Still sucks you will need a phone number to use it though. Hopefully they adopt meshnet type technology similar to berty.tech so people can communicate even when the internet is shut off across all platforms with end to end encryption
There’s Briar, but I am upset they don’t have the bluetooth mesh functionality on desktop at least yet, and I don’t know if you can make it work in a VM.
In the world of Mobile, you’re always going to have to have some kind of signalling protocol that will have to be through someone else Simply because establishing listening functions that help push notifications reach you at all consumes battery. In this case, I think what the real thing should be is, if we should be trusting these push notification systems We should be able to host them as well Servers we choose to associate with our devices
What gets me really excited is the idea of messaging in low internet connectivity areas (aeroplanes (to someone else on the plane)) on the subway/underground
The idea of Bluetooth/WiFi direct mesh, with “internet gateway” devices (maybe those people are rewarded in some way)
In this dream of mine, people can communicate, send data, through non ideal internet conditions (maybe one person on an aeroplane has internet, and they are the gateway for others)
There may be some relay servers running on AWS or whatever, but people could also run their own relays (I guess all devices are a relay)
I’ve tried to get this working myself, using a library called “reticulum” I found in GitHub (good library, but I couldn’t get Bluetooth/WiFi mesh working)
So you want to engineer wireless specifications because internet isn’t always everywhere. Just hook into Amazons sidewalk network this is about your only option. It’s basically LoRa
Yeah, afaik, it only goes through TURN servers. The thing with direct Wifi or Bluetooth is that you almost never need it. Most of the time you will be messaging people on different networks. If you want more pure mesh options, check out Jami.
They do their best to use the number in ways no one but your contacts who use Signal can actually see what that number is, to be fair. And you’re still private either way. What a phone number breaks is anonymity, which is something they don’t explicitely claim to give you. (I think)
Privacy and anonimity are different things. As long as nobody besides you and the indented destination(s) has access to the content of your communication, that communication maintains privacy, even if everyone sees that it’s you talking.
Also, and this is something I mention all the time, the only information this gives is that you use signal. Besides that, as soon as anybody else registered your phone in their contact list, your phone number is already known and associated with you considering that many apps (like all the meta ones) gain access to the contact list and the chance that anybody who has your phone number uses one of those is almost 100%.
App-accessible contact lists is the original sin of smartphones. As a result, a few powerful corporations know the social graph of entire countries. The handful of people who make efforts to stay anonymous be damned - they’re in the database too thanks to their friends. This one infuriating feature makes decent privacy all but impossible.
To validate that a user is a person. The idea is to trust the phone companies that a person who happens to possess a phone number is actually a person.
I never said it was a good solution. There is no way to trust any validation that a user on the Internet is a person. But this way is cheap easy and most people aren’t gonna go through the effort of masking their identities.
Also one discrepancy in an audit of a phone number trusted user base sticks out enough for cops to make some progress.
You need some sort of verification that the person is a person. Phone number puts a layer between you and the service you are trying to use - the provider of the number. The provider holds your identity but only passes on a phone number.
Thing is it is very easy to get a signal account with a fake number, I have 3 different ones. My spare phone don’t have a sim or number, but do have signal. On my main phone I have one for each profile.
People are putting too much thought into this. It’s discovery. Signal is a WhatsApp alternative. You switch from WhatsApp and want to know which of your contacts you can still talk to? No action necessary, you can do it right away.
I guess that’s true, but I’d prefer the phone number part being optional. If you don’t give it, you don’t get access to the easy migration or discovery features, but you get to hide your phone number.
I believe they still require a phone number for the TESTING phase but it can be the same oje you already use for your regular Signal (if im understanding it correctly)
Some malicious users do use VPNs to send spams and many websites automatically bans these IPs. Normally switching to a different VPN server will resolve the issue.
Session will use full onion routing and it should hide most metadata from your communications. It also uses strong encryption so it should be hard to brute force the encryption
while the following is not really my threat model, wouldn’t a person who’s being targeted, say a journalist/activist, have a higher chance of their device being compromised (possibly even physically)? If so, would Session still be a valid option for them?
I never said they used the Tor network. I just said they use onion routing over lokinet. Lokinet is pretty powerful and is much faster than Tor. In the future we may see other messaging apps use lokinet assuming it works well and is secure
And I did not say you said that. Thatdoes not matter though, as what I say still stands. The network they use for onion routing is incredibly weak. Even Tor isn’t as powerful a network as most would think.
Speed does matter though. You can’t video call over Tor because its slow.
Lokinet also is smaller in popularity than Tor so it will have less nodes. Hopefully it will scale. I personally am kind of interested in running a node as it looks like it could be profitable
love me some briar, but signal is a legitimately decent privacy focued app with serious mindshare, adoption and ux/ui features. I love them both, but unless the other person is a technophile, signal is my go to recommendation and briar remains my “secret club” app.
My exact use case haha. Became invaluable when the internet was unavailable. Used my phone’s hotspot to create a wlan, then used it to communicate with those I needed to. Communicate internetlessly with your nearby groups, brought to you by Briar.
We were with several other groups and had no internet, but needed to communicate through text. Briar filled the gap with its ability to communicate internetlessly through a local network (as long as the others are on the same network). Creating a hotspot with one phone and connecting the others makes a wlan with your group inside. Could you tell me what I’m missing from my explanations? I’d be happy to elaborate further if I knew.
I don’t have any real experience with Briar, so I wanted to learn more. How far were able to spread apart and it still worked? How many of you were a part of the group?
We were only 4 and stayed pretty close together, but there were a bunch of people around, so we needed text communication. My phone can only handle 5 connected devices throughout about a 250ft unhindered radius (100ft realistically), but if you had a real wifi network, you could add a lot more people and spread out much further.
E: we did have a member drop off several times because he was beyond the threshold, but he automatically reconnected when he got close enough.
So if Im at a music festival or something similar and I dont have phone service I can still just make a hotspot and send messages out through the hotspot signal?? Thats so awesome if Im understanding that correctly
But they do sync. They just don’t keep messaging history, which is, as you say, by design. Signal doesn’t keep copies of your messages so they cannot give you old message history if you connect your account to a new device.
That’s true, but once you trust a new device, there’s no reason the authority (your phone that has all history) couldn’t transfer the history over to the new client.
I get it would add some complexity, but it could be done in a secure and private way.
You also can’t import history from SMS. I would love to use Signal more, but it needs to support SMS properly if they want it to be linked to phone numbers the way it is.
I’d be interested in utilization data before and after that change. Anecdotally, I use Signal much less after SMS was removed. With one app, I could opportunistically use Signal, when the other person had it, and send an SMS otherwise. Now I have to decide what kind of message to send before opening an app and learning my options. Most of those quick messages have moved back to SMS for me.
I feel like that is also by design. If your account is compromised, you wouldn’t want them to be able to pull messages from your existing devices. It kinda defeats the purpose of them not being stored on the servers.
Probably mean run it on more than one phone. I’d love to run it on my iPhone and my android phone but it can’t be run without a phone number on a phone afaik
Yup, exactly. I switch between phone and tablet during the day and signal is the only messaging client that makes me stop what I’m doing and pick up an entirely separate device to check messages and reply. A bunch of my friends ended up on telegram or matrix because the usage model just doesn’t work for people who use multiple android or iOS devices.
Add comment