Is it possible to use this along with the smartphone app (i.e., by "registering" with the same phone number) or does this CLI effectively represent an independent registration which would supersede the one on the phone? The README said something specific on this – so I assume it's the latter?
Yes, it's possible to use this from with a smartphone. The README did say something specific, like, how to do it. In the app go to Settings -> Linked Devices -> add a new one. Decode the URL in the QR code, then add it to signal-cli like this:
> To be able to receive messages signal-cli uses a patched libsignal-service-java, because libsignal-service-java does not yet support registering for the websocket support nor provisioning as a slave device.
So maybe you can add a smartphone if you've already registered via the CLI but not the reverse? The wording is unclear to me.
That line is explaining why signal-cli doesn't use the real libsignal, but a modified copy of it. They've modified it to support shit like that. However, https://github.com/AsamK/signal-cli/issues/49 makes it sound like you may have other issues.
How long will this take until Moxie gets this taken down, too?
He’s been pretty vocal about preventing others from distributing clients able to use his servers that aren’t built by him (and don’t transmit usage statistics to him).
Well, it's already been around since May 2015, and it's been posted on HN a few times before.
Hopefully moxie will come speak for himself (he's pretty good about that, in my experience), but I think he's mostly interested in preventing naive users from accidentally stumbling onto a client that is insecure because it doesn't auto-update.
I disagree with him about a few things in this space, but if you know anything about him, it's clear that he's more interested in security and privacy for the masses than selling data to make a quick buck.
>> "For registering you need a phone number where you can receive SMS or incoming calls."
For registering, is it possible to use a disposable number? If so, after the number is used for registration, is it ever required again, and exactly is it required to do?
I don't think you ever need it again, but if someone else later owns the number, they could register it with Signal and you would no longer be able to send or receive Signal messages.
>For registering, is it possible to use a disposable number?
Yes, I use a Google Voice number for signal. It's theoretically possible to use something like a payphone or a free inbound number from callcentric, so long as you can receive incoming calls.
It's not required again, though if someone takes over the number they can re-register on Signal. You'll stop receiving messages then, and your contacts will get a warning that your safety numbers changed.
Along these lines.. Is there currently a messaging platform that provides secure communication with e2e encryption and also has mobile apps and apis for automating messages and writing bots?
I want to build things like [1] but I don't want my messages being readable by a 3rd party.
I may end up just running an irc server+tls or something like rocket.chat
It may be a little over engineered for what I want it for, but it does work! I started up the reference server in a docker container and wrote a quick bot using the provided python-sdk and can interact with it using the client on my phone.
The main downside(from my perspective) is that it's a lot of moving parts, and I think I'd be more happy with just irc over tls since I at least know how that works :-)
It's mostly a question of mobile support: IRC (over TLS or otherwise) requires a continuous connection, where matrix and signal are designed to support polling a push notification endpoint.
Out of curiosity: what makes you say Matrix is over-engineered?
Oh.. maybe not over-engineered, but just more involved than what I need. I mostly just want a way to move messages back in forth. I don't need voice or video calls or anything like that.
WTF is the deal with tox? Seems like there are two factions, one which kinda seems to write code, and one that just complains about people stealing the project?
