I remember a time when visiting a website that opens a javacript dialog box asking for your name so the message “hi <name entered>” could be displayed was baulked at.

Why does signal want a phone number to register? Is there a better alternative?

  • Xanza@lemm.ee
    link
    fedilink
    English
    arrow-up
    56
    arrow-down
    7
    ·
    edit-2
    6 months ago

    So, you’re going to get two schools of thought on this, and one of them is wrong. Horrendously wrong. For perspective, I was a certified CEHv7, so take that for what its worth.

    There’s a saying in security circles “security through obscurity isn’t security,” which is a saying from the 1850s and people continually attempt to apply the logic to today’s standards and it’s–frankly stupid–but just plain silly. It generally means that if you hide the key to your house under the floor mat, there’s no point to having the lock, because it doesn’t lend you any real security and that if you release the schematics to security protocols and/or devices (like locks), it makes them less secure. And in this specific context, it makes sense and is an accurate statement. Lots of people will make the argument that F/OSS is more secure because it’s openly available and many will make the argument that it’s less secure. But each argument is moot because it deals with software development and not your private data. lol.

    When you apply the same logic to technology and private data it breaks down tremendously. This is the information age. With a persons phone number I can very likely find their home address or their general location. Registered cell phones will forever carry with them the city in which they were activated. So if I have your phone number, and know your name is John Smith, I can look up your number and see where it was activated. It’ll tell me “Dallas, Texas” and now I’m not just looking for John Smith, I’m looking for John Smith in Dallas, Texas. With successive breakdowns like this I will eventually find your home address or at the very least your neighborhood.

    The supposition made by Signal (and anyone who defends this model) is that generally anyone with your private number is supposed to have it and even if they do, there’s not much they can do with it. But that’s so incredibly wrong it’s not even funny in 2025.

    I’ve seen a great number of people in this thread post things like “privacy isn’t anonymity and anonymity isn’t security,” which frankly I find gobstopping hilarious from a community that will break their neck to suggest everyone run VPNs to protect their online identity as a way to protect yourself from fingerprinting and ad tracking.

    It frankly amazes me. Protecting your data, including your phone number is the same as protecting your home address and your private data through redirection from a VPN. I don’t think many in this community would argue against using a VPN. But why they feel you should shotgun your phone number all over the internet is fucking stupid, IMO, or that you should only use a secure messaging protocol to speak to people you know, and not people you don’t know. It’s all just so…stupid.

    They’ll then continue to say that you should only use Signal to talk to people you know because “that’s what its for!” as if protecting yourself via encryption from compete fucking strangers has no value all of a sudden. lol

    You have to be very careful in this community because there are a significant number of armchair experts which simply parrot the things that they’ve read from others ad-nauseam without actually thinking about the basis of what they’re saying.

    OK. That’s my rant. I’m ready for your downvote.

    • Manalith@midwest.social
      link
      fedilink
      arrow-up
      17
      ·
      6 months ago

      The only thing I’ll tack onto this is that with the introduction of Signal usernames, you still have to give Signal your number to verify that at least on some level, you probably are a real person. As someone with 5 different phone numbers, probably doesn’t stop spam as much as they’d hoped, but more than they feared, but at least now you don’t have to give that Craigslist guy who uses Signal your phone number, just your username. Is that the best method? I dunno, but but it is something.

      • Xanza@lemm.ee
        link
        fedilink
        English
        arrow-up
        13
        arrow-down
        1
        ·
        6 months ago

        I was unaware of this change, and it’s perfectly acceptable. No one has any ground to lambast Signal for requiring phone numbers to get an account. I think that’s a perfectly reasonable spam mitigation technique. The issue is having to shotgun your phone number to every Howard and Susan that you want to use Signal to communicate with.

        This was honestly the only thing holding me back from actually using Signal. I’ll likely register for an account now.

        • poVoq@slrpnk.net
          link
          fedilink
          arrow-up
          7
          ·
          6 months ago

          If you are even remotely involved in any activist type of things, you certainly don’t want this US government honeypot have your phone-number and device id.

          • Jason2357@lemmy.ca
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            6 months ago

            At least in theory, this is mitigated. The signal activation server sees your phone number, yes. If you use Signal, the threat model doesn’t protect you from someone with privileged network or server access learning that you use Signal (just like someone with privileged network access can learn you use tor, or a vpn, etc).

            But the signal servers do not get to see the content of your group messages, nor the metadata about your groups and contacts. Sealed sender keeps that private: https://signal.org/blog/sealed-sender/

            You would obviously want to join those groups with a user Id rather than your phone number, or a malicious member could out you. It’s not the best truly anonymous chat platform, but protection from your specific threat model is thought through.

            edit: be sure to go to Settings > Privacy > Phone Number. By default anyone who already has your phone number can see you use signal (used for contact discovery, this makes sense to me for all typical uses of Signal), and in a separate setting, contacts and groups can see your phone number. You will absolutely want to un-check that one if you follow my suggestion above.

            • poVoq@slrpnk.net
              link
              fedilink
              arrow-up
              1
              ·
              6 months ago

              There are some mitigations in place, yes, but Sealed Sender on a centralized platform is snake-oil as someone with server access can easily do a timing attack and discover who communicated with whom.

              • Jason2357@lemmy.ca
                link
                fedilink
                arrow-up
                1
                ·
                5 months ago

                That a timing attack could be successful is not a given. It’s a possibility, yes, but there is very likely sufficient mixing happening to make that unrealistic or unreliable. An individual doesn’t create much traffic, and thousands are using the server constantly. Calling it a honeypot or claiming the phone number and device is are available is a stretch.

                Timing attacks can work in tor when you are lucky enough to own both the entrance and exit node for an individual because very few people will be using both, and web traffic from an individual is relatively heavy and constant to allow for correlation.

                • poVoq@slrpnk.net
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  5 months ago

                  A timing attack is extremely realistic when you control one of the end devices which is a common scenario if a person gets arrested or their device compromised. This way you can then identify who the contacts are and with the phone number you can easily get the real name and movement patterns.

                  This is like the ideal setup for law inforcement, and it is well documented that honeypot “encrypted” messengers have been set up for similar purposes before. Signal was probably not explicitly set up for that, but the FBI for sure has an internal informant that could run those timing attacts.

                  • Jason2357@lemmy.ca
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    5 months ago

                    You are talking out of your ass. First, a timing attack requires numbers to correlate - reasonable numbers of people using a node or server and a LOT of packets going back and forth. Neither are true for a Signal server. Second, they don’t get the phone numbers if contacts are using only their username (with phone number sharing disabled). Your criticisms are over the top and not at all nuanced to the degree of protection of metadata that was built into signal. If it was as bad as you imply, a whole heck of a lot of the most respected security researchers would have to be complete idiots.

        • MDCCCLV@lemmy.ca
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 months ago

          Spam accounts are clearly the biggest factor for not letting anyone just sign up with an email. Although getting a new email without a phone verification is getting increasingly hard now.