Ironically, Signal actually ranks a -1 for privacy in this use.
Presumably you're already using Signal and getting mainstream contacts to start using it too. You probably have a basic profile that at least includes your real name, and might also have your picture. Maybe you're even one of the 7 people in the world that use the Stories feature in it. Well good news, now all of that is also unconditionally available to anyone in any group you ever join, including any future changes you ever make to that info, unrevocably forever into the future.
Signal has a fun dark pattern where it unrevocably grants permissions for anyone you allow to contact you to see everything in your profile for the rest of time. It has only a single trust level with contacts effectively: full trust.
This is unacceptable in any tool you use for online community, unless you exclusively use it for online community and can decline to provide any info in this full-trust level. Unfortunately Signal also makes very sure you can't have a second account, by tying your account to a phone number, and only allowing one Signal instance per mobile device.
Is Signal good? Yes, but only exclusively for communication with people you already trust.
Keep an eye on Whitenoise. It's basically taken the technology behind Signal and placed it atop Nostr, so rather than signing up with a phone number, you do it with an npub (pubkey). Still in very early days so the features aren't all there yet, and battery use could be better, but they've got the basics of it working already.
SimpleX is another option.
These don't have discoverability for lay people users just joining though, which is actually a huge network effect positive for Signal in the family and friends use cases.
However it avoids the issues with the public group chat privacy. It ends up coming down to client and protocol features for those. SimpleX has a more extreme privacy threat model than Whitenoise so user contacts tend to be throw away (for good or bad), which generally doesn't work for public communities.
The real kicker is that almost nothing has the community automation tools and administration of Discord which is the really hard lift.
I have lots of Signal contacts I cannot phone, since the phone number is never shared by default. Not even the signal contact is shareable. It is way too privacy focused to work easily.
i.e. I cannot even match two people I have in contacts unless one of them sends me their hidden username. Then they can talk to one another.
And people in my contacts don't use their full name. In groups, they often share the first name, making it confusing as hell. And many use an arbitrary nickname, most often the abbreviated first name I think but sometimes truly random stuff, and might even change that yearly with no mapping in my history to tell me who they were.
I, and all of my contacts, have the default setting for this which makes me discoverable on Signal by phone number look up, but I have phone number sharing disabled. That's the default settings.
I've had no issues at all with discovery.
Signal has had the ability to share a username instead of phone number for a while. You definitely want to pair that with not sharing your phone number with Signal contacts (the related option released at the same time).
You can have multiple instances of signal on a mobile device, and you can use VoiP or eSIMs to register. Signal with an online persona revealing no identifying information, registered to a cash purchased eSIM on an ungoogled android is as good as your getting. Why do you think so many jurisdictions are trying to ban both GrapheneOS and Signal.
To be clear, your linked map shows that it is not a blanket "in europe". Around 20 European countries don't need an ID to get a SIM card and 30 do.
For those learning about political nuance against the backdrop of current propaganda, it is worth noting that the UK and Ireland do not require registration and that the populous are significantly politically opposed to it; and then Russia requires registration and has one of the most linked up registrations.
And what happens when the next guy buys that same number and registers on Signal?
Phone numbers are recurring costs. And to keep a truly private one you must keep paying without ever disclosing personal info and that is really hard. Signal is a privacy nightmare for long term use.
There is a week long registration lock protected by a PIN. Your contact list is protected by that PIN as well. They cannot access your chats. All your contacts will get a notification that the contact has changed when they go to talk to your phone number or get a message from your number.
This is good and means no one can impersonate you using your phone number, but doesn't solve the recurring costs issue, you still need to buy a new number when someone registers yours, and every financial transaction puts you at more privacy risk. And is terrible UX, imagine having to add your contacts new numbers every other week.
People generally already have phone numbers. In the markets Signal is targeting its rare for people to not already have a phone number. It would be quite strange for someone to be paying for a phone number just to use Signal, and if you don't already have one then yes I'd suggest Signal isn't the choice for you.
Not only that, but its a unique identifier people generally have already had and generally have already shared and historically been OK with sharing with people they want to talk to. That's a part of the reason why Signal originally chose that way of finding contacts, people were already connected in that way. It makes on boarding people massively easier and greatly reduces the friction of people actually using it. A messaging platform is pretty useless if I can't easily find my friends on it.
> And is terrible UX, imagine having to add your contacts new numbers every other week
Practically nobody is getting a new phone number every other week. And once again, if you are the kind of person getting a new phone number every other week, I'd agree Signal probably isn't the platform for you.
If you don't have a phone number or your number changes all the time, I agree Signal isn't the choice for you. If you already have a phone number, are OK with what having a phone number means in terms of privacy, and that phone number is pretty stable, then Signal isn't a bad choice to use to message on.
