signal requires a phone number to sign up. a phone number could be used to trace your signal account back to you. so why do people, especially privacy enthusiasts and experts (like edward snowden), still use it and endorse it when it lacks anonymity in that sense? i get that people could use a voip number or something to sign up, but still.

  • SatyrSack@lemmy.one
    link
    fedilink
    arrow-up
    97
    arrow-down
    1
    ·
    1 year ago

    Privacy and anonymity have some overlap, but are ultimately two different things. Signal focuses on privacy.

    • ISOmorph@feddit.de
      link
      fedilink
      arrow-up
      14
      arrow-down
      9
      ·
      edit-2
      1 year ago

      I don’t undestand this comment, could you please elaborate?

      The way I way I see it, privacy without anonymity only works if you can trust a service provider. Since there are no trustworthy providers, especially since legislation can cancel any assurances anyone could give you, anonymity becomes the only way to ensure privacy, making it virtually synonymous.

      • Orbituary@lemmy.world
        link
        fedilink
        arrow-up
        70
        ·
        1 year ago

        You know I live in that house across the street, but my blinds are closed and I don’t let you in. That’s privacy, despite your knowledge.

        There’s a glass house across town. You drive by, but you don’t know who lives there, who owns it, or why they insist on walking around naked. Anonymous, albeit open.

        • Otter@lemmy.ca
          link
          fedilink
          English
          arrow-up
          10
          ·
          edit-2
          1 year ago

          Also while it seems ideal to have both (don’t know who lives there or what they’re up to), it’s much harder to implement in a way that there aren’t ethical/legal headaches.

          It can also be easier from the usability side, like if you want to get in touch with your friend and you know where they are living today.

          I’d like to have the option to not use a number, and it would help those that live under authoritarian regimes, but I don’t think I’ll go through the trouble of removing mine once they implement it

          • Deckweiss@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            1 year ago

            As far as messangers go, there are plenty which don’t require a phone numer, like Threema.

            So for this instance, it is pretty easy to have both

      • Privacy means that you can talk/act safely in your own closed-off space while no-one knows what you do. The opposite of private is public.
        Anonymity means that you can safely talk/act in public space while no-one knows who does it. The opposite of anonymous is … identified.

        If you want your talk be private while doing it in public or via an untrusted service, you can use obfuscation/encryption of the content/payload data of your talk (still anyone could receive it and know it’s from you and if they have the key they can decipher it).

        If you want to be anonymous in public space, you have to obfuscate the metadata of your talk (so that no-one knows who said it but anyone can still receive it).

        *And here is a bit of an overlap depending on where we want to draw the boundary of our privacy realm. In some cases, the knowledge about metadata like location and time of a message can be breach privacy while in other cases this is irrelevant.

        You could also do both, meaning you’d have an anonymous appearance in a public/untrusted space, having a conversation with only those people who have the key to your messages. That’s a stunt which is not easily accomplished, as obviously you’ll need a way to let others know how to reach you, and exchange keys (in other words, you’ll have to first make an appointment in private and in a trusted space).

        [wanted to write two sentences, no so much text :-D]

      • whale@lemm.ee
        link
        fedilink
        arrow-up
        9
        arrow-down
        1
        ·
        1 year ago

        Not necessarily. If your high school nemesis steals an encrypted disk that belongs to you, the data is private (for your eyes only) but definitely not anonymous, and it’s not with someone you would trust.

        Same thing goes with Signal. We trust the platform because the encryption happens before messages leave your device, and the decryption happens only after they are received on someone else’s. If this becomes provably untrue, then the client apps have become compromised… And at that point, privacy, anonymity, etc all go out the window. Who knows what the apps are doing.