Hacker News new | ask | show | jobs
by XorNot 1300 days ago
This is silly. You adopt practice based on your threat model. Threat models presuming the government can just torture information out of you also mean that any system will give you away - you're either completely anonymous or not, but if you use a messenger of any kind from your home internet IP address, then they'll come pick you up.

Telecom companies have full records of who had what IP, for what duration and when as does your ISP. If a phone number will get you pinched (based on no decryptable data) then so will anything else.
2 comments
StreamBright 1300 days ago
Exactly. You need to manage to be indistinguishable from p50 users if you are serious about anonymity. This is much more difficult than using strong encryption and matrix instead of signal.
link
XorNot 1300 days ago
Very much this. Which creates all sorts of weird problems, like very act of using an unusual messaging or encryption scheme is likely to finger you.

Signal is partly an attempt to normalise a service with strong encryption to provide a crowd it's easier to hide in.

link
2Gkashmiri 1300 days ago
>Signal is partly an attempt to normalise a service with strong encryption to provide a crowd it's easier to hide in.

i am saying remove the mobile requirement and signal is perfect. not until then.

link
2Gkashmiri 1300 days ago
people regularly use VPNs and today,in 2022, that is no longer a fringe action. NORMAL people now use VPNs to bypass geo restrictions.

signal to noise ratio of people using VPNs removes the linking user device to an account to a good extent.

now, in the existing model, whatever method you use, your number is STILL a PII, in whatsapp or signal or whatever.

>then so will anything else.

100% agree but you whatever counter measures you take, your number is still available in whatsapp/signal so there is NO way to prevent that. IF these two did not have the number, then that would indeed be better but not until then

link
ViViDboarder 1300 days ago
I’m not sure what the threat is that the phone number opens you up to.

That a government will scan all domestic phone numbers against a Signal API to identify a list of users who, at one time, installed Signal and use that list to target you? They can do the same with IP addresses of people using VPNs as well. Something is tied to you regardless.

You’re right that the Signal would allow this by phone number or IP, so it’s an additional angle at the same threat.

link