this post was submitted on 09 Nov 2023
270 points (100.0% liked)

Technology

37716 readers
261 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
top 46 comments
sorted by: hot top controversial new old
[–] [email protected] 31 points 1 year ago (1 children)

YES! The one main hurdle I've found (and the constant "share your contacts??" prompting). Good luck to them!

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (2 children)

and the constant "share your contacts??" prompting

Why wouldn't you just share your contacts? And what does this have to do with that?

[–] [email protected] 2 points 1 year ago (1 children)

Because my contacts are none of their business, and it's fucking disgusting to even ask without the user going way out of their way to initiate it.

[–] [email protected] 1 points 1 year ago (1 children)

They're not. And they won't see any of your contacts. It just allows the app itself access to them.

[–] [email protected] 1 points 1 year ago (1 children)

There isn't a single service on the planet who I would trust to allow their app to see my contacts.

The app asking for the permission is not acceptable. The permission should not exist at all. Both mobile OS should only be permitting users to explicitly import contacts that they choose, with literally no way for any app to see the master list in any context.

[–] [email protected] 2 points 1 year ago (1 children)

Signal has been through every trial and tribulation in existence. They've been audited by a dozen different companies, they're open source, they've been subpoenaed by the government, etc. You're just being paranoid.

[–] [email protected] 1 points 1 year ago (1 children)

The mere existence of the permission is obscene.

[–] [email protected] 1 points 1 year ago

It's not, at all. It's incredibly convenient

[–] [email protected] 1 points 1 year ago (1 children)

Why not? Uh, No. That's why. Not now, not the 100th time, not ever. I want it to stop asking. No.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

Mmkay well there's no reason you shouldn't do that, so there's no reason you should see that prompt more than once, so don't expect anyone else to care. And this change won't affect that prompt.

[–] [email protected] 29 points 1 year ago (2 children)

Now if only my people I knew used signal instead of WhatsApp 🤦‍♀️

[–] [email protected] 6 points 1 year ago (1 children)

Yea they will only move if WhatsApp fucks something badly.

[–] [email protected] 6 points 1 year ago

they're planning on adding ads

[–] [email protected] 1 points 1 year ago

Imagine having to send people your username instead of them just installing Signal and knowing you're there.

[–] [email protected] 18 points 1 year ago (1 children)

Nice! Maybe this will also pave the way for multiple accounts on the same device if you have two separate phone numbers for private and work.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

Or just use SimpleX (same encryption tech as Signal anyhow).

[–] [email protected] 2 points 1 year ago (1 children)

Hopefully without the toxic devs?

[–] [email protected] 3 points 1 year ago

What do you mean?

[–] [email protected] 12 points 1 year ago (3 children)

About time! Hopefully they will find ways to reduce spam though.

[–] [email protected] 12 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago (2 children)

I imagine unrestricted usernames would make spam easier than with phone numbers. I'm just hoping they have a way to control this.

[–] [email protected] 7 points 1 year ago (2 children)

You still need a phone number to sign up, so there shouldn't be any increase in spam

[–] [email protected] 4 points 1 year ago

SimpleX has no phone number but I get no spam because only people I send a one-time invite code to can contact me. There is no directory of usernames.

[–] [email protected] 2 points 1 year ago

Makes sense!

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

they're going with numbers along with usernames, kinda like discord to reduce spam. I hope they work.

[–] [email protected] 7 points 1 year ago (1 children)

Where are you receiving these spam messages from? Random numbers aimed at marketing or what?

[–] [email protected] 2 points 1 year ago (1 children)

Sorry I misframed it. I mean that since there's no need to reveal phone numbers, there could be an opportunity for spammers to increase spam by creating many accounts, and Signal should preemptively find ways where such spams could be reduced. However, I realized after posting that the article says we still need to sign up to signal with a phone number. However, there's still the risk of impersonation (by writing someones username with tiny changes) and people trying to add vulnerable users by username (which they might be using on other platforms) instead of phone number.

[–] [email protected] 3 points 1 year ago

Probably possible yeah, but if the account gets flagged after users reporting it, they'll need to get a new number afterwards, which isn't that easy (at least where I live).

[–] [email protected] 1 points 1 year ago

Best way to reduce spam is to remove phone numbers entirely.

