[yusmary]

All that is cool, but I don't want Signal to advertise my presence to anybody that has my phone number when I first log in after a fresh install.

I have only a handful of people that know and we negotiated that face to face prior, Signal breaks that trust

[advisedwang]

Can you explain this a bit more? Am I correct in understanding that you feel it hurts you when your contacts find out that you have signal installed, hence why signal shouldn't do it? What is the impact of someone who has your phone number knowing you are available over Signal?

Are there communities out there where someone being on signal is a red flag?

[enriquto]

> What is the impact of someone who has your phone number knowing you are available over Signal?

Don't know about Signal, but Whatsapp does the same thing (advertise to your contacts that you have a whatsapp account) and I find it extremely offensive.

Context: I am an ardent anti-whatsapp activist, thus I don't have a whatsapp account. This activism has created quite a stir in my family and made a lot of people angry, yet I stick about it. I have forced many of my close family and friends to use a different communication channel with me, and I have lost the contact of quite a few acquaintances. When my dad died a few months ago, her wife needed to talk to me (and I needed to talk to her quite a lot). She was not really in the mood for listening to my techno-activism platitudes, and I was not in the mood to perform them, so I had to open a whatsapp account. Since all the people who I had forced to stop using whatsapp to talk to me would have felt alienated by this at this point, I needed to take a new phone number to talk to my stepmom via whatsapp.

This is a concrete example of why advertising the fact that I have a whatsapp account is an extremely annoying anti-feature. I'm sure there are similarly legitimate reasons for disliking the same feature in Signal. In any case, for a platform that has the privacy of users as one of its main tenets, this is a clear-cut case of anti-privacy feature. I can imagine reasonable people avoiding Signal precisely for this.

[runnerup]

> Are there communities out there where someone being on signal is a red flag?

Absolutely. Outside of the tech industry, people have a "reason" for using Signal. My wife remarked one day that one of her coworkers (a plant operator) suddenly appeared on Signal. I mused that he is probably cheating on his wife. She found out a few weeks later that my hunch was correct.

Other people I've seen on it I've been able to deduce that they're using it for drug purchases (simply by process of elimination, nothing else made sense) even when I didn't already know they were into recreational drugs.

In some circles, Signal is used just for general conversation. But in most, it's not. So being on it is a pretty strong signal that you're doing something 'important' on it...and usually its easy for friends and neighbors to narrow down what that is.

[__MatrixMan__]

You're not wrong, but if we care about privacy isn't that an association that we need to break? Wanting to live in a society where people can have secrets ought to be reason enough to use technology that keeps yours.

And then there's my mom, she's on a grandfathered mobile plan that charges her $1 every day that she sends any text messages. I got her on signal so she didn't have to pay the $1 when she texts me. She got her whole church music group to switch for the same reason.

[runnerup]

Why does it need to tell everyone I have a Signal account?

Adobe doesn't tell everyone that I own Photoshop. Gmail doesn't tell everyone that I have a Gmail email. PornHub doesn't tell everyone that I subscribe to their premium account.

Why the fuck does Signal need to? Broadcast should be off by default, on by opt-in.

[frabcus]

This page gives some details and the technical reason can be inferred:

https://support.signal.org/hc/en-us/articles/360007061452-Do...

It doesn’t send the number to them - Signal don’t get the contact list from your phone. It uses a very clever private contact discovery protocol.

The reason their phone has to know is so that they can then message you. Otherwise there would be no way to message people - a phone has to know who is on Signal to be able to do that.

While the notification could be off by default, since the phone necessarily has to know when your contacts are on Signal for the app to function, it is being transparent about the privacy situation.

Details of the private contact discovery system:

https://signal.org/blog/private-contact-discovery/

[pmontra]

It could be as little as "everybody does it, let's do it too" or they actually thought about it. By signaling to contacts that somebody installed Signal they make it more likely that those contacts use Signal to communicate instead of any other system. It helps the growth of Signal.

Adobe and PornHub don't have the contacts list. Google likely does but maybe they are restrained by privacy laws.

[toastercup]

There are subcultures that are not widely accepted where this is an issue. Take the furry subculture as an example. You might not want your family or college pals to see your furry profile picture and pseudonym, but you also might not be aware of the implications of using a messaging service where the primary ID is your phone number. Many people hand out their phone numbers permissively, as historically, they weren't very "personal" on their own - save for identifying your real name. For many people, having/juggling multiple phone numbers to maintain distinct identities is beyond their technical expertise and simply won't happen in most cases (especially on Telegram, where VOIP numbers are prohibited).

I don't know precisely how Signal does things, but I know this can be an issue on Telegram - and I assume they work similarly. I can see a lot of reasons folks might not be fans of phone-number-as-ID, especially when it alerts folks that you've joined, or gives folks who merely possess your phone number an easy way of viewing your profile details.

I think the first quality E2EE messaging service that provides users an alternative to phone-as-ID could give Telegram/Signal (not that the former is necessarily E2EE) a serious run for their money among privacy-conscious users and members of fringe communities.

[XorNot]

Signal doesn't advertise a profile. It advertises a phone number - everything else is data you have locally. It will send a profile picture if you set one but that's it.

[itake]

Does it advertise your username? If I don't have the name of the contact, will Signal share my username or does it just say "this number in your list has joined signal, and here is their profile?"

