130
Spam prevention
this post was submitted on 11 May 2025
130 points (85.7% liked)
Privacy
37745 readers
1031 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Bots. If it makes you feel better, you can disable other people finding you via phone number and just give them your username. All messages are private.
load more comments
(24 replies)
Everything is a balancing act. Privacy, anonymity, and security aren't the same things. They're sometimes, and in some aspects always, difficult to achieve without compromising one of the other two.
When you add in the goal of quick, easy setup to make the service useful in the first place. Doesn't matter how good the service is at the trinity if nobody is willing to use it. Signal just errs on security first, privacy second, anonymity third.
There is a lot of FUD here. It's just like anti-vaxxers claiming vaccines make you autistic or have microchips in them: they don't understand what they're talking about, have different threat models, and are paranoid.
Messages are private on signal and they cannot be connected to you through sealed sender. There have been multiple audits and even government requests for information which have returned only the phone number and last connection time.
load more comments
(2 replies)
One of the design goals is that they don't have a user database, so governments etc can't knock down their door demanding anything. By using phone numbers your "contacts" are not on their servers but local on your phone.
But your phone number is, and thus every agency can get your full name and address and location.
Yes but only yours. That's still better and only having to knock on one door to get everything.
load more comments
(2 replies)
load more comments
(3 replies)
load more comments
(7 replies)
SimpleX is coming nicely along. Should be good to switch next year once they got their desktop apps polished up
Simplex has a bad user experience and needs a lot of work before it's ready for normies.
load more comments
(1 replies)
Signal is not perfect but we control its app, libre software. See SimpleX Chat.
Escaping WhatsApp and Discord, anti-libre software, is more important.
load more comments
(7 replies)
Jami.net
Ignore the comment saying signal is "end to end encrypted" "private" etc They are simply stuck in a delusional state where they try to convince themselves that signal is the best option so they can continue using it. Nothing is private if it isn't fully libre because you never know what the proprietary code is doing. The signal protocol itself has its source code released, and the encryption and security code is publicly available, but the signal Foundation has stated that it uses both free code and proprietary code. Their reason is UI, but it's hard to make sure whatever proprietary code is being used for because you simply can't see it. As GNU puts it: "You're walking in a pitch black cave". Jami is fully libre and is a GNU project. You don't even need any phone number!
You can easily verify the keys of the person you’re speaking with, and they’re generated locally… so technically speaking, even if their servers are leaking, your messages are still unreadable, but yea that’s not ideal
load more comments
(2 replies)
Jami, as much as I prefer it on various philosophical grounds, simply doesn't work very well at the moment. :(
load more comments
(2 replies)
load more comments
(10 replies)
If you want to be mainstream a) you can't have spammers, scammers, and all the other scum of the earth and b) finding your contacts in the app HAVE TO be plug and play. Literally no normie will bother adding with usernames or whatever.
load more comments
(2 replies)
It's focused on ensuring there is no middleman between you and the other party, but it does not have a goal to provide anonymous messaging. Sadly.
no middleman
Signal is not P2P
Of course. Sorry, but I meant no middleman as in minifying the role of the server in your messahing. Signal's goal is to ensure the server cannot have access to your messages and its only role is to receive and send data.
load more comments
(1 replies)
load more comments
(2 replies)
Maybe I am being too simplistic here. But I have never received a spam message to my XMPP account and I don't know how a spammer would find it.
In a phone-based system a spammer can spam a list of numbers, or use contact lists that are easily shared via phone permissions. There are several low-effort discovery processes.
For e-mail, you get spam when you you input your personal e-mail into forms, websites, or post it publicly.
But for something like XMPP... It seems rather difficult to discover accounts effectively to spam them. And, if it is an actual problem, why not implement some kind of 'identity swap' that automatically transmits a new identity to approved contacts? A chat username does not need to be as static as an e-mail or a phone number for most people.
I just don't see 'spam' as such a difficult challenge in this context, and not enough in my view to balance out requesting a phone number. Perhaps a spammer can chip-in?