It seems there's nothing on Signal's blog as of yet, but the project's git repository was tagged with v7.0.0 yesterday and we can see from the commit history since the previously tagged version (v6.74.4) that there will be a setting to hide one's phone number [1], as well as disabling the previous default behavior of advertising that one is on Signal to all of their contacts already using it [2].
It's good enough when I don't need a number to sign up at all. Unfortunately they're not there yet. So for now.. meh
Without that it's just a slightly more private WhatsApp.
In fact I wish we could move to another kind of identifier than a "phone number" for things like this. It's probably pretty region-dependent but personally I never use my phone to actually make phone calls or text. All my voice, video and messaging traffic to friends goes through apps, though the number is unfortunately still used as an identifier. Unfortunately, because if I let a number lapse I lose access to the whatsapp and telegram accounts related to it. This way it makes it hard having multiple accounts.
I'd prefer if mobile providers would just become a dumb data pipe the same as landline providers have already become. My Spanish provider still forces me to take a "landline" with my internet but I don't even have a phone connected to it.
Signal will not publicly admit that, but they are using phone numbers as a cheap anti-spam measure. If anyone can sign up with an email, you will have same spam problems as with email, and will need to implement some spam filtering, and so on.
It's harder to spam with phones. Although, as they now do in Burma, they can just kidnap a lot of people from China and India and keep them as slaves and make them send spam from phones. But anyway that's a different story
I feel like Signal has been up front for many years about why they use phone numbers, and I get incessant spam on other phone number platforms (most especially: phones) so I'm not sure that holds water.
What if they allow non-phone-number-verified accounts to only place calls/texts to users only where the non-verified is already in that user's contacts?
That would prevent spam. The only people who would hear from the non-verified account is people who already took the effort to place the non-verified account username in their contacts.
(I've never used Signal and I have no idea what how it works.)
They probably require phone numbers to be able to comply with the three-letter government agencies requirements and their requests on specific people. Metadata is specifically available "for free" (who calls/messages whom when).
Signal's vaunted double-ratchet encrypted groups have a severe weakness in the key exchange where the server can add itself as a participant.
Granted, this is pretty hard to solve when participants come online and offline at different times without having a trusted and always-online entity to handle the list of the current members (in the signal model, it's the server), but signal's still definitely not a silver bullet, even if people treat it like it is.
But if Signal gets pwned or captured, it can easily add itself into any group, or even add and remove instantly.
Wouldn't the group members at least be notified that someone joined the group? And the server would only have access to messages sent after that notification, right?
Do you evidence of that? Are you sure you aren’t confusing Signal and Matrix, which had that big? We would have heard about Signal after the Matrix bug if it also had it.
The amount of problems remains stable, as a universal constant . Problems are neither solved nor created, only transformed. By switching from Telegram to Matrix, new problems arose. By switching from Matrix to Session, by switching to Signal, where we are now, fewer problems arose
Records of precisely who you talk to are being kept serverside because of that decision. Maybe that's totally fine for you! Most people have pretty unserious secure messaging threat models (I don't mean that as a value judgement).
Heh. I have the opposite problem. I'd like a way to have Signal auto-delete conversations and media from my device after a certain amount of time.
Yes, there are auto-delete options, but those apply to the group/chat as a whole, and other people in some of the groups I belong to want to keep their chat history. I'm not totally opposed to them doing so, but would like the option to just delete my copies.
(Signal uses more space on my iPhone than all my other apps combined, and I've had problems with upgrades being blocked because there wasn't enough space remaining to install them. Manually deleting hundreds of photos from individual groups to make room is such a pain in the ass.)
Large group chats should have an expiry of one week or so, maybe 4 weeks at the longest, otherwise it gets crazy. Unfortunately the best way to delete those old messages in your local chat is to delete the conversation and rejoin it.
Admins really should have a "purge all history older than X" option. They let you do it one by one manually, but it's basically impossible to automate, and doing it manually is super tedious.
