Depends, who do you want to shield what information from? Signal knows all of their users’ phone numbers. You can hide it from other Signal users. All depends on your threat model.
Right, then Signal might not be the best option. The NSA can easily track who’s using Signal, and possibly do some traffic correlation to reveal who’s talking to who.
But to state that there is no privacy on Signal at all is a bit of a stretch.
How exactly is it hashed? There aren’t that many possible phone numbers, so it might be viable to just try every valid number until you find one that matches
What @jagged_circle said but also. Even if you were lucky enough to be born in a country where you don’t have to give government I’d and thumb print just to get a goddamn sim card. It is still feasible to trace it back to you if you are not careful and there are a lot of ways you can slip up.
Like if you use a phone/device which is know to be yours then even if you buy new prepaid sim card anonymously your ID will be revealed due to same IMEI.
Or if you turn it on in a public area where cops know that you are there (maybe because they caught you on a camera) even though this is public area how many people connected to that tower are using burner sims, and how many of those are into extreme privacy or into something they suspect you to be involved.
And so many other scenarios and at the end it will come down to humane error which will be very tricky to avoid in this case. Whereas in case of being online you can properly setup iptable rules. Qubes, whonix, etc. Test it yourself that even if your VPN/TOR/I2P/etc. Goes down you’re not reviling your true IP
I mean online providers like jmp.chat, my sudo, and virtualsim will hook you up for a couple of bucks. So sure, if you are seriously cash constrained or crypto is unobtainable for you, then not so easy.
?
Because you can’t have privacy if a company asks for your phone number.
Depends, who do you want to shield what information from? Signal knows all of their users’ phone numbers. You can hide it from other Signal users. All depends on your threat model.
The NSA
Right, then Signal might not be the best option. The NSA can easily track who’s using Signal, and possibly do some traffic correlation to reveal who’s talking to who.
But to state that there is no privacy on Signal at all is a bit of a stretch.
Only the hash of your phone number.
How exactly is it hashed? There aren’t that many possible phone numbers, so it might be viable to just try every valid number until you find one that matches
Here’s what Signal says: https://signal.org/blog/contact-discovery/
Burner numbers are pretty easy to come by…
What @jagged_circle said but also. Even if you were lucky enough to be born in a country where you don’t have to give government I’d and thumb print just to get a goddamn sim card. It is still feasible to trace it back to you if you are not careful and there are a lot of ways you can slip up.
Like if you use a phone/device which is know to be yours then even if you buy new prepaid sim card anonymously your ID will be revealed due to same IMEI.
Or if you turn it on in a public area where cops know that you are there (maybe because they caught you on a camera) even though this is public area how many people connected to that tower are using burner sims, and how many of those are into extreme privacy or into something they suspect you to be involved.
And so many other scenarios and at the end it will come down to humane error which will be very tricky to avoid in this case. Whereas in case of being online you can properly setup iptable rules. Qubes, whonix, etc. Test it yourself that even if your VPN/TOR/I2P/etc. Goes down you’re not reviling your true IP
Not for everyone. Check your privilege.
I mean online providers like jmp.chat, my sudo, and virtualsim will hook you up for a couple of bucks. So sure, if you are seriously cash constrained or crypto is unobtainable for you, then not so easy.
Like anyone’s doing that just to talk to you.
If you use one of those accounts, someone will just take over your account after some weeks/months
Known what’s easier? A username.
Basically a app that lock you with a phone, giving you only one account. Centralized servers. Not good.
Good for some use cases. Only if the Signal Foundation stays in the current track and it doesn’t go south like with Mozilla.
For a privacy chat group with random people, maybe another app would be a bit better.
Personnaly I would recommended SimpleX for small groups and 1:1, only a bit less uglier