Signal introduces "username" feature

edited February 20 in General

Its finally happening, you will be able to chat on Signal without disclosing your phone number to anyone.
Sadly usernames are required to have at least 2 numbers at the end of it, so you cannot get "og" names. However 01 at the end is pretty unique, I have compiled the beta version of Signal and checked many popular and "cool" words, and they are pretty much all unclaimed and you can have them with .01 at the end.

Its still in beta and supposed to launch in a few weeks.

https://signal.org/blog/phone-number-privacy-usernames/
https://support.signal.org/hc/articles/6712070553754

«13

Comments

  • You're still required to use a phone number with Signal. We still do not know what their server is doing with people's data. User beware!

    Thanked by (1)lapua

    VPS providers to check out:

  • edited February 20

    @chitree said:
    You're still required to use a phone number with Signal. We still do not know what their server is doing with people's data. User beware!

    Their server is open source: https://github.com/signalapp/Signal-Server
    You can use an anonymous eSim such as https://silent.link/

    Here is what feds receive from Signal when they subpoena your data: https://signal.org/bigbrother/santaclara/

    Also what data are you talking about? Everything is verifiably encrypted. There are even Signal client forks with baked in Tor routing and other security/privacy features, one of them being https://molly.im/

  • Signal implemented MobileCoin in their messenger without publishing any public code updates for almost a year, as we learn from this video https://www.bitchute.com/video/tJoO2uWrX1M/

    The MobileCoin devs also removed the statement "At MobileCoin, we believe governments have a legitimate interest in regulating the economic lives of their citizens." Feel free to search the original evidence shown at this link https://web.archive.org/web/20201127142851/https://mobilecoin.foundation/about

    I do not trust Signal, I do not believe anyone should trust Signal, but you're welcome to trust them & free to have your opinion about how what this company has done is not nefarious.

    VPS providers to check out:

  • Thanks, works with the 7.0.0-beta.1 desktop app.

    Thanked by (1)bdl
  • The Signal Protocol, not the current company, is a great protocol. The problem is the current implementation being funded by the Silly Con Valley company called the Signal Foundation.

    Thanked by (1)bikegremlin

    VPS providers to check out:

  • @chitree said: Signal implemented MobileCoin in their messenger without publishing any public code updates for almost a year, as we learn from this video https://www.bitchute.com/video/tJoO2uWrX1M/

    The MobileCoin devs also removed the statement "At MobileCoin, we believe governments have a legitimate interest in regulating the economic lives of their citizens." Feel free to search the original evidence shown at this link https://web.archive.org/web/20201127142851/https://mobilecoin.foundation/about

    It proves absolutely nothing in terms of your "data" claim.

  • @treesmokah said:

    @chitree said: Signal implemented MobileCoin in their messenger without publishing any public code updates for almost a year, as we learn from this video https://www.bitchute.com/video/tJoO2uWrX1M/

    The MobileCoin devs also removed the statement "At MobileCoin, we believe governments have a legitimate interest in regulating the economic lives of their citizens." Feel free to search the original evidence shown at this link https://web.archive.org/web/20201127142851/https://mobilecoin.foundation/about

    It proves absolutely nothing in terms of your "data" claim.

    You are more than welcome to trust anything currently being run out of Silly Con Valley.

    VPS providers to check out:

  • edited February 20

    @chitree said:

    @treesmokah said:

    @chitree said: Signal implemented MobileCoin in their messenger without publishing any public code updates for almost a year, as we learn from this video https://www.bitchute.com/video/tJoO2uWrX1M/

    The MobileCoin devs also removed the statement "At MobileCoin, we believe governments have a legitimate interest in regulating the economic lives of their citizens." Feel free to search the original evidence shown at this link https://web.archive.org/web/20201127142851/https://mobilecoin.foundation/about

    It proves absolutely nothing in terms of your "data" claim.

    You are more than welcome to trust anything currently being run out of Silly Con Valley.

    I trust it enough to use with close friends and family. I wouldn't trust it in scenarios where anonymity is a requirement, I value its security and not privacy/anonymity.

  • Did you know that the Signal CEO resigned and then the WhatsApp co-founder took over in 2022?
    https://www.rt.com/news/545730-signal-founder-resigns-state-dept/

    VPS providers to check out:

  • Also in 2022, the Swiss Army banned their military from using Signal Messenger. If it is "so good" then why the ban?
    https://www.rt.com/news/545502-switzerland-army-ban-whatsapp-privacy/

    VPS providers to check out:

  • edited February 20

    @chitree said:
    Did you know that the Signal CEO resigned and then the WhatsApp co-founder took over in 2022?
    https://www.rt.com/news/545730-signal-founder-resigns-state-dept/

    Except its not true. Brian Acton is a president of Signal non-profit, since 2018.
    Signal new CEO is Meredith Whittaker.

