= Signal
{disambiguate=software}
{c}
{wiki}
Basic must haves:
* <end-to-end encryption>: yes
* <open source software>: yes
Other cool stuff:
* sealed sender: https://signal.org/blog/sealed-sender/ Nice!
Missing:
* <Tor (anonymity network)> routing by default:
* https://community.signalusers.org/t/use-the-built-in-tor-project-in-the-program-source/26291
* option to enable disappearing messages by default:
* https://community.signalusers.org/t/ability-to-set-your-own-default-timer-for-disappearing-messages-on-all-new-conversations/5144 "Ability to set your own default timer for disappearing messages on all new conversations"
* https://www.reddit.com/r/signal/comments/jhknuz/default_disappearing_messages_timeout_for_new/
* messages are not encrypted on desktop via the <password manager>!?!?
* https://github.com/signalapp/Signal-Desktop/issues/549
* https://github.com/signalapp/Signal-Desktop/issues/1318
* https://www.reddit.com/r/privacy/comments/fwux29/signal_desktop_stores_the_encryption_key_in_a/
* https://whispersystems.discoursehosting.net/t/improve-security-of-desktop-apps-encryption-of-data-at-rest/26494
* https://community.signalusers.org/t/why-cant-we-lock-the-desktop-app-with-a-password/1383
* web client:
* https://security.stackexchange.com/questions/238011/why-is-there-no-web-client-for-signal
* secure anti-forensic <data erasure> to attain <plausible deniability> of disappearing messages:
* https://www.reddit.com/r/signal/comments/ki5mbn/how_well_does_signal_delete_old_messages/
* https://community.signalusers.org/t/is-deleting-secure-in-its-current-form/908
* https://community.signalusers.org/t/traces-of-messages-that-have-disappeared/5049
Previously missing:
* remove the need to share your phone number with contacts: <messaging software that force you to share your mobile phone with contacts>{parent}. This is a deal breaker for online acquaintances:
* https://security.stackexchange.com/questions/231637/signal-contact-people-or-have-people-contact-me-without-revealing-phone-numbe/245665\#245665
* https://community.signalusers.org/t/have-option-to-set-up-username/8723
* https://www.reddit.com/r/signal/comments/8kybil/is_signal_ever_going_to_include_usernames/
* https://community.signalusers.org/t/usernames-lets-throw-phone-numbers-in-the-dustbin-of-history/7282
* remove need for phone completely:
* https://community.signalusers.org/t/a-proposal-for-alternative-primary-identifiers/3023
* https://community.signalusers.org/t/remove-the-need-for-a-mobile-phone/1543
* https://community.signalusers.org/t/registering-with-an-email-address/919
* https://community.signalusers.org/t/username-id-registration-without-phone-number/9800
* https://community.signalusers.org/t/more-reasons-why-signal-should-ditch-phone-numbers-the-guardian-confirmed-the-identity-of-those-in-the-chat-by-cross-checking-phone-numbers-attached-to-the-signal-accounts/7311
* https://community.signalusers.org/t/why-is-phone-and-phone-number-required/1425 https://community.signalusers.org/t/what-is-the-technical-reason-that-i-cannot-use-signal-without-a-phone-number-and-that-i-cannot-use-signal-desktop-without-signal-on-my-phone/11400
Beta February 2024: https://signal.org/blog/phone-number-privacy-usernames/
TODO what's the fucking official discussion/feature request forum?
* https://community.signalusers.org appears to be the de-facto non-official one.
* https://github.com/signalapp/Signal-Android/issues/5372
* https://whispersystems.discoursehosting.net
* https://github.com/signalapp/Signal-Desktop/issues/1318 closes and points to discoursehosting
* https://github.com/signalapp/Signal-Desktop/issues/549
* https://www.reddit.com/r/signal/comments/lipo6z/community_signal_forum_vs_reddit/ gives some good history, says they pay for https://community.signalusers.org/ and have admin powers there.
Feature overview:
* https://security.stackexchange.com/questions/139493/is-signal-still-more-secure-than-whatsapp