. | | But no, I don't use Signal. I just think it's strange how | some people can't seem to wrap their head around any of | the rationale for this when it's the most transparent | thing in the world. Do I _like_ it? No, but it 's | ridiculous how some people pretend to be incapable of | critical thinking in order to talk about how it's | horrible. If something is _actually_ horrible, being | deliberately obtuse isn 't needed. | stjohnswarts wrote: | Isn't your contact list encrypted? I mean wouldn't they | have to hack my password (good luck) to do that? | doc_gunthrop wrote: | Not only do they keep your friend information on their | servers, they maintain a copy of every single message | you've ever sent via Discord. Their service is the | antithesis of private communications. | stjohnswarts wrote: | Can you request deletion of these? I've never really | thought about that before (I don't use discord that much | anyway other than hoping on some channels occasionally to | help beginners to rust and c++. I guess I'm not giving | away too much there :) | charcircuit wrote: | Yes, you can. | bogota wrote: | I can assure you that most people do use phone contact | lists for their intended purpose. I'm not sure what your | comment is trying to get at other than being | argumentative for whatever reason. | Talanes wrote: | Do you have data on that, or are you just asserting that | your personal experience is more universal than their | personal experience? | | I don't think they're totally off-base: I haven't used my | phone contact list for personal contacts for most of the | last decade. It's just a collection of work contacts that | I don't trust enough to add anywhere I actually talk to | people. | jack_pp wrote: | I'm sorry but do you need data for common sense? Is | WhatsApp one of the biggest messaging platforms where | people don't talk to their close friends and family? You | think discord or other mediums are _more popular_ than | iMessage and WhatsApp? | Talanes wrote: | I mean, I guess I do? I'm legitimately unsure if I'm in | some weird bubble where no one uses WhatsApp or you're in | a bubble of unusually high usage. But it's been a small | enough part of my life that I'm not even fully sure what | the connection is. It uses your contact list as well? | throwawayben wrote: | I assume you're in the US? As I understand it, it's less | popular there. | | I'd say at least 95% of smart phone users in the UK use | WhatsApp. I think that's probably true of the rest of | Europe as well. | fragmede wrote: | In today's individualized, algorithmic online world, it's | safer to assume you're in a weird bubble until proven | otherwise. My Twitter/Facebook/whatever feed is totally | different than yours. Everyone still has a Facebook | account (though; noticeable dip in Q1) and Snapchat is | still wildly popular. | Vinnl wrote: | Supposedly two billion users as of Feb 2020: https://web. | archive.org/web/20200212142339/https://blog.what... | recursive wrote: | Is any of this stuff more popular than actually calling | people? How are people calling? Memorize phone numbers? | I'm completely stumped about how someone could use a | cellphone for a decade without using a contact list. | charcircuit wrote: | I don't even have my friends' phone numbers. If I want to | call a friend I do it on my desktop using Discord. Before | like 2016 we would call using Skype instead. | tptacek wrote: | Discord works by keeping a serverside database of which | people are talking to which people, which is, to a | serious adversary, the most valuable single piece of | information the service can cough up. Discord is much, | much more convenient than Signal, and that's good. The | services have different goals. | wolverine876 wrote: | How is Discord more convenient? I don't mean the question | critically, but I wonder what a sophisticated user sees | in Discord when Signal seems, to me, as convenient as | texting and calling. | mikepurvis wrote: | I haven't historically-- multiple rounds of old flip | phones and early Android devices with zero migration | story made me wary of overly investing in anything on- | device. | | However, the current wave of phone-number-tied messengers | (WhatsApp, Signal) have definitely pushed me in that | direction. | theamk wrote: | This decision seems pretty crazy to me, especially on the | cell phones where a lot of apps require phone book access | to function, and there is generally no way to give a | different view to different apps. | | I understand that Signal wants to be blame it all on users, | but the practical consequence of their design is that the | moment people want to talk to a single person on Whatsapp, | they give out Signal contact list to Facebook.. and the | moment they start using Google's backup, they give out | Signal contact list to Google.. and if they ever buy a new | phone, they share Signal contact list with whoever wrote | migration tool for their data. And there are tons of other | random apps which all require contact list access... | | From the privacy standpoint, Signal having contact list | would be better. At least then, I'd have a single party to | worry about, instead of dozens. | wolverine876 wrote: | > From the privacy standpoint, Signal having contact list | would be better. | | Signal can operate using its own contact list, without | accessing your phone's central contacts. | novok wrote: | Back when signal was getting started, using the contact | list to bootstrap buddy lists and reduce adoption | friction was definitely the right decision. Now they