  • edited February 20

    @chitree said:
    Also in 2022, the Swiss Army banned their military from using Signal Messenger. If it is "so good" then why the ban?
    https://www.rt.com/news/545502-switzerland-army-ban-whatsapp-privacy/

    Because their own encrypted app, Threema is a requirement and is contracted for this purpose.
    At their place I would support a local company too.

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    Hi @treesmokah!

    Do you know how Signal works?

    • Are / were the phone numbers involved in some kind of verification that senders and receivers really are on the devices they said they were?

    • Is it now going to be the case that a Signal user can take his username along while hopping across various devices?

    • It used to be that the only info Signal said they kept was the phone number, account creation date, User-agent, and the last time the client was seen. It just can't be true that Signal now is going to keep both phone number and username together?

    Now:

    # Account
    Phone number: +XXXXXXXXX
    Find account by phone number: true
    

    Coming soon (hopefully very wrong):

    # Account
    Phone number: +XXXXXXXXX
    Find account by phone number: true
    Username: Blah01
    Find account by username: false
    

    Thanks!

    Tom

    Thanked by (1)chitree

    I hope everyone gets the servers they want!

  • edited February 20

    @Not_Oles said: Are / were the phone numbers involved in some kind of verification that senders and receivers really are on the devices they said they were?

    Phone numbers correspond to public keys, they are presented to the user for verification. By default you give your contacts "limited" trust, and have to check qr/public key using another form of communication to be 100% sure you are talking to who you think you are.

    @Not_Oles said: Is it now going to be the case that a Signal user can take his username along while hopping across various devices?

    You are able to pair different devices to one Signal account, its been like that for a long time. Username cannot be associated with multiple accounts at once, you have to pair your devices.

    @Not_Oles said: It used to be that the only info Signal said they kept was the phone number, account creation date, User-agent, and the last time the client was seen. It just can't be true that Signal now is going to keep both phone number and username together?

    I assume it will be this way, there is no other way around it. Username is internally tied to your Phone Number/account.

    Thanked by (1)Not_Oles
  • finally! because the fundamental design flaw with signal is/was that everyone who wanted to write about signal knew my phone number. what a madness. but what else is to be noted, this guy behind signal (morklinblabla) is he serious? at least he seems to be active in the field of cultural appropriation and rather a politically left-wing bird, right?

    Thanked by (1)Not_Oles
  • edited February 20

    @lapua said: at least he seems to be active in the field of cultural appropriation and rather a politically left-wing bird, right?

    Historically most of apps like this were created by Left-wing extremists or Anarchists using them to undermine the Government. It wouldn't surprise me if it was the case this time, but I'm not worried about it too much.
    Tor is also "proudly" left-wing and supports fellow anarcho-communists such as Riseup. In this case it was a little bit more worrying as I witnessed Tor developers trying to exploit Tor to deanonymize services of people they don't agree with politically.

    This is the single most retarded thing they have posted. They have absolutely no issues(it seems) with degenerate websites serving child pornography, but they had to "draw the line" at the hecking white nationalist website.
    Comments under this Tweet are absolutely hilarious with basically nobody supporting this cringe virtue-signaling obviously forced by extremely Jewish Team-Cymru CEO serving as higher up in Tor foundation(who is no more after they have been exposed to be a NSA and Israeli intelligence contractor).
    Cymru has also hosted essential infrastructure of Tor, such as authority servers.

    Thanked by (1)Not_Oles
  • _MS__MS_ OGSenpai
    edited February 20

    Got mine.
    Thanks, rastacat <3.

    Thanked by (1)treesmokah
  • @treesmokah said:

    @Not_Oles said: It used to be that the only info Signal said they kept was the phone number, account creation date, User-agent, and the last time the client was seen. It just can't be true that Signal now is going to keep both phone number and username together?

    I assume it will be this way, there is no other way around it. Username is internally tied to your Phone Number/account.

    Nothing should be tied to your phone number as your PII & data are more valuable than anything in the world right now. Signal Messenger will never change their need to require a phone number and this username facade is just to muddy those waters even more.

