I am a huge fan of SimpleX and their removal of user IDs. I think it's a brilliant solution, and wish that SimpleX was recommended more than Signal.
this post was submitted on 08 Oct 2025
82 points (75.3% liked)
Privacy
42583 readers
587 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 6 years ago
MODERATORS
If simplex used phone numbers and defeated the whole concept of privacy it would be recommended more.
Thank you! Finally someone that also sees Signal as privacy invasing!
Don't need an ID to buy a burner phone/number
Be specific: what does Signal divilge about me to outsiders besides "I have used Signal"?
Signal over the past few years has been exposed for having flaws in its security integrity. Even the president's current administration has had a leak issue by using the platform, Signal.
Once again, they ask for your phone number. Anything they ask for your phone number, if your phone number is tied to your identity, can easily be revealed to reveal who you are.
The leak from the administration was because Pete Hegseth included a journalist in a discussion about sensitive war plans. Trying to blame that on Signal is deceptive on your part.
If you are saying that Signal does not offer anonymity then you are right. Anyone I message on there knows it's me. But Signal is still keeping my messages safe from monitoring and third-party surveillance, to the best of my knowledge.
This is the core of the issue, and it's wild how many people don't get it.
Your phone number is metadata. And people who think metadata is "just" data or that cross-referencing is some kind of sci-fi nonsense, are fundamentally misunderstanding how modern surveillance works.
By requiring phone numbers, Signal, despite its good encryption, inherently builds a social graph. The server operators, or anyone who gets that data, can see a map of who is talking to whom. The content is secure, but the connections are not.
Being able to map out who talks to whom is incredibly valuable. A three-letter agency can take the map of connections and overlay it with all the other data they vacuum up from other sources, such as location data, purchase histories, social media activity. If you become a "person of interest" for any reason, they instantly have your entire social circle mapped out.
Worse, the act of seeking out encrypted communication is itself a red flag. It's a perfect filter: "Show me everyone paranoid enough to use crypto." You're basically raising your hand.
So, in a twisted way, Signal being a tool for private conversations, makes it a perfect machine for mapping associations and identifying targets. The fact that it operates using a centralized server located in the US should worry people far more than it seems to.
The kicker is that thanks to gag orders, companies are legally forbidden from telling you if the feds come knocking for this data. So even if Signal's intentions are pure, we'd never know how the data it collects is being used. The potential for abuse is baked right into the phone-number requirement.
Everyone you talk to and when you talked to them, with their real identities via phone numbers. Because signal is hosted in the US and subject to national security letters, you should assume the worst.
Are you talking about the client app, or about the service?
Much of what you said doesn't apply to the service, which stores hashed phone numbers and first access / last access times and nothing else.
And the client does store these things, but also lets users delete messages and contacts. Your message deletions can propagate as well.
stores hashed phone numbers and first access / last access times and nothing else.
Even if this weren't false (otherwise they wouldn't be able to connect to your existing contacts), that's a "just trust us" claim. You give them your phone number, you should assume they have it and not "trust them" to hash it like its a password.
And the client does store these things, but also lets users delete messages and contacts. Your message deletions can propagate as well.
Not that its that important, but its yet another just trust us claim.
load more comments
(1 replies)
load more comments
(6 replies)
People dont realize that you may as well hand over your social security number when you pass out your phone number.
Indeed, I also don't realize that. Please explain further.
Its very easy to dox someone with a phone number. Not sure about social but address and full name are easily available for free.
Yes, phone number should be optional for easy contact discovery, not mandatory. As Threema. You have to provide your ID when buying a sim card.
load more comments
(1 replies)
lol try signing up for an email account today without tying a phone number to it or another established email account. It's incredibly difficult.
You might be able to create an account, but then all "3rd party services" (e.g. creating accounts on absolutely fucking anything) will be blocked and your account will be either restricted or forced to submit a kind of verification that doxes you to lift said block, probably.
I found a single sketchy provider that would take verifications from proton mail that allowed me to then create more accounts, but I had to try over a dozen mail providers before I found the obscure one that did not require any pre-existing accounts, phone numbers or identification documents to just create an email to simply sign up for any web forum, service or basically do anything most people do with email. Everything ends up linked to each other at some point.
There's just no privacy anymore. The ones who think there is are probably not as private as they really think they are today.
Tutamail is the only service I know of that still doesn't need anything but I don't expect it to last. Email providers that don't make you verify anything end up being used for spam and then websites just start blocking their domain from being used for account creation
load more comments
(7 replies)