Q October 20, 2022 7:33 AM

Signal requires a phone number, and requires using a “smart” phone to set it up.

So, no thanks.

It’s a messaging app. Why not simply use it on a laptop/desktop, with any username someone chooses? Then it can truly claim to be privacy focussed.

They can make all the promises they want, but that doesn’t mean that will keep them, or that they can keep them even if they wanted to. Leaks, hacks, subpoenas, etc. can make it all go backwards.

tfb October 20, 2022 7:46 AM

Signal uses phone numbers. Threema, for instance, uses random strings. Further if you install signal on your phone, and you are in my contacts, then I know you have installed signal. If you think that is OK, think harder.

Signal has done a really good job of misleading people about how safe it actually is.

Clive Robinson October 20, 2022 8:25 AM

@ ALL,

To be honest I stopped reading wheb I got to,

“Signal knows nothing about who you are. It doesn’t have your profile information and it has introduced group encryption protections.”

Whilst that is potentially true it’s disingenuous and designed as a “lie of ommission”

Signal has all it’s users phone numbers, these are like the new social security numbers.

Whilst Signal may not know all your details, it has the “Primary Key” by which they are all uniquely identified…

So they have the “keys to your kingdom” as “third party business records” and all the readers here should know what that means…

So there was no point reading on.

Winter October 20, 2022 9:41 AM


Signal requires a phone number, and requires using a “smart” phone to set it up.

All security is a trade-off between security and usability. If you want perfect security, do not use a computer and do not use the internet, do not use the phone network, and do not use radio waves.

Then you also do not have any medium to transfer your message over, and no one to send it to.

If you want to use a smartphone and the internet, and you want to communicate with someone else, then the question is what would be better than Signal? I am open for suggestions.

And if you do not want iOS or Android, there are several Google free images for Android, some indeed geared to security and privacy. They are all hampered by the fact that they are build on TCP/IP and common hardware.

If you want to stick to a laptop, you can use one of several apps that all have in common that hardly anyone uses them. My experiences with encrypted messaging on laptops and computers are that there were never anyone to comunicate with.

Alex October 20, 2022 9:45 AM

Doesn’t Signal’s use of phone numbers help them ensure that you’re actually talking to the person you think you are? I mean, there are choices to be made about identity in the system, different options that are legitimate and defensible in different contexts.

Commenters here are writing as if Signal is lying and trying to trick us into using an insecure product. I don’t think that’s true.

In the end it’s only a tool, and like all tools, especially ones that involve security, it has its limitations, and you have to understand what’s going on to get the most out of it.

But do you guys really think Signal is a bad tool to have access to? They’ve made something that’s as usable as text messaging, and that goes a long way toward securing our privacy.

Perry Fellwock October 20, 2022 9:59 AM

Smart phone convenience is a lure, alleged “security” is akin to religious faith, and Silicon Valley is a Ponzi scheme that can only offer more tech. Don’t expect tech courtiers to discuss such topics as that would put an abrupt end to all their paid speaking engagements.

You have been warned: “The False Friends of Digital Privacy.”

This post may be deleted, as celebrity defenders jump up with ad hominem cries of “fake news.”

Read the above and decide for yourself, while you still can.

Lee Hammond October 20, 2022 11:39 AM

Threema uses an alphanumeric string as your ID and is unique to a device. The downside is almost no-one uses it.

Any opinions here on Session?

evilkiru October 20, 2022 12:00 PM

@Perry Fellwock: I don’t understand why you think your post might get deleted. There’s really nothing new at the linked article. It’s just more in the vein of putting too much trust in over-hyped technology, something that is regularly warned against here.

willmore October 20, 2022 12:03 PM

Can we get an android tablet version of the app? There’s an iOS tablet version, why isn’t there an android one? There’s even a desktop version that runs on multiple OSs. Not having an android tablet app is a glaring omission.

Quantry October 20, 2022 12:18 PM

@ all, @ tfb

In reality, the problems of persons who are ACTUALLY targeted mostly lay at/before the endpoint, it feels like.

You really have to send the message via a QR code, etc, and do the computing off-line, in “that SEIF little room”.

And let me mix in a symmetric key in the handshake, or something resembling forward-secure! Is anything less REALLY encryption? Geez. Something still feels too “managed” here.

@ tfb, still has the central server ya? Why? Too much gravy in one place: too many multi-eyed parasites.

Might as well just dump it on a ‘htt ps://
‘htt ps://

or some such.

iAPX October 20, 2022 12:33 PM

Signal was a great product, less today, but still what I call false-security.

A state-level actor could identify your communication network and could identify yourself. Phone number doesn’t help either to say the least.

There are no simple way to communicate safely through Internet, this is a fact.
Bin Laden understood that point, privileging physical letters being delivered (through donkey!), so nothing new under the sun.

Clive Robinson October 20, 2022 1:09 PM

@ Alex, ALL,

Re : The lie of security apps.

“Commenters here are writing as if Signal is lying and trying to trick us into using an insecure product. I don’t think that’s true.”

Unfortunately it is very much true and can be easily shown to be so.

We’ve been through this before on this blog… But to start with there are a few very important things you have to remember that alow the lies to be spun,

1, “All security rests on the weakest link in the chain, when it is broken security is broken”

2, “All secure systems are built by the use of parts that are not inherently secure nor are designed to be”.

3, “The order the parts of a system are placed in critically effects the security of the system”.

With regards mobile phones and other smart devices they have not in anyway been designed to be secure. In point of fact they have all been designed to be secure against the user. It’s just one of the reasons so many apps can “Data Rape You” and do so despite “Walled Garden” promises.

Infact Google go a long way to ensure you are actually insecure. Have a look in the news about their “incognito mode” being anything but, and a standing joke amoungst many Google employees, and the court case they failed to dismiss in march last year, that embarising emails are now coming out of,

So the underlying platforms are at many levels compleatly insecure by design to stop users having ownership of their phones and devices. Does this matter? yes and no, it depends on how things are segregated / issolated within the whole system.

The simple fact is on smart devices, it matters not a jot how secure you make the communications element. Because of the underlying platform system design. Which alows an attacker can get in through another communications path that is not secure –of which there are many– they can then through the fairly insecure OS go around the security application and it’s embedded “security end point” to the user interface and file system interface etc. Anything that is “plaintext” is thus vulnerable.

The inherent design of all current smart devices is that this “end run attack” where an an attacker from the open communications channel can reach around the “security end point” inside the security application to the plaintext of the user interface etc is always going to work.

As I’ve explained before, those behind those security apps know this full well and I’ve repeatedly challenged them to come along and say otherwise and present proof.

You may notice none ever have, you could pretend otherwise, but the truth is they know I’m telling the truth.

Which also means that those users using these security apps are drawing a large fat target on their back and effectively advertising “they have something to hide”. Thus making certain peoples tasks much easier in two basic ways,

1, The users have publically advertised they have something to hide.
2, The fact the users incorrectly believe they are secure, will cause most users to be very indiscrete as a minimum.

We’ve seen the “proof of concept” on this with those very expensive phones criminals used that the authorities used end run attacks on to get at the user content…

It’s why I refuse to use “secure apps” because I know they are anything but, and “humans will be lazy humans” looking for “Quick Fix Convenience” and they will not follow good opsec, so at some point Cardinal Richelieu’s maxim will happen for them.