It does mean theoretically some large organization (like a government with a warrant) can potentially see "John Doe has this phone number, this phone number is related to Signal, therefore John Doe possibly uses Signal", but personally I'm not too worried about that tiny bit of information leakage. Besides, with enough effort one could probably ID that looking at internet traffic patterns unless you're really that paranoid about controlling your network routing. Especially when that means I'm able to actually convince family to use the platform, as they're used to just looking up people by phone numbers and don't want to have to deal with managing yet another unique identifier on yet another platform. If they had to register another account and manage yet another identity, they wouldn't use it, and thus I'd be stuck just talking SMS with them which results in worse privacy outcomes for our conversations.
Getting and maintaining an active phone number privately is indeed quite hard, partially by governmental design.
Signal only requires occasional/rare proof of control of the registered phone number. It also has very little visible data the provider can access on your account, even if they had a reason to assist in breaking your privacy by look it up from the phone number. Without Signal foundation direct support, the phone number linkage to your Signal account is completely opt in by you only.
So in terms of privacy, Signal is actually very good about the phone number and leaves it mostly to you how public you want to be about it.
They're primarily using it as a finite controlled resource to limit how easy it is for people to spin up arbitrary new accounts. Other projects might use some cryptocurrency junk that effectively equates to paying for accounts, but Signal uses what you probably already have.
Which is very backwards/nannystateish, same nonsense in AU. Thankfully anyone can buy one anonymously in the US and just use that even if it's more expensive.
You can do all of that but you shouldn't have to when using a privacy-focused messenger, and most people won't so they'll be exposed and suffer the consequences if they use Signal expecting a certain level of privacy (and pseudo-anonymity).
It's a terrible anti-feature and the only reason they're not being punished for it is because there aren't many alternatives to pick from.
You could have a second actuve eSIM if you have a phone that supports more than one (no phones support more than 2 active simultaneously). Though technically the phone number only needs to be accessible for the initial account setup so I guess you could have a burner phone you switch out eSIMs on.
Each Signal application only supports a single account though. So you can have one, and if you have a work profile you're not otherwise using you could have a second account in that instance.With the new Private Spaces you could potentially have a third as well.
So you _may_ be able to have up to 3 simultaneous Signal accounts on the same device.
I'm using my work profile and Private Space for things I can't share a Signal install with though. And I dont want to buy and maintain an extra phone number from a telco just to have another Signal profile.
Of course it's revealing information. If I know that two users that are identified by their phone numbers are talking to each other every day, this is a clear connection you can exploit. Metadata is only useless if you have no imagination.
That's privacy for someone who cares deeply and will get it somehow no matter what, not default zero-effort privacy for the ignorant. (Which WhatsApp does pretty well for example.)
I don't know, I'm not familiar with Signal. But features such as described above with worse privacy than the basic chatting functionality detract from it, it's not just that it would be a bonus if it were better, because that's exactly how effort comes in, having to know about it, and the typical layman user just blindly uses it.
Take Telegram for example, where only explicitly 'secret' chats are e2ee, you have to go out of your way, it's not the easy path.
Signal has profiles nowadays that can be used to connect with people without sharing phone numbers. The latter are only used for signup and discarded immediately after.
Yes. The phone number is just for activation, once activated, you can swap the SIM and carry on. Or have the SIM that receives the activation text in another phone, or be virtual, or whatever.
Millennials and older generations witnessed this happening bit by bit, some of us tried to fight it, but ultimately it’s everywhere now, and apparently it’s been so ubiquitous for so long that people aren’t even aware of it anymore.
1) I do not believe for a second that Meta would actually implement something that would remove their own ability to read those messages.
2) We do not have any proof that their claimed e2e chat service is actually compromised.
The matter of fact tone of the parent made me think there was some actual proof or at least something more than speculation. That's why I asked for a source.
If meta can read those messages, then they’re most definitely not e2e encrypted.
Given the historical record, you would be a fool to assume that any service run by a public company isn’t fully tapped by US intelligence agencies. They’ve been tapping anything and everything they can get their hands on, why stop at whatsapp?
Let me flip it around: what proof do you actually have that it is e2e encrypted? Zuckerberg pinky promised?
Anyone can sue anyone for anything. I have no doubt the US government has access to whatever data it wants from all businesses, but a lawsuit is not evidence of anything.
Signal has a fun dark pattern where it unrevocably grants permissions for anyone you allow to contact you to see everything in your profile for the rest of time. It has only a single trust level with contacts effectively: full trust. This is unacceptable in any tool you use for online community, unless you exclusively use it for online community and can decline to provide any info in this full-trust level. Unfortunately Signal also makes very sure you can't have a second account, by tying your account to a phone number, and only allowing one Signal instance per mobile device.
Is Signal good? Yes, but only exclusively for communication with people you already trust.
EDIT: typos