Hacker News new | past | comments | ask | show | jobs | submit login

May I ask you to elaborate? AFAIK the only thing they are leaking about you is "is this phone number using Signal?". A single bit of information.



Not the OP, but from my perspective, encryption is helpful, but a good portion of security is anonymity, and Signal requires that you use and leak personally identifiable information to even start using it.

It also informs you when people in your contact list are using Signal. It's probably not scanning through all of the phone numbers in Signal's database locally, so it is exfiltrating your contact list as well, exposing your network.

Personally, I'd prefer a model where I am not required to place even that much trust in the messaging provider.


> so it is exfiltrating your contact list as well, exposing your network.

They claim they do that in a privacy-preserving way with crypto magic but it's the inform-people-when-you-start-using-signal part that is a problem


The fact that I've started using signal might not be an information I wish to share with other people who are also using signal and have my contact.


One of the best features of Signal, and one that massively helps adoption with the less tech-savvy crowd, is that you can set it as the default SMS app on Android, and it then uses Signal for contacts with Signal.

If you can't tell if a contact has Signal, it would have to default to SMS - and when sending a Signal message (to either a phone number, or in the future, a non-phone identifier), there'd be no way to tell if you're sending it to someone with Signal, or sending it into the void.

Maybe that's a trade-off you'd be willing to make, I don't think it's cut-and-dry though.


Not saying it is cut-and-dry, but atm the users doesn't get to make that tradeoff for themselves - signal made it on their behalf when it could have allowed the users to choose on activation to which of their contacts they wish to be discoverable.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: