this post was submitted on 11 May 2025

194 points (86.5% liked)

Privacy

37806 readers

1024 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

194

Why does Signal want a phone number to register if it's supposedly privacy first? (programming.dev)

submitted 4 days ago by [email protected] to c/[email protected]

287 comments fedilink hide all child comments

I remember a time when visiting a website that opens a javacript dialog box asking for your name so the message "hi " could be displayed was baulked at.

Why does signal want a phone number to register? Is there a better alternative?

(page 2) 50 comments

sorted by: hot top controversial new old

[–] [email protected] 25 points 4 days ago (8 children)

SimpleX

load more comments (8 replies)

[–] [email protected] 6 points 3 days ago

I assume ease of use and spam prevention.

I think Signal tries to be at least somewhat attractive to the average person who wants more privacy than just using WhatsApp or whatever. Making it easy to message existing contacts helps a lot with adoption.

[–] [email protected] 32 points 4 days ago (8 children)

One of the design goals is that they don't have a user database, so governments etc can't knock down their door demanding anything. By using phone numbers your "contacts" are not on their servers but local on your phone.

[–] [email protected] 5 points 3 days ago

That's WRONG they have a Database of every Phone number registered to them and metadata like the last time they logged in. You send all your contacts numbers to signal so they can respond who is also using Signal.

[–] [email protected] 15 points 4 days ago (6 children)

But your phone number is, and thus every agency can get your full name and address and location.

load more comments (6 replies)

[–] [email protected] 5 points 3 days ago

To prevent spam and to allow people who already know each other's number to easily contact over signal. If you want an anonymous account use an online sms activation service paid with monero, personally I recommend smspool.net .

[–] [email protected] 13 points 3 days ago (1 children)

as I see it, Signal tried to fit that privacy gap for a standard centralised messenger, if you think about it, that might have made it easier to non-tech-savvy people to adopt it (even if it was as a request from a contact), decentralisation is not remotely appealing to them

load more comments (1 replies)

[–] [email protected] 16 points 4 days ago* (last edited 3 days ago) (7 children)

Signal is not perfect but we control its app, libre software. See SimpleX Chat.

Escaping WhatsApp and Discord, anti-libre software, is more important.

load more comments (7 replies)

[–] [email protected] 17 points 4 days ago (3 children)

It's focused on ensuring there is no middleman between you and the other party, but it does not have a goal to provide anonymous messaging. Sadly.

[–] [email protected] 16 points 4 days ago (8 children)

no middleman

Signal is not P2P

load more comments (8 replies)

[–] [email protected] 4 points 3 days ago

THATS WRONG! Signal Server can just do a man in the middle as you try connecting to your contact for the first time. You need to verify the fingerprint manually which is not very obvious and present in the UI. In SimpleX.chat you automatically verify the fingerprint, as its the way to establish the chat to your contact and is included in the way you distribute the contact to you.

[–] [email protected] 11 points 4 days ago

Signal IS the middleman.

[–] [email protected] 15 points 4 days ago (3 children)

If you want to be mainstream a) you can't have spammers, scammers, and all the other scum of the earth and b) finding your contacts in the app HAVE TO be plug and play. Literally no normie will bother adding with usernames or whatever.

load more comments (3 replies)

[–] [email protected] 4 points 3 days ago (1 children)

Because it's centralized, I prefer SimpleX.

load more comments (1 replies)

[–] [email protected] 9 points 4 days ago

Maybe I am being too simplistic here. But I have never received a spam message to my XMPP account and I don't know how a spammer would find it.

In a phone-based system a spammer can spam a list of numbers, or use contact lists that are easily shared via phone permissions. There are several low-effort discovery processes.

For e-mail, you get spam when you you input your personal e-mail into forms, websites, or post it publicly.

But for something like XMPP... It seems rather difficult to discover accounts effectively to spam them. And, if it is an actual problem, why not implement some kind of 'identity swap' that automatically transmits a new identity to approved contacts? A chat username does not need to be as static as an e-mail or a phone number for most people.

I just don't see 'spam' as such a difficult challenge in this context, and not enough in my view to balance out requesting a phone number. Perhaps a spammer can chip-in?

load more comments