All this is known to the managment not just of Google, Apple, other Silicon Valley Mega Corps, but the managment of every single company or entity that produces security apps. But none of them will be honest about it because of the “Upton Sinclair” principle,

“It is difficult to get a man to understand something, when his salary depends on his not understanding it.”

And don’t think this is a modern problem as Socrates noted around two and a half millenia ago,

“Three things cannot be long hidden: the sun, the moon, and the truth.”

That “hidden time” of “the truth” about systems built around current smart devices “not being secure” is long past, so why people do not acknowledge the truth of it I realy don’t know, but I can guess (it’s called “convenience” / “lazyness”).

John White October 20, 2022 2:00 PM

@Alex: Signal WAS usable. But Whittaker has dictated dropping SMS support. Absolutely insane. She is deliberately sabotaging the system. I understand they have also been dropping Signal accounts of Palestinians on the orders of the IDF since she took over.

Clive Robinson October 20, 2022 2:01 PM

@ Bruce, ALL,

If anyone is in any doubt about what I say about “secure apps” being “insecure in systems and use”, how about reading the US National Security Agency on this matter,


“The Inevitability of Failure”

It points out in the conclusion that,

“current security efforts suffer from the flawed assumption that adequate security can be provided in applications with the existing security mechanisms of mainstream operating systems.”

By “Mainstream Operating Systems” they mean all those OS’s consumers get from from Silicon Valley “Mega Corps” and all those Open Source projects that end up in our desktip, laptop computers, pads and Smart Devices, all those “Internet of Things” devices and all “White Goods” and “Vehicals” you can buy as an Jo(e) Citizen.

Yup that’s all of them that you will ever have some incorrect sense of “ownership of” by “purchase” you actually own none of them, they own you, and they all either spy on you by default like MicroSoft or they can be trivially abused to do so…

But this is not “news”, what feels like a lifetime ago, but was around four decades, in his excellent “Turing Award Lecture” one of the creator of UNIX, “Ken Thompson” succinctly pointed out the warning,

“You can’t trust code that you did not totally create yourself.”

But time has shown that even if you “totally create yourself” code is not enough… You have to inclued the entire “computing stack” from device physics down at the quantum level, all the way up to international treaties. This is not possible for a single individual.

Does this mean we are going to be forever “insecure” well “yes” if the Silicon Valley Mega-Corps and just about every government in existance has it’s way. All these consumer sysyems are designed from the ground up to be insecure by two basic methods,

1, They do not alow you control.
2, They do not segregate parts.

If you want “control” then you have to exert your right to do so by putting “segregation” in as “mittigation”. Which unfortunately means,

1, Knowing how to segregate
2, Ability to “energy gap”
3, Practice good OpSec
4, Know how to safely use crypto

The big problem is whilst a few people can do all of this most can not.

Read the paper,

“Why Johny Can’t encrypt”

As an intro as to the problems,

Leonid October 20, 2022 3:15 PM

I’ll use Signal when F-Droid includes it. The fact that a security-focused program relies on closed source code, and opposes inclusion in open-source app repos, should be a red flag.

SpaceLifeForm October 20, 2022 5:41 PM

@ John White, Clive, Quantry, ALL

re: no SMS

Note that Signal is only dropping SMS support on Android, not iPhone.

There is no reason to drop working functionality on one platform, but not the other, when they both rely upon SS7 and there will still be another app available to do SMS.

It is an excuse that makes zero sense.

That should give you a clue about the users at the endpoints. I may have misspeeled targrets.


John D October 20, 2022 6:11 PM

“Signal requires a phone number, and requires using a “smart” phone to set it up.”
“Signal uses phone numbers.”
That phone number can be virtual, a number where you can receive the verification code. It needs not to be your actual mobile number.
Also, you can ‘mirror’ in Windows and Linux devices by installing the software and linking them with your mobile version.

Rowan October 20, 2022 6:20 PM

Lots of knee-jerk takes on Signal in the comments.
Do y’all really think it hasn’t occurred to Bruce that Signal requires a phone number to set up? Come on people.

Don’t trust Google Apps? Download the apk from the Signal site directly.
Don’t trust Smart phones? Install it on an android virtual machine.

Worried about subpoenas? Check out the Signal Foundation’s track record and you will realize that they fulfill their promises. If you really think Signal has been gag ordered or coerced to the point where they are lying to state courts about metadata storage in actual legal cases, your threat model is ridiculous.

Don’t want to use it? Fine.
But don’t act like the Signal Foundation is trying to trick you into using their non-profit messaging app.

Q October 20, 2022 6:22 PM

Many here appear to confuse security with privacy.

Requiring a phone number erodes privacy. That has nothing to do with security.

Requiring a “smart” phone erodes security. Vendors like Apple retain ultimate control over “your” device. Apple can, at any time, decide to “update” the device with new malware of their making. The only protection you have against this is their promises.

Also, a phone number is not a person. Messaging to a phone number identifier does not ensure you are talking to any particular person. You are talking to a device that Signal assumes is associated with a phone number. Nothing more.

Clive Robinson October 20, 2022 7:02 PM

@ Q, ALL,

Re : Phone numbers.

“Also, a phone number is not a person.”

Really, I’ve already pointed out that that sort of statment is “a lie of omission”. If you look back up the page you will find,

“Signal has all it’s users phone numbers, these are like the new social security numbers.

Whilst Signal may not know all your details, it has the “Primary Key” by which they are all uniquely identified…”

Perhaps you should sit down and have a think about “reality” not “perception” as used by people trying to in effect lie.

The sort of game the NSA uses in front of congressional commities where they “redefine words” to hide what they have done and are plant to not just continue doing but do a lot more of…

Which brings us around to,

“Many here appear to confuse security with privacy.”

I suspect you are the one confused. It can be easily shown that all information security and a lot of physical security is only possible by the privacy of a “root of trust”. If it is nolonger private then neither form of security holds. Thus one is logically a subset of the other.

Clive Robinson October 20, 2022 7:27 PM

@ SpaceLifeForm,

Re : Dropping SMS

“There is no reason to drop working functionality on one platform, but not the other”

Err if menory serves correctly Apple was effectively going to “drop SMS” and go with their own backend because of “security” and “other concerns”.

They replacment is called iMessage and the “user interface” is the same for both. Apparebtly Apple use different coloured bubbles –blue/green– to indicate which messaging system a message was transported by.

From a user perspective I was also told but never verified that iMessage did not incure “SMS Charging” which could be quite swinging on some “roaming” tarrifs.

If the above is correct then it might explain why Signal have apparently dropped SMS on one platform but not the other.

Ted October 20, 2022 7:59 PM

Signal has a really interesting profile as a non-profit.

It sounds like they are currently funded by a long-term loan from acting CEO Brian Acton. (According to Wikipedia, the loan was up to $105 million as of 2018, and is due in 2068.)

I wonder if Meredith and the board have a short-list for the new CEO position they plan to fill.

They have an exciting mission ahead to grow Signal users and build the network effect. I hope they are able to foster the user donation model into a successful funding program.

With only 40 employees at the company, most being engineers, I wonder if they have sufficient legal support. As they grow and deal with various interests, I hope the app remains open source and the service fervently devoted to its raison d’etre.

Winter October 21, 2022 3:18 AM

@Clive, All

Re: “The Inevitability of Failure”

I think we can say that the second law of thermodynamics tells us that these two assertions are identical:
1. Death is inevitable
2. Failure is inevitable

In this universe, everything will eventually die and all schemes have a real risk of failure.