I want the ability to load chat history from a backup on desktop. It's obnoxious that a messaging app that bills itself as cross-platform will just permanently lose message history on a client if it's not opened for long enough or if your have to get a new device (or reinstall)
You can, just backup/restore ~/Library/Application Support/Signal (or windows equivalent), the encryption in stored in cleartext config.json next to the sqlitedb on desktop. https://vmois.dev/query-signal-desktop-messages-sqlite/
> Chat history I don’t know anyone that cares about it so maybe your expectations are just different there
The general expectation of, at a first approximation, absolutely anybody who has ever used WhatsApp, is that things do not disappear and get lost.
I don't mean us geeks, spies, enemies of the state, people chased by Mossad. I mean our grandmas and grandpas, our aunts and parents. I've seen enough tears over lost data and I don't see why this needs to happen.
For people (in other comments) who want to lose data: why not have a setting "do not backup my data, I do want to lose it if my phone dies"?
So you're looking for a feature where someone can hit a button and get a clear text export of all the encrypted chat history on the phone? You do understand why that feature doesn't exist right? Backup utilities are regularly abused by criminals and other bad actors to harvest private data.
If you want to record all of your chat history with someone and keep it around forever, Signal is not the right tool. Signal is for private communications, and I'm glad that people on the other side of conversations with me can't just export everything with a button press. That would be a massive violation of trust.
That's just wrong. You can export your chats in a secure format, signal android even let's you do it on a schedule. Combine with a hosted file server like nextcloud or google drive and you have automatic fully encrypted backups
>people on the other side of conversations with me can't just export everything with a button press.
Once any data is off your device and (decrypted) on someone else's, you must assume that they have full control over it, which includes backups. Anything else is poor privacy practice, security through obscurity.
Wrong forum for this question. I wanted universal chat, file transfer, and clipboard sharing across the big 3 desktop and big 2 mobile OSes without being tied to a universal, privacy-invading, primary key like a phone number. Using phone numbers for signup is only a couple degrees from using social security numbers for customer accounts in the 90's. Captchas and account expiry are some of the proper forms of abuse prevention that don't leap straight to privacy invasion with a not truly portable or anonymous unique identifier.
Or use a fork like Session, despite its (unsustainable?) crypto business model. Reliance on phone numbers creating trackable metadata was a critical and avoidable footgun resulting from copying WhatsApp too closely without leaning into privacy first.
I started getting “unknown” message requests on three unrelated phone numbers through my different signal accounts on Jan 24 2024. The contact info doesn't have a phone number, crypto scams.
I guess this is the result of the beta. See screenshot please.
Could you please stop posting unsubstantive comments and flamebait? You've unfortunately been doing it repeatedly. It's not what this site is for, and destroys what it is for.
It seems there's nothing on Signal's blog as of yet, but the project's git repository was tagged with v7.0.0 yesterday and we can see from the commit history since the previously tagged version (v6.74.4) that there will be a setting to hide one's phone number [1], as well as disabling the previous default behavior of advertising that one is on Signal to all of their contacts already using it [2].
[1] https://github.com/signalapp/Signal-Android/commit/8797236b5... (PNP stands for "Phone Number Privacy")
[2] https://github.com/signalapp/Signal-Android/commit/6097e6c30...
N.b. this version is a recent beta. See https://community.signalusers.org/t/beta-feedback-for-the-up...
It's good enough when I don't need a number to sign up at all. Unfortunately they're not there yet. So for now.. meh
Without that it's just a slightly more private WhatsApp.
In fact I wish we could move to another kind of identifier than a "phone number" for things like this. It's probably pretty region-dependent but personally I never use my phone to actually make phone calls or text. All my voice, video and messaging traffic to friends goes through apps, though the number is unfortunately still used as an identifier. Unfortunately, because if I let a number lapse I lose access to the whatsapp and telegram accounts related to it. This way it makes it hard having multiple accounts.
I'd prefer if mobile providers would just become a dumb data pipe the same as landline providers have already become. My Spanish provider still forces me to take a "landline" with my internet but I don't even have a phone connected to it.
Signal will not publicly admit that, but they are using phone numbers as a cheap anti-spam measure. If anyone can sign up with an email, you will have same spam problems as with email, and will need to implement some spam filtering, and so on.
