Comment by pierat

> They want the address book because if you don't have engagement promotion features like that, there is no way to ever become remotely popular in the chat app space.

Intentionally ignoring the fact that Signal splatters your phone number to everyone else is a humongous problem. And you can even put your phone number block in your address book, and it'll tell you everyone who has Signal. This happens all the time, with Signal servers leaking all of this metadata.

And doing "engagement promotion" is what companies do to sell more shit. So, exactly what are they "selling"?

>Why is the security a joke?

Metadata, pertaining to communication patters and to whom matters just as much as what's being said.

And that metadata, like "your phone number" and "contact's phone number", and "when data is being sent to/from" is that metadata.

> The data is e2e encrypted,

> and isn't related to a phone number in any way after registration.

Bullshit. I see new people hopping on signal fairly regularly. If that was true, it'd be a simple verify-once-and-delete. It aint.

> Do you know of a better way of combining privacy and anti-abuse measures?

I reject your claim of "privacy", with regards to metadata.

Secondly, Tox has an alternate way to handle this, by allowing any number of accounts not tied to anything. Sure, it's a SHA256 id, but who cares. There, its secure AND anonymous.

Basically, I look at Signal as "better than SMS, but not much". It's basically a way to keep the phone company from scanning messages.