Phone numbers are to Signal as social security numbers are to credit applications: a unique ID that was designed for a specific purpose but coopted for other identification needs, to the point that now people think the two purposes are related.
The phone-number/Signal and social-security-number/credit-score repurposings break down in the same way: nobody knows whether it's a username or password
@xor I'd say that the sim-card == the password with Signal. If someone will have your phone sim-card then that person can start to try to impersonate you.
@yellowfrog yes but I mostly mean with other people! Like, in order to communicate on Signal you have to give somebody your phone number, which is (for many people) valuable and private
@xor Yes, indeed. I noticed that with Telegram one can simply hand out a Telegram user-name with the option to reveal or not reveal the personal phone number later.
@yellowfrog Signal could do that too! But it's their strongest argument against federation: that people's address books are portable because they're bootstrapped from existing identifiers
@xor @yellowfrog it's worthwhile exploring some of the reasons why people feel phone numbers are private/valuable (without judging them). Off the top of my head:
1) Single phone number -> person mapping means hard to compartmentalise different identities
2) Possibility of harassment tied to knowledge of phone (why people want to keep emails addresses secret too)
3) Expensive to discard phone number, so permanent identifier
4) Phone co. can map to name/address
@patrickod @mala @xor Most people might indeed use their sole and personal phone number for Signal and Telegram, but that is not a must. Prepaid sim-cards can still be had in Holland for 5€ with no questions asked, unlike in some other countries where one has to show ID to buy prepaid sim-cards.
@yellowfrog @mala @xor this is not a workable or practical solution for so many reasons: lack of availability of SIMs w/ cash and no details in many countries, "locked" phones which prevent people from using the SIMs even if they could purchase them, and also the numerous usability and practical concerns. This is a problem that can absolutely be solved without people having to source new SIMs for each separate identity they wish to have.
@patrickod @mala @xor Was not meant as solution. Just sharing information. A geek friend abroad asked me months ago how long this option will last, wanting to buy a 1000 prepaid sim-cards in Holland :)
@mala @xor @yellowfrog Also concerns with text based 2FA
@mala @xor @yellowfrog my fear of any service that requires my phone number is tied to that time I set up an alt twitter account to slowly come out as trans, but twitter notified everyone with my phone number that I was queer
And I also worry that phone number as my personal identifier makes it too easy to collect metadata about who I talk to, when, and how much data we share with each other
😖
@katje @mala @yellowfrog Totally agreed. You can also imagine that the two things you're describing (call them, say, contact discoverability and persistent identification) are probably considered benefits by some of the people who make those decisions!
@xor @katje @mala @yellowfrog it doesnt even use SMS. the only time it falls back to SMS is when their servers are out of reach bc no data/their servers are down, and then it fails over to... unencrypted SMS using your phone's app.
theres no reason for phone numbers other than ease of use and importing contacts in, quite frankly, pretty gross ways
@mala @xor @yellowfrog the second reason is my main reason for not making my number public; though in the age of cellular phones, it's easier to get more than one number if you have extra income (not everyone does)
@mala @xor @yellowfrog +100 ideally identities should be as easy to create and discard as possible. People keep phone numbers for very long periods (e.g. odd social value in keeping numbers with certain area codes etc...) making them a pretty awful fit for this purpose.