Signal, and PIN requirement

“. . . the Signal app itself is popular with security-minded people, mostly because the app, with its relatively smaller and more technical user base, has tended towards a no-compromises approach to the security experience. Wherever usability concerns have come into conflict with security, Signal has historically chosen the more cautious and safer approach — as compared to more commercial alternatives like WhatsApp. As a strategy for obtaining large-scale adoption, this is a lousy one. If your goal is to build a really secure messaging product, it’s very impressive.”

and then some reasons why the Signal App may not be headed in the most secure direction.

Signal is very much privacy-minded, and I personally use it. However, their phone number requirement and centralization still means that I use Matrix for most critical things.

I would say that Signal should be used when there is no way to use (or verify security on) Matrix.

I think that the Chats app using SMS with Matrix preferred is a great idea, so I’m planning on leaving Signal when my L5 arrives.

I’m a Signal user myself, but I’m curious as to what has been Signal’s response to the phone number requirement? And is it justified? And why they don’t utilize any alternative such as a unique username?
I will look into Matrix as well though, so thanks for that. Toughest thing is getting most people to stop using apps like whatsapp or messenger because “everyone else is on it” seems to be the most important reason in choosing a messaging/phone app.

The Signal developers are obviously aware that requiring a phone number is problematic. IIUC there are technical obstacles to overcome before they can add an alternative registration/identification system that seamlessly integrates with the existing phone number based system in a way that continues to make it easy for normal people to use the software. I think that is a big reason they introduced the profile feature. They are not taking shortcuts with security nor usability, even if that means dealing with the drawbacks of requiring a phone number.

1 Like

If one reads the entire article, it mentions some of the usual points of computer encryption/security.

Whether it is more important to have ‘ease of use’ versus more difficult to use with better security.

I suspect ‘ease of use’ versus ‘best security implementation/practice’ is an issue Pure Developers are always contending with.

In the instance of Signal, if we lose the device which has Signal on it, or decide to replace the device with a newer model (Phone for instance) then we lose our phone number book, and who they are. Plus all of our previous messages. Signal now wants to store some of that information in the cloud.

The originator of Signal surely understands our concerns, and I suspect has a good grasp on the consequences of what he is changing Signal into. While I have concerns about those consequences might be, I will listen carefully to his what he eventually tells us, he has earned a bit of credibility.

One of the issues we, are forced to take for granted, is that someone who has earned our trust, is acting freely of his own best judgement and accord. Surely not a problem in this case, but in some countries, the government might apply some physical means to coerce an individual or group to act differently.

I think of the police tactics of flipping drug dealers to turn on suppliers and buyers.

That is also a classic problem, an individual, the well tuned in Security/Encryption people have learned to trust, is making changing changes we have feelings of mistrust about.

The originator of Signal is using a clever trick built into hardware as part of the security, in the latest ‘in the cloud’ version of Signal. I am not feeling very trusting in some part of the Intel system, but I can not suggest a more trustworthy way to achieve what he is trying to achieve.

In a vein not connected with this. Perhaps some of you have a view of “Warrant Canaries.” If I were a government like China, Russia, running an Operation against an Encryption software. My initial operational objective would be to take physical control of Servers related to the company, and the connection immediately upstream to those servers, and to the usual places the target, individuals writing and maintaining software has been taken into custody. If the government is involved is like some governments, compelling the behavior of the software maintainers is not about trading Court Orders.

Their idea is similar to that of email addresses on your own domain. The idea is that you get interoperability between providers, and people already have one way to contact you, so they can easily move to signal.

The issue is that, while I would love to communicate with everyone (who can’t/won’t use matrix) via signal, I won’t publish my phone number for everyone to see.

Makes sense, but I’m guessing our numbers are out there a lot already, with our bank, insurance, utilities, etc and it’s tough to limit it being out there more.
I suppose everyone that has our number and is not security focused is exposing our number constantly as well. I’m not well versed on those possibilities, but it seems likely.

@ no one in particular - and if we let’s say changed our mobile phone number (by presumably entering a new active SIM) the NEW number would be tied to the OLD number in some (unknown?) database somewhere …

i’m not against using phone numbers but there are more secure alternatives to signal that do NOT tie your identity to a phone number … i’ll pass

1 Like