zlacker

[parent] [thread] 17 comments
1. goneho+(OP)[view] [source] 2020-06-05 06:36:45
This tradeoff is arguably a good thing.

By using phone numbers as IDs signal can rely on your phone's local contacts (meaning they don't have to send your social graph to their servers). This way they can keep very little metadata on you.

There's pretty much nothing for them to turn over except the fact that your phone number has the signal app.

Most of the other secure apps could turn over your entire contact list (which could be damaging for people in a protest that are being targeted).

Confirming a single phone number has the app is not nearly as big of a deal (I'd argue it doesn't matter at all).

replies(3): >>Legogr+f1 >>sneak+T5 >>soziaw+86
2. Legogr+f1[view] [source] 2020-06-05 06:50:42
>>goneho+(OP)
I've lost track of the number of times I've had this conversation but here we go:

There's nothing inherent in phone numbers here. Both iOS and Android also allows you to add e-mail addresses (and other identifiers) to your local contacts. I'm yet to hear an argument as to why e-mail addresses or other identifiers can't be used in addition to phone numbers, or why it would be a complicating factor.

replies(1): >>goneho+b2
◧◩
3. goneho+b2[view] [source] [discussion] 2020-06-05 06:59:49
>>Legogr+f1
My guess would be that phone numbers are guaranteed to be unique IDs that (almost) every phone will have which simplifies things and reduces the risk of someone impersonating someone else.

I think they are working on non-phone number IDs though (Moxie was in an earlier signal thread on HN recently and mentioned it).

replies(3): >>mikekc+k3 >>HenryB+E3 >>ohhnoo+Bg
◧◩◪
4. mikekc+k3[view] [source] [discussion] 2020-06-05 07:18:03
>>goneho+b2
There is an issue on Github that is collating the problems they are working through. I've lost track of it, though, unfortunately. I've been pretty cynical about it in the past, but the last time I looked at the issue, it does look more complex than I first imagined. I wish it were higher priority, though. Hopefully somebody will remember the issue and post it here (it was from an HN post that I found it originally). Unfortunately, I'm not even sure what project it's under and there are many projects.
◧◩◪
5. HenryB+E3[view] [source] [discussion] 2020-06-05 07:22:34
>>goneho+b2
In that spirit, emails (when discovered on a device) are also unique IDs. Even if someone's email is The-Dog@someprovider_dot_com authorities can still track that this mailbox was accessed by IP x.x.x.x and this IP is provided to phone number 555-12345 which belongs to Henry Bemis.

It will take the authorities a bit more time (i.e. someone throws away their burner phone and authorities hack it)(with the assumption that phone numbers/SIM activations are provided using valid ID as it happens in many countries).

replies(1): >>fsflov+Fb
6. sneak+T5[view] [source] 2020-06-05 07:49:39
>>goneho+(OP)
iCloud contacts, which is how Apple phones store and sync this metadata for you, is not end to end encrypted, and is available to Apple and the military intelligence community without a warrant.

https://sneak.berlin/20200604/if-zoom-is-wrong-so-is-apple/

7. soziaw+86[view] [source] 2020-06-05 07:52:20
>>goneho+(OP)
> Most of the other secure apps could turn over your entire contact list (which could be damaging for people in a protest that are being targeted).

But that doesn't help much if the entire contact list is a list of trash mail adresses (in the case of Wire) or a list of random IDs (in the case of Threema). And at least Threema does not store any information about your contacts on their servers.

