Example 2: A mutual friend wants to connect two friends who don't know each other. In a case like this, it can be easier to introduce a less secure element, like SMS
-
Show this thread
-
Example 3: Two people meet online and want to have a secure, less public conversation. Sharing phone numbers can reveal information (such as current or past location) that someone does not want to share
1 reply 0 retweets 0 likesShow this thread -
I am sure there are more examples. Without refactoring the app to have non-phone numbers as unique IDs, are there any design patterns that people have researched?
1 reply 0 retweets 0 likesShow this thread -
Replying to @NormanShamas
only solution i knowhttps://medium.com/@mshelton/using-signal-without-giving-your-phone-number-3a575580f652 …
2 replies 0 retweets 1 like -
Replying to @errorinn @NormanShamas
And it's not really a good solution because in almost all cases, either there's a trail linking the number back to you, or someone else can hijack the number and you have no recourse.
1 reply 1 retweet 1 like -
Replying to @RichFelker @NormanShamas
i've been able to get a free number with textnow using tor and a throwaway email address. the hijacking thing is certainly still a problem but it's outside many ppls' threat models
1 reply 1 retweet 2 likes -
Replying to @errorinn @RichFelker
Hijacking is definitely of concern for activists and journalists though. There are examples of that already being done in the US against activists with real phone numbers through social engineering of telcoms
1 reply 0 retweets 2 likes -
Replying to @NormanShamas @RichFelker
i've successfully social engineered my own number away from my telco as a test :(
2 replies 0 retweets 0 likes -
i think that it boils down to, there is no good answer to ur question. signal/whatsapp are just bad for this use case.
1 reply 0 retweets 1 like -
oh! and signal has PINs now to help prevent number hijacking!
1 reply 1 retweet 1 like
What do you do if you legitimately want to use Signal but the previous owner of your number already did before abandoning the number, and put a PIN on it? This whole model around phone numbers as identifiers is hopelessly broken.
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.