Soatok DreamseekerJun 18, 2025

I genuinely do not understand people who have deep fried opinions about Signal needing a goddamn phone number in 2025.

Many privacy nerds were outraged when you needed to give out a phone number to other people in order to talk with them. I was one of those nerds. They fixed that with the usernames rollout.

As a mobile phone app, Signal uses your phone number to bootstrap your enrollment into the protocol. This is literally the path of least resistance as an SMS replacement app, for most users.

If you want to know whether Signal can obtain enough metadata to target users that have enrolled, the answer is complicated.

The way profiles are encrypted, and how sealed sender works, makes any targeting seem infeasible. (Your profile key rotates, at mininum, when you block someone.)

Signal currently does not have IP addresses, etc. stored. If this changes in the future, it will not be retroactive. If you're worried about that, Molly boasts Tor support. Maybe that's fine. I haven't audited Molly, and won't.

Show threadSoatok DreamseekerJun 18, 2025

The people who tut-tut over the phone number requirement never articulate anything resembling a coherent threat model.

They also are quick to recommend alternatives with inferior cryptography.

Some days I just want to grab them by the shoulders and scream "SHUT THE FUCK UP YOU ARE HURTING PEOPLE" directly into their ears.

Show threadSoatok DreamseekerJun 18, 2025

"But if my threat model is Mossad, Signal could be forced to-"

No. Stop it. Your threat model isn't fucking Mossad--who could probably pwn half of the entire XMPP ecosystem with a single libxml2 zero-day. (Also maybe Matrix?)

"But my self-hosting"

Irrelevant.

"But jurisdiction"

You think Swiss privacy law will stop the CIA from doing another CryptoAG?

They probably have 10-20 of those floating around already. Private "no log" VPNs are an attractive target for that.

Show threadAndrey {.ru account};Jun 18, 2025
@soatok
A centralized service can go down, federated one cannot. So I still prefer self-hostable solutions over Signal, as they also have reliable cryptography.
Show threadAndrey {.ru account};Jun 18, 2025
@soatok
Btw, in case of restricting access to all foreign IPs in Russia (unlikely, but anyway), a federated network would be fragmented, but it would not be inaccessible at all.
Show threadAndrey {.ru account};
@soatok
Sorry if you already answered such counter-arguments about centralization of Signal million times, I'm okay with reading a blog post if you have one, just send a link
Jun 18, 2025 at 9:42amWeb