It points out in the conclusion that,
“current security efforts suffer from the flawed assumption that adequate security can be provided in applications with the existing security mechanisms of mainstream operating systems.”

This all hinges on the definition of adequate security. The old saying that hardware access breaks all software security still holds. Which means that those who supply the hardware control its security.

Only a vanishing small fraction of the population would be able to assemble a truly clean hardware and software stack. The other 99.99% of the population will have to do with what is on offer.

For these 99.99% of the people, Signal supplies all the privacy and security they realistically need. For the others, they will have to spend a lot of time and effort (money) to get their communications secured to the level of their threats.

And communication cannot be secured by a single party. Journalists have been attacked by breaking into the accounts/phones/computers of those they communicated with. Having unbreakable security and privacy does not help them as much as is often asserted.

Dave October 21, 2022 3:28 AM

My big complaint with Signal is that staggering bloat and churn of the thing, it’s hundreds of megabytes for an encrypted chat/phonecall app, and it seems like every single time I fire it up it wants to update yet again to a new version that’s exactly the same as the one it’s updated from. Since it requires something like 2-3 times its already bloated size to run an update, a lot of the time under Windows it’ll run out of space and die with some nonsensical error message. And you can’t defer updates for too long or it disables itself.

Dave October 21, 2022 3:39 AM

@Lee Hammond: “Threema uses an alphanumeric string as your ID and is unique to a device. The downside is almost no-one uses it”.

Nononononono, that’s not true at all, I know a guy who uses it so there’s at least one user.

Q October 21, 2022 4:46 AM

The huge download sizes, the auto-disable unless you are using the most recent “approved” version, the pretence of privacy when they demand a phone number identifier, the desire to be the everything app, etc.

These the issue with the software companies like this. You can’t just do what you want, you have to comply to their desires and demands.

It seems every company wants to “socialise” their stuff, to make it more “engaging”, or something. With annoying notifications every five seconds, and oodles of distracting animations. And “just trust us to keep your data safe, we promise to be good”. Yuck.

Give me something I control. Where I decide if I want the latest update with stickers and other fluff, or not. Where I decide if I want to associate a phone number, or my name, or anything at all.

BTW: A person is not a phone number. Some people have many associated phone numbers. Some numbers have many associated people. You can’t use a phone number as a unique identifier. People are people, numbers are numbers, and there is not a one-to-one mapping.

Clive Robinson October 21, 2022 5:31 AM

@ Winter, ALL,

Re : “The Inevitability of Failure”

“In this universe, everything will eventually die and all schemes have a real risk of failure.”

It’s not my choice of title but the NSA employee who wrote the paper. However you and others might be able to draw a conclusion as to what they personal interests in entertainment were.

But you could alway have quoted our host @Bruce, with his comment about attacks never getting worse (which is an interesting inversion of the notion of thermodynamics and Maxwell’s Demon).

But that asside as,

“Which means that those who supply the hardware control its security.”

Is actually no more than an assumption, that there is no actual proof for…

If however you instead said,

“Those who supply the hardware as it is currently made available to consumers control its security”

Then I would agree with you. Hopefully it should be clear to all that one of two things apply about current consumer devices,

1, They are insecure by design.
2, All the designers do not know how to design securely.

As I know the second is not true, then the first most probably is… but that just raises the age old question of “Why?”

Which I have answered in the past on this blog and it boils down to two things

1, Efficiency -v- Security.
2, Inefficient resource usage.

The underlying fact is that nothing is “inherently secure” that is “security” is a construct and always has to be “built by design”.

Whilst it is true that security can come about as a side effect of other design goals[1] or random chance or evolution[2] almost invariably it will be weak security.

Economics has the notion of “utility” in a good or service. But what is utility in reality not theory?

It boils down mostly to someone with very little or no social skills gambling with other peoples money.

They call it “Marketing” and the fact is it fails more than nine times in ten, yet they demand not just a large segment of resources for themselves, but also control of most other resources. I could go on to say that they are actually realy dependent on sociopaths, that call themselves “sales”, who act in a similar way.

It’s very rare for either “Sales” or “Marketing” to see actual security favourably so it almost never makes it onto their “objectives short list” for a product. In fact the opposite generally happens, so many “bells and whistles” are added that are just thrown in that the complexity of the interactions gives rise to vulnarabilities in large measure more and more of which become exploitable on a daily basis.

As I’ve repeatedly pointed out,

“Security is a Quality Process”

And as such like Quality Assurance it should be an organisational “buy-in” from before a product is even thought of and should continue to beyond the product “End Of Life”(EOL).

As noted by @Dave above with,

“My big complaint with Signal is that staggering bloat and churn of the thing…”

A very obvious indicator that Signal as an organisation actually does not have “real security” as either a “product objective”, or “Quality Process”…

So the question people have to ask of Signal is,

If not real security, then what?

It was a question “Moxie Marlinspike” faild to address let alone answer… He is exhibiting certain behaviours I’ve warned of in the past. That is he’s started a project and is in the process of “jumping ship” in the first third. Thus no matter what happens to Signal he will be able to claim it as a success.

That is, if Signal becomes the must have app for eternity, Moxie can claim that was due to those who followed him building on “his good foundations”. If as I suspect Signal will not succed in becoming the be all and end all of security apps, then he can claim the failure of those who followed him for not building on “his good foundations”. Either way jumping ship early turns him into a winner no matter who else is a looser, potentially of their life…

[1] When designing a container to “hold something” against physical movment / damage all most always the materials chosen do not alow visable light or UV through. As a result of this the objects inside can not be seen and likewise do not suffere from sunlight degradation. We would put it under “Security by Obscurity” which is still a form of security even though weak.

[2] There is a saying “Sh1t happens” which is actually a comment on probability, usually when it acts unfavourably (sometimes not). As with pendulums probability swings in both directions, therefore sometimes probability does give increased security but it tends to be mostly weak security and you might hear someone say “that was lucky”. There is also a saying of,

“I’m a great believer in luck, I try to make as much of it as I can”

Is a variation on a quote attributed to Thomas Jefferson. Importantly unlike the Jefferson quote it adds direction to an activity, in effect turning it into a vector. What it realy means is that you don’t do something just to do something and expect fortuitous circumstances, you look for fortuitous circumstances and move towards those by choice not chance. This means you have knowledge as a prerequisite that enables you to take advantage of random as you have agency (thus you posses the minimum indicators of sentience). In the military they try to teach you to “read the ground” that is find ways to get from A to B using ground features that maximize your objective, the primary one usually being not detected by the enemy. Hence the saying “moving from cover to cover with minimal exposure”. This is possible primarily due to “gravity” creating minima where resources accumulate and often aggregate sufficiently for other living things to use adventageously.

[3] For those that think I’m being unfair etc, just remember, the only skin I have in this game is ensuring the people who realy need it have the security they need to survive against those who pursue “Might is Right” policies against them. At the moment “No Security Apps” not just Signal can give even close to this goal.

Winter October 21, 2022 5:46 AM


As I know the second is not true, then the first most probably is… but that just raises the age old question of “Why?”

There is no non-trivial software without bugs. Current hardware is software compiled to silicon. Hence, there is no hardware without bugs.

If you define bugs as “behavior not according to specification”, we get the next level problem as: “There is no non-trivial specification with unwanted (aka, insecure) behavior”.

Denton Scratch October 21, 2022 6:31 AM

“There is no non-trivial specification with unwanted (aka, insecure) behavior”


Most commenters upthread have noted the requirement for a phone number and a smartphone. Also the unsecured contact lists. These are killers for me.

