At Signal, our goal is to build a reliable, secure, and private communication experience that is broadly accessible and simple to use. From the beginning, we’ve designed Signal so that your information is in your hands rather than ours.
OWS has finally realized the huge shitshow that arises from requiring phone numbers. Note that this is merely a positive step toward eliminate ph#s – they ultimately still have not fixed the problem.
The article was written by someone with marketing in mind, because they omit an important detail: where does the key storage move to if they’re protecting it with a PIN? In their phone to toilet example, they’re assuming the keys are forever lost (nevermind that an advanced user can possibly recover their data). So it’s essentially implied that OWS is moving key storage into the cloud. It’s not likely an accident that OWS omits this from their article. Resist.Berlin points out (in the article below) that OWS is quite happy to transmit sensitive PINs over an insecure phone line. So if they don’t also change that attitude this is a recipe for disaster.
For the moment, you should still be avoiding Signal. These two articles give extensive rationale:
This makes me more suspicious of signal than I already was. If they’re really trying to get rid of phone numbers as identifiers, then why are they announcing pins, which are another private identifier and not publicly addressable? The purpose of them is solely for backup, and has nothing to do with public addressing.
They could solve this whole thing by adding a username and password, its not difficult, 99% of systems use it for logins.
I’m sticking with matrix anyway, its already far beyond anything signal does.
OWS has finally realized the huge shitshow that arises from requiring phone numbers. Note that this is merely a positive step toward eliminate ph#s – they ultimately still have not fixed the problem.
The article was written by someone with marketing in mind, because they omit an important detail: where does the key storage move to if they’re protecting it with a PIN? In their phone to toilet example, they’re assuming the keys are forever lost (nevermind that an advanced user can possibly recover their data). So it’s essentially implied that OWS is moving key storage into the cloud. It’s not likely an accident that OWS omits this from their article. Resist.Berlin points out (in the article below) that OWS is quite happy to transmit sensitive PINs over an insecure phone line. So if they don’t also change that attitude this is a recipe for disaster.
For the moment, you should still be avoiding Signal. These two articles give extensive rationale:
And this article covers which privacy advice sites you can and can’t trust in this regard.
This makes me more suspicious of signal than I already was. If they’re really trying to get rid of phone numbers as identifiers, then why are they announcing pins, which are another private identifier and not publicly addressable? The purpose of them is solely for backup, and has nothing to do with public addressing.
They could solve this whole thing by adding a username and password, its not difficult, 99% of systems use it for logins.
I’m sticking with matrix anyway, its already far beyond anything signal does.
deleted by creator