[–] [email protected] 7 points 1 year ago

2 hours later... Or years

[–] [email protected] 6 points 1 year ago

🤖 I'm a bot that provides automatic summaries for articles:

Click here to see the summarySignal is publicly testing letting users add usernames to their accounts so they don’t have to share their phone number to connect via the encrypted messaging service.

The test was announced via a post on the Signal forums by VP of engineering Jim O’Leary, who referred to the feature as “pre-beta” and warned that there’ll be rough edges including crashes and broken push notifications.

Although accounts will still be associated with a traditional mobile number at setup, the username feature means you’ll be able to connect with and message other users without having to share what can be an important personally identifiable piece of information.

PCMag points to a note in the service’s wiki mentioning that signs of the feature cropped up as early as 2019, and Whittaker has been open about the Signal’s plans for it.

There are indicators that competitor WhatsApp is working on a similar feature, though the Meta-owned messaging service is typically less open about its future development plans.

But the ease of installing these test clients varies, and you’ll only be able to talk to other users running similar pre-release software.


Saved 50% of original text.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago)

...so you can avoid sharing your phone number with your contacts.

they are not planning to let you use Signal without having a phone number and sharing it with their (Amazon's) servers.

[–] [email protected] 2 points 1 year ago (2 children)

How come the only people I ever meet that use these weird messaging apps are drug dealers and immigrants? 99% of people I meet use Snapchat or Facebook Messenger to talk to people if not SMS, only time I hear about Whatsapp IRL it's the sketchiest people.

While I'm on the subject, is the person who designs the Snapchat user interface from this planet? Do they have severe mental deficiencies? It's really the worst UI of any app or program I've ever experienced.

[–] [email protected] 3 points 1 year ago (1 children)

Let me guess American? In Europe basically everyone uses Whatsapp, lots of people use Telegram some use signal. I use all of them.

[–] [email protected] 1 points 1 year ago (1 children)
[–] [email protected] 2 points 1 year ago (1 children)

Yeah when I got my first smartphone and whatsapp wasn't around yet I had to pay like 10 or 15 cents per sms. So when WhatsApp became an option everybody and their mother jumped ship and joined. For a while sending an sms and getting back I'm on WhatsApp was a thing.

Nowadays I think sms is basically part of your plan an for most plans unlimited. But they milked it way too hard back in the day. So most people just don't use it at all.

[–] [email protected] 1 points 1 year ago

Wild but now things make a lot more sense, I've had unlimited texts for the majority of the time I've had a cellphone.

[–] [email protected] 1 points 1 year ago

My Girlfriend and I use signal. We don't talk to anyone else on there. She says it's simply because she likes how it looks. 🤣

[–] [email protected] 2 points 1 year ago (2 children)

More spam messages then, ok...

[–] [email protected] 5 points 1 year ago (2 children)

While Signal did justify the need for numbers by cutting spam prevention I don't get it...

Spammers use fake phone numbers all the time on the regular phone service so why not on Signal? A few steps too many for them to bother registering?

[–] [email protected] 4 points 1 year ago (1 children)

A few possible answers:

  1. Signal is not big enough for spammers to spend resources on
  2. People who bothered to use Signal are likely to be more privacy minded and therefore less likely to fall for scam
[–] [email protected] 3 points 1 year ago
  1. Signal just isn't as private as its marketing wants you to think it is

A tip (but you do you, of course), use something federated (XMPP!): the time for trusting a central organization to do no harm is over if you have kept tabs of anything internet over the last 40 years or so..

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

Spammers use fake phone numbers all the time on the regular phone service

The phone calls just use fake caller ID. Caller ID is entirely unauthenticated and the recipient just blindly trusts the sender, so scammers use sketchy VoIP services that let you override the caller ID without actually proving you own that number. Work is being done to improve this: https://www.fcc.gov/call-authentication

That's means it's trivial to use a fake number for outgoing calls, but the spammers can't actually receive incoming calls or texts to those numbers.

[–] [email protected] 4 points 1 year ago (2 children)

You still need phone number verification to create an account, that hasn't changed

[–] [email protected] 4 points 1 year ago

So on the privacy front nothing has either. Good to know.

[–] [email protected] 1 points 1 year ago

Weirdly, I got a spam message yesterday on Signal. No number - just a username.

I'm on the regular production version - not the one testing usernames.