[athrun]

My understanding is that your profile username is made visible if:

- the person is in your own contact list

- you create a conversation with them

- you accept a conversation from them

see: https://support.signal.org/hc/en-us/articles/360007459591

[toastercup]

Nice. Sounds like the same rules apply to profile pictures as well. That feels like a step in the right direction, but it still means that by having family/coworkers/college buddies/etc in your contacts, they can see your profile picture and username. I know this can be a sticking point for some. It would be great if Signal introduced finer-grained privacy controls so it could appeal to an even wider audience.

[jraph]

You also see people's username when they are in the same group conversation as them (and they are not in your contact list).

That's what I observe by using Axolotl on the phone and Signal Desktop on the computer.

[fastball]

> among privacy-conscious users and members of fringe communities

Sure, but this is realistically a tiny group, and development effort is probably better spent making the 99% that don't fall into this category happier rather than prioritizing features needed for the 1%.

[valleyer]

This is just a shade away from the typical "nothing to hide, nothing to fear" argument, and is in my opinion equally invalid.

Let people decide for themselves what in their lives is OK to share with others. You don't need to know the reason why.

[samatman]

Either you don't understand how Signal works vis a vis phone numbers, or you're expecting something unreasonable.

The behavior which is reliably objected to by someone on HN, every time Signal is mentioned, is that the app sends a user an alert when someone in their contacts list is on Signal.

Phone numbers are the only resolution mechanism in Signal. Should that change? Separate question.

Having someone's phone number is by definition a way to contact them. Registering for Signal is by definition agreeing that anyone who searches for your phone number can send you a message on Signal.

What is the privacy violation in pushing awareness of that affordance? What about pull-only is better?

Signal does what I want it to here, and my trouble understanding why someone would be ok with everything about Signal except the push notification on join to people who have your number is genuine.

It's easy for me to understand why people don't like that a phone number is inherent to Signal, don't much care for it myself. But it's unrelated.

[subb]

Whether or not I use Signal is private info, which is separate from my phone number info. Signal is mixing the two as if it was the same.

A username kinda restore that, but it could be taken a step further and ask for a secret token when adding contacts. That way you know exactly who has you in their contact list, and this token could be revoked (equivalent of blocking the person).

[Zedseayou]

At least personally, the privacy violation is most clear if you are not part of a community that uses encrypted messaging by default (nearly everyone I know who uses SMS/FB messenger). The fact that someone I know has downloaded Signal then reveals that they now care about using encryption, which usually has the very obvious inference that they are involved in activism/have journalistic sources/other more nefarious activity that they care about encrypting. You can usually figure out which it is if you know anything else about that person. I would not know this if Signal didn't push the information to me, since I am not going to constantly search my entire contact list to find this info.

[dathinab]

Like people you don't want to have contact with but have your old number being remained that you exists and starting to annoy or harasser you again.

And pleas don't respond with "you could just block them" that not in line with how the psych of many, especially vulnerable people work.

Also pleas don't respond with "you can just change your number", for many people changing their number is hard which again for some vulnerable people can mean it's basically impossible.

Sure it's not a "my whole live will be messed up because of it" feature, but it easily can be very very unpleasant.

Like as an harmless example I know someone who completely changed their live and do not really want to have contact with anyone from their old circle of friends (not because of them being bad people, but because of the memories this includes). But they are to polite and insecure to outright block them, similar changing the number isn't an option for them. And guess what happened recently Signal told me: Hy person X joined Signal. I knew better then to contact them, but I wouldn't be surprised if this caused them quite a bit of distress/discomfort.

Anyway, I'm fine that people which have my number can write me over signal, or that their app knows when the number is changed, to warn if the old number is used and hint at you when you try to contact the old number. I'm not happy about Signal (and others) actively telling everyone "Hy this person did [join|change number]". It's unnecessary and for some people harmful.

[SonicShell]

people i know irl commented "oh nice are you buying weed?" when they saw i joined, its really stupid for an app thats about privacy to do that.

[einpoklum]

Yeah, those announcements on Signal and Telegram are super-annoying and awkward.

You draw the attention of people with whom you have perhaps decided to let the relationship cool, and suddenly: "Hey, [YOURNAME] is here! Remember him? And how you have unfinished business? Why don't you message him right now?" :-(

[AshamedCaptain]

This is outright ridiculous. I refuse to get into most "social" networks for this type of crap and now this practically confirms me I should never get into these crappy centralized IM networks.

[jMyles]

How do you reconcile this with the ability to see, when you start to message someone, if they're using signal?

Can't a person who wants to know if you are on signal do so simply by starting a message to you?

Are you suggesting that simply making this less convenient on the client will somehow discourage someone who is determined to figure this out about you?

[pndy]

That's exactly what happen to my SO and I can see how this can be an issue to many people. The unexpected and unwanted convo with a particular person happen just because he had mobile number saved in phone's address book and despite of not giving Signal access to contacts, the presence of SO was announced.

[stjohnswarts]

That would be a really nice option now that you mention it. Like a "fresh start" where you could pick who can actually see that you're on signal especially with a new number/phone. Lots of people are often a negative in your life.

[frabcus]

I don’t think they can do this - it feels like it would require a central contact database with an extra setting for that.

But who knows, the private contact discovery is quite magical so maybe there’s a way….

https://signal.org/blog/private-contact-discovery/

[kypro]

If you want to change your number and for no body to know it sounds like you could still do that, you'll just have to create a new account.

[dheera]

This is why I hate any service that uses a phone number as an ID.

I use a virtual number for Signal and any such services, and it's a different virtual number than the one I give to humans.

[vmception]

At this point I just pay for an additional line since VOIP numbers are being discriminated against. So just a few people will have that number.

On the other side of associating me with people, I'm also looking for an Apple iOS update that lets me upload just some contacts, when an app asks.