But, it sounds to me like more reason to want to self-host.

So do that. You can do that with Signal.

I don’t see any point to rehashing the other stuff. Non-TLS websites mostly went away once DNS spoofing at wifi hotspots became widespread.

Maybe I wasn’t clear, someone said that back in the day registration on a website was a new and bad thing, connecting it with privacy and comparing to Signal asking for phone number. I answered with the idea that not much commonly thought from that time about privacy has aged well. You wouldn’t register on websites, but you would communicate with them over plaintext. I hope that makes it clearer.

Server code openness doesn’t matter other than functioning at all. For a system acceptable in a privacy community.

Normal people don’t anyway.

Well, some of the stuff they wrote, not said, wasn’t stupid and wrong.

1. People were complaining about JS existing when SSL and TLS were not omniscious. If we disagree on that fact, move on.
2. A sequence of digits.
3. OK, what are your “simple heuristics” for a bunch of pieces of ciphertext with unknown sender (except for IP addresses) in your storage to pick spammers from that?

Signal protocol guarantees that what’s on the server we can discard in your suspicions, it doesn’t matter, because you are not trusting it.

The client is fully open.

One account per phone number versus infinity of accounts without.

1. When people would complain about JS on webpages, they were not.
2. Completely different things overlap all the time.
3. Because your status updates and messages are encrypted and stored (until retrieved, of course) once for every recipient, and that includes your other devices and their other devices.

1. they were talking of something like year 2003, when they were commonly not.
2. no, PSTN is not private.
3. for something end-to-end encrypted, including message metadata (not connection metadata), this statement seems amazingly stupid ; “simple heuristics” are usually used on something like plaintext e-mail.

I think choosing a server, like in some ICQ clients, is not a complex modification.

Do not let this derail us.

Nothing is derailing you personally. Why are you repeating this to others?

Signal’s internal identifiers are, of course, not phone numbers. And you can download their server and host it without requiring phone numbers for registration. Just they simply can’t afford it, they need to prevent bots from registering and sending messages somehow. A group message is stored in Signal as many times as there are group members, for example.

People told you a few times to go look for yourself what Signal can give away. Its protocol descriptions are pretty understandable.

The whole bloody reason it’s always recommended is because it’s absolutely the best thing in terms of yes, encrypting metadata. It’s state of the art, level above that bullshit you’re thinking.

Unfortunately, that also means that hosting it takes lots of resources, which means they have to screen bots and mults somehow. Phone numbers are one way. Paid accounts are another.

The barrier is that only you and your friends would be using that Fignal or Xignal or whatever home installation, and for that practically, for ease of use, it’s simpler to host Matrix which even a complete idiot can do.

You should have visited Signal’s github page first, I dunno. Before talking. Made up a lot of stuff.

They do have proprietary code for that crypto wallet they have there, well hidden, and for, eh, phone number registration, but other than that module it’s all released, I think.

The server and the client applications are FOSS. You can host it for yourself, patching out the domain names and registration parts the way you like it more.

0. Yes, and in that time you would visit a website with your own IP address likely, likely over HTTP without SSL/TLS, likely with your vulnerable browser fingerprint. Point?

1. Privacy, not anonymity. Two completely different things.

2. Because the way Signal is built hosting it requires a lot of resources (storage especially), so they want spam prevention and fewer accounts per person.

EL 7 is EL 7. But that time is over

(Also this won’t really help you because Linux is a mainstream system with big corporate input. Backdoors hidden in plain sight are a thing.

This will make you feel better though, Windows sucks.)