Comment by rvz

2 years ago

> Until now, someone needed to know your phone number to reach you on Signal. Now, you can connect on Signal without needing to hand out your phone number. (You will still need a phone number to register for Signal.) This is where usernames come in.

How about no phone numbers for registration at all?

31 comments

rvz

Reply
flockonus  2 years ago

That would welcome a world of spam. Sybil identities is currently an unsolved problem, the mitigation is the requirement of unique scarce resources (like phone number in this case)

  • rvz  2 years ago

    > Sybil identities is currently an unsolved problem, the mitigation is the requirement of unique scarce resources (like phone number in this case)

    Then let your phone number receive the spam instead?

    • bpfrh  2 years ago

      No, the phone number needs to be known by the other party and you need to accept the "friend" request.

      It prevents the creation of an unlimited number of signal accounts by a single user with no cost to the user but cost to signal and other signal users.

      edit: Your are probably right in that it does not change the risk of spam for a single user, as you could guess the phone number or just iterate over all known phone numbers and try to connect to them.

      requiring phone numbers only solves the cost problem for signal(The company/legal entity) and lowers(hopefully) the amount of spam that would get send.

    • flockonus  2 years ago

      fww i get a lot of spam in Telegram, but none in Signal (same phone number), so whatever they are doing by my very limited benchmark is going well.

      1 reply →

fsflover  2 years ago

How about switching to Matrix? (I already did and am happy.)

  • tapoxi  2 years ago

    My parents, in-laws, grandmother-in-law, and entire extended family is on Signal. It's the extended family group chat, video calls with grandparents/great grandparents, and the baby photo feed. That's mostly because you just install it and it works.

    I have no idea how to get my extended family on a Matrix homeserver without extensive handholding. I can barely figure it out myself and I was a huge XMPP nerd that ran my own ejabberd server for years.

  • windexh8er  2 years ago

    For users who want strong security in messaging, yet an easy way for anyone to use the platform Signal has a much better user experience. Over 95% of my messaging is on Signal. Almost none of those users will benefit in any way by switching to Matrix. While it's a great ecosystem, it's also too much work for people who don't want those features or flexibility.

    • autoexec  2 years ago

      For users who want strong security is messaging signal should not be considered because they lie to users about their risks, and they store sensitive data in the cloud. It's easy to use and not a bad chat/IM system, but I would never trust it to protect your data.

      5 replies →

  • tptacek  2 years ago

    Matrix doesn't have the same threat model as Signal, and isn't a 1:1 replacement for it. Matrix is great (maybe optimal) for things that would otherwise be Slack channels.

    • fsflover  2 years ago

      I don't understand which different threat model you mean. Could you elaborate? To me, it's the same: private, end-to-end encrypted chat with rooms.

      13 replies →