[coppsilgold]

If you intend to use SMS (phone numbers) as a resource constraint (sign up requires 'locking up' a resource that is worth at least a few cents) then at least you can offer a ZKP system where the 'consumed' phone number is not tied to an account. You could also offer to accept cryptocurrency for this function - call it a donation.

That Signal did none of those things implies that privacy was not their objective. Only secure communications was.

It's possible that the reason behind their anti-privacy stand is strategic, to discourage criminal use which could be used as a vector of attack against them. Doesn't change the fact that Signal is demonstrably anti-privacy by design.

[ethersteeds]

Your first formulation I agree with:

> privacy was not their objective. Only secure communications was.

> Signal is demonstrably anti-privacy by design.

But your second is uncharitable and misses Signal's historical context.

The value of a phone number for spam prevention has been mentioned, but that's not the original reason why phone numbers were central to Signal. People forget that Signal was initially designed around using SMS as transport, as with Twitter.

Signal began as an SMS client for Android that transparently applied encryption on top of SMS messages when communicating with other Signal users. They added servers and IP backhaul as it grew. Then it got an iOS app, where 3rd party SMS clients aren't allowed. The two clients coexisted awkwardly for years, with Signal iOS as a pure modern messenger and Signal Android as a hybrid SMS client. Finally they ripped out SMS support. Still later they added usernames and communicating without exposing phone numbers to the other party.

You can reasonably disdain still having to expose a phone number to Signal, but calling it "anti-privacy by design" elides the origins of that design. It took a lot of refactoring to get out from under the initial design, just like Twitter in transcending the 140-character limit.

[coppsilgold]

> Signal is demonstrably anti-privacy by design.

> You can reasonably disdain still having to expose a phone number to Signal, but calling it "anti-privacy by design" elides the origins of that design.

They introduced usernames without removing the requirement for phone numbers.

I rest my case.

[hnarn]

Not a very good case made since you obviously didn’t read the parent discussion.

[coppsilgold]

The parent attempted to excuse them by pointing out that the initial design was based on phone numbers. Putting aside the fact that initial design is irrelevant to present design criticism, they went out of their way to design usernames yet deliberately disallow signup without phone numbers.

> Not a very good case made since you obviously didn’t read the parent discussion.

This isn't an argument, do you have anything to back up your assertion?

[illiac786]

You’re blatantly trolling, it’s boring man. What do you call SMS if signal is “anti-privacy by design”?

[delichon]

Public broadcasting.

[illiac786]

I don’t understand, you know what I will ask next.

And broadcasting on FM radio is then what?

You’re just redefining words, there’s no need for this. We agree it would be better from a privacy point of view if Signal did not require a phone number but you’re nit picking: it’s a one time thing, and you can take a public phone that no one can associate with you for this. And then never need it again if you have proper backups.

[lukeschlather]

If privacy wasn't their objective they would just have a database of all the phone numbers.

Perfect privacy would mean not sending any messages at all, because you can never prove the message is going to the intended recipient. Any actual system is going to have tradeoffs, calling Signal anti-privacy is not serious, especially when you're suggesting cryptocurrency as a solution.

A ZKP system where you make a public record of your zero-knowledge proof sounds anti-privacy to me. Even if you're using something obfuscated like Monero, it's still public. I see where you're coming from, but I think I would prefer Signal just keep a database of all their users and promise to try and keep it safe rather than rely on something like Monero.

[coppsilgold]

> have a database of all the phone numbers

They have exactly that. They rely on TPMs for "privacy" which is not serious.

> Perfect privacy would mean not sending any messages at all

Not sending messages is incompatible with secure messaging which is the subject of the discussion...

> ZKP system where you make a public record of your zero-knowledge proof sounds anti-privacy to me.

A zero-knowledge proof provably contains zero information. Even if you use a type of ZKP vulnerable to a potential CRQC it's still zero information and can never be cracked to reveal information (a CRQC could forge proofs however).

> especially when you're suggesting cryptocurrency as a solution

Would you elaborate on why cryptocurrencies are not a solution? Especially if combined with ZKPs to sever the connection between the payment and the account. When combined with ZKPs, they could even accept Paypal for donations in exchange for private accounts.

[lucyjojo]

signal was intended for the general public. crypto defeats the purpose.

[vintermann]

It's also possible that a lot of the criticism for Signal setting a practical/realistic level of what security they will try to provide, is from people who would rather that people either

1. were unable to communicate effectively, or

2. used no security at all.

Do you really use a communication system where you have all exchanged private keys in person and where even the fact that you use it is hidden from your government and phone operator?