this post was submitted on 08 Nov 2023
528 points (98.7% liked)

Privacy

31998 readers
1087 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] ZeroEcks@lemmy.ml 117 points 1 year ago (1 children)
[–] seaQueue@lemmy.world 38 points 1 year ago* (last edited 1 year ago) (4 children)

Now if they'd just let me run the damned client on more than one device so I can reply to messages from my tablet.

[–] clif@lemmy.world 18 points 1 year ago (1 children)

I'm running it on phone, tab (long ago), and desktop... What do you mean?

[–] 000999@lemmy.dbzer0.com 18 points 1 year ago (4 children)

Maybe they mean how the messages don't sync between devices

[–] clif@lemmy.world 16 points 1 year ago (1 children)

Ah, I thought that was by design.

[–] online@lemmy.ml 23 points 1 year ago (2 children)

But they do sync. They just don't keep messaging history, which is, as you say, by design. Signal doesn't keep copies of your messages so they cannot give you old message history if you connect your account to a new device.

[–] fuzzzerd@programming.dev 13 points 1 year ago (5 children)

That's true, but once you trust a new device, there's no reason the authority (your phone that has all history) couldn't transfer the history over to the new client.

I get it would add some complexity, but it could be done in a secure and private way.

[–] UnculturedSwine@lemmy.world 13 points 1 year ago (1 children)

I feel like that is also by design. If your account is compromised, you wouldn't want them to be able to pull messages from your existing devices. It kinda defeats the purpose of them not being stored on the servers.

[–] bl4kers@lemmy.ml 5 points 1 year ago

They could just make it opt-in, no?

"New device X has logged in to your account. Do you want to transfer existing history on this device to it?"

load more comments (4 replies)
[–] hansl@lemmy.world 3 points 1 year ago

They could sync those between devices on the same network. It’s definitely possible to have both.

[–] seaQueue@lemmy.world 3 points 1 year ago

Yup, exactly. I switch between phone and tablet during the day and signal is the only messaging client that makes me stop what I'm doing and pick up an entirely separate device to check messages and reply. A bunch of my friends ended up on telegram or matrix because the usage model just doesn't work for people who use multiple android or iOS devices.

load more comments (2 replies)
[–] quickhatch@lemm.ee 5 points 1 year ago

Take a look at Molly for your tablet!

load more comments (2 replies)
[–] nix@merv.news 83 points 1 year ago* (last edited 1 year ago) (3 children)

Still sucks you will need a phone number to use it though. Hopefully they adopt meshnet type technology similar to https://berty.tech so people can communicate even when the internet is shut off across all platforms with end to end encryption

[–] n00b001@lemmy.world 39 points 1 year ago (6 children)

My mouth waters at the idea of decentralised, infrastructure-less, encrypted, p2p, mesh messaging

Thanks for pointing me towards Berty!

[–] EngineerGaming@feddit.nl 8 points 1 year ago (1 children)

There's Briar, but I am upset they don't have the bluetooth mesh functionality on desktop at least yet, and I don't know if you can make it work in a VM.

[–] n00b001@lemmy.world 4 points 1 year ago

I think I tired Briar, but I either couldn't get it working on android or on iOS

[–] Lemmchen@feddit.de 8 points 1 year ago

infrastructure-less

I'd say it is infrastructure-agnostic and not necessarily without infrastructure.

[–] Rearsays@lemmy.ml 5 points 1 year ago (2 children)

In the world of Mobile, you’re always going to have to have some kind of signalling protocol that will have to be through someone else Simply because establishing listening functions that help push notifications reach you at all consumes battery. In this case, I think what the real thing should be is, if we should be trusting these push notification systems We should be able to host them as well Servers we choose to associate with our devices

load more comments (2 replies)
load more comments (3 replies)
[–] butter@midwest.social 13 points 1 year ago

Another day, another chat service.

load more comments (1 replies)
[–] ErKaf@feddit.de 33 points 1 year ago (5 children)

What is this stupid website. Cant open it because they have banned my IP. Why the fuck do they ban MullvadVPN servers?

[–] settinmoon@lemmy.ml 24 points 1 year ago

Some malicious users do use VPNs to send spams and many websites automatically bans these IPs. Normally switching to a different VPN server will resolve the issue.

