• archchan@lemmy.ml
    link
    fedilink
    arrow-up
    5
    arrow-down
    5
    ·
    3 months ago

    There is no metadata harvesting on Signal and the use of a phone number is so convenient and helped massively with adoption from the general unaware public.

    I loved that it acted as a private and secure drop in replacement for SMS (particularly before they removed that integration) that does what I needed and does it very well and easily connects me with people that already have my number. This made sharing Signal very easy. The only data Signal has to even provide to the authorities is your registration date, phone number, and time of last connection. The absolute minimum. It’s fantastic. If you compare this to Whatsapp which has everything but the exact content of your messages, it’s not even a contest.

    For myself on Signal and everyone else I’ve known that that uses Whatsapp or Insta or whatever, the extra absolute anonymity of also removing phone numbers from the already small equation just isn’t needed or worth it, otherwise you wouldn’t be using Signal, let alone fucking Facebook.

    • ☆ Yσɠƚԋσʂ ☆@lemmy.ml
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      3 months ago

      You can believe whatever you want of course, but the reality is that Signal collects phone numbers on registration and these can be used in many ways. The fact that you chose to trust Signal to be a good actor is your prerogative, but it’s based purely on your faith which is not how privacy or security works.

        • ☆ Yσɠƚԋσʂ ☆@lemmy.ml
          link
          fedilink
          arrow-up
          6
          arrow-down
          1
          ·
          3 months ago

          I don’t think you’re aware of how independent audits, open source, good cryptography, a non-profit, government data subpoenas, and a lack of data collection works.

          I think that you maybe the one who doesn’t understand how any of this works. Security and privacy are guaranteed by design, and any information that is collected has to be assumed to be available to bad actors. Period. The same reason logic about trusting the server to do the encryption applies to letting the server handle metadata. No amount of audits can guarantee that people operating the server are doing it in good faith.

          Meanwhile, the concern isn’t just about somebody having your phone number it’s about Signal server having the ability to map out relationships between these numbers. It’s perfectly fine for people to reason that this is not something they’re worried about, and make an informed choice to use Signal. However, it’s incredibly disingenuous to pretend this problem doesn’t exist.

          • archchan@lemmy.ml
            link
            fedilink
            arrow-up
            6
            ·
            edit-2
            3 months ago

            Edit: nevermind I typed a lot but that Lemmygrad user made a far better post that I agree with.