Privacy

42399 readers

839 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

If it ask for your phone number its not private. (lemmy.ml)

submitted 1 day ago by lunatique@lemmy.ml to c/privacy@lemmy.ml

121 comments fedilink hide all child comments

Nowadays, a majority of apps require you to sign up with your email or even worse your phone number. If you have a phone number attached to your name, meaning you went to a cell service/phone provider, and you gave them your ID, then no matter what app you use, no matter how private it says it is, it is not private. There is NO exception to this. Your identity is instantly tied to that account.

Signal is not private. I recommend Simplex or another peer to peer onion messaging app. They don't require email or phone number. So as long as you protect your IP you are anonymous

you are viewing a single comment's thread
view the rest of the comments

[–] dessalines@lemmy.ml 0 points 21 hours ago (1 children)

Everyone you talk to and when you talked to them, with their real identities via phone numbers. Because signal is hosted in the US and subject to national security letters, you should assume the worst.

[–] SteleTrovilo@beehaw.org 3 points 20 hours ago (1 children)

Are you talking about the client app, or about the service?

Much of what you said doesn't apply to the service, which stores hashed phone numbers and first access / last access times and nothing else.

And the client does store these things, but also lets users delete messages and contacts. Your message deletions can propagate as well.

[–] dessalines@lemmy.ml 2 points 16 hours ago (1 children)

stores hashed phone numbers and first access / last access times and nothing else.

Even if this weren't false (otherwise they wouldn't be able to connect to your existing contacts), that's a "just trust us" claim. You give them your phone number, you should assume they have it and not "trust them" to hash it like its a password.

And the client does store these things, but also lets users delete messages and contacts. Your message deletions can propagate as well.

Not that its that important, but its yet another just trust us claim.

[–] SteleTrovilo@beehaw.org 0 points 1 hour ago* (last edited 1 hour ago)

You literally don't understand how hashing works, got it. Please educate yourself on this topic. In short, "connecting your existing contacts" is ENTIRELY possible with hashed phone numbers; it's not even complicated or tricky. To claim otherwise, as you just did, is nothing but trumpeting your own ignorance.

As for deleting (and propagating deletion of) messages, this is most definitely NOT a matter of "just trust us". The client is open-source! We KNOW how it works. We KNOW that deletion propagates across devices when you tell it to. We KNOW that the service cannot see your unencrypted messages, and that the encrypted messages are made with AES so even quantum computers in the future can't decrypt them. This is incredibly far from "just trust us".