are | more established, they can offer the username only | version for the %2 that will actually benefit from it. | And now that %2 has the cover of a large established user | base to blend in as noise. | | You have to remember, signal is about E2EE security for | EVERYONE, not just nerds. There will imperfect solutions | along that path, which also means things like no | federation. Signal is very much about being effective vs | about being 'right' and ineffective, because when you are | king, you can start being right and effective. | tptacek wrote: | Signal having the contact list means that they'd be | subject to legal (and extralegal) process to obtain the | entire contact list for everybody using the service, | which is untenable for them. Again: Signal is not Discord | or WhatsApp; these are different services with different | primary objectives. | gojomo wrote: | Because the app constantly prompts for contact-list | access, Signal's software-on-device definitely has the | contact list. | | And, that software regularly re-sends that encrypted list | to Signal's servers' SGX enclaves for their contact- | discovery protocol. | | So whether or not Signal, or some entity near/around it, | "has" the contact list is a matter of how much users | trust Intel(tm) SGX(r) (as well as the chain of processes | that deliver/update the Signal software on-device.) | tptacek wrote: | I haven't kept up with what they're doing so grain of | salt on this, but I think this is incorrect. | | What they're moving towards is a design that looks like | what Apple did with their HSM quorum system. The contact | information we're talking about is encrypted clientside, | but with (usually) a memorable pin. Without | countermeasures, memorable PINs are very easy to attack; | SGX allows them to artificially limit guesses. As a user, | you retain a security dial on this: you can use a more | complicated passcode than a 4-digit pin if you don't | trust SGX. | | Obtaining the whole database Signal maintains gives you | ciphertext that you need to mount attacks on user-by-user | (and to make those attacks, you'd have to break SGX). It | doesn't simply give you the plaintext SQL database other | messaging systems collect. | wolverine876 wrote: | > Because the app constantly prompts for contact-list | access | | AFAIK, it prompts at first, maybe a few times, but then | stops. | | > Signal's software-on-device definitely has the contact | list | | Definitely not required at all. Signal can use its own | contact list. | | > that software regularly re-sends that encrypted list to | Signal's servers' SGX enclaves for their contact- | discovery protocol | | The SGX enclaves are not for contact discovery. Contact | discovery worked long before Signal implemented the SGX | enclaves. | | As I understand it: The SGX enclaves store a crypto key | that Signal adds to the user's password, to enable data | migration: Users tend to choose weak passwords; if Signal | truly wants their data to be secure, strong passwords | aren't realistic. Their solution is ingenious (IMHO): 1) | Append a random key to strengthen the password chosen by | the user. 2) A locally stored key would be a big problem | for data migration, such as lost phones; the key would be | lost too, and thus all the user data. 3) Therefore, they | store the key centrally, as securely as possible (in the | SGX enclave). That does make the key more vulnerable, but | if you choose a strong password then it's irrelevant - | the attacker needs to defeat both the key and your | password. You can also disable this backup feature if you | like. Some reading (partly because I might misremember a | detail or two): | | https://signal.org/blog/secure-value-recovery/ | | https://blog.cryptographyengineering.com/2020/07/10/a-few | -th... | | I am not sure how Signal backups work or that user | contacts, encrypted, are backed up to the SGX enclave. | Where does it say that? | | > So whether or not Signal, or some entity near/around | it, "has" the contact list is a matter of how much users | trust Intel(tm) SGX(r) (as well as the chain of processes | that deliver/update the Signal software on-device.) | | Again, if you choose a strong password then you only need | to trust yourself, and I think you can disable it | altogether. | pydry wrote: | It could be E2E encrypted. | brimble wrote: | Wait--when you're using Signal, it resorts to using your | whole-phone contact list when, say, you want send a | direct message? That would be... not great UX, with my | personal use of my phone contact list (mostly for people | I barely ever message, contacts I'd _never_ message but | want to have a phone number and /or address down, or | relatives who don't/can't use anything but SMS) | raspyberr wrote: | They mainly used numbers so they could leverage the social | graph of phone contact lists. That way they didn't need to | store any social graphs on their systems. | root_axis wrote: | Signal was built as an alternative to SMS so that design | makes sense with that goal in mind. | phaer wrote: | TextSecure, Signals name before re-branding started out | doing _only_ SMS encryption. Sending messages over data | started earlier if I remember correctly. I think that must | have been almost 10 years ago | killingtime74 wrote: | It shows they have an open mind I guess | tibyat wrote: | fartcannon wrote: | To me, it shows that whatever agent is pushing signal | adoption has seen the writing on the wall and is trying to | get ahead before the tide changes and they have to hit some | other developers with