Man I don’t even have the time to break down all these very clearly wrong insinuations. There’s no reason to believe Signal collects metadata, and every reason to believe they don’t. They’ve been served subpoenas and they shared them, as well as their responses, publicly, and the only thing they included was when the last time the user connected to their server.
Edit: tl;dr this person believes that Signal is inherently insecure because they use servers and require a phone number, despite the fact that there is zero information connected to your phone number.
A phone number is tied to your real identity in most countries, especially the US. This is why phone number leaks are so dangerous, I can probably find your current and past addresses, friends, family, social media, all with just your phone number.
Yes, your phone number is tied to your identity but it’s completely useless without any additional information. Your phone number is not supposed to be a secret. Every chat platform has some sort of unique identifier, other than SimpleX.
That doesn’t make much sense. With a single piece of info, your phone number, I can learn hundreds of things about you. It’s one of the most linkable identifiers out there.
Every chat platform has some sort of unique identifier, other than SimpleX.
Of course, which is why its super-important that the id not be linked to your real identity.
Here’s a test: I’ll give you my matrix id, and you give me your phone number. Deal?
They still require a phone number to sign up, and its a US domiciled company (5-eyes country), so its inherently unsafe. The obama administration issued an average of 60 national security letters every single day of his administration.
If your answer is “I don’t think signal is giving my phone number to the US government”, then why do you have to “trust” signal to not do that? Actually private chat apps don’t ask for identifying information like phone numbers, then say “trust us”, like apple or something.
Yes, that is well documented at this point. What I’m waiting for you to explain is how this compromises your privacy or security.
and its a US domiciled company (5-eyes country), so its inherently unsafe
The 5 eyes is an international data-sharing agreement. They cannot share what they do not have. So no, it’s not.
The obama administration issued an average of 60 national security letters every single day of his administration.
I don’t doubt it. Those NSLs would have returned zero information from Signal because, as Signal has repeatedly demonstrated, and I have repeatedly stated, they don’t have any information to share.
then why do you have to “trust” signal to not do that?
I don’t have to. As I’ve explained several times now, there is nothing to trust them with. I give them a phone number. I give them zero information along with it. Not my name, email, birthdate, nothing.
If you have any actual evidence to share, or any kind of argument I haven’t already debunked I’m all ears, but it sounds like your entire argument is predicated on conspiracy theory, which I’m not interested in entertaining further.
Security cannot be based on trust. Period. If an actor is in a position to collect data then it must be assumed that they do so. You either do not understand the subject you’re opining on, or you’re intentionally spreading misinformation here.
It is not based on trust. It’s called “zero knowledge encryption” for a reason. You don’t have to trust them, because you give them nothing to trust them with.
Except that it is based on trust because you have to use your phone number to create the account, and you have to trust the company operating the server in regards on how that information is used. What part of this are you struggling to understand specifically?
The part that this is a false statement that you keep repeating. The phone number is associated with your account, that’s why it’s required to make the account.
The phone number is not associated with your account, it IS your account. In order for there to be metadata, there would have to be other data associated with it, which we’ve already established that there is not.
Your phone number is an identifying piece of information about the person who is sending and receiving messages. That’s what metadata is. The content of the message is the data, the identifying information is metadata. Maybe spend a bit of time actually learning about the subject instead of trolling here.
@yogthos@Ulrich It is also besides the point because whether he wants to call it metadata or not, Signal still has that information.
Signal might well share every subpoena they can. However, NSLs can come with gag orders. Even if they wanted to tell you what was going on, they couldn’t.
Your phone number is an identifying piece of information about the person who is sending and receiving messages. That’s what metadata is.
It’s not. And I’m tired of repeating myself.
The content of the message is the data, the identifying information is metadata
Once again, no one has access to the content of the messages. Ergo, there is no metadata. Maybe spend a bit of time actually learning about the subject instead of trolling here.
