Comment by 3xblah

6 years ago

In his "The Ecosystem is Moving" talk at CCC, he had many presumptuous and dubious "arguments" but one regarding privacy of phone numbers was that a user's APN would be used to determine their phone number, so there was no point in trying to keep phone numbers private.

This fails to account for the possibility of not using the cellular network. With unlocked smartphones, it is possible to remove the SIM card, clear any APN settings and access WiFi. That can be enough for a messaging app to work.

The only identifier needed for iMessage and FaceTime is a working e-mail address (and only for sign up). No cellular account is required.

14 comments

3xblah

Klonoar 6 years ago

That's not the representative experience for most consumers/users. Most people do have a phone number, though, so it's easy enough to bootstrap with.

I might not agree with the phone number thing, but I recognize the tradeoff being made and am willing to begrudgingly accept that for right now, Signal/Moxie are probably making the right call. It's not like they're not moving to fix it anyway.

Also, unless I misunderstood him, the APN bit is referencing push notifications, and he's right - if that's out there, it could identify you not just by phone but by Apple account in general. You realistically can't use Signal without an Apple ID, as you couldn't get it from the store otherwise.

bscphil 6 years ago
> You realistically can't use Signal without an Apple ID
I do, because I got it and signed up for an account on my Android phone...
Okay, I realize what you're getting at here, but it seriously irks me when people talk as if Apple was the only ecosystem, or even the most popular ecosystem, when it is neither.
I probably don't even need a Google Play Store account if I can find an unmodified APK that's signed by OWS.
- 3xblah 6 years ago
  
  curl https://updates.signal.org/android/latest.json |grep -o "http[^\"]*"
  https://updates.signal.org/android/Signal-website-universal-...
  Source: https://signal.org/android/apk/
  
  1 reply →
shmerl 6 years ago
> That's not the representative experience for most consumers/users. Most people do have a phone number, though, so it's easy enough to bootstrap with.
It's a trap most don't realize they are falling in. It's easy to set up things without one time registration step (instead of making a user id and password, just download some client and boom - you are set). But think about it. One time(!) convenience is paid with constant(!) reduction of privacy.
Compare it to one time inconvenience of registration step, that gives you constantly better privacy. I'd say the second is the obvious choice.
And it's easy to sell this "convenience" for the clueless, but it's also evil to do so, because most don't realize what they are paying with. So I blame developers who are proliferating this approach. Unlike many of their users, they know very well what they are doing, and they exploit people's cluelessness and natural preference for convenience.
- Klonoar 6 years ago
  
  The second isn't better by default - no matter what, you're trusting some organization/entity somewhere in the chain.
  Furthermore, your comment just eschews what Signal has said elsewhere - if you have a social app, you need a social graph to operate. They have to piggyback somewhere or else store a bunch of data themselves, and it's clear that they take their time to make sure they're doing something as best as possible before committing to it.
  It's also not developers proliferating the approach. This is what the market developed into, and if you want your product/service/whatever to be successful, you have to win with that constraint. What you're describing is idealist, but not realistic at time of writing this. Hopefully it changes, but place the blame where it's appropriate.
  
  1 reply →
3xblah 6 years ago
"You realistically can't use Signal without an Apple ID, as you couldn't get it from the store otherwise."
Isn't this the issue people are complaining about. They want to install this program without going through an "app store" to get it.
Is it possible to avoid using APNS. Probably it is enabled by default even the user does nothing with her phone and installs no third party apps. What if the user blocks the DNS requests to Apple.
- Klonoar 6 years ago
  
  If you don't accept push notifications, sure, you wouldn't technically be using APNS - the tokens change every time you give access for notifications. Last I checked, there's a connection to APNS running on every device or something... so blocking it would be interesting.
  You'll be SOL on iOS anyway, ultimately - you're def not building it yourself with Xcode without an Apple account. Jailbreaking may be a fit here, but in defense of Signal, jailbreaking was kinda dead for a few years and only recently became usable again. Altstore[1] is... interesting, but I don't have enough experience with it to comment further.
  I get what you're after, but Signal's not about to ignore the massive iOS userbase, and these are defining parts of the iOS ecosystem currently. You either play by those rules or you probably don't grow.
  [1] https://altstore.io

haffenloher 6 years ago

In the context of this talk, APN means "Apple Push Network", I think. The concern is that even if the service doesn't ask for a phone number directly, it does still have an APN or GCM/FCM push token. Through the push provider, that token can probably be linked to the user's phone number.

> With unlocked smartphones, it is possible to remove the SIM card, clear any APN settings and access WiFi.

If you're willing to do all that, I suppose getting some free VoIP number for registering with Signal (e.g. through Textnow) won't be too much of a hassle?

sudosysgen 6 years ago
So you pull a Telegram and create a good alternative to APN/Firebase.
- saagarjha 6 years ago
  
  What alternative is there on iOS?
  
  1 reply →

JoshuaMulliken 6 years ago

I believe he was speaking of Apple push notifications and google cloud messaging