this post was submitted on 17 Jun 2025
95 points (98.0% liked)
Privacy
2802 readers
580 users here now
Welcome! This is a community for all those who are interested in protecting their privacy.
Rules
PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!
- Be civil and no prejudice
- Don't promote big-tech software
- No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
- No reposting of news that was already posted
- No crypto, blockchain, NFTs
- No Xitter links (if absolutely necessary, use xcancel)
Related communities:
Some of these are only vaguely related, but great communities.
- !opensource@programming.dev
- !selfhosting@slrpnk.net / !selfhosted@lemmy.world
- !piracy@lemmy.dbzer0.com
- !drm@lemmy.dbzer0.com
founded 7 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Signal still centrally collects metadata and requires a phone number to participate.
If you're serious about privacy, ESPECIALLY if you're part of a group looking to organize in a clandestine fashion, you should look into the vastly superior SimpleX Chat.
SimpleX is run by a Trump apologist and "white genocide" believer who believes the protests are fake and/or literally Stalin.
Edit: "all child abuse is horrible. But..." Evgeny is especially concerned about "genocide of young white girls" specifically, wondering "can Elon Musk help?"
Can all of this compromise the SimpleX protocol in any way?
Nope. To add a little context, imagine that someone who uses Lemmy (which is well known to be developed by a team of people not everyone agrees with) to crosspost the same articles to infinity told everyone not to use a piece of well regarded and audited open source privacy software because it's main developer has sided with US republicans.
I kind of figured with the X in the name. (I'm only half joking... But yikes)
Fml why.
per the article
So, its all done by the user client? Meaning: If you check the source code, and compiled it yourself, it's safe? Even against a malicious server?
Or if you want to have a federated platform that's closer to something like Discord, Matrix.
i switched my family over to signal. i cant do a seitch again xD
On a serious note, sticking to Signal for family group chats is fine. No need to move them over to another platform.
Signal is likely fine for a use case like that. Don't feel like you need to switch if you don't have a good reason. Signal is a great balance between stupid-easy useability and E2EE messaging, and people who actually need that extra mile of privacy should know better than to use Signal.
I feel you.
Signal collects your IP address and the last IP address you sent a message to. They store that info to maintain their services. They also store your phone number, either of which can be tied back to your identity (in the US, don't @ me, friends from across the pond).
The only thing these reveal is that you use Signal, which is currently still legal. Also, even if a judge ordered Signal to collect outgoing messages for your user, the content of your messages would already be encrypted. So unless your use of the service could be construed as illegal (or perhaps who you're talking to), then it's probably still safe to use.
However, all that said, I still agree that SimpleX is a better choice for activism. No phone numbers or other useful identifiers, uses a series of nodes rather than a central server, expiring contact-adding codes, etc... it's simply better, if you need privacy against external threats.
And there's no reason you can't have both on your phone for different kinds of groups!
can you show evidence for this?
The best choice for activism right now is signal and has been for years. The best choice isn't necessarily the most hardened app or messaging system, it's the most hardened balanced against ease of use and access, along with features.
It's been proven in court several times. The only information they keep is your phone number, unix timestamp of your account creation, and the unix timestamp of when you were last online.
Which is not the claim OP made.
Which claim are you referring to?
Yeah, they likely misremembered that it was timestamps instead of IPs.
I mean its the principal claim.
I'd say that the principal claim is that they can't see your messages and that they have no incriminating data on you. No judge can order them to hand over your data and incriminate you because they don't have that data. What exactly is the very little data they have is less important.
Thats re-interpreting what they said to be something defensible; but it isn't what they said. What they said was specific, and isn't, afaik, supported by any evidence. Its also the very first thing they said. Their main point. The primary point. Not some other thing they didn't say, but the very first, and very specific thing they said first.
Re-interpreting what people say to support our bias is both de-constructive when real security concerns are on the line, disingenuous, and shows a lack of reading comprehension.
Ok.
Usability of Simplex is very similar to Signal.
Evidence for what?
The claim being made?
I promise I'm not being pedantic. Which claim? I made at least two.
They dropped the phone number requirement a while ago
No, you still need a phone number to sign up. You can now optionally have a username as well, but a phone number remains a hard requirement.
What's more, they require you to periodically log in on your phone. If you exclusively use the desktop client, you will get a message that access will be blocked if you don't sign in on your phone.
Sometimes, it feels like a surveillance loophole is left for the OS (remember when they had plain text backups on windows). And Apple, Microsoft, and Google would happily turn over data, while Signal always will have plausible deniability.
And you will always need a smartphone OS built by one of the US companies above to start and continue using signal.
you mean, you don't need one for registration?
I've been corrected on that.
Yeah I thought they had too, but it's the case that for a new account you still have to have a phone #. You can then use a chosen account for everything else.