Man I don’t even have the time to break down all these very clearly wrong insinuations. There’s no reason to believe Signal collects metadata, and every reason to believe they don’t. They’ve been served subpoenas and they shared them, as well as their responses, publicly, and the only thing they included was when the last time the user connected to their server.
Edit: tl;dr this person believes that Signal is inherently insecure because they use servers and require a phone number, despite the fact that there is zero information connected to your phone number.
A phone number is tied to your real identity in most countries, especially the US. This is why phone number leaks are so dangerous, I can probably find your current and past addresses, friends, family, social media, all with just your phone number.
Yes, your phone number is tied to your identity but it’s completely useless without any additional information. Your phone number is not supposed to be a secret. Every chat platform has some sort of unique identifier, other than SimpleX.
That doesn’t make much sense. With a single piece of info, your phone number, I can learn hundreds of things about you. It’s one of the most linkable identifiers out there.
Of course, which is why its super-important that the id not be linked to your real identity.
Here’s a test: I’ll give you my matrix id, and you give me your phone number. Deal?
I don’t understand what that has to do with anything. Yes, you can learn all kinds of information about you but you cannot learn it from Signal…
Lets use your favorite privacy app to communicate. Give me your phone number.
No phone number necessary (anymore).
https://signal.me/#eu/62su5fsZZ63Lr0MlnpgAo7hyVt5Mz1JpO6tKBbadGCLEQJgzLdNAW5LDArwDZKvX
They still require a phone number to sign up, and its a US domiciled company (5-eyes country), so its inherently unsafe. The obama administration issued an average of 60 national security letters every single day of his administration.
If your answer is “I don’t think signal is giving my phone number to the US government”, then why do you have to “trust” signal to not do that? Actually private chat apps don’t ask for identifying information like phone numbers, then say “trust us”, like apple or something.
Yes, that is well documented at this point. What I’m waiting for you to explain is how this compromises your privacy or security.
The 5 eyes is an international data-sharing agreement. They cannot share what they do not have. So no, it’s not.
I don’t doubt it. Those NSLs would have returned zero information from Signal because, as Signal has repeatedly demonstrated, and I have repeatedly stated, they don’t have any information to share.
I don’t have to. As I’ve explained several times now, there is nothing to trust them with. I give them a phone number. I give them zero information along with it. Not my name, email, birthdate, nothing.
If you have any actual evidence to share, or any kind of argument I haven’t already debunked I’m all ears, but it sounds like your entire argument is predicated on conspiracy theory, which I’m not interested in entertaining further.
Security cannot be based on trust. Period. If an actor is in a position to collect data then it must be assumed that they do so. You either do not understand the subject you’re opining on, or you’re intentionally spreading misinformation here.
It is not based on trust. It’s called “zero knowledge encryption” for a reason. You don’t have to trust them, because you give them nothing to trust them with.
Except that it is based on trust because you have to use your phone number to create the account, and you have to trust the company operating the server in regards on how that information is used. What part of this are you struggling to understand specifically?
What part of “there is zero data associated with your phone number” are you struggling to understand, specifically?
The part that this is a false statement that you keep repeating. The phone number is associated with your account, that’s why it’s required to make the account.
The phone number is not associated with your account, it IS your account. In order for there to be metadata, there would have to be other data associated with it, which we’ve already established that there is not.
Your phone number is an identifying piece of information about the person who is sending and receiving messages. That’s what metadata is. The content of the message is the data, the identifying information is metadata. Maybe spend a bit of time actually learning about the subject instead of trolling here.
@yogthos @Ulrich It is also besides the point because whether he wants to call it metadata or not, Signal still has that information.
Signal might well share every subpoena they can. However, NSLs can come with gag orders. Even if they wanted to tell you what was going on, they couldn’t.
It’s not. And I’m tired of repeating myself.
Once again, no one has access to the content of the messages. Ergo, there is no metadata. Maybe spend a bit of time actually learning about the subject instead of trolling here.