Mastodawn

Viss Aug 15, 2023

@Mer__edith do you folks have any plans for allowing signal to operate without the need for phone numbers, or for folks to be able to run more than one account from a mobile device?

Meredith Whittaker Aug 15, 2023

@Viss We're working on usernames which will allow people to connect and communicate without sharing phone numbers. You will still need a phone number to register, but you can choose to expose it to no one if you want.

Jordan (Damn Good Tech)Aug 15, 2023

@Mer__edith @Viss One idea...use aliases tied to your single account. That way I can have a username I share for dating and one I use for work, without the fear one will be shared with the other.

What do you think?

Meredith Whittaker Aug 15, 2023

@damngoodtech @Viss We don't have plans for this currently, but I hear you.

Draken BlackKnight Aug 16, 2023

@Mer__edith @damngoodtech @Viss
Good to know usernames are on the roadmap. It'll save me from maintaining my VoIP Signal account.

noodlejetski

Aug 16, 2023

@Mer__edith that's a shame, but I'm glad it's been clarified!
@damngoodtech @Viss

Bill Woodcock Aug 16, 2023

@Mer__edith @Viss

Why not just move to a country with actual privacy laws, where you don't have to collect people's phone numbers?

@woody @Viss

The privacy laws aren't the issue. The need for contact discovery and spam prevention are. And these are not easy problems or trivial for a meaningfully useful high-availability messaging client able to provide an alternative to surveillant competitors. We are working on usernames, however. And we go out of our way to NOT connect phone number (which could be a random VOIP number for all we care) to any other identifying info.

Recovered Expert Aug 16, 2023

@Mer__edith I’ve heard this for literally years and the longer it takes the more I doubt it’ll happen.

@[email protected]Aug 18, 2023

@Mer__edith @Viss Any timeline, or just Eventually/When It's Done?

lobingera Aug 15, 2023

@Mer__edith
"This is why Signal goes to great lengths to NOT collect any data about you" - great.

So signing up without handing over the telephone number is working now? How to delete the telephone number from an account i already use?

Meredith Whittaker Aug 15, 2023

@lobingera why did you write this so rudely? What are you hoping to communicate with this?

Bill Woodcock Aug 16, 2023

@Mer__edith @lobingera

Meredith, what are you hoping to communicate by saying "real talk" and then disingenuously implying that Signal doesn't "collect any data about you?" Particularly after slamming Telegram for exactly the same thing?

You could just stop collecting data, and then nobody would be rude to you when you say that you don't. Because then you wouldn't be lying.

And no, it is not more expense or complex to not collect data.

ckrypto Aug 16, 2023

@woody
Signal is not collecting data. If you have information to the contrary, present it, otherwise....
@lobingera @Mer__edith

Bill Woodcock Aug 17, 2023

@ckrypto @lobingera

Show me how you use Signal without allowing them to collect a phone number.

ckrypto Aug 17, 2023

@woody @lobingera it's already established that a phone number is required to register. Outside of the date of registration and the date of last usage, what other information are you suggesting they are collecting?

@woody @lobingera Oh hey Bill!

You know that there is NO comparison between Signal and Telegram when it comes to data collection, and claiming otherwise to score message board points is the kind of thing that misinforms people with less knowledge than you have.

You also know that there's a significant difference in complexity and computational expense between dumping everything plaintext in sql database and encrypting it rigorously, so I'm not sure why you're claiming otherwise.

Bill Woodcock Aug 17, 2023

@Mer__edith @lobingera

I was not the one who compared Signal to Telegram. You were.

My criticism was that you claimed not to collect data, when you do in fact collect phone numbers. This, when you're collecting and holding the data in a jurisdiction where you have no protection for the data, enables metadata collection by government, regardless of any peer-to-peer encryption of content. And metadata has always been the big issue.

Likewise, comparing encryption versus plain-text _for collected data_ is your straw-man, not mine. I compared collecting data to not collecting data.

Using phone numbers to "find friends" only works if you give code access to your address book, which is already a bad idea, compounded when that code can be configured to allow over-the-air updates.

And spam prevention, when new contacts have to be individually approved, has never been an issue in the real world.

Every last one of these issues was fully addressed in Jabber, with open standards and no centralization or data collection. Signal is, in every way save, arguably, some cryptographic specifics, a giant step backward from the state of the art. Just as Zoom and other proprietary walled gardens are.

If you wanted to advance the state of the art, rather than increasing walled gardens, you could be contributing to standards in the IETF, and implementing interoperable standards. Then you'd be receiving well-deserved accolades rather than well-deserved criticism.

@woody @lobingera @Mer__edith All fine and dandy, but here's a giant problem you're not talking about.

Number of my friends that use Signal: 20+
Number of my friends that use Jabber/XMPP: 0

Why?

People don't want to build their social graph all over again. Turns out Contacts are a quick, easy way to use the social graph all of us already have.

Signal is facing major engineering challenges and has to make giant trade-offs all without compromising E2EE which, unlike Telegram, is enabled by default and not touted as some "Secret chat" thing which automatically frames encryption as something nefarious.