I didn’t know you could use a “borrowed” virtual phone number just for signup (have I got that right?). But that involves significant hoop jumping.

I can barely type on a smartphone; my thumbs are too broad, my eyes are too dim, and my hands are too shaky. And I have no idea what my smartphone is doing, at any time. Requiring a smartphone is an odd choice for a supposedly secure communications scheme.

So I think some of the Signal choices are perverse. I don’t think anyone’s lying, though; it’s the privilege of the authors of free software to make arsey decisions.

Clive Robinson October 21, 2022 7:53 AM

@ Denton Scratch

Re : “In the Quatermasters Stores”

Or a “how not to of food security 😉

You say,

“my thumbs are too broad, my eyes are too dim, and my hands are too shaky.”

Back oh so many moons when I was not much more than a wee lad, there was a song sung around camp fires. Even the Shadows did an up tempo instrumental of it I gues six decades ago,

It’s usually copyrighted as “traditional” and goes back before WWII at least.

The chorus I learned was,

My eyes are dim I can not see,
I’ve left my specs in the WC.
I’ve left my specs in the WCeee.

With verses repeated twice starting with a line like,

There were mice, mice

Followed by a rhyming downside line such as,

Mixed in with the rice

Followed by

In the stores, in the stores,

The starting line repeated followed by a second rhyming downside, then the verse round closing line of,

In the Quatermasters stores.

It was popular enough to be known in the US as well,

Funny what menories just a few words bring back.

Denton Scratch October 21, 2022 11:10 AM


In the Quatermasters Stores

Yes, the “my eyes are dim” line was from that boyscouts song.

As it happens, I was in the school Combined Cadet Force. I didn’t feel like crawling around muddy fields in uniform on Wednesday afternoons, so I signed up as a quartermaster. We used to raid the ration packs for biscuits and chocolate.

The quartermaster team had another job: once a year, the entire CCF went on “exercises” on Salisbury Plain. Our job was to whip up bacon and eggs for 50 people.

We weren’t responsible for rifles and ammunition; I’m not sure who was, but our armoury was once raided by IRA bandits. They got away with a dozen or so WWI-era Lee-Enfield Martini-action rifles.

evilkiru October 21, 2022 11:11 AM

@Clive Robinson, @SpaceLifeForm: Re iPhone and SS7.

When sending an iPhone message to another iPhone user, there is no use of SMS. Your message is sent via iMessage instead and the messages you send show up on a blue background. If your message shows up on a green background, you know you’re messaging someone who doesn’t have iMessage support. And yes, there are no SMS charges for messages that go via iMessage, but if you’re not connected to Wi-Fi, they may still incur cellular network usage charges.

Which leaves one unanswered question: Does Signal actually support SMS on iPhone or does it only support iMessage use?

AL October 21, 2022 11:44 AM

I have Signal on IOS, and as far as I can tell, SMS is not available on Signal. It is only available in the Apple Messages app where the message comes up as a green bubble.

But SMS is going to go the way of the dodo bird. Everything is going to move over to data. Voice went VoLTE. SMS may go to RCS. RCS is where I’d like to see Signal go, but I think Apple will block it.

SpaceLifeForm October 21, 2022 7:58 PM

@ evilkiru, AL, Clive

re: iPhone and SS7

There is more than one unanswered question.

AL, can you do a test?

Using Signal on iPhone, send a message to an Android user that does not have Signal installed. This will force a fallback to SMS.

Does your sent message show up in iMessage?

SpaceLifeForm October 21, 2022 8:53 PM

@ AL, evilkiru, Clive

re: Signal and UX

Just to clarify, because I was not clear, and I think you have answered my question, but I want to be clear on which direction the messages were going.

The reason I ask is because I want to understand the fallback mechanism.

Just as Signal on Android will fallback to SMS if the intended recipient is not using Signal, iMessage will fallback to SMS if the intended recipient is not using iMessage.

Both Signal and Apple know via the Primary Key (the phone number).

Well, they think they know, but that is another story.

There are a lot of Android Signal users that are upset, mainly for three reasons.

  • They like the UI
  • They do not have to remember if the intended recipient has Signal or not.
  • All of the messages are in one place, no need for an extra app.

Instead of ripping out the functionality that users like, my recommendation is for the Signal App to tell the user that the intended recipient is not using Signal (or there was a problem), and make the user at least confirm or deny that the app should continue to send via SMS. This can prevent silent downgrade attacks.

Signal could even go just a bit further, and avoid the dialog box, by allowing the user to note that they know the intended recipient does not use Signal, so always use SMS unless the setting is changed (when the recipient lets the sender know that they have installed Signal).

My apologies if this sounds logical and is good UX.

SpaceLifeForm October 21, 2022 10:24 PM

@ Denton Scratch, Clive

re: non-trivial specification

The attack surface is obvious to me. Java on server side. Really?


And Twilio? No, no hacks related to Twilio. Flesh wound stuff.


The Signal software, while open source, is such a cluster that you would have to be insane to even think about forking it. A complete redesign and rewrite would save you years of effort, and it would be more secure. Millions of lines of code eliminated, no problem.

Q October 22, 2022 4:07 AM

Session is a fork of Signal.

Claims according to the website:

  • Has no requirement for a phone number or email, just uses a random string ID.
  • Uses TOR style routing to obscure source and destination devices.
  • Supports “smart” phones, and desktop.
  • Supports groups, text, voice messages, and documents.
  • Open source

So all that leaves is to somehow communicate the random string ID to your intended recipients.

If a new random ID is created for each recipient it might be safer, but probably worse to use. Then your privacy would be impacted less by having some recipients with poor opsec.

Clive Robinson October 22, 2022 12:48 PM

@ iAPX, ALL,

First a quick appology you might have heard the UK has had a few probs in the last few days… With Putin trying to ahoot down an Intelligence plane in international air space well away from either Russia or the Ukrain. Secondly apparently our latest Prime Minister has had a fit of the vapours and was last seen running for the hills (look up “Chiltern Hundreds”). So life has become a little topsy turvey… But back to it.

Re : Communicating safely on Internet.

“There are no simple way to communicate safely through Internet, this is a fact.”

No it’s not “a fact” it’s an assumption.

It’s based on the notion the Internet is in essence a “Point to Point”(P2P) only network… When in fact it was originally designed not to be… The reason for the change goes back to Gulf War I/II and the fact Sadam Husain had used the more interesting facets of the original DoD design –based on the work of Gordon Welchman after he left Bletchly– to make a very fault tollerent Command and Control network (Something the FiveEyes decided could nolonger be allowed).

The World Wide Web”(W3) runs on TCP, which requires the P2P behaviour. There is an alternative UDP that is basicaly a fire and forget protocol that is rarely used. Both TCP and UDP sit ontop of IP which is another non channel datagram based protocol.

The thing about b IP is that it assumes oneway multiply routed datagram packets of data and all it does is make an attempt –not even best effort– to get them from the sender at point A to the recipient at point B. The reason is two fold,

1, It gives independence from the physical layer.
2, It assumes the physical layer is at best “unreliable.

So IP in effect “layers a virtual network” over the physical layer what ever it might be.

As I’ve mentioned before with Shannon Communications Channels you can layer them as much as you wish.

So you can layer your own new more secure and security minded protocol on top.

Thus all you have to do is understand the failings of the current supposadly secure neyworks like Tor / Mix-net that are anything but secure –by design– and design the failings out.

