[HN Gopher] You can change your number
___________________________________________________________________
You can change your number
Author : feross
Score : 252 points
Date : 2022-02-07 20:03 UTC (2 hours ago)
(HTM) web link (signal.org)
(TXT) w3m dump (signal.org)
| asiachick wrote:
| How about no need for a number at all!?!??
| [deleted]
| SecurityLagoon wrote:
| Can people please choose an appropriate title when posting. "You
| can change your number" makes sense in the context of signal.org
| but makes little sense on the front page of HN. The RSS feed
| doesn't even include the domain for context.
| dang wrote:
| signal.org is part of the context of the title, since it's
| displayed right next to it. Therefore, by your argument (which
| I think is correct), the title does make sense on the front
| page of HN.
| staticassertion wrote:
| signal.org is displayed right next to the title.
| SecurityLagoon wrote:
| Not on the RSS feed without me doing some jiggery to extract
| it from the link and render it in my reader somehow. But
| overall this isn't the worst example because it is on their
| own domain - often it'll be on a medium domain or something
| that provides no useful context.
| samatman wrote:
| I'm fairly sure that medium is treated specially, along
| with github, twitter, substack, and a few others, in that
| subdomains are displayed for those platforms.
|
| Certainly this list isn't complete, and just as surely the
| moderators are open to adding to that list as contenders
| enter the ring.
| iratewizard wrote:
| Sounds like an RSS feed issue.
| nsajko wrote:
| HN guidelines forbid changing the title. I proposed changing
| this once, but the post didn't get traction. There was more
| traction for that years ago though.
| https://news.ycombinator.com/item?id=26300126
| slyall wrote:
| I often change titles on submissions. Making them shorter for
| instance. I also do change some to provide more context that
| the original source didn't.
|
| An article has only 15 minutes in /new to attract enough
| votes. Sticking with a crappy title nobody will click on
| wastes everyone's time. Obviously don't go full clickbaity.
|
| Sometimes the HN mods change them back.
| dang wrote:
| > HN guidelines do not forbid changing the title.
|
| It's more nuanced than that. See
| https://news.ycombinator.com/newsguidelines.html: " _Please
| use the original title, unless it is misleading or linkbait;
| don 't editorialize._"
| [deleted]
| saurik wrote:
| This website has an extremely awkward policy about titles that
| makes it so if you don't use the original title people get
| angry. The policy though just doesn't make sense, sadly, as the
| concept of titles is audience-specific (and even movies or
| books, which might feel more organized, sometimes have
| different audiences in different markets). FWIW, I did connect
| it together as I saw "(signal.org)" and that was sufficient for
| me in this specific case.
| aspenmayer wrote:
| FridayoLeary wrote:
| If the original title is too vague, hyperbolic or long, i
| will use a better title from another website. But normally
| it's just confusing for people who expect one headline, to
| find a different one. Generally company blog headlines fall
| into the category of "extremely vague" and need improving.
| dang wrote:
| It _feels_ like the policy doesn 't make sense because people
| only notice the cases they don't like. The cases where it
| works just fine, which are the vast majority, go unnoticed.
| That's by design, because it keeps things relatively smooth
| and happy, but it has this weird side effect that the
| annoyance cases build up like mercury in the 'policy' corner
| of the brain.
|
| Worst yet, the title edits that _would_ annoy people if HN
| had a different policy (and they would be legion) go
| uncounted because we don 't allow them to happen in the first
| place. Such a regime would be much less smooth, because for
| each title edit you (i.e. anyone) happened to agree with,
| there would be a lot more rubbing you the wrong way.
|
| The fundamental principle here is that on HN, being the one
| to submit an article confers no special right to interpret or
| frame it for others. We want the articles to speak for
| themselves, and we want the front page to be as accurate and
| neutral as possible ('bookish', to use PG's old word for
| this). Misleading titles and clickbait titles get in the way
| of that, so the HN guidelines ask submitters to change those.
| Otherwise not.
|
| Threads are so sensitive to initial conditions that the power
| to rewrite a title is literally the power to reframe the
| entire discussion, and therefore control it. On HN, we want
| the author of the article (or creator of a project) to have
| that power, not the submitter. That really is fundamental--
| it's the reason why HN's front page is the way it is, and
| therefore the reason why HN is the way it is. To change it
| would be to mess with the DNA of this place and would soon
| lead to a completely different forum. Maybe a good forum, but
| not the kind that HN is trying to be.
|
| https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que.
| ..
| HNSucksAss wrote:
| yusmary wrote:
| All that is cool, but I don't want Signal to advertise my
| presence to anybody that has my phone number when I first log in
| after a fresh install.
|
| I have only a handful of people that know and we negotiated that
| face to face prior, Signal breaks that trust
| vmception wrote:
| At this point I just pay for an additional line since VOIP
| numbers are being discriminated against. So just a few people
| will have that number.
|
| On the other side of associating me with people, I'm also
| looking for an Apple iOS update that lets me upload _just some_
| contacts, when an app asks.
| [deleted]
| einpoklum wrote:
| Yeah, those announcements on Signal and Telegram are super-
| annoying and awkward.
|
| You draw the attention of people with whom you have perhaps
| decided to let the relationship cool, and suddenly: "Hey,
| [YOURNAME] is here! Remember him? And how you have unfinished
| business? Why don't you message him right now?" :-(
| advisedwang wrote:
| Can you explain this a bit more? Am I correct in understanding
| that you feel it hurts you when your contacts find out that you
| have signal installed, hence why signal shouldn't do it? What
| is the impact of someone who has your phone number knowing you
| are available over Signal?
|
| Are there communities out there where someone being on signal
| is a red flag?
| runnerup wrote:
| > Are there communities out there where someone being on
| signal is a red flag?
|
| Absolutely. Outside of the tech industry, people have a
| "reason" for using Signal. My wife remarked one day that one
| of her coworkers (a plant operator) suddenly appeared on
| Signal. I mused that he is probably cheating on his wife. She
| found out a few weeks later that my hunch was correct.