It's harder to spam with phones. Although, as they now do in Burma, they can just kidnap a lot of people from China and India and keep them as slaves and make them send spam from phones. But anyway that's a different story
I feel like Signal has been up front for many years about why they use phone numbers, and I get incessant spam on other phone number platforms (most especially: phones) so I'm not sure that holds water.
2 replies →
They've been pretty public about it. And it's not cheap.
> Registration Fees: $6 million dollars per year.
https://news.ycombinator.com/item?id=38291427
4 replies →
What if they allow non-phone-number-verified accounts to only place calls/texts to users only where the non-verified is already in that user's contacts?
That would prevent spam. The only people who would hear from the non-verified account is people who already took the effort to place the non-verified account username in their contacts.
(I've never used Signal and I have no idea what how it works.)
Whoa wait what? What's this about slavery?
2 replies →
They probably require phone numbers to be able to comply with the three-letter government agencies requirements and their requests on specific people. Metadata is specifically available "for free" (who calls/messages whom when).
4 replies →
> Without that it's just a slightly more private WhatsApp.
They are not even comparable. WhatsApp does not encrypt metadata at all, which is the most interesting information you can leak.
Also WhatsApp is closed-source, so you can only take their word for whether the E2E is really E2E -- and it's owned by Facebook.
5 replies →
Neither does Signal, or any mainstream secure messenger. For that you’d have to look at MIT’s Vuvuzela/Alpenhorn.
1 reply →
Signal's vaunted double-ratchet encrypted groups have a severe weakness in the key exchange where the server can add itself as a participant.
Granted, this is pretty hard to solve when participants come online and offline at different times without having a trusted and always-online entity to handle the list of the current members (in the signal model, it's the server), but signal's still definitely not a silver bullet, even if people treat it like it is.
But if Signal gets pwned or captured, it can easily add itself into any group, or even add and remove instantly.
Wouldn't the group members at least be notified that someone joined the group? And the server would only have access to messages sent after that notification, right?
Do you evidence of that? Are you sure you aren’t confusing Signal and Matrix, which had that big? We would have heard about Signal after the Matrix bug if it also had it.
6 replies →
I also wish their desktop client doesn't need to update hundred megabytes every few days.
I solved this problem (and more) by switching to Matrix.
The amount of problems remains stable, as a universal constant . Problems are neither solved nor created, only transformed. By switching from Telegram to Matrix, new problems arose. By switching from Matrix to Session, by switching to Signal, where we are now, fewer problems arose
Records of precisely who you talk to are being kept serverside because of that decision. Maybe that's totally fine for you! Most people have pretty unserious secure messaging threat models (I don't mean that as a value judgement).
14 replies →
I guess it bears repeating, but you can sign up from a public phone booth.
So I do not understand what the problem is with needing a phone number. Is it because it's inconvenient to you?
[dead]
Surprised you did not mention Matrix/Element.
2 replies →
Will we get an ability to backup on iOS?
Most people don't even realize that if their phone dies today, all of their Signal chat history (photos, etc) are gone.
Heh. I have the opposite problem. I'd like a way to have Signal auto-delete conversations and media from my device after a certain amount of time.
Yes, there are auto-delete options, but those apply to the group/chat as a whole, and other people in some of the groups I belong to want to keep their chat history. I'm not totally opposed to them doing so, but would like the option to just delete my copies.
(Signal uses more space on my iPhone than all my other apps combined, and I've had problems with upgrades being blocked because there wasn't enough space remaining to install them. Manually deleting hundreds of photos from individual groups to make room is such a pain in the ass.)
Large group chats should have an expiry of one week or so, maybe 4 weeks at the longest, otherwise it gets crazy. Unfortunately the best way to delete those old messages in your local chat is to delete the conversation and rejoin it.
Admins really should have a "purge all history older than X" option. They let you do it one by one manually, but it's basically impossible to automate, and doing it manually is super tedious.
You can make your own group with a different expiry timer.
