108
Is Signal messaging really private?
(lemmy.ml)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 08 Sep 2025
108 points (100.0% liked)
Privacy
41573 readers
742 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Does it really? Iirc, you can determine: when the account was made, and when the last message was sent. This doesn't sound 'highly vulnerable' to me... Doesn't permit inspection of metadata e.g. contacts, so as vulnerabilities go it's pretty weak sauce
A phone number uniquely identifies a person because in most of the world you need a government ID to get a phone number or a SIM card.
Which means that if one account is compromised, then everyone that person talked to is also compromised. You know what they talked with whom. It's an incredible security risk that Signal devs refuse to acknowledge or fix.
If your threat model is deanonymisation of chat users via phone numbers after one chat is fully compromised, then yeah I guess you need to register the accounts with relatively 'untracable' phone numbers (ie unregistered or incorrectly registered burner sims), but that's not my threat model. I'm more concerned about server-side broad-spectrum government surveillance than I am about targeted device seizures. And of course there are mitigations even with data access on device seizure, provided you're unwilling to provide device passwords. But, like, if you're cooperating to the point of providing passwords you're probably sharing what you know about other users identities anyway, so it's a very niche case this applies to.
It's the threat model. E2E encryption is a niche 'nice to have'. Protecting the anonymity of people who have said nasty things about politicians is the most important thing a chat app needs to do. Signal is security theater until they fix this.
No the most important thing a chat app needs to do is send messages between the intended recipients making them unavailable to anyone else. Signal does this. You're worried about ppl receiving messages and knowing who they're from. Generally knowing where a message is from is considered a feature -- if you want anonymous broadcast, pick a different technology that's geared towards that
this xkcd is always relevant: https://xkcd.com/538/
The most dangerous thread vector is the government forcing you to unlock your phone, and reading your messages. At which point using phone numbers becomes a huge problem.
Fancy encryption doesn't matter when it's obstruction of justice to refuse to unlock.
Ok but a messaging app that doesn't let you know who a message is from is completely pointless? I feel like you're not really addressing this issue here
You don't need phone numbers for that.
Right. Exactly my point? Phone numbers are not, like, the only way to identify a user. You have to know who they are. You posted an xkcd but failed to derive the conclusion that if a user is 'compromised' and they know who they're talking to, then so are the people they're talking to, regardless of whether phone numbers are involved. There's no practical way to mitigate against that, it becomes a paranoid's nightmare.