|
| Other people I've seen on it I've been able to deduce that
| they're using it for drug purchases (simply by process of
| elimination, nothing else made sense) even when I didn't
| already know they were into recreational drugs.
|
| In some circles, Signal is used just for general
| conversation. But in most, it's not. So being on it is a
| pretty strong signal that you're doing something 'important'
| on it...and usually its easy for friends and neighbors to
| narrow down what that is.
| enriquto wrote:
| > What is the impact of someone who has your phone number
| knowing you are available over Signal?
|
| Don't know about Signal, but Whatsapp does the same thing
| (advertise to your contacts that you have a whatsapp account)
| and I find it _extremely_ offensive.
|
| Context: I am an ardent anti-whatsapp activist, thus I don't
| have a whatsapp account. This activism has created quite a
| stir in my family and made a lot of people angry, yet I stick
| about it. I have forced many of my close family and friends
| to use a different communication channel with me, and I have
| lost the contact of quite a few acquaintances. When my dad
| died a few months ago, her wife needed to talk to me (and I
| needed to talk to her quite a lot). She was not really in the
| mood for listening to my techno-activism platitudes, and I
| was not in the mood to perform them, so I had to open a
| whatsapp account. Since all the people who I had forced to
| stop using whatsapp to talk to me would have felt alienated
| by this at this point, I needed to take a new phone number to
| talk to my stepmom via whatsapp.
|
| This is a concrete example of why advertising the fact that I
| have a whatsapp account is an extremely annoying anti-
| feature. I'm sure there are similarly legitimate reasons for
| disliking the same feature in Signal. In any case, for a
| platform that has the privacy of users as one of its main
| tenets, this is a clear-cut case of anti-privacy feature. I
| can imagine reasonable people avoiding Signal precisely for
| this.
| SonicShell wrote:
| people i know irl commented "oh nice are you buying weed?"
| when they saw i joined, its really stupid for an app thats
| about privacy to do that.
| valleyer wrote:
| This is just a shade away from the typical "nothing to hide,
| nothing to fear" argument, and is in my opinion equally
| invalid.
|
| Let people decide for themselves what in their lives is OK to
| share with others. You don't need to know the reason why.
| samatman wrote:
| Either you don't understand how Signal works vis a vis
| phone numbers, or you're expecting something unreasonable.
|
| The behavior which is reliably objected to by someone on
| HN, every time Signal is mentioned, is that the app sends a
| user an alert when someone in their contacts list is on
| Signal.
|
| Phone numbers are the only resolution mechanism in Signal.
| Should that change? Separate question.
|
| Having someone's phone number is by definition a way to
| contact them. Registering for Signal is by definition
| agreeing that anyone who searches for your phone number can
| send you a message on Signal.
|
| What is the privacy violation in pushing awareness of that
| affordance? What about pull-only is better?
|
| Signal does what I want it to here, and my trouble
| understanding why someone would be ok with everything about
| Signal _except the push notification on join to people who
| have your number_ is genuine.
|
| It's easy for me to understand why people don't like that a
| phone number is inherent to Signal, don't much care for it
| myself. But it's unrelated.
| Zedseayou wrote:
| At least personally, the privacy violation is most clear
| if you are not part of a community that uses encrypted
| messaging by default (nearly everyone I know who uses
| SMS/FB messenger). The fact that someone I know has
| downloaded Signal then reveals that they now care about
| using encryption, which usually has the very obvious
| inference that they are involved in activism/have
| journalistic sources/other more nefarious activity that
| they care about encrypting. You can usually figure out
| which it is if you know anything else about that person.
| I would not know this if Signal didn't push the
| information to me, since I am not going to constantly
| search my entire contact list to find this info.
| [deleted]
| subb wrote:
| Whether or not I use Signal is private info, which is
| separate from my phone number info. Signal is mixing the
| two as if it was the same.
|
| A username kinda restore that, but it could be taken a
| step further and ask for a secret token when adding
| contacts. That way you know exactly who has you in their
| contact list, and this token could be revoked (equivalent
| of blocking the person).
| toastercup wrote:
| There are subcultures that are not widely accepted where this
| is an issue. Take the furry subculture as an example. You
| might not want your family or college pals to see your furry
| profile picture and pseudonym, but you also might not be
| aware of the implications of using a messaging service where
| the primary ID is your phone number. Many people hand out
| their phone numbers permissively, as historically, they
| weren't very "personal" on their own - save for identifying
| your real name. For many people, having/juggling multiple
| phone numbers to maintain distinct identities is beyond their
| technical expertise and simply won't happen in most cases
| (especially on Telegram, where VOIP numbers are prohibited).
|
| I don't know precisely how Signal does things, but I know
| this can be an issue on Telegram - and I assume they work
| similarly. I can see a lot of reasons folks might not be fans
| of phone-number-as-ID, especially when it alerts folks that
| you've joined, or gives folks who merely possess your phone
| number an easy way of viewing your profile details.
|
| I think the first quality E2EE messaging service that
| provides users an alternative to phone-as-ID could give
| Telegram/Signal (not that the former is necessarily E2EE) a
| serious run for their money among privacy-conscious users and
| members of fringe communities.
| XorNot wrote:
| Signal doesn't advertise a profile. It advertises a phone
| number - everything else is data you have locally. It will
| send a profile picture if you set one but that's it.
| itake wrote:
| Does it advertise your username? If I don't have the name
| of the contact, will Signal share my username or does it
| just say "this number in your list has joined signal, and
| here is their profile?"
| c1yd3i wrote:
| Have you tried not being cringe?
| pndy wrote:
| That's exactly what happen to my SO and I can see how this can
| be an issue to many people. The unexpected and unwanted convo
| with a particular person happen just because he had mobile
| number saved in phone's address book and despite of not giving
| Signal access to contacts, the presence of SO was announced.
