Avatar
Luxas 1y ago

#Signal is a honeypot. Change my mind.

Most people aren't using a burner. You might use an alias on Signal, but if an irl contact has your number saved and they've ever used Facebook, Snapchat, or any other service that uploads the phone's contact list to their servers, chances are the 3-letter agencies know who you really are. Therefore, revealing your true name, as it's unlikely your irl contact will have saved you as an alias unbeknownst to them. Effectively, your normie friends inadvertently rat you out.

Reply to this note

Please Login to reply.

Discussion

Avatar
Mike Dilger ☑️ 1y ago

I'm not here to change your mind. I concur that signal is probably either a honeypot or otherwise state controlled with gag orders.

I'm confident that the nostr community will build something superior, fully distributed, all the double-ratchet stuff, the giftwrap stuff, to provide both 1-on-1 DMs and multi-user chat. We have the distributed framework, we have the momentum, and we have 90% of the ideas all worked out.

Avatar
Pepe NOSTRos 1y ago

And zaps in messaging is just fire if we get it right.

Imagine, 1. yup I'll take it. 2. Click ecash link to pay 3. Everyone instantly happy

Avatar
CensorThis 1y ago

Is Nostr protected?

Avatar
Mike Dilger ☑️ 1y ago

What do you mean by protected?

Avatar
Ronin 1y ago

The fact that if you don't use a burner your friends can share your contact with other apps it's not a signal problem, it can happen even if you don't use any msg app. If you are a real target of a 3 letter agency, very few apps can help you imo. I use signal bc it does what I want, it does not collect your data or shares with others and it works well, it's magnitudes better than whatsapp in privacy and app experience imo. I just use it as a better privacy option to replace whatsapp, not as a secret chat app to escape 3 letter agencies.

Avatar
Luxas 1y ago

I must respectfully disagree. It is partially a Signal problem as they require a phone number. Without that requirement, this wouldn't be an issue. There's no legitimate reason a phone number should be required.

Avatar
Jimmy 1y ago

Yes there is, requiring a phone number ensures a single person can't add thousands upon thousands of accounts, because access to unique phone numbers is limited.

It's spam prevention.

Avatar
MAHDOOD 1y ago

Getting your phone number from Facebook doesn’t allow the Feds to read your encrypted messages. But it would be nice if it didn’t require a phone number.

Avatar
LordRishav 1y ago

Well the Signal Foundation has controversial people on the board. Technologically, I think Signal protocol can be trusted, but I am doubtful about the Signal Foundation.

Avatar
Jimmy 1y ago

Bullshit, You're approaching this from the perspective that anonymity is a primary feature of signal. Security and privacy are the primary features and they are different from anomonymity.

Encryption is not a crime.

What's more, Signal has usernames now, and you have the option to ensure your phone number is not able to be discovered even if someone has it in their contacts. So your entire premise is moot.

Avatar
Luxas 1y ago

Re-read what I wrote. The new username feature doesn't make it moot.

Avatar
Jimmy 1y ago

I don't think you understand how the new phone number privacy features work. It's possible to register with a phone number and have it not be visible OR DISCOVERABLE by anyone.

Avatar
Luxas 1y ago

No, you don't understand what I'm saying. I'm not talking about your Signal contacts. I'm talking about other people who have your phone number saved in their contacts (the one people use to make phone calls from, not from Signal) and have used other services that have uploaded those contacts.

Avatar
Jimmy 1y ago

Exactly. If you don't want those people to know you use Signal you don't have to. Look up the recent update to phone number privacy. In fact I just took this screenshot:

Avatar
Luxas 1y ago

Nah, not that either. You're still missing my point. If a contact (friend, family, etc) outside of Signal has your phone number saved with your real name, and you use that same phone number for your Signal account, and your friend/family use a service that uploads their contact data with your real name/number in it, then they have effectively doxxed you as the owner of the Signal account to three-letter agencies.

Avatar
Jimmy 1y ago

What you're describing is the simple concept of a social graph. Those three letter agencies could gain a list of contacts for who knows who from services like Google, but if you have PNP in Signal set in such a way where discoverability is set to no one, how would even the three-letter agencies know that you're using Signal?