This. They had a (hopefully non-technical) justification for this but it's of course completely unnecessary. Your identity could just as easily be a username or a random key. If you need to share that identity you could always do it out of band.
I tried to use Signal and even gave it permission to use my contacts when I installed it. Once it found the handful of people I know using it I disabled those permissions. To my surprise, the app refused to let me use it. That's when I uninstalled it and stopped recommending it to people.
How they operate makes me think they're trying to build the illusion of security above all else (possibly with nefarious purposes?) or they're more concerned about driving up their user #s than they are about providing security.
Despite what security consultants like to tell people, end to end encryption is not rocket science. If you trust the publicly available algorithms (if you don't then this is moot) then it's relatively straightforward to assemble a system that should be secure over the wire.
Of course, that requires you to also trust that the app you're installing is using the same source as the one you vetted (or wrote) and that your device / computer hasn't been compromised somehow. Ditto the person you're talking to. You can trust the whole chain if you want but currently verifying it is impossible.
I like to do a thought experiment about what an actually secure messaging system would look like. The only truly secure system is an air-gapped one. (Yes, there are ways to bridge the air gap if you're in the vicinity, but that's not the point.)
How could you air gap a mobile phone? Well, you can't. What you could do is use a second phone with the radios physically disabled. You could then use this to encrypt your messages and then type those encrypted messages into email or SMS or whatever.
This is a bit laborious so you could send the encrypted info to the second phone and to a second app that brokers these messages. You could use the analog ports to modem these messages back and forth. Assuming your ADC is just an ADC, the standard analog audio port should not be hackable in any way.
This is a silly example but it's meant to illustrate a point. If you really have something to hide, an app isn't going to get your there. If you just want a little bit of privacy, you're better off with iMessage or whoever is offering end to end encryption. Signal is not a particularly good chat app and no, most of your friends aren't using it anyway.
I tried to use Signal and even gave it permission to use my contacts when I installed it. Once it found the handful of people I know using it I disabled those permissions. To my surprise, the app refused to let me use it. That's when I uninstalled it and stopped recommending it to people.
How they operate makes me think they're trying to build the illusion of security above all else (possibly with nefarious purposes?) or they're more concerned about driving up their user #s than they are about providing security.
Despite what security consultants like to tell people, end to end encryption is not rocket science. If you trust the publicly available algorithms (if you don't then this is moot) then it's relatively straightforward to assemble a system that should be secure over the wire.
Of course, that requires you to also trust that the app you're installing is using the same source as the one you vetted (or wrote) and that your device / computer hasn't been compromised somehow. Ditto the person you're talking to. You can trust the whole chain if you want but currently verifying it is impossible.
I like to do a thought experiment about what an actually secure messaging system would look like. The only truly secure system is an air-gapped one. (Yes, there are ways to bridge the air gap if you're in the vicinity, but that's not the point.)
How could you air gap a mobile phone? Well, you can't. What you could do is use a second phone with the radios physically disabled. You could then use this to encrypt your messages and then type those encrypted messages into email or SMS or whatever.
This is a bit laborious so you could send the encrypted info to the second phone and to a second app that brokers these messages. You could use the analog ports to modem these messages back and forth. Assuming your ADC is just an ADC, the standard analog audio port should not be hackable in any way.
This is a silly example but it's meant to illustrate a point. If you really have something to hide, an app isn't going to get your there. If you just want a little bit of privacy, you're better off with iMessage or whoever is offering end to end encryption. Signal is not a particularly good chat app and no, most of your friends aren't using it anyway.
Obligatory: https://www.schneier.com/essays/archives/2007/01/in_praise_o...