[–] muhyb@programming.dev 9 points 1 year ago (2 children)

Surprisingly it's fine on Tor.

load more comments (1 replies)
[–] ZeroCool@feddit.ch 7 points 1 year ago* (last edited 1 year ago)

Try a different server. I've never had any issues accessing bleepingcomputer with Mullvad.

[–] mateomaui@reddthat.com 7 points 1 year ago

Banned on my VPN, too, good to know I shouldn’t be aggravated at my service.

[–] shotgun_crab@lemmy.world 31 points 1 year ago (4 children)

Why are phone numbers a requirement anyway

[–] danhab99@programming.dev 29 points 1 year ago (1 children)

To validate that a user is a person. The idea is to trust the phone companies that a person who happens to possess a phone number is actually a person.

[–] 7heo@lemmy.ml 10 points 1 year ago* (last edited 1 year ago) (1 children)
[–] danhab99@programming.dev 4 points 1 year ago (1 children)

I never said it was a good solution. There is no way to trust any validation that a user on the Internet is a person. But this way is cheap easy and most people aren't gonna go through the effort of masking their identities.

Also one discrepancy in an audit of a phone number trusted user base sticks out enough for cops to make some progress.

[–] 7heo@lemmy.ml 5 points 1 year ago* (last edited 1 year ago)
[–] onlinepersona@programming.dev 19 points 1 year ago (1 children)

People are putting too much thought into this. It's discovery. Signal is a WhatsApp alternative. You switch from WhatsApp and want to know which of your contacts you can still talk to? No action necessary, you can do it right away.

Simple as.

Try doing that without a phone number.

[–] shotgun_crab@lemmy.world 3 points 1 year ago* (last edited 1 year ago)

I guess that's true, but I'd prefer the phone number part being optional. If you don't give it, you don't get access to the easy migration or discovery features, but you get to hide your phone number.

Edit: It's not that I don't trust them, either.

[–] crimsdings@lemmy.world 9 points 1 year ago

You need some sort of verification that the person is a person. Phone number puts a layer between you and the service you are trying to use - the provider of the number. The provider holds your identity but only passes on a phone number.

It's definitely not ideal, but not bad

[–] Gallardo994@sh.itjust.works 5 points 1 year ago (2 children)

Some question to be honest. I cannot expect any privacy if I have to share my phone number.

[–] sudneo@lemmy.world 18 points 1 year ago (1 children)

Privacy and anonimity are different things. As long as nobody besides you and the indented destination(s) has access to the content of your communication, that communication maintains privacy, even if everyone sees that it's you talking.

Also, and this is something I mention all the time, the only information this gives is that you use signal. Besides that, as soon as anybody else registered your phone in their contact list, your phone number is already known and associated with you considering that many apps (like all the meta ones) gain access to the contact list and the chance that anybody who has your phone number uses one of those is almost 100%.

[–] JubilantJaguar@lemmy.world 7 points 1 year ago

App-accessible contact lists is the original sin of smartphones. As a result, a few powerful corporations know the social graph of entire countries. The handful of people who make efforts to stay anonymous be damned - they're in the database too thanks to their friends. This one infuriating feature makes decent privacy all but impossible.

[–] miss_brainfart@lemmy.ml 6 points 1 year ago* (last edited 1 year ago)

They do their best to use the number in ways no one but your contacts who use Signal can actually see what that number is, to be fair. And you're still private either way. What a phone number breaks is anonymity, which is something they don't explicitely claim to give you. (I think)

[–] isa@leminal.space 14 points 1 year ago

omg i’m so excited for this

[–] aprnu@feddit.ch 14 points 1 year ago (2 children)

c'mon Signal, gimme that apk & I give you some logs in return, don't make it hard on me

[–] online@lemmy.ml 14 points 1 year ago

They want you to do just that: https://community.signalusers.org/t/public-username-testing-staging-environment/56866 That link has instructions on how to sign up.

load more comments (1 replies)
[–] a_cup_of_rohan@beehaw.org 8 points 1 year ago
[–] SecurityPro@lemmy.ml 4 points 1 year ago (3 children)

Download and installed but it still insists on a phone number. I don't see a way to bypass.

load more comments (3 replies)
load more comments
view more: next ›