You can't sign up without one, and it being an option means people who are in danger won't do it.
Also, if someone's phone is confiscated, and you're in their Signal chats and their address book, it doesn't matter if you're hiding your number on Signal.
It's better to just not require such identifying information at all.
That's true for any system where you have contacts linked. Same thing happens when you have names and avatars.
If you don't want to link your contacts... don't link your contacts...
But this doesn't have the result that the GP claimed. The whole network doesn't unravel because in big groups like these one number doesn't have all the other contacts in their system.
For people that need it:
| Settings
|- Chat
| |- Share Contacts with iOS/Android <--- (Turn off)
|- Privacy
| |- Phone Number
| | |- Who Can See My Number
| | | |- Everybody
| | | |- Nobody <----
| | |- Who Can Find Me By Number
| | | |- Everybody
| | | |- Nobody <----
| |- App Security
| | |- Hide Screen in App Switcher <---- Turn on
| | |- Screen Lock <---- Turn on
| |- Advanced
| | |- Always Relay Calls <-----
If you are extra concerned, turn on disappearing messages. This is highly suggested for any group chats like the ones being discussed. You should also disable read receipts and typing indicators.
I would imagine that the issue that people have here isn't so much that you can hide from other users, but whether or not you can hide your information from the company behind Signal. I'd assume that if you can't hide from the company, then you can't hide from the US government. We know that you can extract messages from a compromised phone because they aren't encrypted at rest. Which I guess would mean that even if you have disappearing messages and similar, your messages could proably still be extracted from a group chat with a comprimised user in it.
If we go full tinfoil, then do you really trust Apple and Google to keep your Signal keys on your device safe from the US government?
It's probably not that bad, but I do know that we're having some serious discussions on Signal here in Europe because it's not necessarily the secure platform we used to think it was. Then again, our main issue is probably that we don't have a secure phone platform with a way to securely certify applications (speaking from a national safety, not personal privacy point of view).
You can't sign up without one, and it being an option means people who are in danger won't do it.
Also, if someone's phone is confiscated, and you're in their Signal chats and their address book, it doesn't matter if you're hiding your number on Signal.
It's better to just not require such identifying information at all.
That's true for any system where you have contacts linked. Same thing happens when you have names and avatars.
If you don't want to link your contacts... don't link your contacts...
But this doesn't have the result that the GP claimed. The whole network doesn't unravel because in big groups like these one number doesn't have all the other contacts in their system.
For people that need it:
If you are extra concerned, turn on disappearing messages. This is highly suggested for any group chats like the ones being discussed. You should also disable read receipts and typing indicators.
Some of these settings are already set btw
I would imagine that the issue that people have here isn't so much that you can hide from other users, but whether or not you can hide your information from the company behind Signal. I'd assume that if you can't hide from the company, then you can't hide from the US government. We know that you can extract messages from a compromised phone because they aren't encrypted at rest. Which I guess would mean that even if you have disappearing messages and similar, your messages could proably still be extracted from a group chat with a comprimised user in it.
If we go full tinfoil, then do you really trust Apple and Google to keep your Signal keys on your device safe from the US government?
It's probably not that bad, but I do know that we're having some serious discussions on Signal here in Europe because it's not necessarily the secure platform we used to think it was. Then again, our main issue is probably that we don't have a secure phone platform with a way to securely certify applications (speaking from a national safety, not personal privacy point of view).
2 replies →
Can you easily sign up without a phone number though?
No. https://news.ycombinator.com/item?id=45454478