|
|
|
|
|
|
by gdmka
2208 days ago
|
|
|
Moxie addressed the phone number issue[0]. To save time he mentions that owning a SIM card or a smartphone with a Contacts application that holds phone numbers is a portable social network by design. Pushing his idea further it's much easier for anyone to learn the penetration of Signal by checking against existing phone numbers. I can't imagine someone with a 200+ phone numbers querying service to validate a phone number is registered with Signal. And while nicknames sound perfect in theory they lack one specific thing — validation of authenticity of a speaker. By this i mean an impersonator can claim the username and pose as someone else. Given a lot of people use transparent nicknames on the internet, it can pose a threat. So even when the nicknames roll out as a feature of Signal, it's good to facilitate somehow that a party i'm in contact with is someone genuine. Checking against phone numbers can mitigate the risk of fraud. [0] https://youtu.be/Nj3YFprqAr8 |
|
|
To be even more explicit about it, in the hope you understand: the vast majority of people trust large companies (which is bad but frankly not insane) but absolutely do not trust random assholes/creeps on the Internet. The security model of Signal is saying you don't have to trust Signal, but you weirdly do have to trust all of the random people you interact with with your phone number.
And so, in the context of this thread, that explains why someone would claim Telegram is actually better than Signal, because what people do with Telegram is join massive group chats that are either 1) public, 2) have so many people in them that if you think what you say isn't going to be logged you are fooling yourself. So the value of end-to-end encryption in this context is essentially zero; but, being able to join some large group chat with a ton of strangers to talk about some open source project or whatever you are doing without any of those people now knowing your phone number--an identifier which is tied to a large number of "real world" concerns and is ridiculously difficult to change--is actually extremely valuable.
Honestly, even if you aren't quite in those sets, the tradeoff still isn't an obvious win for Signal. As an example, let's say you are in a group of people talking about a protest. Are you more concerned that the company relaying your messages will be served a warrant to monitor your chat activity (which generally has some requirement of probable cause for a specific action, and likely requires knowing about the existence of a chat in the first place) or that one of the people in your group chat is actually a traitor or even an undercover cop (which can get in a number of groups and pretend to be an ally while passively monitoring for things they want to shut down)? The latter is actually a much more realistic attacker model, and with Signal now that person has your phone number, which means you are screwed. Using Signal correctly here requires getting a burner phone, which is way more effort than is reasonable.
The use cases for the privacy and security model of Signal are thereby inherently limited to people you trust with your phone number. Like, it is sometimes difficult enough to get people to want to use text messages sometimes as they don't want to give out their phone number: Signal doesn't solve that, and so is confined to the subset of communication that people currently do over SMS(/iMessage) and can't really ever begin to carve into the market share of Telegram, or even Facebook.
And so, realistically, Signal does not, can not, and should not manage to displace Telegram, which I say with sadness as I am someone who has not and likely never will forgive Telegram for claiming security properties their system didn't have (like, I am not Telegram fan, and while I have the app I only use it a few times a year; that said, this is more than I am willing to tolerate Signal, due to a number of reasons that are mostly unrelated to anything in this comment).
(And FWIW, I personally would not recommend usernames, and in fact would personally be much more angry about that than phone numbers for various reasons; if Signal decides to roll out unique choosable usernames I am honestly probably going to hate on it even stronger because of it: you are arguing a strawman here :/. But to claim that phone numbers are fundamentally better is awkward regardless, given how phone numbers aren't even a good security layer due to the prevalence of number porting. This is just one of the many devastating things that Moxie is wrong about.)