Signal knows who you're talking to
71 comments
·November 23, 2025jwr
jeroenhd
I this case, Signal could give users the option to protect their privacy by giving users the option to disable/mask/randomize timings on delivery receipts. I think there's a way to do it.
Thanks to this leak, surveillance states don't need to work around sealed sender stuff, though. They can just mass collect the Signal data and figure out IP patterns over time. Without proxying your traffic through ever-changing proxy networks such as Tor, it's only a matter of gathering data. Especially if someone accidentally hits the call button, which arranges a peer to peer setup immediately identifying the two parties.
Signal is still the best general purpose messenger out there if you value privacy and security. My government uses it as a communication mechanism between people and embassies in places with terrorist presence.
It looks like SimpleX has some protocol advantages but reading the reviews, the app doesn't seem good enough for the general population. It's probably because they value privacy above usability, but with problems like "messages don't get delivered if the other party doesn't open their app for a few days", that app isn't going to work for the people I talk to. I also can't really find who's paying for SimpleX, all I can find is anonymous donation links and a company listing in the UK (the country known for forcing Apple's hand in disabling E2EE backups). Probably fine, but once again, no messenger is perfect.
Vinnl
IMHO it's a very feasible position to just let those geeks keep criticising while meaningfully raising the bar on privacy for the average user. There will always be geeks who complain, but also plenty of them that see that perfect doesn't have to be the enemy of the good.
baiac
Signal have chosen to put themselves in an impossible position would be a better assessment of the situation. Their choices have made it impossible to appeal to either part of the aisle.
dist-epoch
Sounds like 2 apps to me, maybe they should split it into Signal and SignalUltraSafeTM, for the paranoid, but more inconvenient, with some interoperability between them.
CrossVR
What if people on SignalUltraSafeTM want to talk to people on regular Signal?
Telegram solved this already though, they allow users to register using either their phone number or a unique username. But Telegram has a huge spam problem. Which is likely the real reason Signal requires a phone number.
nalekberov
> But Telegram has a huge spam problem. Which is likely the real reason Signal requires a phone number.
I was able to register with fake number I got for free on the internet. That clearly doesn't solve SPAM problem. If I know that, Signal certainly knows that.
danelski
The paranoid crowd already has decentralised apps that you might not have heard of because… well.
udev4096
Ultra paranoid group already despises Signal because of it's strict phone number requirement and moxie's stubborn and unreasonable stance on refusing anyone to self-host. Matrix is far better than Signal
jeroenhd
If you're looking to protect yourself from metadata analysis, Matrix is not the protocol for you.
Matrix and XMPP are excellent protocols for decentralisation, but their E2EE implementation leaves all kinds of metadata exposed outside of the E2EE envelope.
You need to trust the server to not expose any of this information to anyone else (which is difficult to do when the police comes in with a warrant). If you use your own Matrix server(s) this isn't a direct problem, but then the communication links between you and the people you talk to would stand out immediately, so protection fails in other ways.
I'm not saying you should drop Matrix or anything, its decentralized nature and clear finances do have some trust advantages over Signal's occasional behaviour, but on a protocol level, an ultra paranoid person would probably be better off using (an audited client for) Signal.
pcthrowaway
I think Moxie's issue is with using their server for custom clients, but I'm curious if you have a link to him stating opposition to self-hosting?
hacker_homie
I mean you could always see where a letter was addressed, so knowing who your talking too seems like a reasonable compromise.
Sealed sender feels like a get out subpoena feature.
Beretta_Vexee
The article confuses confidentiality with anonymity/pseudonymity.
Signal has always aimed to ensure confidentiality in the simplest way possible. People forget that there are anonymous systems or systems that do not require a telephone number but they are incredibly painful to set up. You either have to go through physical checks with QR code exchanges to validate participants or have some kind of web of trust (no one has fond memories of PGP key signing parties).
The same goes for decentralization. On paper, everyone wants decentralization. But when it comes to interconnecting hundreds of servers with different rules, moderation and legislation, and protocol versions, it becomes hell and no one wants to have to manage it (e.g. Mastodon).
There are objective reasons why these systems are not popular.
The other problem is that the very use of this type of software becomes a marker. I am convinced that the majority of Olvid users work for the French government, for example.
Iranian activists who are checked at the border or elsewhere with any uncommon communication application have already lost, regardless of the security of the application.
Crypto-punks are a niche group that can accept this type of usage constraint. My grandmother cannot, but she can use Signal and she will be one user among millions.
noduerme
Precisely. It's a bit like the browser fingerprinting dilemma. The greater lengths to which you go to hide your fingerprint, the more unusual your total profile becomes.
May I humbly suggest the thing I've done for 25 years, when I need to pass sensitive data like a slate of passwords or API keys or confidential business logic... I just PGP encrypt a zip file and attach it to a normal email.
This does nothing to address the anonymity issue, as you point out. But I'm really not sure that any set of measures I could take would truly keep me anonymous at this point in the race between governments and the well-funded organizations trying to evade them. I assume that no matter what I do to hide my identity, someone with enough money and motivation would be able to unmask it. To believe otherwise would be foolish.
tchalla
The amount of times I have Signal dunked on for confusing confidentiality versus anonymity is just too high.
newscracker
I read through this. I don't think Proton Mail is a good replacement for Signal (it's worse because Proton does log and share IP addresses of users with a court order).
