You can have multiple instances of signal on a mobile device, and you can use VoiP or eSIMs to register. Signal with an online persona revealing no identifying information, registered to a cash purchased eSIM on an ungoogled android is as good as your getting. Why do you think so many jurisdictions are trying to ban both GrapheneOS and Signal.
To be clear, your linked map shows that it is not a blanket "in europe". Around 20 European countries don't need an ID to get a SIM card and 30 do.
For those learning about political nuance against the backdrop of current propaganda, it is worth noting that the UK and Ireland do not require registration and that the populous are significantly politically opposed to it; and then Russia requires registration and has one of the most linked up registrations.
And what happens when the next guy buys that same number and registers on Signal?
Phone numbers are recurring costs. And to keep a truly private one you must keep paying without ever disclosing personal info and that is really hard. Signal is a privacy nightmare for long term use.
There is a week long registration lock protected by a PIN. Your contact list is protected by that PIN as well. They cannot access your chats. All your contacts will get a notification that the contact has changed when they go to talk to your phone number or get a message from your number.
This is good and means no one can impersonate you using your phone number, but doesn't solve the recurring costs issue, you still need to buy a new number when someone registers yours, and every financial transaction puts you at more privacy risk. And is terrible UX, imagine having to add your contacts new numbers every other week.
People generally already have phone numbers. In the markets Signal is targeting its rare for people to not already have a phone number. It would be quite strange for someone to be paying for a phone number just to use Signal, and if you don't already have one then yes I'd suggest Signal isn't the choice for you.
Not only that, but its a unique identifier people generally have already had and generally have already shared and historically been OK with sharing with people they want to talk to. That's a part of the reason why Signal originally chose that way of finding contacts, people were already connected in that way. It makes on boarding people massively easier and greatly reduces the friction of people actually using it. A messaging platform is pretty useless if I can't easily find my friends on it.
> And is terrible UX, imagine having to add your contacts new numbers every other week
Practically nobody is getting a new phone number every other week. And once again, if you are the kind of person getting a new phone number every other week, I'd agree Signal probably isn't the platform for you.
If you don't have a phone number or your number changes all the time, I agree Signal isn't the choice for you. If you already have a phone number, are OK with what having a phone number means in terms of privacy, and that phone number is pretty stable, then Signal isn't a bad choice to use to message on.
It does mean theoretically some large organization (like a government with a warrant) can potentially see "John Doe has this phone number, this phone number is related to Signal, therefore John Doe possibly uses Signal", but personally I'm not too worried about that tiny bit of information leakage. Besides, with enough effort one could probably ID that looking at internet traffic patterns unless you're really that paranoid about controlling your network routing. Especially when that means I'm able to actually convince family to use the platform, as they're used to just looking up people by phone numbers and don't want to have to deal with managing yet another unique identifier on yet another platform. If they had to register another account and manage yet another identity, they wouldn't use it, and thus I'd be stuck just talking SMS with them which results in worse privacy outcomes for our conversations.
Getting and maintaining an active phone number privately is indeed quite hard, partially by governmental design.
Signal only requires occasional/rare proof of control of the registered phone number. It also has very little visible data the provider can access on your account, even if they had a reason to assist in breaking your privacy by look it up from the phone number. Without Signal foundation direct support, the phone number linkage to your Signal account is completely opt in by you only.
So in terms of privacy, Signal is actually very good about the phone number and leaves it mostly to you how public you want to be about it.
They're primarily using it as a finite controlled resource to limit how easy it is for people to spin up arbitrary new accounts. Other projects might use some cryptocurrency junk that effectively equates to paying for accounts, but Signal uses what you probably already have.
Which is very backwards/nannystateish, same nonsense in AU. Thankfully anyone can buy one anonymously in the US and just use that even if it's more expensive.
You can do all of that but you shouldn't have to when using a privacy-focused messenger, and most people won't so they'll be exposed and suffer the consequences if they use Signal expecting a certain level of privacy (and pseudo-anonymity).
It's a terrible anti-feature and the only reason they're not being punished for it is because there aren't many alternatives to pick from.
You could have a second actuve eSIM if you have a phone that supports more than one (no phones support more than 2 active simultaneously). Though technically the phone number only needs to be accessible for the initial account setup so I guess you could have a burner phone you switch out eSIMs on.
Each Signal application only supports a single account though. So you can have one, and if you have a work profile you're not otherwise using you could have a second account in that instance.With the new Private Spaces you could potentially have a third as well.
So you _may_ be able to have up to 3 simultaneous Signal accounts on the same device.
I'm using my work profile and Private Space for things I can't share a Signal install with though. And I dont want to buy and maintain an extra phone number from a telco just to have another Signal profile.
Of course it's revealing information. If I know that two users that are identified by their phone numbers are talking to each other every day, this is a clear connection you can exploit. Metadata is only useless if you have no imagination.
That's privacy for someone who cares deeply and will get it somehow no matter what, not default zero-effort privacy for the ignorant. (Which WhatsApp does pretty well for example.)
I don't know, I'm not familiar with Signal. But features such as described above with worse privacy than the basic chatting functionality detract from it, it's not just that it would be a bonus if it were better, because that's exactly how effort comes in, having to know about it, and the typical layman user just blindly uses it.
Take Telegram for example, where only explicitly 'secret' chats are e2ee, you have to go out of your way, it's not the easy path.