4 replies →
I want the ability to load chat history from a backup on desktop. It's obnoxious that a messaging app that bills itself as cross-platform will just permanently lose message history on a client if it's not opened for long enough or if your have to get a new device (or reinstall)
You can, just backup/restore ~/Library/Application Support/Signal (or windows equivalent), the encryption in stored in cleartext config.json next to the sqlitedb on desktop. https://vmois.dev/query-signal-desktop-messages-sqlite/
That's pretty low maintenance for such a cross platform secure chat app, i feel
You can backup Signal photos the same way you can backup other apps’ photos, e.g Google Photos, Immich, etc.
Chat history I don’t know anyone that cares about it so maybe your expectations are just different there.
> Chat history I don’t know anyone that cares about it so maybe your expectations are just different there
The general expectation of, at a first approximation, absolutely anybody who has ever used WhatsApp, is that things do not disappear and get lost.
I don't mean us geeks, spies, enemies of the state, people chased by Mossad. I mean our grandmas and grandpas, our aunts and parents. I've seen enough tears over lost data and I don't see why this needs to happen.
For people (in other comments) who want to lose data: why not have a setting "do not backup my data, I do want to lose it if my phone dies"?
Please, we need this.
Used to be a feature. It got removed.
1 reply →
So you're looking for a feature where someone can hit a button and get a clear text export of all the encrypted chat history on the phone? You do understand why that feature doesn't exist right? Backup utilities are regularly abused by criminals and other bad actors to harvest private data.
If you want to record all of your chat history with someone and keep it around forever, Signal is not the right tool. Signal is for private communications, and I'm glad that people on the other side of conversations with me can't just export everything with a button press. That would be a massive violation of trust.
That's just wrong. You can export your chats in a secure format, signal android even let's you do it on a schedule. Combine with a hosted file server like nextcloud or google drive and you have automatic fully encrypted backups
2 replies →
This might have been accurate if this feature didn't exist on Android. The simple solution is that the backups are encrypted.
>people on the other side of conversations with me can't just export everything with a button press.
Once any data is off your device and (decrypted) on someone else's, you must assume that they have full control over it, which includes backups. Anything else is poor privacy practice, security through obscurity.
5 replies →
There are multiple tools to convert your backup db from Android to HTML and plain text as long as you have the backup passphrase.
You realize Signal chat history is stored in an unencrypted SQLite DB on desktop right?
3 replies →
Do you realize you can create an encoded backup yes? Like, protected by a password.
1 reply →
When will I be able to use my GNU/Linux phone without buying another phone from the duopoly?
My phone is considered "desktop" by Signal, and it doesn't work without connecting to a "real" phone.
Wrong forum for this question. I wanted universal chat, file transfer, and clipboard sharing across the big 3 desktop and big 2 mobile OSes without being tied to a universal, privacy-invading, primary key like a phone number. Using phone numbers for signup is only a couple degrees from using social security numbers for customer accounts in the 90's. Captchas and account expiry are some of the proper forms of abuse prevention that don't leap straight to privacy invasion with a not truly portable or anonymous unique identifier.
https://news.ycombinator.com/item?id=39414077
[dead]
Or use a fork like Session, despite its (unsustainable?) crypto business model. Reliance on phone numbers creating trackable metadata was a critical and avoidable footgun resulting from copying WhatsApp too closely without leaning into privacy first.
I started getting “unknown” message requests on three unrelated phone numbers through my different signal accounts on Jan 24 2024. The contact info doesn't have a phone number, crypto scams.
I guess this is the result of the beta. See screenshot please.
https://ibb.co/F014n88
The beta environment is completely distinct from the prod one. So unless you're on the beta servers they're not related.
Even more curious about these numberless messages then.
1 reply →
[dead]
[flagged]
Could you please stop posting unsubstantive comments and flamebait? You've unfortunately been doing it repeatedly. It's not what this site is for, and destroys what it is for.
If you wouldn't mind reviewing https://news.ycombinator.com/newsguidelines.html and taking the intended spirit of the site more to heart, we'd be grateful.
Sounds like moving the goal posts. So they just gave up in allowing registrations without a phone number? Perhaps pressure from three letter agencies.
Have they ever announced that allowing registrations without a phone number is something they intend to do?