Can Signal be improved? Of course it can! Usernames are a thing we've been asking for forever now.

Are you arguing in bad faith? I think so.

Using Signal is infinitely better for both Privacy & Security than using the more popular messaging apps like WhatsApp, Telegram or, God forbid, Messenger or Viber.

Again, close to zero of my friends have heard about Jabber/XMPP, a lot of them have heard about Signal.

Bill Woodcock Aug 18, 2023

@me @lobingera @Mer__edith

You're really asserting that your friends have phone numbers, which you and they don't mind sharing with the USG, but they _don't have email addresses_ or you _don't know their email addresses_?

Dušan 🇷🇸⚛️Aug 21, 2023

@woody @lobingera @Mer__edith Signal doesn't store the actual phone numbers of your contacts, they hash them before uploading them to their servers. The only phone number they have is the one used for registration. This way they avoid accidentally leaking phone numbers of people not yet on Signal.

I have an email address, yes, so do my friends, but we don't share them amongst ourselves like we share phone numbers. Why would we? We already shared a unique identifier, we don't need another one that can't be used for calls.

You seem to have a fundamental misunderstanding of how people actually communicate. Some of them don't even have email addresses, but they do have a phone number.

As far as me being comfortable with the USG having my phone number, they already do, you'd be surprised how many telecom companies sell your phone number to advertisers and there's not much you can do about it other than complain.

Bill Woodcock Aug 21, 2023

@me @lobingera

Your priorities appear to be fundamentally different than mine. I am not an evangelist, so please feel free to live your life according to your priorities. I do not have any interest in trying to convince you to adopt mine.

Dušan 🇷🇸⚛️Aug 21, 2023

@woody @lobingera Neither do I, but implying Signal isn't better for privacy and security than Telegram is disingenuous. The fact that it may not be good enough for *your* use case is down to your own preferences only.

Bill Woodcock Aug 22, 2023

@me @lobingera Again, if you think that's what I said, you weren't paying attention to what you read. It seems like you have an axe to grind, and I'm clearly not your audience.

Quinn Norton Aug 18, 2023

@Mer__edith @woody @lobingera requiring and collecting numbers is incredibly problematic. Having worked on securing battered women, this is often the weakest link and how they and their children can be retraumatized, especially when their partners are in positions of power. I’ve watched how much of a headache this is even for the most sophisticated user, it’s an utter nightmare for dissidents and victims of domestic violence.

Quinn Norton Aug 18, 2023

@Mer__edith @woody @lobingera and signal’s best in class reputation is a nightmare here too, there’s nothing left jabber-like to point people to as an easy option to keep them safe.

Quinn Norton Aug 18, 2023

@Mer__edith @woody @lobingera anyway the number requirement is like saying we keep all your data safe but publish your home address on the internet have fun with that.

I mean quite often it’s literally that depending on situation and jurisdiction.

zl2tod Aug 17, 2023

@Mer__edith @lobingera
It wasn't at all rude, Andreas was speaking facts and asking very legitimate questions.
You rudely went ad hominem and did not address those legitimate questions.

cynicalsecurity

Aug 16, 2023

@lobingera unfortunately Wire, which did (and does) not require a phone number has been having terrible operational problems in the past years (notifications not working, duplicate messages, desktop app breaking badly, etc.) otherwise it would have been a perfect alternative (and, indeed, I used to recommend it over Signal especially since it did real multi-device since the beginning).

u@[email protected]

Wolfi Aug 15, 2023

@Mer__edith I appreciate everything you do! My biggest success was convincing all of my extended family plus grandmother of 85 years to start a family group on signal instead of what's app! All of us never looked back!

linus Aug 15, 2023

@Meredith Whittaker "great lengths to NOT collect any data about you" like require phone number, uploading hashes of your contacts phone numbers, sending unsecure SMS for logging in, captchas that require running unfree JavaScript from invasive BigTech, connecting to BigTech clouds for messaging (depending on the ThreatModell that can be a good feature if you are in a Country that's not friends with the USA and you would fear that the country might block your Messenger but not the whole AWS Cloud but in the western world the Governments work together with BigTech very closely.)

Amir 🥳Aug 15, 2023

@Mer__edith waiting on the handwavy justifications on why signal needs phone numbers…

Orca 🌻 | 🎀 | 🪁 | 🏴🏳️‍⚧️Aug 15, 2023

@Mer__edith
When the data is stored plaintext on their server, expect it to leak. Even they as a service provider refuse to comply, there still exists breaches, hacking, datacenter providers more than happy to comply, and employees trying to make a quick buck.
And that's why end to end encryption matters. One less party to entrust, one step furthur on the way to privacy.
❤️

Jeff McNeill Aug 16, 2023

@Mer__edith isn't matrix better?

ckrypto Aug 16, 2023

@jeffmcneill
Depends on if you value the decentralization more than the security. Matrix is pretty good but you don't know who controls the node you're connected to and they do give up more metadata than Signal, not much more but still more.
@Mer__edith

flere-imsaho 🇺🇦Aug 17, 2023

@jeffmcneill no. signal people do not keynote police conferences.