    Thanked by (1)Not_Oles

    VPS providers to check out:

  • Here's a great article I would urge anyone in the LES community using Signal Messenger to read. Information & knowledge of what we're using is very important.

    https://dessalines.github.io/essays/why_not_signal.html

    Thanked by (2)lapua Not_Oles

    VPS providers to check out:

  • edited February 20

    @chitree said:
    Here's a great article I would urge anyone in the LES community using Signal Messenger to read. Information & knowledge of what we're using is very important.

    https://dessalines.github.io/essays/why_not_signal.html

    It all depends on your threat model. Good fucking luck getting your friends and family to install a XMPP client with OMEMO and teach them how federation works.
    I treat Signal as less aids Whatsapp alternative, nothing more than that.

    Also regarding this article, first recommended alternative being Matrix. If you dig deep enough you will find ties and funding from Israeli Intelligence agencies. I personally knew one of Matrix developers, and their protocol is absolute leaky garbage(almost like it was made on purpose).
    I do not recommend anyone use Matrix/Element, its even worse than Signal.

    https://hackea.org/notas/matrix.html

    Thanked by (2)bdl Not_Oles
  • "If you were building a secure platform, and wanted to use an identifier, what would be the worst thing to use? Phone numbers." - this is the fundamental design flaw of signal!

    Thanked by (2)chitree Not_Oles
  • @lapua said:
    "If you were building a secure platform, and wanted to use an identifier, what would be the worst thing to use? Phone numbers." - this is the fundamental design flaw of signal!

    It costs a whole $0.06 to have an "anonymous" Signal account.

    Again, it all depends on your threat model. Signal was supposed to be normie friendly, and it is.
    I would not trust for anonymous communication, I trust it with secure communication with my friends and family.

    Thanked by (1)Not_Oles
  • YmpkerYmpker OGContent Writer

    @treesmokah this might be offtopic, but since you seem to be quite active in the privacy scene, have you heard of or even tried Session by Oxen? I used it once with a friend, but we quickly stopped doing so, because unlike Signal nobody of our friends even knew Session. Session doesn't require a phone number to sign up and seems to send messages and route calls through an Onion networks where messages and files appear to be like separated encrypted shard where one server never holds enough data to decrypt a message. They're also F-Droid: https://getsession.org/

    Thanked by (1)Not_Oles
  • @treesmokah said:

    @lapua said:
    "If you were building a secure platform, and wanted to use an identifier, what would be the worst thing to use? Phone numbers." - this is the fundamental design flaw of signal!

    It costs a whole $0.06 to have an "anonymous" Signal account.

    Again, it all depends on your threat model. Signal was supposed to be normie friendly, and it is.
    I would not trust for anonymous communication, I trust it with secure communication with my friends and family.

    0,06$ for what? more details please.

    Thanked by (1)Not_Oles
  • edited February 20

    @Ympker said:
    @treesmokah this might be offtopic, but since you seem to be quite active in the privacy scene, have you heard of or even tried Session by Oxen? I used it once with a friend, but we quickly stopped doing so, because unlike Signal nobody of our friends even knew Session. Session doesn't require a phone number to sign up and seems to send messages and route calls through an Onion networks where messages and files appear to be like separated encrypted shard where one server never holds enough data to decrypt a message. They're also F-Droid: https://getsession.org/

    I'm an early adopter and a friend of developers(now ex-developers) of Session, Oxen and Lokinet.
    I do not recommend usage of any of their products. They have officially sold out to feds, they are not a privacy-coin anymore instead they are an ERC20(Ethereum) token now, and have defrauded their investors(or at least they feel like it).
    Session codebase is a fucking mess, I cannot express it enough, it fucking sucks ass. Their management is a bunch of retards, especially Kee Jefferys(CTO or whoever the fuck he is there now). I have witnessed him baking in a hardcoded blacklist of SOGS(Session Open Groups) after he was contacted by some organization that allegedly fights CP distribution, he has not verified anything, he has received SHA512 hashes of said groups and just told his developers to bake it in to the software(with absolutely no legal grounds, to do it in the first place). After protest of Employees and close group of community members, it was ditched and 99.99% of the people don't even know it happened.
    Oxen was fairly ok. Lokinet was my favorite with a truly passionate developer(i2p veteran), who has since quit after recent developments inside Oxen(OPTF Foundation), and the community died so did the project as a whole. I used to run the largest Lokinet services around and be very active in the community, but oh well. Any old member of the community should know who I am.

    I could go on about it for hours, but to shorten it up.
    Oxen is dead, Lokinet is dead, Session is unusable and trash and will soon be dead. Entire OPTF will soon be dead, they are out of money, completely, and try to find it in the worst places imaginable.
    Their pathetic management ran this project to the ground. Who thought trusting Australians with anything was a good idea.