wrenches. | | ;) | gaius_baltar wrote: | > Surely this is referring to the ability to use a non-phone | number ID, | | They are promising this for years and years, I hope this time | is real. Specially if we don't need a phone number to _create_ | an account: that 's just incompatible with privacy. | throwaway22032 wrote: | That's cool. Can I not use a number? Would it be so hard to add a | username field? | | That the default is phone-number based for discovery is a savvy | and logical move for adoption. So add it as an optional feature. | | The conclusion that I immediately arrive to is that this software | must be a honeypot of some sort because it makes no sense. | Literally zero. | Trias11 wrote: | Exactly. Honeypot developed by spying entity. | | Otherwise anonymous usernames + passwords would perfectly do. | [deleted] | alfiedotwtf wrote: | It would be nice if it didn't require a phone number. My daughter | doesn't have a phone, but I would still like to use Signal with | her when she's on a wifi-connected iPad. | renewiltord wrote: | It would be neat if my .eth was a valid message source/target on | Signal. | mlissner wrote: | This is fine, but signal still doesn't tell you when the person | you're sending to has uninstalled signal. Instead, your messages | go into ether and you think the person is ignoring you. It blows | my mind they haven't prioritized this. | https://github.com/signalapp/Signal-Android/issues/11164 | toast0 wrote: | Applications can't determine when they're uninstalled. Or, not | reliably anyway, and not while following platform guidelines. | So the question becomes how to tell uninstalled vs left in a | drawer, powered down, while on vacation. | mlissner wrote: | They just have to tell you if a message isn't received after | a day or two. This is already exposed via the check marks, so | it's just something they have to amplify with a notification. | | Or when you start writing a message to somebody, if they | haven't read the last couple messages signal could make that | obvious. Etc. Lots of easy fixes. | seanw444 wrote: | Those both rely on the assumption that being offline for a | little while = app uninstalled. Not always so. | mlissner wrote: | They can just say the message wasn't received. They don't | have to say it was uninstalled. Just loudly tell me | things aren't working like I expected. That's all this | takes. | [deleted] | stavros wrote: | This shows a single check mark, no? Ie it tells you that the | user hasn't received the message. | jessriedel wrote: | Yea, it seems like this is the most information they could | give you without violating the addressee's privacy by | revealing whether they have uninstalled the app. I suppose it | could be worth it if, when the message remains undelivered | for a while, Signal added an explicit note to that effect so | the sender doesn't misunderstand. | mlissner wrote: | Yes, exactly this. All that's needed is to tell senders | when a message wasn't received after X hours. | | You don't have to figure out if the user uninstalled. This | also happens if they get a new phone and don't re-install | on it, so relying on uninstalls wouldn't work anyway. | not2b wrote: | How can they tell that a user has uninstalled the app? Does | uninstalling send a notification to signal.org? | jessriedel wrote: | I dunno. It's true they might not even have that | information. | bmarquez wrote: | Uninstalling doesn't send a notification to signal.org, | I've previously messaged a few people without getting a | response, later realizing they never got it because they | switched phones and stopped using Signal without pressing | the "Delete Account" button in Signal settings. The | workaround is to have the user install+register again, | then press delete. | | https://support.signal.org/hc/en- | us/articles/360007061192-De... | | > Signal must be actively working on your phone to make | changes to the account. Register to see these options for | your number. Deletion requests are not accepted outside | of the registered app because there is no way to | accurately verify whether or not a number is truly | associated with the requester. | izacus wrote: | FCM system they use to deliver notifications will return | the delivery ID as no longer valid after uninstall | though. | stavros wrote: | This is a great feature, well done for adding it! However, I'm a | bit puzzled as to why seemingly easy bug fixes aren't addressed. | There's a longstanding issue with Signal not recognizing that the | phone is in a landscape orientation when taking photos, so | they're rotated by 90 degrees. I opened an issue[1] and it got | closed with a related-but-not-exact workaround. | | This impacts everyone who takes photos on Android with Signal, | it's not a niche problem. It seems like an easy fix, and I'm | perplexed that it doesn't get prioritized. Ah well, can't | complain too much about a free product. | | [1] https://github.com/signalapp/Signal-Android/issues/9641 | Waterluvian wrote: | Signal is eating up 11GB of my iOS space. There is no way to | clear it without completely uninstalling and reinstalling. And | then the problem just resets and grows again. | | It's a ridiculously consequential bug and they don't seem | motivated to even comment. | | Pretty sad. | bmarquez wrote: | Signal also has other issues on iOS, like the lack of message | backup/restore which exists on the Android version. | | Every time I upgrade my phone I have to reformat & disable | iCloud lock and hand in my device before I get a new one. So | Signal's workaround of having two