Jeff McNeill Aug 18, 2023

@mawhrin URL?

flere-imsaho 🇺🇦Aug 18, 2023

@jeffmcneill here you are: one, two

Element (@[email protected])

Attached: 1 image We're in Berlin today at European Police Congress! 🚔🇩🇪 👋 Come by stand 66 to talk to us about secure and sovereign communication for police and national security. #EuropeanPoliceCongress

Matrix.org's Mastodon

kafran

Aug 16, 2023

@Mer__edith One question from the business perspective: How does Signal make money?

@kafran we make money from donations. We're a nonprofit.

Sieva 🚴🚇🏙️🌹Aug 16, 2023

@Mer__edith Signal makes big proclamations about privacy, but doesn't allow 3rd party apps, making you to trust binaries they built, and makes you to have a phone number in order to use the service.

@Anibyl

- We can't vouch for 3rd party apps, which could put people at risk if they're malicious. So we don't allow them.
- Our code is open source, our cryptographic protocols are documented and our implementations are open source. We only ship Signal as the Signal binaries, but you don't have to "trust" them you can verify
- You do need to register with a phone number, which enables contact discovery and prevents spam. Both are existentially important. However, we're working on usernames.

Sieva 🚴🚇🏙️🌹Aug 16, 2023

@Mer__edith So you *do* make sacrifices of certain privacy aspects in order to make the app usable. As does Telegram.

@Anibyl There's no comparison, which I assume you know, and claiming otherwise to score points is childish behavior.

Sieva 🚴🚇🏙️🌹Aug 16, 2023

@Mer__edith Of course there is a comparison, that's why people who care about privacy talk about both messengers so much.

Xdej Aug 16, 2023

@Mer__edith
Then please make an opt out for permissions related to contact discovery in Signal. I don't care if I have to meet in person each time I want to create a contact. LINE, for example, allows contact creation by scanning QR codes on the screen of the other person.
@Anibyl

Marius Seufzer Aug 16, 2023

@Mer__edith Awesome work with Signal, really appreciate you and your team fighting for internet privacy 🙏🏼

Something I’m thinking about at least twice a day for the past few months: Any updates on getting a backup feature on iOS?

@mariusseufzer they're on the roadmap, but no ETA

David Fleetwood - RG Admin Aug 17, 2023

@Mer__edith

1) You are correct, Telegram is very suspect and their published security model is incoherent and has never been externally audited. Nobody should trust it.

2) Signal, however, requires a phone number, one of the most easily traceable bits of personal data there is especially in hostile nations where the telephony system is highly monitored/tracked. Their lack of prioritization for fixing this is a major stain on their status as secure.

Aug 17, 2023

@Mer__edith says the app that builds its empire on anti-Telegram FUD and implementing spy-compliant E2EE on Whatsapp, forcing data to stay on the device where it can be read out.

@lapingvino @Mer__edith Where would you like the data to be stored? The only devices that have decryption keys are the ones within the conversation. That's what E2EE is.

Aug 18, 2023

@me @Mer__edith that is exactly the issue. Devices are a fixed issue for people who want your data, through Pegasus and rootkits in the CPU etc. But mostly it really depends on your threat vector. The threat vectors I have seen in practice rely on you decoding the data for invasive people. Telegram is much better for plausible deniability, increasing actual security for most people. People using Signal have been caught at the border with incriminating information, and unlike Telegram you cannot just remove the app and be good. That is what E2EE encryption does in real life, it makes sure the data stays on the device where the bad guys can get it.

@lapingvino @Mer__edith You absolutely can just remove the app. The data is tied to the app. Signal also provides you with tools to share sensitive information without leaving traces, namely disappearing messages, which are also E2EE.

No tech will help you if your OPsec isn't good.

@lapingvino @Mer__edith

Since Signal's servers have no idea what you send and receive it's up to you how you handle sensitive data. Make sensitive messages ephemeral!

Aug 18, 2023

@me you miss the point. you are right about what you say, but that is not my point.

@lapingvino My point is that I'd very much prefer only my device having the decryption key for my private messages.

To prevent being forced to reveal my secrets, I have all the tools at my disposal. They can't get incriminating evidence if there is no incriminating evidence.

You are correct that this requires vigilance on my part, which is why I clear my Signal chats frequently.

The people getting caught at the border clearly had bad OPSec. Nothing will save you from that.

I'm interested in what kind of plausible deniability does Telegram offer compared to Signal? If you're caught red handed, you're caught red handed.

Aug 18, 2023

@me metadata, being caught on suspicion of illegal stuff. All of Iran uses it for example, so just having Telegram tells agents exactly nothing. And because of the "reverse 2FA" (setting up a password outside of your phone number) the government cannot even use their control over the phone numbers to start impersonating etc.

olepinto Aug 18, 2023

@Mer__edith This is not what I get from the article: