I remember a time when visiting a website that opens a javacript dialog box asking for your name so the message “hi <name entered>” could be displayed was baulked at.

Why does signal want a phone number to register? Is there a better alternative?

  • Maverick604English
    107·
    2 days ago

    Session is an alternative that does not require, or request, your phone number (or any other identifying information). Honestly, I have no idea why Signal got popular and Sessions did not. As soon as Signal asked for my phone number that set off alarm bells for me and I’ve never really trusted it since.

    • throwawayacc0430@sh.itjust.worksEnglish
      14·
      2 days ago

      According to privacyguides.org, Session is listed under this message:

      These messengers do not have forward secrecy, and while they fulfill certain needs that our previous recommendations may not, we do not recommend them for long-term or sensitive communications. Any key compromise among message recipients would affect the confidentiality of all past communications.

      Link: https://www.privacyguides.org/en/real-time-communication/#additional-options

      • MoonlightFox@lemmy.world
        101·
        2 days ago

        This is incredibly important. Signal is considered the “gold standard” of encrypted and private communication for a reason.

      • Maverick604English
        12·
        1 day ago

        Thanks for this link but your username also makes this pretty sus. 😜

        • throwawayacc0430@sh.itjust.worksEnglish
          1·
          1 day ago

          This is a privacy community lol, I think you know why people use throwaways.

          privacyguides.org have been a reputable source of information, also you aren’t suppose to just click hyperlinks without hovering over it and verifying that it is a trustwothy link anyways.

        • Maverick604English
          22·
          1 day ago

          I don’t know that their security is “broken”. It may be, I don’t know. But also without anything that connects you to any particular message, it seems that – in itself – is a pretty good form of security.

          I just don’t get why people accept Signal’s justification for requiring a phone number. They absolutely don’t need to (session proves that). It is certainly possible for them to say, “If you register without a phone number and access to your phone book then you will lose automatic discoverability by other users of Signal — meaning that you need to find another (physical) way to exchange your Signal username with your contacts”. They CAN do this. I think many users, like myself, would be fine with this tradeoff for greater anonymity. For some reason, they have steadfastly refused. The reasoning behind this refusal is what bothers me.

      • Maverick604English
        1·
        1 day ago

        Yes. That was how they avoided using identifying information from their users.

        • guy@piefed.socialEnglish
          21·
          1 day ago

          So the reason Session never took off is probably because exchanging contact information is a big hassle, effectively barring users looking for convenience?