| kypro wrote:
| If you want to change your number and for no body to know it
| sounds like you could still do that, you'll just have to create
| a new account.
| dheera wrote:
| This is why I hate any service that uses a phone number as an
| ID.
|
| I use a virtual number for Signal and any such services, and
| it's a different virtual number than the one I give to humans.
| jMyles wrote:
| How do you reconcile this with the ability to see, when you
| start to message someone, if they're using signal?
|
| Can't a person who wants to know if you are on signal do so
| simply by starting a message to you?
|
| Are you suggesting that simply making this less convenient on
| the client will somehow discourage someone who is determined to
| figure this out about you?
| stjohnswarts wrote:
| That would be a really nice option now that you mention it.
| Like a "fresh start" where you could pick who can actually see
| that you're on signal especially with a new number/phone. Lots
| of people are often a negative in your life.
| scotty79 wrote:
| Why would supposedly secure communicator use actual phone number
| as identifier is beyond me.
|
| And everybody does that, either phone number or email.
|
| The only software I could find for anonymous communication was
| old Polish communicator http://gg.pl which uses arbitrary numbers
| as identifiers
|
| I understand that startups are scared that they won't be sble to
| build up userbase from scratch but come on! Discord and Slack did
| it.
| raspyberr wrote:
| Signal started off as a secure SMS replacement. Also, they
| mainly used numbers so they could leverage the social graph of
| phone contact lists. That way they didn't need to store any
| social graphs on their systems.
| palata wrote:
| Two words: threat model.
| scotty79 wrote:
| I don't get it. I find my interlocutor knowing my phone
| number a severe threat to my privacy.
| bt1a wrote:
| Sure - that's why Signal is for secure communication
| between individuals who have some level of trust. There's
| nothing stopping your interlocutor from leaking all of the
| messages you send to them, what's the big issue with them
| having your number?
| godelski wrote:
| You're confusing privacy with anonymity. Privacy is people
| not being able to read what you are writing. Anonymity is
| being... anonymous, unknown. Signal is keeping your
| conversations private but they are not keeping your account
| anonymous.
| scotty79 wrote:
| My anonimity is huge contributing factor to my sense of
| privacy.
|
| I don't care if you seen my dick if you have no way of
| knowing it was mine.
| pomian wrote:
| That looks like a great app. Thanks. Can you send SMS to a
| regular number with this?
| gardnr wrote:
| Can I sign up without a number? Why does Signal require an
| identifier that is very difficult and perhaps illegal to make
| anonymous?
| usea wrote:
| How can I use this without a phone or phone number at all? If I
| am concerned about privacy, why would I give them that access and
| information when it's not necessary for the service? Surely they
| are only trying to gather information on their users. Whether
| it's being sold, breached, or used for ad targeting, I am not
| interested. It comes across as a scam.
|
| I cannot take seriously any claims made by the company or its
| employees / owners. None of it can be used as evidence of their
| goodwill or what they do with my data. They have an interest in
| deceiving me.
| wyager wrote:
| Check out Wired; it's a signal clone, but they don't require
| phone numbers (just emails) and it seems to be built a lot
| better in many ways (e.g. allowing multiple accounts on one
| device).
| palata wrote:
| How does it compare in terms of privacy? I mean Signal's
| private contact discovery, private groups, private profiles,
| sealed sender, etc?
| colordrops wrote:
| This is for proctecting your data from other end users. Signal
| still needs your number to provide to three letter agencies.
| sa1 wrote:
| On the contrary, they started out with phone numbers so that
| they could avoid storing user data on their servers.
|
| The whole plan to finally have usernames comes down to their
| use of Intel SGX.
| goatsi wrote:
| Using phone numbers as identifiers for encrypted messages is
| the core feature of Signal. It was marketed from day one as a
| drop in SMS replacement. Initially it even used SMS as the
| transport for encrypted messages. It was literally called
| "TextSecure". This is why I have always found the attacks on it
| using phone numbers to be amusing.
| [deleted]
| shishy wrote:
| I don't think it's so nefarious... phone numbers were just the
| easiest way for them to create a portable social graph without
| requiring users to re-discover if anything changed. Plus, it
| looks like this move is going to push them in a direction where
| phone numbers won't be required (as they've indicated
| previously is in the works).
| colordrops wrote:
| Ok, but now that it's not tied to phone numbers anymore why
| do you still need one to sign up?
|
| And why has this been "in the works" for years? It's
| certainly not _that_ hard to implement. Many less capable and
| mature messengers work without a phone number.
| palata wrote:
| I am pretty sure it's harder than you think, while keeping
| Signal's UX and privacy level:
| https://signal.org/blog/secure-value-recovery
| Vinnl wrote:
| It _is_ still tied to phone numbers; you can now just
| change which one.
|
| It's hard to implement it in a privacy-preserving way. Many
| other messengers of similar scale implement it by storing
| your social graph unencrypted on their servers.
| its_bbq wrote:
| Signal is about as reputable as you can get for e2e encrypted
| chat
| iratewizard wrote:
| Signal is high up, but matrix is higher in my book.
| palata wrote:
| Genuinely interested: can you elaborate on what metadata
| the matrix servers have access to? Say, don't they know who
| I am writing to, when and which groups I belong to?
|
| Signal does not, and that's guaranteed by the client code
| (i.e. no need to trust anything on the server for that).
| ttybird2 wrote:
| _" and that's guaranteed by the client code"_
|
| This is not true. This is not guaranteed even by the
| "sealed sender" feature that signal has.
| stjohnswarts wrote:
| You can't. Every engineering choice is a compromise. I don't
| know why everyone assumes that these choices are always
| malevolent. I guess you can just not use it? Lots of us use it
| everyday without issues. If you want something that suits all
| your needs there are PLENTY of libraries out there for you to
| throw together your own adhoc distributed encrypted messenger.
| I have done it a couple of times myself just for fun.