Have a look at the notion of a “Fleet Broadcast” system that has been around since the earliest days of Radio and you will start to see the possabilities.

Needless to say the work of Gordon Welchman is still “classified” but the military networks are often built on the principles laid down by him.

Clive Robinson October 22, 2022 5:34 PM

@ Q,

Re : Phone numbers as identifiers

“BTW: A person is not a phone number… …You can’t use a phone number as a unique identifier.”


Remember that,

“We kill people by meta-data”

When it became clear the US were targeting drone strikes ment to kill certain individuals by the use of a mobile phone?

I could go on with a long list of other entities that rightly or wrongly associate a phone number so intemately with an individual it becomes used the same as a social security number.

That list by the way would include all the big Silicon Valley Corps we hear so much about, all the credit agencies, banks and similar including most US Health Care and other oarts of the US Federal Goverment. In fact likewise any other online service using 2FA / SMS for account security. Then there are “data brokers” who work in part for the worlds largest business sector “Sales and Marketing” they use your phone number as a primary or secondary key because it’s a lot more unique than your name is. Then there are unfortunately the new bread of “surveillance companies” like Palantir.

They all use the phone number as it’s more reliable as an identifier than not just your name, but your zip/post code, but also credit card numbers…

That is the way of the Western World currently and it’s only getting worse. Covid-19 has pushed the idea of your mobile phone being “you” rather more than some people realise.

Clive Robinson October 22, 2022 6:45 PM

@ Winter,

Re :

“There is no non-trivial software without bugs. Current hardware is software compiled to silicon. Hence, there is no hardware without bugs.”

Whilst I do not disagree with the first sentance, in fact there is a mathmatical proof that rather more than suggests it’s true, you get into shakey ground with the second. You assume that a bug in software MUST somehow effect the output, which is at best an assumption. In fact there is software that impliments “state machines” used to control physical devices and every state is not just within the state machine, it’s fully tested as such (it’s one of the things I do with “flight hardware” and it’s a certificational requirment).

Which makes your QED style third sentence improbable.

The problem is that your assumption is that “something flawed” must in turn “make things with flaws”. It’s just not true as any “instrument maker”[1] can tell you.

Further if you think about it nearly all human progress outside of original inventions is about “refinement”. That is you take something existing and use it to make a less flawed version of it’s self in a “turtles all the way down” process with each successive turtle being better than the one before.

An example of this is the use of a pantograph based engraving or cutting system.

[1] Part of my training was as an instrument maker, and one thing you learn is how to make successively better instruments from amongst other things iron ore and tree trunks of oaks.

Clive Robinson October 22, 2022 8:06 PM

@ Denton Scratch,

You tell me two things that act as pointers 😉


“I was in the school Combined Cadet Force. I didn’t feel like crawling around muddy fields in uniform on Wednesday afternoons”

The CCF was once considered “essential” therefore compulsory education in English “Grammar” and similar schools (unless there was a “Senior Service” / Naval connection). Because the pupils were assumed to be destined for “Officer” training whilst doing National Service or OTC at University… The fact you did not relish close contact with playing field mud, and got out of it suggest you were like Yogi “Smarter than the Average Bear”. Let’s just say CCF / OTC it lingered long after it should have, and in some “schools” of note it still does.

As I’ve mentioned before I learnt my early weapons training from a local farmer who had survived WWII the hard way, thus having overly polished toe caps from hundreds of “little circles” was thankfully not a prerequisite for learning by doing the art of putting the local wild life as “food on the table” 😉

My abilities at converting wild flora and fauna to food, later served me well and still does. It somewhat scared instructors on some of the Escape and Evasion and Survival courses I later did. One training sergeant wryly observed at the end of a course that I was probably the only person who had ever put on weight on one of his courses, and certainly the first to do a “full roast and greens” for dinner.


“but our armoury was once raided by IRA bandits.”

Which kind of “bangs the nail in” as I remember enough from back then to know it was in effect a “one off” that hit the news.

But what brought a warm reminiscence was,

“Our job was to whip up bacon and eggs for 50 people.”

Sometimes “bacon and eggs” along with cheap white bread and that very pale almost white margarine was the only “fresh” you would get to see in a two or more week “in the field” excercise. Even milk was unknown with “plastic cow” powder from a tin being standard. Most squadies would turn their alotment of bacon and eggs into “banjos” like transport cafe sarnies but with more rib sticking potential, as it avoided having to unpack your mess kit.

I have to say that I’ve since made many “fancy” breakfast sandwiches for people with bread with fruit, nuts, olives, herbs etc baked in. But I still hanker for a banjo. There is something about that doughy soft white cheapest supermarket bread, and margarine even a “dog with no nose” would not eat, watery bacon with the rind on and a fried egg with a runny yolk and still just runny white that gave the “sauce” as ketchup or brown sauce was rarely available. But you have to have two and they are to be eaten with a pint of “Standard NATO” tea, which is basically extra strong brewed, with lots of milk powder, and four good tea spoons of sugar. You could almost run all day on a breki like that, provided you did not mind your arteries squealing in anguish. I went out with a Cardiac Rehab Nurse from the Royal Free and mentioned it to her with an obvious wistful look on my face. She in turn remarked that in her dept, there was a well kept secret of the full english “Breakfast Bap” from a local cafe, they called “The left arm tingler” as it was reconed that just one had enough cholesterol to give a near instant heart attack 😉

Karl Zander October 23, 2022 3:27 PM

As much as I’ve reviewed the crypto theory behind Signal and seen FBI docs that say that Signal is the least exposure of privacy to a user, I don’t buy it. I attempted to report a story of US Army/US CID abuse around my 18th birthday on Signal and lo and behold, a little while later, a Russian spam bot appeared attempting to contact me. Signal needs a serious audit. There is no such thing as a secure chat service.

Karl Zander October 23, 2022 3:34 PM


Low profile as a non-profit could be NS behind that. Theory only but think about Bitcoin, Satoshi Nakamoto or SN could be NS.

And I forgot to mention the source I was attempting to contact was CNN. They replied with one message and after that silence. Signal is a waste of crypto. The only way we can keep secrets is to stay offline, trust who we trust and have person to person contact.

SpaceLifeForm October 23, 2022 11:16 PM

@ Karl Zander, Ted, Clive

Without trying to defend Signal (I am not), you also need to consider that when you sent a message to CNN, you did not really know who you were really talking to, and you never had any way of knowing if their OpSec was good.

You had blind trust. That is all.

Nadia el Mansour October 24, 2022 9:28 PM

Here is a letter from Signal to someone on hacker news. It
explains why SMS support is being depreceated

As usual, commentators here write in the most severe, absolute, terms about security.
Signal is the ‘least insecure’ option thats available for everyone.
That’s the distilled version. It provides more privacy than SMS.
everyone knows smart phones are unsafe. we talking about improving upon the default state of affairs. improving upon a bad situation.
not commencing from the lofty (elitist) heights of Info Sec perfection and working backwards.

We’re not talking about Zelensky organsing the logistics of accessing his off-shore billions. 99% of people don’t require military-level electronic comms because they are not discussing secrets and they are not concerned about being individually targeted by state level actors.
It’s about avoiding becoming low hanging fruit, and increasing the resources necessary to harvest data. And quite simply having more firewall against bulk data fishing-net collection

Clive Robinson October 24, 2022 11:23 PM

@ SpaceLifeForm, ALL,

“… you also need to consider that when you sent a message to CNN, you did not really know who you were really talking to, and you never had any way of knowing if their OpSec was good.”

