Telegram is known as a privacy-focused secure messaging app because it markets itself that way. However, it is often criticized by security experts, privacy advocates, and people with common sense who can understand why its claims about being privacy-friendly don't make sense. In this brief article, I'll show you all
They spent years lying about their encryption algorithms too acting like they’re more secure than Signal when they never were
Signal cares so much about your privacy that they need your phone number.
Privacy ≠ anonominity.
Supposedly to combat spam (which makes sense) and some BS about bringing your social network.
But let’s think about this logically. What can they do with your phone number when they don’t know who you are?
Let’s say they receive a subpoena from a government law enforcement entity. That would have to include your phone number and even then what can they give that entity? The date you registered the number and the last time your account was active?
At best my guess is that you and others who bring this up are worried about the information that you can buy from data brokers that would include a phone number and allow someone with the phone number to link it to a person.
But at that point law enforcement already knows the number, already has likely used to same services to link that number to a human, and since most people haven’t de-googled or use an iPhone they likely know what apps are installed. Including signal.
What is the threat profile that should be worried about this?
Please note that I don’t think they should need to require a phone number and if you don’t want that you can use a different service.
But I’d like someone to elaborate on their reasons for objecting to this.
I ended up wanting an online pseudonymous identity as well as an offline real-life identity, which leads to needing multiple phone numbers when things are tied to said number. That’s extremely annoying to manage, especially with Signal’s current activity and update policies that essentially require you to keep a phone in a drawer, charge it and log into it every so often or risk losing your entire account due to inactivity, as only the mobile device counts for that purpose (this might supposedly be changing).
In that particular scenario, I don’t really care if my least-favorite three-letter-agency or law enforcement can link my identities. It’s a nice bonus if they can’t, but not an absolutely required feature. The main worry is the person on the other end trivially learning it. But the person on the other end might have a different set of worries that makes Signal one of the few available options for them.
That said, Telegram also requires a phone number and has exactly the same issue, so this is a rather weird thread to bring that up.