| [deleted]
| tapoxi wrote:
| They're working on usernames, but what's the privacy concern
| around using your phone number? Is it to be pseudononymous?
|
| My use case for Signal is friends and family, and it was easy
| to get everyone onboard because we all have each other's phone
| numbers already and didn't need to build a new list of
| contacts. It's a drop-in Android-compatible replacement for
| iMessage.
| sgarman wrote:
| Personally I don't have a privacy issue with it per se but I
| have two phones, one is data only sim and I can't use signal
| on that device with their current model. I guess because the
| device is a "phone" whatever that means. If they do away with
| this reliance on phone numbers hopefully we could get
| something more flexible that allows me to use it on "phones"
| without phone numbers.
| tenuousemphasis wrote:
| Did you try this? It should let you use Signal on two
| phones
|
| https://signal.org/blog/ios-device-transfer/
| rhn_mk1 wrote:
| > the privacy concern around using your phone number
|
| You have to give up your anonymity to get one in many places.
| Trias11 wrote:
| Just because "every platform and app is doing that" doesn't
| mean secure communication solution should.
| e12e wrote:
| > what's the privacy concern around using your phone number?
|
| My phone number identifies my country, my address and my real
| name - even if I restrict the listing, it's tied to my credit
| card. It's tied to a sim card with separate geolocation data
| to the GPS tracking Google does; even if I active signal from
| eg a pine phone, the number is tied to a 4g base station.
|
| Ed: and its tied to my current place of employment, too.
|
| None of this is needed/wanted for my signal identity (for me
| or signal).
|
| I could go out of my way to acquire a pseudonymous phone
| number, but I guess I'd have to be able to use it somehow -
| which seems pretty hard to keep anonymous. At the very least
| I'd probably have to pay for it.
|
| Signal should be able to do better than PGP and five mix
| master hops of 90s-era anonymous email...
|
| Or you get the old problem of those needing actual secure
| communication using terrorist@phreak.suspicious.net.ru and
| using signal just for "other" stuff..
|
| Ed: note that this mostly about connecting with people on
| signal that otherwise might not have my number, than about
| (almost) random people that have my phone number discovering
| that I'm on signal.
| Trias11 wrote:
| If I'd be a spying agency I'd do just that - develop "secure"
| app that would collect unique identity of every user.
| Verified phone number is a perfect unique ID.
|
| "Just give your phone number to us, and don't worry, we won't
| share it with anyone!".
|
| That exactly what Signal does.
|
| Until they allow user-created ID's with no link to any
| identity - the above concern stays.
| tapoxi wrote:
| But a phone number isn't supposed to be secret, it's
| supposed to be given to people to contact them. I don't see
| the nefarious use here. Can they determine I'm a Signal
| user? Sure, but they can get that from IP address, App/Play
| Store installs, etc.
| ttybird2 wrote:
| Phone numbers are associated with one's real-life
| identity though.
| rckt wrote:
| Wow, so many discussions about removing the phone number
| completely and now that's what we get instead.
| smm11 wrote:
| Signal installs via the app store, and you all are freaking out
| that it might reveal your phone number?
|
| Okay, then.
| Vinnl wrote:
| Not necessarily, at least on Android:
| https://signal.org/android/apk/
| netizen-936824 wrote:
| Signal hosts an apk for download on their website. App stores
| are not the only place to get applications
| [deleted]
| palata wrote:
| To be fair, you can build it from sources, and I'm pretty sure
| they provide an apk (they used to, at least).
| Trias11 wrote:
| STOP asking for my phone number to use your "secure" app.
|
| I don't want to disclose my phone number to any user, platform or
| any app.
|
| Just please STOP.
| [deleted]
| YaBomm wrote:
| Not sure why you need a phone number? besides government and/or
| ad tracking.
|
| This is why I use Matrix/Element
| [deleted]
| _joel wrote:
| What's a universal thing to the portable device that everyone
| has got in their pocket? I agree it's sucky and really there
| could be better ways, should be something none trackable and
| perhaps offer opt-in discovery via phone book.
|
| Have the option of decoupling it entirely from the phone.
|
| The government can track you a lot easier than pinging via
| signal btw. A lot easier!
| Vinnl wrote:
| > We built Change Number using the foundation of more exciting
| features to come.
|
| Surely this is referring to the ability to use a non-phone number
| ID, which they've hinted at before [1]. Looking forward to that,
| only because I know many others are!
|
| [1]
| https://www.reddit.com/r/technology/comments/kt91qk/comment/...
| wyager wrote:
| Based on the whole "mobilecoin" pump and dump scam they tried
| to pull, I unfortunately expect this to be tied to some kind of
| identity shitcoin.
| godelski wrote:
| I think the real question is what "usernames" will look like.
| There were hints dropped that this could be stronger than a
| typical username (like what HN has). I took a poll on
| reddit[0][1] to see what people wanted. I was rather surprised
| at how many wanted strong anonymity. I expected that the top
| choice would be the weak anonymity, where people just have an
| alternative to phone numbers. But I think if that's what Signal
| was rolling out then it would have been here already. So I hope
| they make anonymous communication available to everyone. I
| don't expect strong anonymity in the initial rollout, but I
| hope that is what they are working towards.
|
| As I see it, there are three aspects to protected
| communication: privacy (no one sees what you're saying),
| anonymity (no one sees who's communication), and censorship
| prevention (no one can shut down communication). If we get
| strong anonymity in Signal then that is 2/3 and would be a
| great leap forward for free speech _everywhere_. I expect
| censorship prevention to be the hardest of these to tackle,
| even with decentralization.
|
| [0]
| https://www.reddit.com/r/signal/comments/skoaf6/poll_why_do_...
|
| [1] Yes, I realize there are issues with the poll. Polling is
| hard.
| viccuad wrote:
| Oh, I'm surprised, after a decade stating that phone numbers
| were great for ID.
