I remember a time when visiting a website that opens a javacript dialog box asking for your name so the message “hi <name entered>” could be displayed was baulked at.

Why does signal want a phone number to register? Is there a better alternative?

  • @0101100101@programming.devOPEnglish
    72 months ago

    But the police request the meta data of all messages from your phone number that the company has and they’re required by law to give them it.

    • /home/pineapplelover
      472 months ago

      These are all the court orders Signal has complied to and details all the information they give up

      https://signal.org/bigbrother/

      TLDR; they only give the last time the account connected to Signal servers and the time of account registration or re-registration

    • @devfuuu@lemmy.worldEnglish
      232 months ago

      You should go properly read the requests from law enforcement they have received and exactly what information it contains. It’s public. Then evaluate if it matters for yur threat model. Security doesn’t exist in a vaccum.

      • @CosmicTurtle0@lemmy.dbzer0.comEnglish
        62 months ago

        Messages are e2e encrypted. Metadata is not encrypted.

        Edit: I feel the need to qualify this statement. Metadata about your connection may be encrypted at rest but is decryptable given that signal is released metadata to authorities with a warrant/subpoena.

    • plz1English
      112 months ago

      They can “request” it all day long. Signal doesn’t store them beyond the time needed to deliver to the end user device, and while (temporarily) stored, it’s encrypted in a way Signal’s service cannot read.

      • @0101100101@programming.devOPEnglish
        12 months ago

        huh? so the phone number is encrypted in a way that can’t be read, but an sms is sent to the phone? … a separate company sends the text on behalf of signal? so that separate company logs the phone number, the timestamp and who knows what else.

        • @xthexder@l.sw0.com
          62 months ago

          Signal doesn’t use SMS anymore, and all messages are sent over encrypted Internet protocol. Any servers in between won’t see the phone number, it’s not needed to deliver the message, it’s using an IP address at that point and the entire message metadata is encrypted. Signal is the only one that can see the phone numbers, which they use to identify multiple clients as a single user and route messages accordingly.

        • plz1English
          22 months ago

          Signal doesn’t use SMS at all, once you have enrolled. The phone number is used to validate people and exclude bots, during registration. As others have noted, you can hide your number from other users, as well.