Not really. Anonymity is simple. You don't require PII for registration. As simple as that.
What is hard are their other use cases. Preventing rotten eggs entering the system. And they cut shortcut here, sacrificing security of their users to keep the bills down. The phone number requirement is not there to protect you but to protect their ecosystem and even more their resources (if I take it as lightly as possible, check the last line).
Again I will use IRC as an example, it was able to connect so many people without requiring PII, yes there was spam (same as with emails, I host my own mail server and I dont see spam, it is 100% filtered out by rspamd), for what, 30 years(?), they can do it too. I don't see any excuse for their requirement.
But ok, lets be fair - easy to connect. I have around 400 phone numbers in my phone of people I asked for their phone number - they were relevant to me at some point, for instance primary school schoolmates. How many, do you think I communicate with? I went to count history for last year - 35 numbers. 35! Out of those, I would communicate over secure channel with 6 (current company). And now this is an issue?
Let me say it again, with all the facts, I can only take them as a honeypot.
Honestly you seem to just want to hate Signal. That's okay to dislike something but calling Signal a honeypot is a strong statement. That requires strong evidence, not weak conjecture.
It is hard to respond to you in good faith because it does not feel like you want to engage that way. Maybe I am misunderstanding your statement. So I will engage in good faith once more (reminding you that this is a HN rule).
Anonymity is nowhere near as simple as not requiring PII during registration. Even from the provider side. We can agree that it is difficult to maintain anonymity from the user side. But choices made by the provider can make these things impossible. Let's suppose Signal gives me one username that I can use and I must use that continuously. What do I choose? If I use "godelski" then I've made a permanent connection between that identity and my real life identity. After all, I do talk to friends, family, and coworkers on Siganl. If I choose another name and share that name through this name, then those two are linked together. All of this is information leakage and highly valuable to OSINT people. I'm sure someone here has significantly more experience than me and would be happy to expand upon this too. But it is extremely naive to believe/claim that anonymity is provided simply by removing the phone number. It is far more complicated than that. Hopefully you now know that.
There's quite a few other hints in the marketing and decisions at Signal that reek a little bit of honeypot (by the NSA).
Super hard to prove though...
For me personally the strongest hints are the fact that it's centralized, there's no getting around connecting to their server(s) for the app/clients to be useful and that it's impossible to know what exactly their server is running (by design?).
Oh, and Signal is based in the US. That fact by itself pretty much means all bets are off when it comes to security or anonimity.
I don't see how the NSA would not be pwning that server or owning/creating that server and/or organization (indirectly or directly).
Or to put it differently: why would it be hard or illogical for the NSA to setup an innocent seeming "good guys" radiating non-profit chat service that is supposedly secure (yet centralized and non-anonymous by design and also a honeypot)?
The whole point of e2ee is that you don't need to know what the server is running, just check the (open source) client.
The point of their private contact discovery is to leverage SGX enclaves so that you can verify what code is running on their server.
Sealed senders allow you to send a message without revealing to the server who you are.
The whole point of Signal is to build something that you don't have to trust. But of course you need to put some effort to understand it (and what it means, e.g. if you don't trust your OS running the client or if you don't trust the SGX enclave).
>Oh, and Signal is based in the US. That fact by itself pretty much means all bets are off when it comes to security or anonimity.
It has to be based somewhere right? Would you trust it if it was based in China or Russia? Or even mid tier countries like UAE or Singapore? Even "neutral" countries like Switzerland isn't safe, as we've seen with Crypto AG.
The patriot act clearly compromises every 5-eyes nation. China and Russia have their own equivalents of a Patriot act, so hosting there is no good either. Mid tier and neutral countries can be compromised as in your example above. This is all truly depressing, but why does it have to be hosted on a central server.
I hate web3 hype as much as the rest of HN, but this seems like a genuinely useful application for it.
Please don't post insinuations about astroturfing, shilling, bots, brigading, foreign agents and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data.
> why would it be hard or illogical for the NSA to setup an innocent seeming "good guys" radiating non-profit chat service that is supposedly secure
Let's also investigate the inverse side of this. Supposing Signal works, would the NSA not instead want to launch a disinformation campaign against them and exaggerate downsides? I think such action would also be easy and logical.
But I don't think that's happening, to be clear. I think people are just passionate about the subjects and with passion people are often excessively head strong (this is something disinformation campaigns prey on btw. They often play both sides because chaos is often more effective pushing a singular narrative. See "malinformation").
> Oh, and Signal is based in the US. That fact by itself pretty much means all bets are off when it comes to security or anonymity.
(anonymity. FTFY) I do agree that being US based comes with certain risks, but the US is not authoritarian and is unable to force companies to collect data. This is enough to raise suspicion but not enough to be damning. The suspicion is also reduced given that Signal publicly discloses subpoenas that they receive. Insiders like Snowden also advocate for its usage as well as many major players in the security community, globally. One can come back and suggest that this is disinformation but that increases the complexity of the honeypot campaign and as history has shown, complex conspiracies unravel quickly. Especially in high profile cases, and since Signal is universally suggested as the gold standard by the security community, I'd argue it is pretty high profile.
The problem with conspiracy theories is that it is easy to turn evidence against a conspiracy into part of the plot and coverup. But this just exponentially increases complexity. And anyone that has worked for or with the government will gladly tell you how ineffective they are (often in the form of complaints). After all, two can keep a secret only if one of them is dead. The fact that it is difficult to prove (and people have been trying for over a decade without yielding any more evidence than you have put here, +RadioFreeAsia) is actually evidence to the contrary. More should have been uncovered if there was a real plot (especially considering how complex it would need to be).
What is hard are their other use cases. Preventing rotten eggs entering the system. And they cut shortcut here, sacrificing security of their users to keep the bills down. The phone number requirement is not there to protect you but to protect their ecosystem and even more their resources (if I take it as lightly as possible, check the last line).
Again I will use IRC as an example, it was able to connect so many people without requiring PII, yes there was spam (same as with emails, I host my own mail server and I dont see spam, it is 100% filtered out by rspamd), for what, 30 years(?), they can do it too. I don't see any excuse for their requirement.
But ok, lets be fair - easy to connect. I have around 400 phone numbers in my phone of people I asked for their phone number - they were relevant to me at some point, for instance primary school schoolmates. How many, do you think I communicate with? I went to count history for last year - 35 numbers. 35! Out of those, I would communicate over secure channel with 6 (current company). And now this is an issue?
Let me say it again, with all the facts, I can only take them as a honeypot.