  • @lapua said:

    @treesmokah said:

    @lapua said:
    "If you were building a secure platform, and wanted to use an identifier, what would be the worst thing to use? Phone numbers." - this is the fundamental design flaw of signal!

    It costs a whole $0.06 to have an "anonymous" Signal account.

    Again, it all depends on your threat model. Signal was supposed to be normie friendly, and it is.
    I would not trust for anonymous communication, I trust it with secure communication with my friends and family.

    0,06$ for what? more details please.

    For a phone number that can be used for Signal, then you set 2FA(or whatever they call it) so someone cannot recover your account if they get the same number somehow, and that's about it. I've been doing it like that on Telegram for ages.

    Thanked by (1)Not_Oles
  • @treesmokah said:

    @lapua said:
    "If you were building a secure platform, and wanted to use an identifier, what would be the worst thing to use? Phone numbers." - this is the fundamental design flaw of signal!

    It costs a whole $0.06 to have an "anonymous" Signal account.

    Again, it all depends on your threat model. Signal was supposed to be normie friendly, and it is.
    I would not trust for anonymous communication, I trust it with secure communication with my friends and family.

    What's the name of this service? The ones I found are more expensive.

    Thanked by (1)Not_Oles
  • @Bogddan said:

    @treesmokah said:

    @lapua said:
    "If you were building a secure platform, and wanted to use an identifier, what would be the worst thing to use? Phone numbers." - this is the fundamental design flaw of signal!

    It costs a whole $0.06 to have an "anonymous" Signal account.

    Again, it all depends on your threat model. Signal was supposed to be normie friendly, and it is.
    I would not trust for anonymous communication, I trust it with secure communication with my friends and family.

    What's the name of this service? The ones I found are more expensive.

    https://onlinesim.io/

  • YmpkerYmpker OGContent Writer

    @treesmokah said:

    @Ympker said:
    @treesmokah this might be offtopic, but since you seem to be quite active in the privacy scene, have you heard of or even tried Session by Oxen? I used it once with a friend, but we quickly stopped doing so, because unlike Signal nobody of our friends even knew Session. Session doesn't require a phone number to sign up and seems to send messages and route calls through an Onion networks where messages and files appear to be like separated encrypted shard where one server never holds enough data to decrypt a message. They're also F-Droid: https://getsession.org/

    I'm an early adopter and a friend of developers(now ex-developers) of Session, Oxen and Lokinet.
    I do not recommend usage of any of their products. They have officially sold out to feds, they are not a privacy-coin anymore instead they are an ERC20(Ethereum) token now, and have defrauded their investors(or at least they feel like it).
    Session codebase is a fucking mess, I cannot express it enough, it fucking sucks ass. Their management is a bunch of retards, especially Kee Jefferys(CTO or whoever the fuck he is there now). I have witnessed him baking in a hardcoded blacklist of SOGS(Session Open Groups) after he was contacted by some organization that allegedly fights CP distribution, he has not verified anything, he has received SHA512 hashes of said groups and just told his developers to bake it in to the software(with absolutely no legal grounds, to do it in the first place). After protest of Employees and close group of community members, it was ditched and 99.99% of the people don't even know it happened.
    Oxen was fairly ok. Lokinet was my favorite with a truly passionate developer(i2p veteran), who has since quit after recent developments inside Oxen(OPTF Foundation), and the community died so did the project as a whole. I used to run the largest Lokinet services around and be very active in the community, but oh well. Any old member of the community should know who I am.

    I could go on about it for hours, but to shorten it up.
    Oxen is dead, Lokinet is dead, Session is unusable and trash and will soon be dead. Entire OPTF will soon be dead, they are out of money, completely, and try to find it in the worst places imaginable.
    Their pathetic management ran this project to the ground. Who thought trusting Australians with anything was a good idea.

    Thanks for the summary. What a shame.
    It sounded promising when I first heard about it, however, when I recently saw a video ad from Session on Instagram I couldn't believe it was from them. The video seemed really odd and even someone in the comments said it doesn't instill confidence. Adding your information it seems like I am not likely to use Session again.
    I was between Signal and Session when I was looking for a WA alternative that I could use to communicate with friends/family and it's definitely been easier to convince (some of) them to use Signal than Session. Looking forward to the username feature! Not that I expect to be anonymous using Signal, but similar to what you said earlier, I trust it to chat with family/friends.

    Thanked by (1)Not_Oles
  • @Ympker what about threema?

    Thanked by (1)Not_Oles
Sign In or Register to comment.