| stjohnswarts wrote:
| I would much prefer a one time randomly generated GUID myself
| that can be used to transfer to new phones or just trash if
| you want a full reset on your signal contacts. Obviously 2FA
| like TOTP or similar to change it.
| tptacek wrote:
| They're great compared to the alternative of simply storing a
| plaintext register of every pair of communicating parties on
| the server, which is how other messengers work. What's "good"
| about phone numbers is that they're tied clientside to a
| "buddy list" that everyone already keeps --- their contact
| list. They don't want phone numbers on the merits of phone
| numbers.
| wolverine876 wrote:
| Also, Signal envisions (or envisioned) contact lists as a
| foundation for a distributed, secure, private social
| network, under end-user control. It's an obvious solution
| once you think about it (a signal of brilliance).
| pishpash wrote:
| That's doublespeak. They want phone numbers on the merits
| of phone numbers being how people's private identities have
| been registered with their contacts. And no, that's not a
| great alternative, it's a huge negative.
| tgsovlerkhgsel wrote:
| They're also critical to getting people to move from
| WhatsApp.
|
| Next time when Facebook pulls something user-hostile (e.g.
| monetization with ads, yet another privacy policy change
| for the worse, ...) some people will simply install Signal.
| If they use phone numbers as (an) identifier, two people
| who do this independently can immediately switch to Signal.
|
| If A convinces B to switch, and C convinces D to switch, B
| and D can now talk to each other, reducing the pressure to
| keep WhatsApp as more and more of your friends are
| reachable on Signal. Even if you're using WhatsApp in
| addition to Signal, with phone numbers as identifiers,
| you're no longer contributing to the network effect that
| makes it painful for your friends to switch from WhatsApp
| to Signal.
|
| Given that network effect is what makes or breaks
| messengers, phone numbers as the primary identifier are the
| _only_ reasonable choice.
| TacticalCoder wrote:
| > Next time when Facebook pulls something user-hostile
| ...
|
| In my opinion with or without FB putting anything more
| hostile people are moving, in drones, to Telegram. I see
| regular people (non-tecchies at all) in my friends'
| circle joining Telegram regularly.
|
| I'm not saying TG is better than Signal but I think TG's
| userbase is many orders of magnitude bigger than
| Signal's.
| panopticon wrote:
| > _people are moving, in drones, to Telegram_
|
| As an aside, the idiom is "in droves".
| thaumasiotes wrote:
| > They're great compared to the alternative of simply
| storing a plaintext register of every pair of communicating
| parties on the server, which is how other messengers work.
|
| > They don't want phone numbers on the merits of phone
| numbers.
|
| I thought they were pretty vocal about wanting to use phone
| numbers to save people from the pain and despair of having
| to enter their friends' usernames into Signal, a pure UI
| concern.
|
| The server needs to store each pair of communicating
| parties if it wants to announce presence information like
| AIM did. But that's unnecessary for a phone-based messenger
| - everyone is always "present" at all times.
| ttybird2 wrote:
| This is not the only alternative though.
| charcircuit wrote:
| I've never used a contact list for my "buddies." We just
| have each other added on Discord.
| caslon wrote:
| Discord keeps your friend information on their servers.
| This is, like tptacek said, exactly what Signal is trying
| to prevent. If servers get seized by the Feds, they don't
| want to needlessly reveal who's contacting who for
| everyone.
|
| It's about storing as little personal information as they
| can.
| theamk wrote:
| Question: do you use Signal? If yes, are you backing
| up/syncing your contact list? If yes, are you worried
| about Feds coming for your backup/sync provider?
| caslon wrote:
| If that happens, that's not a disastrous thing. That
| means _one_ person reveals who they 're talking to in
| general, not just on Signal. It doesn't mean that the
| millions of Signal users _all_ lose that privacy.
|
| But no, I don't use Signal. I just think it's strange how
| some people can't seem to wrap their head around any of
| the rationale for this when it's the most transparent
| thing in the world. Do I _like_ it? No, but it 's
| ridiculous how some people pretend to be incapable of
| critical thinking in order to talk about how it's
| horrible. If something is _actually_ horrible, being
| deliberately obtuse isn 't needed.
| stjohnswarts wrote:
| Isn't your contact list encrypted? I mean wouldn't they
| have to hack my password (good luck) to do that?
| doc_gunthrop wrote:
| Not only do they keep your friend information on their
| servers, they maintain a copy of every single message
| you've ever sent via Discord. Their service is the
| antithesis of private communications.
| stjohnswarts wrote:
| Can you request deletion of these? I've never really
| thought about that before (I don't use discord that much
| anyway other than hoping on some channels occasionally to
| help beginners to rust and c++. I guess I'm not giving
| away too much there :)
| charcircuit wrote:
| Yes, you can.
| bogota wrote:
| I can assure you that most people do use phone contact
| lists for their intended purpose. I'm not sure what your
| comment is trying to get at other than being
| argumentative for whatever reason.
| Talanes wrote:
| Do you have data on that, or are you just asserting that
| your personal experience is more universal than their
| personal experience?
|
| I don't think they're totally off-base: I haven't used my
| phone contact list for personal contacts for most of the
| last decade. It's just a collection of work contacts that
| I don't trust enough to add anywhere I actually talk to
| people.
| jack_pp wrote:
| I'm sorry but do you need data for common sense? Is
| WhatsApp one of the biggest messaging platforms where
| people don't talk to their close friends and family? You
| think discord or other mediums are _more popular_ than
| iMessage and WhatsApp?
| Talanes wrote:
| I mean, I guess I do? I'm legitimately unsure if I'm in
| some weird bubble where no one uses WhatsApp or you're in
| a bubble of unusually high usage. But it's been a small
| enough part of my life that I'm not even fully sure what
| the connection is. It uses your contact list as well?
| throwawayben wrote:
| I assume you're in the US? As I understand it, it's less
| popular there.