The same if you remember was true of sebding documents to the “Intercept” where a journalist then forwarded them on to the entity the whistleblower was blowing the whistle on, so ended up getting caught, and another did similar with an FOI request,

HOWEVER down stream OpSec such as “second party beyrayal” should not be conflated / confused with “Communications Security”(ComSec) even though it can impact significantly on ComSec.

As I’ve mentioned before most ComSec uses encryption that due to unicity distance being very short makes “deniability in the face of second party betrayal” effectively imposible. Which is why I’ve talked about using the “One Time Pad” to get the “required deniability”.

One of the underlying problems with “Second Party Betrayal” is something our host @Bruce has talked about in the past. Which is the “preasure to get work done” to meet deadlines etc. All to often the preasure is in conflict with “self-defence” let alone other party OpSec. Which is what the various “Intelligence Community”(IC) and “Law Enforcment Agency”(LEA) agencies rely on it to persecute whistleblowers.

In my view the likes of all the news / media outlets are way way to “goal oriented” to practice even minimal OpSec to protect their sources these days. Thus all to frequently they score “own goals” and the whistleblowers if they are lucky get to do jail time and have ruined lives.

As for those that are unlucky… well the dozens of CIA sources in China and Iran that got executed demonstrate the problems with “preasure to succeed” giving rise to poor OpSec and what “Power Politics” / “Might is right” will do with a bullet when poor OpSec happens.

@ Nadia el Mansour,

It provides more privacy than SMS. everyone knows smart phones are unsafe.

Do they? Realy?

If so then why do they use them for 2FA and run apps that can never be secure in use?

So you are saying that “little sister diary” level security is fine for everyone… So the MSM amoungst others follow your reasoning and Whistleblower’s end up if they are lucky with ruined lives or unlucky terminated lives.

If you don’t understand this, and you clearly don’t, then perhaps you should not appear to be a “shill” / “fanboi” / “apologist” for those working at Signal taking good money for very poor product and hype, if not out right fraud.

lurker October 25, 2022 1:24 AM

Meanwhile in Ghana:

1. Dial the short code *404#

2. Enter Ghana Card Pin ( Note: Enter letters and figures without hyphens)

3. Confirm Ghana Card Pin

4. Enter Surname

5. Enter First Name(s)

6. Enter Date of Birth (Format: DDMMYYYY)

7. Select Sex

8. Confirm Details

9. Submit Details Provided After Confirmation

Lurker October 25, 2022 1:29 AM

Ooops, link for previous

Kenya has already done something similar, and there’s a growing list of African nations lining up to make burner SIMs a part of history. What happens to Signal users isn’t stated.


Nadia el Mansour October 25, 2022 2:53 AM

Hi Clive

Thanks for your response. You wrote:

‘If so then why do they use them for 2FA and run apps that can never be secure in use?’

You are conflating use cases. I recognise the side channels you refer to
But you’ve shifted the goal posts.

Little sister diary. Well, only if Bruce Schneiers adage remains correct. It strikes me as severely limited and even myopic. Two extremes and nought betwixt. This is unfortunate. And, it’s also a false dichotomy because it pertains to crypto. We’re discussing Signal where the crypt is not the point ( Whats app uses the same crypto for ex.)
So, not this is not about little sister diary.

I’m speaking about Signal as an improvement upon conventional comms. As a means to have some additional privacy for those private details we deserve to keep to ourselves.
Nothing more.

Of course, it does require people not be stupid and incriminate themselves while using Signal. I get that this is not a wide spread comprehension unfortunately.

Lets put it this way. For all the commentators here that clearly hate Signal. What do you then use, for your daily communications with the large number of individuals you need to relate to, on a personal and professional level, spanning the tens and hundreds and thousands of miles between you? Does it mean you have an option you consider superior?

I’m not a shill or a fangirl for Signal.

SpaceLifeForm October 27, 2022 7:39 PM


Some dots

Signal will fallback to SMS if an iPhone user has Signal but a recipent iPhone user does not have Signal.

Just tested.

The key is the recpient must already be an existing contact on iPhone via phone number.

It is a pain. You must go to Signal settings, scroll to bottom, and find invite.

But, so far, I have not have found a way to do this without the phone number being an existing contact.

But, it will show up in iMessages as a sent message, as I suspected, and completely surprised my tester.

Also confirmed, the recipient did receive the message.

There is more testing to do.

SpaceLifeForm October 28, 2022 1:40 AM


So, iPhone Signal to Android phone sans Signal, must work the same way.

Well, in theory.

Because, in theory, the Signal servers allegedly only know the phone number, and not the year, make, model, and color of your recipients phone protector.

If if, then then.

Rick October 28, 2022 5:55 PM

Hello all,
I just got a message from Signal that people like myself who use SMS have to hit the road by the sounds of it. I’ve been using Signal since 2018 and found it reliable and easy to use. I suffered a stroke so things here and there can be a bit confusing. Signal never was. When I first started using it I wanted the security it promised and tried very hard to get businesses I have relationships with as well as my doctors and even my friends to join up and use Signal. Not once did any of those people wish to use Signal. I unlike most of you am not surrounded by smart people or people who care really about security apparently. So, I’m looking for a best alternative recommendation from a most trusted source for a SMS messaging app I can use easily and trust a little. That would be you Bruce and other people here at your website Schneier on Security. Please help and thanks,

SpaceLifeForm October 28, 2022 6:36 PM

@ Rick, Clive, ALL

There is no secure SMS app. SS7 is not a secure network environment. The only way you may have a chance, is plaintext that is actually some type of code as Clive has mentioned in the past. But, even if it is a coding system, your communication path will be leaked via Metadata and Traffic Analysis.

Clive Robinson October 28, 2022 7:48 PM

@ Rick,

Re : The System not the app needs to be secure.

“So, I’m looking for a best alternative recommendation from a most trusted source for a SMS messaging app I can use easily and trust a little.”

I’m sorry to tell you there is currently no secure SMS or other messaging Apps for consumer level equipment.

You have to remember that any consumer app runs on a consumer OS, on Consumer hardware, using unknown and most probably totally insecure drivers. In short the “Mobile” / “Smart” device is very much insecure by design.

Thus as long as the “human” / “plaintext” interface is on the totally insecure device it can not in anyway be made even slightly secure by any security device standard you can read.

All an attacker has to do is an “end run attack” around the “security end point” that is built in the App. To do that all they need to do is go through or under the OS to get to the plaintext user interface.

This sort of “end run attack” is not that difficult to do, and it is known that certain malware used to subvert banking apps was doing it well over a decade ago. Worse with the uptic in “home”/”Out of office” working the issue of “Bring Your Own Device”(BYOD” and similar has ment that a lot of information usefull to ransomwear attackers is now on “Mobile”/”Smart” devices outside of the traditional office securiry perimeter. Which means that there is active interest not just by “Level III” Government SigInt / Spyware Corps” developing “end run attacks” it’s also your everyday malware develiper now looking to “enumerate targets” for Ransomware.

What you need to remember is Ransomware operators have no moral impediments to making money. As patients of Doctors have found when they ransomware operators can not get a payday out of the Medical business, they simply blackmail / extort the patients whose data they have also stolen.

As you will have read hear on a number of occasions in various different ways,

“Once your data is out from your control it is just somebody elses commodity for them to profit by”.

