[couchand]

A big part of practical security is usability. It's hard enough getting most people to adopt Signal or other encrypted messaging services. If they couldn't "just send a message to a number" it would be that much more difficult. The tradeoff seems worth it in this case.

[ubercow13]

People seem fine adding each other on Facebook without using a phone number. When I add people on LINE messenger I use their ID not their phone number. When I meet a new person and exchange some contact details, it is rarely a phone number. I would also like to talk to some people who I do not want to know my phone number. I think this tradeoff was a mistake for Signal.

[couchand]

You are clearly not the target audience for Signal. There of course is a space for the type of app you're describing, but saying that the tradeoff that Signal has chosen was a mistake is to misunderstand the goal there.

[codedokode]

What goal do you mean? Sell users to marketers?

[couchand]

Do you have evidence that this is happening? Otherwise, completely FUD.

The goal I was referring to is making it easy for regular folks to use end-to-end encryption. Any real measure of security needs to be practically usable by the intended audience, and the clear and consistent intended audience for Signal is regular folks who don't have a sophisticated threat model. If any other identity scheme were used, I'd guess the number of Signal users would be an order of magnitude smaller.

This is not to say that there aren't great reasons to have more elaborate secure messaging systems that address these questions, for anyone with a different security model.

[newscracker]

Usability? Signal prevents backups on iOS and has no solution for someone changing a device (or even restoring a device from a backup) to carry over the conversations and retain chat history and group memberships. This is because it puts security above usability.

It’s also buggy in many other ways (e.g., sending safety number change messages when nothing has changed with the device or number; contacts sending messages and asking if it was received, etc.).

Signal is quite bad on usability compared to other apps.

[codedokode]

You can just provide a choice, whether user wants to use a phone number and a real name, or just an anonymous login, not linked to anything. Why Signal doesn't want to do this? They don't want users to be anonymous, they want real names, addresses and GPS locations I assume.