|
| I'd say at least 95% of smart phone users in the UK use
| WhatsApp. I think that's probably true of the rest of
| Europe as well.
| fragmede wrote:
| In today's individualized, algorithmic online world, it's
| safer to assume you're in a weird bubble until proven
| otherwise. My Twitter/Facebook/whatever feed is totally
| different than yours. Everyone still has a Facebook
| account (though; noticeable dip in Q1) and Snapchat is
| still wildly popular.
| Vinnl wrote:
| Supposedly two billion users as of Feb 2020: https://web.
| archive.org/web/20200212142339/https://blog.what...
| recursive wrote:
| Is any of this stuff more popular than actually calling
| people? How are people calling? Memorize phone numbers?
| I'm completely stumped about how someone could use a
| cellphone for a decade without using a contact list.
| charcircuit wrote:
| I don't even have my friends' phone numbers. If I want to
| call a friend I do it on my desktop using Discord. Before
| like 2016 we would call using Skype instead.
| tptacek wrote:
| Discord works by keeping a serverside database of which
| people are talking to which people, which is, to a
| serious adversary, the most valuable single piece of
| information the service can cough up. Discord is much,
| much more convenient than Signal, and that's good. The
| services have different goals.
| wolverine876 wrote:
| How is Discord more convenient? I don't mean the question
| critically, but I wonder what a sophisticated user sees
| in Discord when Signal seems, to me, as convenient as
| texting and calling.
| mikepurvis wrote:
| I haven't historically-- multiple rounds of old flip
| phones and early Android devices with zero migration
| story made me wary of overly investing in anything on-
| device.
|
| However, the current wave of phone-number-tied messengers
| (WhatsApp, Signal) have definitely pushed me in that
| direction.
| theamk wrote:
| This decision seems pretty crazy to me, especially on the
| cell phones where a lot of apps require phone book access
| to function, and there is generally no way to give a
| different view to different apps.
|
| I understand that Signal wants to be blame it all on users,
| but the practical consequence of their design is that the
| moment people want to talk to a single person on Whatsapp,
| they give out Signal contact list to Facebook.. and the
| moment they start using Google's backup, they give out
| Signal contact list to Google.. and if they ever buy a new
| phone, they share Signal contact list with whoever wrote
| migration tool for their data. And there are tons of other
| random apps which all require contact list access...
|
| From the privacy standpoint, Signal having contact list
| would be better. At least then, I'd have a single party to
| worry about, instead of dozens.
| wolverine876 wrote:
| > From the privacy standpoint, Signal having contact list
| would be better.
|
| Signal can operate using its own contact list, without
| accessing your phone's central contacts.
| novok wrote:
| Back when signal was getting started, using the contact
| list to bootstrap buddy lists and reduce adoption
| friction was definitely the right decision. Now they are
| more established, they can offer the username only
| version for the %2 that will actually benefit from it.
| And now that %2 has the cover of a large established user
| base to blend in as noise.
|
| You have to remember, signal is about E2EE security for
| EVERYONE, not just nerds. There will imperfect solutions
| along that path, which also means things like no
| federation. Signal is very much about being effective vs
| about being 'right' and ineffective, because when you are
| king, you can start being right and effective.
| tptacek wrote:
| Signal having the contact list means that they'd be
| subject to legal (and extralegal) process to obtain the
| entire contact list for everybody using the service,
| which is untenable for them. Again: Signal is not Discord
| or WhatsApp; these are different services with different
| primary objectives.
| gojomo wrote:
| Because the app constantly prompts for contact-list
| access, Signal's software-on-device definitely has the
| contact list.
|
| And, that software regularly re-sends that encrypted list
| to Signal's servers' SGX enclaves for their contact-
| discovery protocol.
|
| So whether or not Signal, or some entity near/around it,
| "has" the contact list is a matter of how much users
| trust Intel(tm) SGX(r) (as well as the chain of processes
| that deliver/update the Signal software on-device.)
| tptacek wrote:
| I haven't kept up with what they're doing so grain of
| salt on this, but I think this is incorrect.
|
| What they're moving towards is a design that looks like
| what Apple did with their HSM quorum system. The contact
| information we're talking about is encrypted clientside,
| but with (usually) a memorable pin. Without
| countermeasures, memorable PINs are very easy to attack;
| SGX allows them to artificially limit guesses. As a user,
| you retain a security dial on this: you can use a more
| complicated passcode than a 4-digit pin if you don't
| trust SGX.
|
| Obtaining the whole database Signal maintains gives you
| ciphertext that you need to mount attacks on user-by-user
| (and to make those attacks, you'd have to break SGX). It
| doesn't simply give you the plaintext SQL database other
| messaging systems collect.
| wolverine876 wrote:
| > Because the app constantly prompts for contact-list
| access
|
| AFAIK, it prompts at first, maybe a few times, but then
| stops.
|
| > Signal's software-on-device definitely has the contact
| list
|
| Definitely not required at all. Signal can use its own
| contact list.
|
| > that software regularly re-sends that encrypted list to
| Signal's servers' SGX enclaves for their contact-
| discovery protocol
|
| The SGX enclaves are not for contact discovery. Contact
| discovery worked long before Signal implemented the SGX
| enclaves.
|
| As I understand it: The SGX enclaves store a crypto key
| that Signal adds to the user's password, to enable data
| migration: Users tend to choose weak passwords; if Signal
| truly wants their data to be secure, strong passwords
| aren't realistic. Their solution is ingenious (IMHO): 1)
| Append a random key to strengthen the password chosen by
| the user. 2) A locally stored key would be a big problem
| for data migration, such as lost phones; the key would be
| lost too, and thus all the user data. 3) Therefore, they
| store the key centrally, as securely as possible (in the
| SGX enclave). That does make the key more vulnerable, but
| if you choose a strong password then it's irrelevant -
| the attacker needs to defeat both the key and your
| password. You can also disable this backup feature if you
| like. Some reading (partly because I might misremember a
| detail or two):
|
| https://signal.org/blog/secure-value-recovery/
|
| https://blog.cryptographyengineering.com/2020/07/10/a-few
| -th...
