Thank you! Finally someone that also sees Signal as privacy invasing!
this post was submitted on 08 Oct 2025
82 points (75.3% liked)
Privacy
42558 readers
549 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 6 years ago
MODERATORS
I'm ready to be called milquetoast, and while I see where this comes from, it comes off idealistic if we are to communicate with people in the present day in any practical way. Do not forget how much of an improvement it already is over the likes of proprietary messaging apps and how much effort it already is to move people to Signal. It is surprisingly difficult for common folk to grasp the concept of anything but a phone number when it comes to messaging apps.
Which definitely begs the question of why people put any effort into trying to move any of their contacts to signal in the first place. I believe the answer is that they didn't value privacy either. Just the idea of it.
load more comments
(1 replies)
People dont realize that you may as well hand over your social security number when you pass out your phone number.
Be specific: what does Signal divilge about me to outsiders besides "I have used Signal"?
Who you are specifically (name etc) and the same amount of information on everyone you have talked to on signal and when you talked. Basically everything except for the actual content of the messages.
load more comments
(5 replies)
Signal over the past few years has been exposed for having flaws in its security integrity. Even the president's current administration has had a leak issue by using the platform, Signal.
Once again, they ask for your phone number. Anything they ask for your phone number, if your phone number is tied to your identity, can easily be revealed to reveal who you are.
The leak from the administration was because Pete Hegseth included a journalist in a discussion about sensitive war plans. Trying to blame that on Signal is deceptive on your part.
If you are saying that Signal does not offer anonymity then you are right. Anyone I message on there knows it's me. But Signal is still keeping my messages safe from monitoring and third-party surveillance, to the best of my knowledge.
This is the core of the issue, and it's wild how many people don't get it.
Your phone number is metadata. And people who think metadata is "just" data or that cross-referencing is some kind of sci-fi nonsense, are fundamentally misunderstanding how modern surveillance works.
By requiring phone numbers, Signal, despite its good encryption, inherently builds a social graph. The server operators, or anyone who gets that data, can see a map of who is talking to whom. The content is secure, but the connections are not.
Being able to map out who talks to whom is incredibly valuable. A three-letter agency can take the map of connections and overlay it with all the other data they vacuum up from other sources, such as location data, purchase histories, social media activity. If you become a "person of interest" for any reason, they instantly have your entire social circle mapped out.
Worse, the act of seeking out encrypted communication is itself a red flag. It's a perfect filter: "Show me everyone paranoid enough to use crypto." You're basically raising your hand.
So, in a twisted way, Signal being a tool for private conversations, makes it a perfect machine for mapping associations and identifying targets. The fact that it operates using a centralized server located in the US should worry people far more than it seems to.
The kicker is that thanks to gag orders, companies are legally forbidden from telling you if the feds come knocking for this data. So even if Signal's intentions are pure, we'd never know how the data it collects is being used. The potential for abuse is baked right into the phone-number requirement.
load more comments
(4 replies)
Been saying this for many many years and always get blank stares in response. All the more annoying when its for use in groups that are all about privacy and they only want to use telegram.
However, it does make me happy to finally see someone else say it. So, thanks for that.
load more comments
(1 replies)
2FA is an important security layer, if the service, after sending you the activating SMS with the code, delete your number (normal in serious services), it's also not an privacy problem. In big us corporations on the other hand, it is, eg.Google store tour number and also probably share it, there 2FA is not an option. Instead a number, some services also admit alternatively a second e-mail account to receive the activation code, there, if you have doubt, you can use an disposable mail, so there isn't any privacy problem.
2FA is important, but if you use your phone number for anything, you have no idea how long they retain it, how they directly use it, if they sell it, etc. A real phone number can be mapped back to you trivially.
It should be standard to offer TOTP codes that can be used via an authenticator app, hardware key, etc. Aome places do, many do not.
But at the end of the day, they typically don't ask for your phone number because they want to give you security, but rather as a proxy to ensure you have a unique identity. Most people will have only one phone number, and it will be more difficult / costly to get additional ones than burner emails, etc.
Yes, iy's always to use with a grain of salt. As said, it ads a security layer, but can be an privacy hole, despte that mail directions are easier to track as phone numbers, at least in the EU, you can't be mapped back to an user, this is only possible in crime investigations by the police with an court order. Mail adresses on the other hand are unique identifiers which are way easier th track, except you use an disposable mail or alias. Anyway, eg.in Vivaldi 2FA is safe and apart optional, as also the account itself, only needed when you want to use sync or the use of Vivaldimail, blog and other services it offers. In much other services it's also only an option.
load more comments
(1 replies)
Yes, phone number should be optional for easy contact discovery, not mandatory. As Threema. You have to provide your ID when buying a sim card.
load more comments
(1 replies)