Can you obtain a phone number without any ID in the US? Because you can't in large parts of Europe.

replies(2): >>ardy42+SJ >>goneho+Sa1
◧◩◪◨
8. fsflov+Fb[view] [source] [discussion] 2020-06-05 08:54:16
>>HenryB+E3
You can access email only through Tor and they will never know your real IP.
replies(1): >>nix23+Ow
◧◩◪
9. ohhnoo+Bg[view] [source] [discussion] 2020-06-05 09:50:28
>>goneho+b2
Phone numbers are also guaranteed to be recycled. Every single whatsapp contact I have that's older than 3 years is no longer the original user. I know this because their profile picture is shown to me for some reason. Phone numbers are an outdated system that have no place in modern communication, especially not privacy software.
◧◩◪◨⬒
10. nix23+Ow[view] [source] [discussion] 2020-06-05 12:30:02
>>fsflov+Fb
Wrong...they probably don't know your IP..but a agency that has global surveillance in place, can find your source IP quite easy.
replies(1): >>fsflov+1F
◧◩◪◨⬒⬓
11. fsflov+1F[view] [source] [discussion] 2020-06-05 13:27:57
>>nix23+Ow
All typical attacks on Tor are known for many years already. If you follow the advises from the Tor website, it will be very hard (nearly impossible) to find you. What do you mean by "quite easy"?
replies(1): >>nix23+oG
◧◩◪◨⬒⬓⬔
12. nix23+oG[view] [source] [discussion] 2020-06-05 13:35:00
>>fsflov+1F
By quite easy i mean, when you have global surveillance in place. All tor-nodes are public all tor-exits are public, if your system can track connections from one node to another node and then the exit-node everything is clear.

https://en.wikipedia.org/wiki/Global_surveillance#Infiltrati...

Edit: And that from netzpolitik (highly trusted german source) under 'A global passive adversary' that's the interesting part: https://netzpolitik.org/2017/secret-documents-reveal-german-...

replies(1): >>fsflov+7Q
◧◩
13. ardy42+SJ[view] [source] [discussion] 2020-06-05 13:53:44
>>soziaw+86
> Can you obtain a phone number without any ID in the US? Because you can't in large parts of Europe.

Yes. About 10 years ago, before Google Voice, I needed a local area-code number to work with my apartment buzzer. I bought a $15 Tracphone with cash at Walmart and activated it at a payphone (mainly just to see if I could).

◧◩◪◨⬒⬓⬔⧯
14. fsflov+7Q[view] [source] [discussion] 2020-06-05 14:25:58
>>nix23+oG
It is enough to have at least a few independent relays to cover the trace. Everyone who can should be running a relay node at home I guess. Also we generally need more participants in Tor of course.

There is also I2P network, which is even harder to break (unless someone owns practically all nodes there).

replies(1): >>nix23+UU
◧◩◪◨⬒⬓⬔⧯▣
15. nix23+UU[view] [source] [discussion] 2020-06-05 14:52:18
>>fsflov+7Q
Well i run a node (not exit) and yes it's better then nothing, but to fully trust Tor is a big nono, i said nothing else. Protections from private company or country's yes..but protection from GCHQ/NSA probably not.

And no you can trace it thru the ISP's, the problem is the latency, Connection from here to there in that millisecond trace one...and so on.

replies(1): >>fsflov+BV
◧◩◪◨⬒⬓⬔⧯▣▦
16. fsflov+BV[view] [source] [discussion] 2020-06-05 14:56:01
>>nix23+UU
If you are speaking about the timing attack, then you should consider I2P. It makes them significantly harder. In general, I agree that if your enemy is NSA, you can do very little. But you can make their life harder, and you should.
replies(1): >>nix23+QX
◧◩◪◨⬒⬓⬔⧯▣▦▧
17. nix23+QX[view] [source] [discussion] 2020-06-05 15:07:25
>>fsflov+BV
I2P is absolutely great, a shame that it's no covered so much and Freenet was once also a cool project...i see we are on the same page ;)

Edit: GnuNet, RetroShare and ZeroNet should also be mentioned

◧◩
18. goneho+Sa1[view] [source] [discussion] 2020-06-05 16:17:00
>>soziaw+86
Is it a list of trash mail addresses by default or is there an assumption that people made trash mail addresses specifically for the app?

If it’s the latter, I suspect that won’t happen in practice for the majority of users.

I haven’t heard of threema, I guess users have to share their IDs manually with each other in that case?

[go to top]