Usernames work. You could even use UUIDs these days as QR is an increasingly common way of sharing data. But yeah, usernames would be a great improvement.
Usernames do not just work. The Signal team is not unaware of usernames and Signal is not a weird scheme to get all your phone numbers. The difference between Signal and systems that use usernames (or email addresses) is that Signal deliberately doesn't operate a serverside directory or buddy list service. By contrast, other relatively popular messengers essentially keep a plaintext database of who talks to who on their service.
What phone numbers allow Signal to do is to piggyback off the contact lists people already have on their devices.
I have like 6 phone numbers listed in my phone contact list for my sister alone, because she changes numbers every time she job hops and gets a new work phone, so I really question how well phone numbers work either. Most of those numbers are no longer hers, but I've lost track of which ones.
I feel like there's a bubble of people for whom phone numbers are perhaps a useful, durable identity token, but I really think it's very much a bubble. Most people's phone numbers change fairly frequently.
> Most people's phone numbers change fairly frequently.
Citation?
I think it’s just as easy to claim (and I certainly would bet that) most people’s phone numbers do not change frequently - I’d wager on something like 70% remain the same for 5+ years.
My phone numer has literally never changed (going 20+ years now). Perhaps it's different in the US somehow (e.g people use their work number for private purposes too), but in my experience private numbers tend to remain the same.
Not only that, but how can I use Signal on desktop without it? Can I do that? Plus every single citizen here who has a phone number has it tied to their identity, even if they buy the SIM card at the gas station, for example. They have to verify and confirm their identity once a year. Its purpose is to keep track of who uses what number.
You can use signal on a desktop but you still need to tie your account to a phone number. It has a mechanism to share your history and all that to a desktop app, with key certification managed (afaik) from your phone app (and it requires periodic re-pairing of it if you're not using it regularly). It's not really a great experience imo.
You can here too, I just know a lot of people who don't. And people who use their work phone (even if I think that's a bad idea) for personal use don't always have the option of keeping the number.
I operate an E2EE messaging service that uses email instead of phone numbers as user IDs
My servers also don't keep any record of conversations or "buddy lists". Yes, contact lists get wiped when changing device and email addresses aren't as easily stored in phone books (I don't even access a user's phone book for that matter). Just saying that it's possible to not use phone numbers. Granted not as convenient once you've built your entire user base off of their phone numbers
So the Signal server has no information about phone number X talking to or being in contact with phone number Y at all?
> By contrast, other relatively popular messengers essentially keep a plaintext database of who talks to who on their service.
I know, there are plenty of not-so-privacy-preserving messengers out there. The way Ricochet[1] and Briar[2] does it is probably the most privacy-preserving one, and it can be made extremely convenient.
It's rather funny to me that I still get notifications that someone I knew ages ago (but are still in my contact list) are now on Signal.
I find it funny rather than scary because I knew the tradeoffs Signal decided on even before I started using it. The fact that you use Signal itself is not a secret. If you need that to be secret, use a burner phone or something else. But I'm pretty sure not everyone else knew that when they joined.
In one case, I got notification that a guy I knew in high school had joined Signal, he was pretty far left then, and googling him I found out he was extremely far left now (splinter of a splinter of an anti-electoral Maoist group). I sent him a friendly note welcoming him, and explaining the basic thing I've explained here, that everyone can see you joining signal.
One way would be for Signal to create a hash of all your contacts phone numbers and look up if those hashes exists on the server. No contact details needed on the server, just the hash of the phone number connected to Signals user ID.
> The first instinct is often just to hash the contact information before sending it to the server. If the server has the SHA256 hash of every registered user, it can just check to see if those match any of the SHA256 hashes of contacts transmitted by a client.
> Unfortunately, this doesn’t work because the “preimage space” (the set of all possible hash inputs) is small enough to easily calculate a map of all possible hash inputs to hash outputs. There are only roughly 10^10 phone numbers, and while the set of all possible email addresses is less finite, it’s still not terribly great. Inverting these hashes is basically a straightforward dictionary attack. It’s not possible to “salt” the hashes, either (they always have to match), which makes building rainbow tables possible.
Regardless of this, Ricochet and Briar both use Tor hidden services and they are metadata-free. You do not send any metadata to any servers. I have a link to the design of Ricochet that is easily digestible in some of my other comments.
Usernames isn't the solution to anonymity. Your username here isn't anonymous. And how do you share a username without connecting another identity? It's the same problem as using a phone number (supposing you're American and not too different if your ID is connected to your phone number).
I would rather prefer doing it the Ricochet way, yes:
> The recipient can calculate the sender's contact ID based on the public key, and authenticate it by verifying the signature on the request. This proves that the sender can publish the hidden service represented by their contact ID.
This is using IDs. For convenience of sharing and receiving: could be copy pasted (share button works on smartphones, too), and QR codes could be used.
Ricochet is metadata-free, and it can (or is, actually) be resistant to traffic analysis, too. No one knows who you are, and no one knows who you talk to.
Can you explain this a little more? Because the problem I see is that with any unique identifier it is hard to share in a hostile environment. Let's say I want to share my contact information to someone here but also share my contact information with someone on Reddit and not reveal that I am godelski on HN. Because if I use the identified "1234" here and "1234" on Reddit then I've connected those two accounts.
The only way I see it working out is with temporary identifiers or expiring links like FF send used to have. I saw some users talking about this in the community signal community form[0]. I agree with the users that are trying to say they want to use usernames to be anonymous, not as a way to hide a phone number.
I do not think that OP was referring to implementing it the same, or even in a similar way, but to use a username/password pair. OP is free to correct me if I am wrong though.
In any case, elimination of metadata done right is the way Ricochet[1] does it. The recipient can calculate the sender's contact ID based on the public key, and authenticate it by verifying the signature on the request. This proves that the sender can publish the hidden service represented by their contact ID. You can read more about it here: https://github.com/ricochet-im/ricochet/blob/master/doc/desi...!