|
| I am not sure how Signal backups work or that user
| contacts, encrypted, are backed up to the SGX enclave.
| Where does it say that?
|
| > So whether or not Signal, or some entity near/around
| it, "has" the contact list is a matter of how much users
| trust Intel(tm) SGX(r) (as well as the chain of processes
| that deliver/update the Signal software on-device.)
|
| Again, if you choose a strong password then you only need
| to trust yourself, and I think you can disable it
| altogether.
| pydry wrote:
| It could be E2E encrypted.
| brimble wrote:
| Wait--when you're using Signal, it resorts to using your
| whole-phone contact list when, say, you want send a
| direct message? That would be... not great UX, with my
| personal use of my phone contact list (mostly for people
| I barely ever message, contacts I'd _never_ message but
| want to have a phone number and /or address down, or
| relatives who don't/can't use anything but SMS)
| raspyberr wrote:
| They mainly used numbers so they could leverage the social
| graph of phone contact lists. That way they didn't need to
| store any social graphs on their systems.
| root_axis wrote:
| Signal was built as an alternative to SMS so that design
| makes sense with that goal in mind.
| phaer wrote:
| TextSecure, Signals name before re-branding started out
| doing _only_ SMS encryption. Sending messages over data
| started earlier if I remember correctly. I think that must
| have been almost 10 years ago
| killingtime74 wrote:
| It shows they have an open mind I guess
| tibyat wrote:
| fartcannon wrote:
| To me, it shows that whatever agent is pushing signal
| adoption has seen the writing on the wall and is trying to
| get ahead before the tide changes and they have to hit some
| other developers with wrenches.
|
| ;)
| gaius_baltar wrote:
| > Surely this is referring to the ability to use a non-phone
| number ID,
|
| They are promising this for years and years, I hope this time
| is real. Specially if we don't need a phone number to _create_
| an account: that 's just incompatible with privacy.
| throwaway22032 wrote:
| That's cool. Can I not use a number? Would it be so hard to add a
| username field?
|
| That the default is phone-number based for discovery is a savvy
| and logical move for adoption. So add it as an optional feature.
|
| The conclusion that I immediately arrive to is that this software
| must be a honeypot of some sort because it makes no sense.
| Literally zero.
| Trias11 wrote:
| Exactly. Honeypot developed by spying entity.
|
| Otherwise anonymous usernames + passwords would perfectly do.
| [deleted]
| alfiedotwtf wrote:
| It would be nice if it didn't require a phone number. My daughter
| doesn't have a phone, but I would still like to use Signal with
| her when she's on a wifi-connected iPad.
| renewiltord wrote:
| It would be neat if my .eth was a valid message source/target on
| Signal.
| mlissner wrote:
| This is fine, but signal still doesn't tell you when the person
| you're sending to has uninstalled signal. Instead, your messages
| go into ether and you think the person is ignoring you. It blows
| my mind they haven't prioritized this.
| https://github.com/signalapp/Signal-Android/issues/11164
| toast0 wrote:
| Applications can't determine when they're uninstalled. Or, not
| reliably anyway, and not while following platform guidelines.
| So the question becomes how to tell uninstalled vs left in a
| drawer, powered down, while on vacation.
| mlissner wrote:
| They just have to tell you if a message isn't received after
| a day or two. This is already exposed via the check marks, so
| it's just something they have to amplify with a notification.
|
| Or when you start writing a message to somebody, if they
| haven't read the last couple messages signal could make that
| obvious. Etc. Lots of easy fixes.
| seanw444 wrote:
| Those both rely on the assumption that being offline for a
| little while = app uninstalled. Not always so.
| mlissner wrote:
| They can just say the message wasn't received. They don't
| have to say it was uninstalled. Just loudly tell me
| things aren't working like I expected. That's all this
| takes.
| [deleted]
| stavros wrote:
| This shows a single check mark, no? Ie it tells you that the
| user hasn't received the message.
| jessriedel wrote:
| Yea, it seems like this is the most information they could
| give you without violating the addressee's privacy by
| revealing whether they have uninstalled the app. I suppose it
| could be worth it if, when the message remains undelivered
| for a while, Signal added an explicit note to that effect so
| the sender doesn't misunderstand.
| mlissner wrote:
| Yes, exactly this. All that's needed is to tell senders
| when a message wasn't received after X hours.
|
| You don't have to figure out if the user uninstalled. This
| also happens if they get a new phone and don't re-install
| on it, so relying on uninstalls wouldn't work anyway.
| not2b wrote:
| How can they tell that a user has uninstalled the app? Does
| uninstalling send a notification to signal.org?
| jessriedel wrote:
| I dunno. It's true they might not even have that
| information.
| bmarquez wrote:
| Uninstalling doesn't send a notification to signal.org,
| I've previously messaged a few people without getting a
| response, later realizing they never got it because they
| switched phones and stopped using Signal without pressing
| the "Delete Account" button in Signal settings. The
| workaround is to have the user install+register again,
| then press delete.
|
| https://support.signal.org/hc/en-
| us/articles/360007061192-De...
|
| > Signal must be actively working on your phone to make
| changes to the account. Register to see these options for
| your number. Deletion requests are not accepted outside
| of the registered app because there is no way to
| accurately verify whether or not a number is truly
| associated with the requester.
| izacus wrote:
| FCM system they use to deliver notifications will return
| the delivery ID as no longer valid after uninstall
| though.
| stavros wrote:
| This is a great feature, well done for adding it! However, I'm a
| bit puzzled as to why seemingly easy bug fixes aren't addressed.
| There's a longstanding issue with Signal not recognizing that the
| phone is in a landscape orientation when taking photos, so
| they're rotated by 90 degrees. I opened an issue[1] and it got
| closed with a related-but-not-exact workaround.