phones side-by-side to | transfer is a non-starter. (Also useless if you happen to | physically lose your old phone.) | grlass wrote: | Signal keeps all downloaded media locally until you delete | it. | | They don't have the resources to store files on the cloud, | even encrypted, and don't appear to have taken WhatsApp's | approach of backing up unencrypted media and messages on | user's third-party cloud services like Google Drive and | iCloud. | | You can mitigate this by having disappearing chats (current | longest self-destruct time is 4 weeks), or by going to | Settings->Data and Storage->Review Storage and deleting the | largest files. | | This isn't a great UX design, as users are not informed there | is a problem, or how to solve it. | nottorp wrote: | Whatsapp can be configured to not save all the cat photos | and memes to your library by default. You can still save | the really good memes yourself if you want. Signal should | just copy that feature. | | Also, what good is secure encryption if i have to give out | my phone number? | tialaramex wrote: | > Also, what good is secure encryption if i have to give | out my phone number? | | Actually how could you possibly deliver secure messaging | if it doesn't work with simple identifiers you already | have like your phone number? _Everything_ should be | secure, that 's Signal's thesis. | | This reminds me of the people who were convinced HTTPS | should only be used for "important" stuff that "needs to | be secure" like banking and so it's wrong to have HTTPS | on your blog, or news site, or whatever. | Waterluvian wrote: | I don't want them keeping my data. I don't want restoring | data. I want the ability to purge 11gigs off my device. | | When you select "delete all message history" it should free | up the disk. | WrathOfJay wrote: | How about listening to a message in portrait, accidentally | moving your phone to landscape, and then having the playback | stop and lose position in the audio stream. Or how about losing | voice recordings constantly? Seriously? I'm baffled at their | priority list. Whoever is directing these efforts is asleep at | the wheel. The frustration factor using this app in iOS is so | goddamn high. | rcarback wrote: | It is early stage, but there is now an alternative to Signal that | doesn't use phone numbers at all: | | https://xx.network/messenger/ | | While you can add your number to be searchable by others, it | doesn't let strangers with your number know you signed up | automatically, either. | | Full disclosure: I work on the infrastructure behind it. | godelski wrote: | How is this handling usernames? I understand doing this is | actually hard if you want them to replace the issues that are | carried with phone numbers (i.e. being able to connect with an | identity through cross referencing). And of course, birthday | problems. | pomian wrote: | Can you use this to send texts via SMS to regular phone | numbers? How does this differ from Linphone? | TacticalCoder wrote: | Yup. For those who don't know that is David Chaum's quantum- | resistant messenger and he's an OG cryptographer (and he's | mentioned in Bitcoin's original whitepaper, funnily enough). | | > Full disclosure: I work on the infrastructure behind it. | | Oh cool... I ran a node for many months during the beta (from | home, fiber optic at home). I'm busy atm so I'm not running | anything anymore but I do really hope that a real secure | messenger that doesn't leak metadata left and right, and which | uses advanced cryptography, shall eventually prevail. | wolverine876 wrote: | We see many apps that promise to be secure. With due respect, | why would someone trust this one? | rvz wrote: | How about no phone number at all? | zipswitch wrote: | "I am not a number! I'm a free man!" | [deleted] | jokowueu wrote: | You can use wire instead | rvz wrote: | Exactly. Why on earth is it so hard or difficult for Signal | to do just that? | | Regardless, I don't know why they are pushing in a somewhat | unregulated, volatile cryptocurrency that will be used by | extremists, terrorists and the like who in no doubt will not | only use it to fund their activities and will be sitting in | their group chats but now they can change their phone numbers | to hide even further? | | The road to hell is been paved with good intentions. Hasn't | it? But at least Wire does not still require a phone number, | nor does it have silly cryptocurrencies in their product for | pump and dump purposes. | UncleMeat wrote: | This has been discussed literally 1000 times. | | The alternative is having the server know who is talking to | whom. Further, phone numbers provide a valuable bootstrap | to connect with people. | | Other secure messengers have chosen a different design than | Signal. This means you can choose the one you prefer. | _joel wrote: | Myself and another geeky friend tried to get out non-geeky | friends away from messenger and whatsapp (well, at least get | them to use Signal, talk to us via it and perhaps migrate, | baby steps). | | Despite a really good uptake, some didn't make the move and | it's definitely fragmented some of our online groups (makes | it more interesting when physically catching up though, | silver linings!). I'm not sure throwing yet another messaging | platform would help. | sschueller wrote: | Or Threema | Karsteski wrote: | Great update. Patiently waiting until the day I can decouple my | phone number from my Signal "account" though. ___________________________________________________________________ (page generated 2022-02-07 23:00 UTC)