As you have found, there is two ends to a communications path, between the first party and the second party. Even if you have “legal control” by legislation on your side, it actually does you little or no good. They either ignore it or don’t do business with you. There view is “Our way or no way”…

Knowing this you will realise they are not going to use what you consider “secure” but what they think will minimise costs thus maximize returns/profit.

But what of other second parties, how good or bad is their “Operational Security”(OpSec)? The chances are is at best abominable, you will find the fatal flaw in most humans is,

“Convenience trumps all”.

With even bad OpSec rating very very highly on the “inconvenience scale”.

As I frequently tell people “I don’t use securiry applications” or for that matter any “Mobile”/”Smart” Device security software. The reason is I know without any doubt, that Second Parties will not practice OpSec.

Thus by not using it all “Second Parties” that want to communicate with me “know” their communications are not in anyway secure. Does that stop them being “indiscrete”?

No, they just act in ways prejudice to their own well being, and unfortunately sometimes mine as well… It’s why I don’t do personal Email, Social Media, or most other Electronic Communications and have not done at all or for most of this century, and I advise others not to, unless they know how to,

1, Establish secure communications.
2, Practice good OpSec.

I’ve made several posts over the years to this blog detailing this, probably ebough to make a reasonable size book.

However, I can assure you that none of the consumer focused computer based secure communications systems are secure because of “end run attacks”. All of that milti-billion dollar market is,

“Lipstick on a pigs backend…”

Which means if you get close to it, –as numerous Serious Organised Crime”(SOC) Cartels and families have found,– you will get covered in excrence you can not easily shift… Which is why the alledge crooks have been nabbed, charged, and will nodoubt in the not to distant future suffer what ever fate the criminal and civil legislation of their jurisdiction alows, if their legal teams can not get the mountains of evidence aquired through those supposadly “secure” Apps and Mobiles etc they used found inadmissible for various resaons.

If you need security, then you will have to understand what is fundamentally required across the board at a fundemental level. Then build your own systems to address each individual security / OpSec facet. Get it wrong at any point even in the most minor of ways and your “security chain” will have one or more “weak links” by which your security will fail and be stripped away layer by layer relatively easily by modern attackers. That range from,

“Incompetent Script kiddy wannabes to the highest of state level SigInt agencies.”

Not because they care one jot about you as an individual they don’t… But they do care about enriching themselves one way or another. Because there is money to be made from the biggest corporate down to the poorest individual who uses Computers for their basic everyday activities. And as far as Law Enforcment and Prosecuters are concerned “points make prizes” either to improve their career path or pay grade.

So any low hanging fruit, is a target, and unfortunately the level you have to get up above to not be low hanging fruit is way way above the abilities of nearly all members of the public using consumer devices.

Oh and that includes most of the readers and quite a few of the posters to this blog.

Clive Robinson October 28, 2022 9:47 PM

@ SpaceLifeForm, Rick, ALL,

“But, even if it is a coding system, your communication path will be leaked via Metadata and Traffic Analysis.”

You beat me to responding 😉

But I’ve chosen not to mention SS7, Ttaffic Analysis, latency and many other issues like message-2-action correlation this time around. Primarily because it’s mostly way to much information for people to get their heads around in less than a few months (one day I might write a “user friendly” book to distribute freely, so people can take it one nibble at a time).

Yes you can “layer” a code / cipher encryption system over the existing insecure systems thus take the “plaintext”, “security end point” past the reach of the Mobile / Smart Device “communications end point” reach. It’s not even dificult to do in theory, or on paper, I’ve described several times how to do it in the past.

The problem is,

“It’s not convenient”

So any second party you do not have considerable control over will tell you to “hit the road” as “It’s their way or noway”.

Even if they do agree, it will be under what they consider duress to do it “your way”… So they will do their best to subvert it any which way they can, by at the very least “poor or nonexistent OpSec” or similar like storing the plain text in either Amazon or Microsoft or other major Silicon Valley Corp “clouds” where the plaintext of the messages will be legaly unprotected “Third Party Business Records”at best. That require no warrant or effective oversight by the Goverments or their agencies, or even “Arms Length Agency Managed Organisations”(ALAMOs) that claim “Commercial Confidentiality” against the likes of “Freedom of Information Requests” and similar, so you can not establish “legal standing” to get anything by any legal recourse…

Then they can do dumb things with “Key Material”(KeyMat) such as just leave it hanging around, or re-use it, or a myriad of other Cryptographic and OpSec mistakes.

As we now know, such “mistakes” of “convenience” were made by the CIA a few years back (and they are probably still doing similar today due to “organisational culture” of “results” thus “convenience”). We know that a minimum of 30 “assets” in both China and Iran were compromised. Some being dragged in front of their colleagues and just slaughtered/butchered as a warning to others… We may never know just how many were compromised in total but it may be up in the hundreds of “human assets” including spys/Agents killed, turned, or watched, and CIA Officers. The latter of which will now they are known will carry on being a compromise risk for as long as they hold a security clearence.

I could go on but it’s getting late over this side of the puddle, also a long list / discussion of mistakes will mostly be unhelpful and tedious to read through without a lot of additional background, try explaining SS7 and all it’s woes succinctly for example (Wikipedia does not get it right).

Rick October 29, 2022 12:57 PM

My thanks to SpaceLifeForm, Clive Robinson and all who have or will inform me with great detail on my ask trying to help me out. So to be clear (for me) no one here including Bruce uses text messaging on their phone unless it’s signal or not at all? If that is the case how do you get around the demands of people like doctors, pharmacies who only wish to text you and not call you; unless of course where you live they do not have that kind of demand? I’m in the US and everything is an automated text reminder or notification.I conduct no financial transactions or have any app’s that could make one and I do no banking, store no credit or debit cards on my phone. All I do is use my Android to make and receive calls, voice mails and get these text reminders. If you don’t mind my asking how do you get around the need for text messages?

Thanks again for the help and time and effort you have all put in to help me,

Clive Robinson October 29, 2022 2:20 PM

@ Rick, ALL,

Re : Their push via SMS

“If you don’t mind my asking how do you get around the need for text messages?”

They can only “push SMS” at you if,

1, You have a Mobile/Smart device.
2, You let them know you have one and it’s number.

Generally the only way to “rob them” of their lousy behaviour is not to give them or anyone else a Mobile/Smart device number. In which case for many but not all there is little point in having a mobile phone.

The less general way is to dig into the Phone/SIM configuration and stop the SMS service provision (you can actually get “data only SIMs” that lack Voice/SMS, and Apple is taking it’s phones down the “data only path” via their cloud/network).

As you might guess I’ve had a lot of face to face meetings with those who supply goods or services where they say “we need your mobile number” where things go “pear shaped” when me response is truthfully “I suffer from tinitus and don’t own or rent a mobile phone, nor do I have Email or social media”. Then they usually come up with some nonsense about me getting a cheap mobile and service, to which my reply is “Are you going to pay for it?” pause whilst their brains try to grasp the concept… Then I say “As I have better things to do with my money than waste it on something I’m not going to use!”. Then the crappy excuses come out, to which I reply “The postal service works” pause again then say “It’s the only legal communications requirment”, pause again and say “You do, do things legally don’t you?” pause then if they still have not caught up, “Ahh not corresponding legally, interesting”.

