[OSI-Auflauf]

On Signal vs Telegram:

Telegrams Encryption is off most of the time. They have serverside access to messages. The optional E2E is annoying to use and isnt even available on every platform. For example Tdesktop afaik still has no E2E support. (And has a very brittle software architecture.) You can't register Telegram accounts with the open source client anymore. This should be a non-Discussion.

MG implying that just because other messengers like Whatsapp use Signals encryption scheme does not make them more more trustworthy.

Yes you can verify in a binary if the stuff is implemented well. But if a vendor has control over the update channel or beta rollout features its kinda easy to hide targeted features. Wasn't Whatsapp caught exfiltrating chats in ways that don't involve the normal channel bypassing E2E?

Btw there is no Signal in Fdroid but nowadays there is an accepted by upstream third party implementation. You could separate software and infra vendor. Look at Molly.im

Better to bring non tech folk to Signal than to other messengers that do the same but less protected.

Matrix? Lol!

[raxxorraxor]

Both services are relatively insecure because they require phone authentication. In the EU at least the number can always be traced back to you if you don't buy specific burner phones.

The level of encryption isn't as important anymore at that point. It is less probable you get into problems by using a service that doesn't know your identity.

[Marsymars]

> Both services are relatively insecure because they require phone authentication.

That hasn't been the case for Signal for some months: https://signal.org/blog/phone-number-privacy-usernames/

You still require a phone number for sign up for Signal, but your phone number isn't visible to anyone you chat with.

[Sebb767]

> but your phone number isn't visible to anyone you chat with.

That's irrelevant - the phone number is known to Signal and can be request by law enforcement. And, since it's been made pretty much impossible to buy a SIM in the EU without showing identification [0], this will allow law enforcement to link the account to you.

[0] IIRC the Netherlands is the only country left where you can buy SIMs without ID.

[g1sm]

> [0] IIRC the Netherlands is the only country left where you can buy SIMs without ID.

As far as I know, in Romania you can still buy and activate a prepaid SIM card without having to show your ID. There was an attempt a few years ago to make it mandatory to tie the phone number to an ID, but it was overruled by the Constitutional Court.

[growse]

> That's irrelevant - the phone number is known to Signal and can be request by law enforcement.

So how does this work? Law enforcement asks signal if they have an account for a phone number, signal saying "yes, here's when they created it".

Then what?

[Sebb767]

> Law enforcement asks signal if they have an account for a phone number, signal saying "yes, here's when they created it".

Law enforcement says that the suspect chatted with some username/told people to contact him by his Signal username, then they go to Signal and request the linked phone number, which is then linked to the ID shown when the card was bought.

[Marsymars]

This only works as long as the username is active/unchanged. It would probably be better if usernames were never linkable to phone numbers, but if your threat model requires a persistent, non-ephemeral username to remain anonymous when targeted by law enforcement that has access to your telecom records and warrants... that's going to require a pretty high level of opsec.

The UX on usernames in Signal might be non-ideal. It might be helpful to have a toggle that regularly cycles your username if that's important for your threat model.

[The_Colonel]

"Get me all the numbers which talked to X, including all the numbers".

You won't get the actual plaintext messages, but the contact graph + metadata (timestamps) are pretty sensitive.

[growse]

Signal doesn't store the graph, nor does it log message timestamps.

[Marsymars]

> That's irrelevant - the phone number is known to Signal and can be request by law enforcement.

Maybe I'm missing something here, but if usernames are treated as ephemeral, what's the threat model here?

[jjav]

> That hasn't been the case for Signal for some months

Wrong. Because:

> You still require a phone number for sign up for Signal

So, they have your phone number. What is displayed is irrelevant.

If they have your phone number (which they do), they will have to disclose it for any subpoena/NSL, so they do.

[Marsymars]

Please see the sibling comments, I feel this has already been addressed.

[EasyMark]

Anonymity and Encryption aren't flip sides of the same coin, they can be used together or separately, and are orthogonal in lots of use cases.

[nurumaik]

You can buy "anonymous number" on fragment without using any client and without providing any personal information and use it as much as you can

When signal becomes at least remotely as popular as telegram it will implement same protection to fight against spammers because you can't have free unrestricted registrations and don't drown in spam

Telegram currently makes it as accessible as possible: either use it freely but register using phone number and official app or pay and use anonymously as you want

[aniviacat]

I just looked at the fragment.com site to see how much such a number costs. The lowest possible bid you can currently make, and that is for an auction that has six days to go, so probably not even the final price, is over 100$. That is an unacceptable price for basic privacy.

[tapoxi]

Signal is already extremely popular, their anti-spam by default is that you need to get matched to the user's local contact list or the spam becomes an allow/deny prompt. They also require a confirmed phone number and handle registration throttling.