🌐 Website Issue | Should Signal (Android) have a warning about the insecurity of SMSes? #1573
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1573
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description
Currently the card just says:
I wonder if it should be expanded to warn about SMSes in general and how the carrier can read them and store/share them and what other problems there are? Or perhaps there should be a blog post we could link to?
This was brought up to me as a result of a private query asking about #859 and referring to Signal's metadata when SMS option is chosen.
Ehh, as this isn't a signal issue, i would say your better off making a seperate section of why sms is bad.
This was discussed in a group chat a while back and I think it fell somewhere in the realm that @blacklight447-ptio mentioned. The insecurity of SMS isn't Signal's fault and they make no claim that if you choose to use Signal as your SMS messenger than those texts are E2EE.
The description on PT also states "All communications are E2EE unless you choose to send as SMS." - which I would say makes it clear enough that this is the case. I think a warning would be overkill and make it seem as though it's a security flaw in Signal.
https://github.com/privacytoolsIO/privacytools.io/issues/1578