Privacy

37847 readers

406 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

194

Why does Signal want a phone number to register if it's supposedly privacy first? (programming.dev)

submitted 5 days ago by 0101100101@programming.dev to c/privacy@lemmy.ml

290 comments fedilink hide all child comments

I remember a time when visiting a website that opens a javacript dialog box asking for your name so the message "hi " could be displayed was baulked at.

Why does signal want a phone number to register? Is there a better alternative?

you are viewing a single comment's thread
view the rest of the comments

[–] Jason2357@lemmy.ca 1 points 2 days ago* (last edited 2 days ago) (1 children)

At least in theory, this is mitigated. The signal activation server sees your phone number, yes. If you use Signal, the threat model doesn't protect you from someone with privileged network or server access learning that you use Signal (just like someone with privileged network access can learn you use tor, or a vpn, etc).

But the signal servers do not get to see the content of your group messages, nor the metadata about your groups and contacts. Sealed sender keeps that private: https://signal.org/blog/sealed-sender/

You would obviously want to join those groups with a user Id rather than your phone number, or a malicious member could out you. It's not the best truly anonymous chat platform, but protection from your specific threat model is thought through.

edit: be sure to go to Settings > Privacy > Phone Number. By default anyone who already has your phone number can see you use signal (used for contact discovery, this makes sense to me for all typical uses of Signal), and in a separate setting, contacts and groups can see your phone number. You will absolutely want to un-check that one if you follow my suggestion above.

[–] poVoq@slrpnk.net 1 points 2 days ago (1 children)

There are some mitigations in place, yes, but Sealed Sender on a centralized platform is snake-oil as someone with server access can easily do a timing attack and discover who communicated with whom.

[–] Jason2357@lemmy.ca 1 points 1 day ago (1 children)

That a timing attack could be successful is not a given. It’s a possibility, yes, but there is very likely sufficient mixing happening to make that unrealistic or unreliable. An individual doesn’t create much traffic, and thousands are using the server constantly. Calling it a honeypot or claiming the phone number and device is are available is a stretch.

Timing attacks can work in tor when you are lucky enough to own both the entrance and exit node for an individual because very few people will be using both, and web traffic from an individual is relatively heavy and constant to allow for correlation.

[–] poVoq@slrpnk.net 1 points 1 day ago (1 children)

A timing attack is extremely realistic when you control one of the end devices which is a common scenario if a person gets arrested or their device compromised. This way you can then identify who the contacts are and with the phone number you can easily get the real name and movement patterns.

This is like the ideal setup for law inforcement, and it is well documented that honeypot "encrypted" messengers have been set up for similar purposes before. Signal was probably not explicitly set up for that, but the FBI for sure has an internal informant that could run those timing attacts.

[–] Jason2357@lemmy.ca 1 points 6 hours ago

You are talking out of your ass. First, a timing attack requires numbers to correlate - reasonable numbers of people using a node or server and a LOT of packets going back and forth. Neither are true for a Signal server. Second, they don’t get the phone numbers if contacts are using only their username (with phone number sharing disabled). Your criticisms are over the top and not at all nuanced to the degree of protection of metadata that was built into signal. If it was as bad as you imply, a whole heck of a lot of the most respected security researchers would have to be complete idiots.