One thing I dislike about Signal on its privacy posture is that the moment you register, anyone who already has Signal and has your phone number in their contacts list will get a message saying you're on Signal. This is a good way for others with bad intentions to know about your presence on the platform. The options to hide your phone number are available only after registering on Signal (after this broadcast has already happened) and when the user figures out that this is possible somewhere deep in the settings.
On registration Signal could ask whether to inform all random people who happen to have your number. But since unused/discarded phone numbers are recycled by carriers to other customers within a matter of weeks or months or years (depending on where you are), your presence on Signal may be sent to someone you've never ever known or has known you. Signal ought to remove this broadcast on registration. Telegram (and I guess WhatsApp) also suffer from the same issue.
udev4096
That's false. You can set your phone number discovery to None and even your contacts cannot find you unless you explicitly message them or share your username
shevy-java
NSA will know.
sturza
The critique of metadata being hard is fair, the claim that sealed sender is “totally useless” is not. It’s a small, incremental hardening step in a very messy design space, not a magic invisibility cloak, and judging it as the latter sets the bar unrealistically high for anything that still wants to be a drop-in WhatsApp replacement.
skylerwiernik
> this feature is very technically complex, and totally useless
Now, to break your confidentiality, Signal would have to have a relatively complex system setup for trying to match up messages and deanonymize people. You could imagine many scenarios where a bad actor (agency) attempts to trick Signal into logging metadata. This now requires a lot more information, and if nothing else would give you a level of deniability.
zoobab
First question after Moxie Marlinspike talk at the CCC conference was: "When will Signal not base itself on a mobile phone number, I am an activist from Iran"
jotaen
> First question after Moxie Marlinspike talk at the CCC conference was: "When will Signal not base itself on a mobile phone number, I am an activist from Iran"
Not meant to be pedantic, but the question about phone numbers appears to be the last question after the talk, asked at 38:05 in the video. (The first question, at 30:50, is about post quantum security.) I also don’t think the asker mentions being from Iran.
input_sh
That was not the first question, the first question was about post-quantum security. Care to time stamp it or do we have to sit through all of the Q&A to find your claim?
jotaen
Not OP, but I’ve referenced the time stamps in my sibling comment.
Also, “Be kind. Don't be snarky.” (https://news.ycombinator.com/newsguidelines.html)
input_sh
I saw your comment and just finished listening to it, to those that can't be bothered to, he boils it down to: they don't want you to lose all of your social network if you lose your device. Imagine having to re-discover every user you've communicated with because you no longer have their identifiers, which I think is a fair argument to make.
Also, now that we know the timestamp, we know this user spread two pieces of misinformation in 28 words: Iran was never mentioned and it was not the first question in the QA. I think some snark is well justified here.
guytv
what was his answer?
udev4096
"Never"
shevy-java
These are all spy-apps anyway. To me it always looked as if the US government is just a thin fake-coat over this operation. There is a reason they dislike people having secrets. No spy agency wants people to have secrets. Cops asking for an ID without a probable cause is another reason that then ties into the legal system. I feel that most governments overreach what they can do in general; they have a tendency to grow in what they claim is their concern when it really is not.
defraudbah
people often confuse privacy with anonymity, like in this article.
the question was if signal is secure and private, and the answer is about anonymity
is it secure and private - it is, is it anonymous - it's not, or at least, to some degree
jijijijij
Hm. I think, you are confusing general privacy with confidentiality. Observing who I am talking to definitely falls into the privacy domain.
Eg. you are talking to an HIV medical specialist. This inherently has privacy implications, if observable. Likewise, you wouldn't say DNS has no privacy implications.
Anonymity rather means, you don't/can't know who exactly you are talking to.
null
dist-epoch
Some definitions of "private" also include "not knowing who I talk to".
bjoli
I always thought sealed sender was something they implemented for their own sake. The less metadata they can see is better. As a user that means you have to trust them in what they say regarding the data they keep anyway.
Regarding sealed sender I don't think they ever fixed the statistical method of identifying sealed senders described in the "improving sealed sender" paper from 2019 (?), meaning it is pretty useless anyway if signal decided they wanted to identify senders.
HelloUsername
I thought you can register Signal with a virtual number, then in settings simply hide the phone number, and create new chats with your username?
Also, what about Briar/Berty as alternative?
https://play.google.com/store/apps/details?id=org.briarproje...
shmichael
It is, as far as I know, an unsolved problem how to implement full metadata transparency on a mobile device.
For example, Aztec, a privacy focused blockchain, requires recipients to download the entire block to determine if any private message is addressed to them (and BTW use techniques resembling Signal's double ratcheting in creating these identifiers) [1]
This is infeasible on mobile devices. At best, it allows the user to select a proxy server they trust to identify messages intended for them and forward a notification.
1 - https://www.taurushq.com/blog/enhancing-token-transaction-pr... (search for "synchronizer")
My_Name
You can't have end to end encryption without ends. That said, I have managed to write encrypted end to end communication, using wireguard no less, that doesn't tell a third party server who is talking, or what they are saying.
This is single user talking to single user, though. I know it gets more complex when you have more users than that.
Signal is in an impossible position. On one hand, it needs to appeal to the crowds currently using WhatsApp and happily syncing their entire contact list to Facebook/Meta, so that they can be profiled and a social graph can be built. That crowd needs it to be super simple and "just work". If it doesn't do that, people will criticize it for being difficult to use.
On the other hand, it needs to provide ultimate security, even though there is always a compromise between security and convenience. If it doesn't, geeks will criticize it for not being secure enough.