Using Signal groups for activism
Using Signal groups for activism
Things are heating up. Millions of people are taking to the streets against Trump's rising authoritarianism. Communities around the US are organizing to defend against ICE raids, to protest Israeli genocide, for mutual aid, and for other forms of fighting fascism. Signal can help people safely organ...
You're viewing a single thread.
Signal still centrally collects metadata and requires a phone number to participate.
If you're serious about privacy, ESPECIALLY if you're part of a group looking to organize in a clandestine fashion, you should look into the vastly superior SimpleX Chat.
The only metadata they collect is:
-
The last time you connected to their server
-
When you first registered
-
Signal still centrally collects metadata
Signal doesn't collect any useful data; they've been compelled by court to present all data they have on users and all they know are two time stamps. The date + time your phone number registered and the last day (not time) one of your apps (linked desktop app or tablet) pinged their server.
Source: https://signal.org/bigbrother/
... and requires a phone number to participate.
Because it originated as an overlay of the SMS/MMS network, a text messaging replacement, before everyone was "always online". But that's beside the point as you can now hide your phone number from others.
If you're serious about privacy, ESPECIALLY if you're part of a group looking to organize in a clandestine fashion, you should look into the vastly superior SimpleX Chat.
I wouldn't recommend SimpleX chat, its developed by a Trump-supporting Antivaxxer who believes in wild conspiracy theories, not the kind of person I would put my trust in. Source: https://social.tchncs.de/@pixelcode/114633102552691724
If you're serious abut privacy, ESPECIALLY if you're part of a group looking to organize in a clandestine fashion, you should fund the development of your own secure channels. Don't outsource the important stuff. For everyone else, there's Signal.
per the article
Signal can't access user metadata. It's not just that Signal promises not to keep logs. They've literally engineered their service to cryptographically prevent themselves from having access to metadata, even if they wanted to. Signal doesn't know what groups you're in, or even what Signal groups exist on the platform. They don't know the names or membership of any Signal group. They can't even access your profile picture or name. All of this is stored on user devices and shared directly from user to user. On the other hand, if WhatsApp gets a data request, Meta will turn over details about everyone in your group, exactly who sends messages to who, and when, because WhatsApp collects all of this.
SimpleX is run by a Trump apologist and "white genocide" believer who believes the protests are fake and/or literally Stalin.
Edit: "all child abuse is horrible. But..." Evgeny is especially concerned about "genocide of young white girls" specifically, wondering "can Elon Musk help?"
Can all of this compromise the SimpleX protocol in any way?
Nope. To add a little context, imagine that someone who uses Lemmy (which is well known to be developed by a team of people not everyone agrees with) to crosspost the same articles to infinity told everyone not to use a piece of well regarded and audited open source privacy software because it's main developer has sided with US republicans.
Idk why it’s always assholes coming up with good software (shoutout to the lemmy devs lol) but simplex is a great messenger nevertheless. I sure as hell won’t donate to that guy though, like ever.
Fml why.
Signal collects your IP address and the last IP address you sent a message to. They store that info to maintain their services. They also store your phone number, either of which can be tied back to your identity (in the US, don't @ me, friends from across the pond).
The only thing these reveal is that you use Signal, which is currently still legal. Also, even if a judge ordered Signal to collect outgoing messages for your user, the content of your messages would already be encrypted. So unless your use of the service could be construed as illegal (or perhaps who you're talking to), then it's probably still safe to use.
However, all that said, I still agree that SimpleX is a better choice for activism. No phone numbers or other useful identifiers, uses a series of nodes rather than a central server, expiring contact-adding codes, etc... it's simply better, if you need privacy against external threats.
And there's no reason you can't have both on your phone for different kinds of groups!
can you show evidence for this?
The best choice for activism right now is signal and has been for years. The best choice isn't necessarily the most hardened app or messaging system, it's the most hardened balanced against ease of use and access, along with features.
It's been proven in court several times. The only information they keep is your phone number, unix timestamp of your account creation, and the unix timestamp of when you were last online.
Which is not the claim OP made.
Which claim are you referring to?
Signal collects your IP address and the last IP address you sent a message to.
Yeah, they likely misremembered that it was timestamps instead of IPs.
I mean its the principal claim.
I'd say that the principal claim is that they can't see your messages and that they have no incriminating data on you. No judge can order them to hand over your data and incriminate you because they don't have that data. What exactly is the very little data they have is less important.
Thats re-interpreting what they said to be something defensible; but it isn't what they said. What they said was specific, and isn't, afaik, supported by any evidence. Its also the very first thing they said. Their main point. The primary point. Not some other thing they didn't say, but the very first, and very specific thing they said first.
Re-interpreting what people say to support our bias is both de-constructive when real security concerns are on the line, disingenuous, and shows a lack of reading comprehension.
Usability of Simplex is very similar to Signal.
Evidence for what?
The claim being made?
I promise I'm not being pedantic. Which claim? I made at least two.
The one that suggests Signal collects your IP addresses.
Or if you want to have a federated platform that's closer to something like Discord, Matrix.
They dropped the phone number requirement a while ago
No, you still need a phone number to sign up. You can now optionally have a username as well, but a phone number remains a hard requirement.
What's more, they require you to periodically log in on your phone. If you exclusively use the desktop client, you will get a message that access will be blocked if you don't sign in on your phone.
Sometimes, it feels like a surveillance loophole is left for the OS (remember when they had plain text backups on windows). And Apple, Microsoft, and Google would happily turn over data, while Signal always will have plausible deniability.
And you will always need a smartphone OS built by one of the US companies above to start and continue using signal.
Yeah I thought they had too, but it's the case that for a new account you still have to have a phone #. You can then use a chosen account for everything else.
you mean, you don't need one for registration?
I've been corrected on that.