• Poutinetown@lemmy.ca
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Sorry I misframed it. I mean that since there’s no need to reveal phone numbers, there could be an opportunity for spammers to increase spam by creating many accounts, and Signal should preemptively find ways where such spams could be reduced. However, I realized after posting that the article says we still need to sign up to signal with a phone number. However, there’s still the risk of impersonation (by writing someones username with tiny changes) and people trying to add vulnerable users by username (which they might be using on other platforms) instead of phone number.

        • rurutheguru@lemmings.world
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          Probably possible yeah, but if the account gets flagged after users reporting it, they’ll need to get a new number afterwards, which isn’t that easy (at least where I live).

      • Poutinetown@lemmy.ca
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        I imagine unrestricted usernames would make spam easier than with phone numbers. I’m just hoping they have a way to control this.

        • loki@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          they’re going with numbers along with usernames, kinda like discord to reduce spam. I hope they work.

        • smeg@feddit.uk
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          You still need a phone number to sign up, so there shouldn’t be any increase in spam

  • Hauke@feddit.de
    link
    fedilink
    arrow-up
    9
    ·
    1 year ago

    Nice! Maybe this will also pave the way for multiple accounts on the same device if you have two separate phone numbers for private and work.

  • brothershamus@kbin.social
    link
    fedilink
    arrow-up
    16
    ·
    1 year ago

    YES! The one main hurdle I’ve found (and the constant “share your contacts??” prompting). Good luck to them!

    • helenslunch@feddit.nl
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      1 year ago

      and the constant “share your contacts??” prompting

      Why wouldn’t you just share your contacts? And what does this have to do with that?

      • conciselyverbose@kbin.social
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        Because my contacts are none of their business, and it’s fucking disgusting to even ask without the user going way out of their way to initiate it.

        • helenslunch@feddit.nl
          link
          fedilink
          arrow-up
          0
          ·
          1 year ago

          They’re not. And they won’t see any of your contacts. It just allows the app itself access to them.

          • conciselyverbose@kbin.social
            link
            fedilink
            arrow-up
            0
            ·
            1 year ago

            There isn’t a single service on the planet who I would trust to allow their app to see my contacts.

            The app asking for the permission is not acceptable. The permission should not exist at all. Both mobile OS should only be permitting users to explicitly import contacts that they choose, with literally no way for any app to see the master list in any context.

            • helenslunch@feddit.nl
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              Signal has been through every trial and tribulation in existence. They’ve been audited by a dozen different companies, they’re open source, they’ve been subpoenaed by the government, etc. You’re just being paranoid.

    • sqgl@beehaw.org
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      While Signal did justify the need for numbers by cutting spam prevention I don’t get it…

      Spammers use fake phone numbers all the time on the regular phone service so why not on Signal? A few steps too many for them to bother registering?

      • dan@upvote.au
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        1 year ago

        Spammers use fake phone numbers all the time on the regular phone service

        The phone calls just use fake caller ID. Caller ID is entirely unauthenticated and the recipient just blindly trusts the sender, so scammers use sketchy VoIP services that let you override the caller ID without actually proving you own that number. Work is being done to improve this: https://www.fcc.gov/call-authentication

        That’s means it’s trivial to use a fake number for outgoing calls, but the spammers can’t actually receive incoming calls or texts to those numbers.

      • sculd@beehaw.org
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        A few possible answers:

        1. Signal is not big enough for spammers to spend resources on
        2. People who bothered to use Signal are likely to be more privacy minded and therefore less likely to fall for scam
        • u_tamtam@programming.dev
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago
          1. Signal just isn’t as private as its marketing wants you to think it is

          A tip (but you do you, of course), use something federated (XMPP!): the time for trusting a central organization to do no harm is over if you have kept tabs of anything internet over the last 40 years or so…

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    🤖 I’m a bot that provides automatic summaries for articles:

    Click here to see the summary

    Signal is publicly testing letting users add usernames to their accounts so they don’t have to share their phone number to connect via the encrypted messaging service.

    The test was announced via a post on the Signal forums by VP of engineering Jim O’Leary, who referred to the feature as “pre-beta” and warned that there’ll be rough edges including crashes and broken push notifications.

    Although accounts will still be associated with a traditional mobile number at setup, the username feature means you’ll be able to connect with and message other users without having to share what can be an important personally identifiable piece of information.

    PCMag points to a note in the service’s wiki mentioning that signs of the feature cropped up as early as 2019, and Whittaker has been open about the Signal’s plans for it.

    There are indicators that competitor WhatsApp is working on a similar feature, though the Meta-owned messaging service is typically less open about its future development plans.

    But the ease of installing these test clients varies, and you’ll only be able to talk to other users running similar pre-release software.


    Saved 50% of original text.

  • Arthur Besse@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    …so you can avoid sharing your phone number with your contacts.

    they are not planning to let you use Signal without having a phone number and sharing it with their (Amazon’s) servers.