|
| This impacts everyone who takes photos on Android with Signal,
| it's not a niche problem. It seems like an easy fix, and I'm
| perplexed that it doesn't get prioritized. Ah well, can't
| complain too much about a free product.
|
| [1] https://github.com/signalapp/Signal-Android/issues/9641
| Waterluvian wrote:
| Signal is eating up 11GB of my iOS space. There is no way to
| clear it without completely uninstalling and reinstalling. And
| then the problem just resets and grows again.
|
| It's a ridiculously consequential bug and they don't seem
| motivated to even comment.
|
| Pretty sad.
| bmarquez wrote:
| Signal also has other issues on iOS, like the lack of message
| backup/restore which exists on the Android version.
|
| Every time I upgrade my phone I have to reformat & disable
| iCloud lock and hand in my device before I get a new one. So
| Signal's workaround of having two phones side-by-side to
| transfer is a non-starter. (Also useless if you happen to
| physically lose your old phone.)
| grlass wrote:
| Signal keeps all downloaded media locally until you delete
| it.
|
| They don't have the resources to store files on the cloud,
| even encrypted, and don't appear to have taken WhatsApp's
| approach of backing up unencrypted media and messages on
| user's third-party cloud services like Google Drive and
| iCloud.
|
| You can mitigate this by having disappearing chats (current
| longest self-destruct time is 4 weeks), or by going to
| Settings->Data and Storage->Review Storage and deleting the
| largest files.
|
| This isn't a great UX design, as users are not informed there
| is a problem, or how to solve it.
| nottorp wrote:
| Whatsapp can be configured to not save all the cat photos
| and memes to your library by default. You can still save
| the really good memes yourself if you want. Signal should
| just copy that feature.
|
| Also, what good is secure encryption if i have to give out
| my phone number?
| tialaramex wrote:
| > Also, what good is secure encryption if i have to give
| out my phone number?
|
| Actually how could you possibly deliver secure messaging
| if it doesn't work with simple identifiers you already
| have like your phone number? _Everything_ should be
| secure, that 's Signal's thesis.
|
| This reminds me of the people who were convinced HTTPS
| should only be used for "important" stuff that "needs to
| be secure" like banking and so it's wrong to have HTTPS
| on your blog, or news site, or whatever.
| Waterluvian wrote:
| I don't want them keeping my data. I don't want restoring
| data. I want the ability to purge 11gigs off my device.
|
| When you select "delete all message history" it should free
| up the disk.
| WrathOfJay wrote:
| How about listening to a message in portrait, accidentally
| moving your phone to landscape, and then having the playback
| stop and lose position in the audio stream. Or how about losing
| voice recordings constantly? Seriously? I'm baffled at their
| priority list. Whoever is directing these efforts is asleep at
| the wheel. The frustration factor using this app in iOS is so
| goddamn high.
| rcarback wrote:
| It is early stage, but there is now an alternative to Signal that
| doesn't use phone numbers at all:
|
| https://xx.network/messenger/
|
| While you can add your number to be searchable by others, it
| doesn't let strangers with your number know you signed up
| automatically, either.
|
| Full disclosure: I work on the infrastructure behind it.
| godelski wrote:
| How is this handling usernames? I understand doing this is
| actually hard if you want them to replace the issues that are
| carried with phone numbers (i.e. being able to connect with an
| identity through cross referencing). And of course, birthday
| problems.
| pomian wrote:
| Can you use this to send texts via SMS to regular phone
| numbers? How does this differ from Linphone?
| TacticalCoder wrote:
| Yup. For those who don't know that is David Chaum's quantum-
| resistant messenger and he's an OG cryptographer (and he's
| mentioned in Bitcoin's original whitepaper, funnily enough).
|
| > Full disclosure: I work on the infrastructure behind it.
|
| Oh cool... I ran a node for many months during the beta (from
| home, fiber optic at home). I'm busy atm so I'm not running
| anything anymore but I do really hope that a real secure
| messenger that doesn't leak metadata left and right, and which
| uses advanced cryptography, shall eventually prevail.
| wolverine876 wrote:
| We see many apps that promise to be secure. With due respect,
| why would someone trust this one?
| rvz wrote:
| How about no phone number at all?
| zipswitch wrote:
| "I am not a number! I'm a free man!"
| [deleted]
| jokowueu wrote:
| You can use wire instead
| rvz wrote:
| Exactly. Why on earth is it so hard or difficult for Signal
| to do just that?
|
| Regardless, I don't know why they are pushing in a somewhat
| unregulated, volatile cryptocurrency that will be used by
| extremists, terrorists and the like who in no doubt will not
| only use it to fund their activities and will be sitting in
| their group chats but now they can change their phone numbers
| to hide even further?
|
| The road to hell is been paved with good intentions. Hasn't
| it? But at least Wire does not still require a phone number,
| nor does it have silly cryptocurrencies in their product for
| pump and dump purposes.
| UncleMeat wrote:
| This has been discussed literally 1000 times.
|
| The alternative is having the server know who is talking to
| whom. Further, phone numbers provide a valuable bootstrap
| to connect with people.
|
| Other secure messengers have chosen a different design than
| Signal. This means you can choose the one you prefer.
| _joel wrote:
| Myself and another geeky friend tried to get out non-geeky
| friends away from messenger and whatsapp (well, at least get
| them to use Signal, talk to us via it and perhaps migrate,
| baby steps).
|
| Despite a really good uptake, some didn't make the move and
| it's definitely fragmented some of our online groups (makes
| it more interesting when physically catching up though,
| silver linings!). I'm not sure throwing yet another messaging
| platform would help.
| sschueller wrote:
| Or Threema
| Karsteski wrote:
| Great update. Patiently waiting until the day I can decouple my
| phone number from my Signal "account" though.
___________________________________________________________________
(page generated 2022-02-07 23:00 UTC)