The point is legaly it is your choice not theirs in how you communicate. Because there are many “hard of hearing, and those with poor vision” and other disabilities and in some places it’s unlawfull to discriminate against them. In part it’s why English law abd many legal systems based on it have not gone beyond the requirment for a “postal delivery address” for legal cotspondence (communications). Which does not have any requirment to be your residential, work, etc address. It can be a “postal box”, “Accomadation address”, legal / accountants representatives address etc. With the only requirment being any mail will be “serviced” within 7-14 days depending on the jurisdiction.

The only option this Second Party goofs/service provider has in the matter is to chose not to form a contract for goods or services with you, thus no reason to correspond. However in many juresdictions refusing to provide goods or services to a disabled person is legislated against, just as it is on gender, race, religion, etc.

I just wish more people would take what appears to be “the less conveniant route” because at the end of the day,

“Their convenience will be made your inconvenience quite deliberately by them on the ‘blaim the victim principle’ etc.”

Oh, and if you do have some disability or chronic disease/illness/syndrom that effects your everyday life, get a few “credit card” sized cards with a glossy surface stating that you have such an issue and asking for the persons consideration. It puts them in an awkward spot immediately. Oh and often they will hand it back with their fingerprints on… Which makes deniability somewhat awkward for them. But it does make it easy for you to collect their primary evidentiary biometrics (dominant hand index and thumb prints)…

SpaceLifeForm October 29, 2022 4:49 PM

@ Rick

re: SMS

You are doing well overall. But I would drop the voicemail.

The best use of SMS is to text someone that you tried to call.

The spammers will not do that. Mainly, because they will attack older folk that still are on landline (old POTS), and you can not send a text to a landline phone number.

So, when you see an incoming call, and you do not recognize the number, what do you do?

And, when you see an incoming call from a number you do recognize, what do you do?

Remember, SS7 is not secure, and caller-ID is easily forged. (I have a story of course. Because I pay attention and connect dots).

SMS is not secure, so the main thing to understand is to not use SMS for Security Authentication. If you are in an Admin role, you should be using a Hardware Security Module.

Read these links for hints and dots.



SpaceLifeForm October 29, 2022 6:45 PM

@ Clive, Rick, ALL

re: Data Only SIM cards

It is Security Theatre

The cell radio still talks SS7 to towers.

The SIM is at least temporarily tied to the device, and the cell radio can be trilaterated to locate the user. The user will eventually, reveal some PII data that will correlate person and location.

No phone number is required. SIM Card ID will suffice. The Radio has an ID too.

It is just a matter of connecting dots.

If the user is criming, they will eventually out themselves, even if they think they are laundering money over Data Only SIM. The Traffic Analysis will find them. Blockchain will reveal. One must suspect at this point, NSA is paying heavy attention to blockchain network traffic.

But, what do I know?


SpaceLifeForm October 29, 2022 7:03 PM

@ Rick, Clive

Just parking.


SpaceLifeForm October 29, 2022 8:34 PM

@ Rick, Clive, ALL

Just parking another vehicle in y2K when everyone was distracted by two digit years.

But, what do I know?


However, the situation changed as soon as the procedure of processing SS7 commands over IP was introduced in 2000, essentially exposing the SS7 layer to outside access.

EvilKiru October 31, 2022 2:12 PM

@Rick: I use text messaging without Signal or anything else like it. Why? Because I use texts to stay in touch with people, not companies, I don’t share personally identifying information via texts and I can tell from my iPhone’s outbound text history if the person I’m texting uses iMessage (blue) or SMS (green).

Rick November 1, 2022 12:09 PM

I want to thank all who helped me understand this situation (SMS) better. I will read the links you have provided to learn more. I new this was the right place to come for help so thanks again,

EvilKiru November 1, 2022 10:35 PM

@SLF: I understand that I revealed information in my comment. That’s a given when communicating. I don’t think I revealed anything that can be considered sensitive information.

I don’t see the relevance of my unrelated comment from long ago, arguing over semantics.

SpaceLifeForm November 2, 2022 12:20 AM

@ EvilKiru

Thank you for your response. Yes, you answered my question.

Your old comment, is unfortunately not just about semantics. I agree with your point to @bud. But, you have leaked information. Apple knows whether you use Signal or not.

The Fallback to SMS leaks the state of whether one uses Signal or not. If a MITM can cause the Fallback to SMS to occur, then stuff can leak out over SMS, and the user may not ever notice, and be led into a false sense of security.

It is just one bit of information, but if I was a bad guy targeting you, well, you just reduced the field to look at. I can eliminate Android from the search.

Just saying.

Clive Robinson November 2, 2022 2:54 AM

@ SpaceLifeForm, EvilKiru, ALL,

Re : Communications, agencies, and execution.


“… you just reduced the field to look at. I can eliminate Android from the search.”

It can be interesting to think about how different agencies might think about things.

Take a law enforcement agency as one agency. They have to have “evidence” that is supposedly of a standard suitable to obtain a conviction in court. Thus “correlating actions” between a first and second party does not realy meet the need, as it can be argued down as coincidence. Thus the burden of evidence falls on the agency to not just “Prove Communications” happened beyond doubt they have to show the method and proof of method of communications as when and what was communicated (actual message lurking on a server backup tape etc).

Take an Intelligence Agency as a second example, it is not so hampered by such niceties they only have to have the “correlation of action” found between the first and second parties. Thus their burden of proof is much less and defined by who the IC agency is working for.

In the past I’ve mentioned a couple of facts from WWII still relevant today that demonstrates not just the capabilities but also they were used long long after, and in a modified form on the modern Internet.

Firstly it is known that during WWII the German “Radio Service” could track down a signal from a “spy set” within minutes and their limitation was “physical movment” rather than technology. That is in modern parlance of “Find, Fix, and Finish” they could do the first two but not always have sufficient time for the third. So SOE agents and similar practicing good OpSec could escape them.

What is less well known even though the evidence was out there, is that the Germans were not tracking the agents “transmitter signal” but the leakage from the “receiver oscillator”. Which was on for much much longer than the transmitter signal ever was.

It also ment that anyone operating just a radio receiver was still very much locatable. Something that was used by both the “GPO Detector Vans” and MI5 post WWII in England, to find unlicensed operation of a receiver. A read of “Peter Wright’s “Spy Catcher” details how he and his assistant Tony Sale –later of saving Bletchly Park fame– tracked down both Russian Embassy staff tracking MI5 surveilence staff[1] but also spies in the UK working for “Foreign Nations” in one case by loading the tracking equipment in a light aircraft and flying it up and down large parts of England (a home made version of what later would be done with the likes of Boeing that gave rise to Rivet-Joint and similar SigInt and ElInt aircraft).

It surprises many modern engineers including proffessional radio engineers just how much power old Valve/Tube radios used in their receiver local oscillator and just how much of it leaked back via the mixer circuit into the antenna and got radiated out. Even more surprising to some of them is just how far such signals will go[2]. To give you an idea modern amateur/ham radio operators chase after “A million miles per watt” in the High Frequency (HF) bands when doing extream “Reduced Power”(QRP) operating, getting world wide contacts on just a few milliwatts of power (less than WWII era radio local oscilators put into the antenna).

Knowing this tells us why the BBC broadcasts of “Now a few messages for our friends…” ment for SOE and similar agrnts during WWII was done after the BBC Medium Wave broadcast news. Because even though the German Radio Service could track down a receiver from upto five to six miles away, it was only possible if it was the only receiver tuned to that frequency. The reach of various BBC transmitters including the “aspidistra” down in Crowborough Kent covered all of “occupied europe” including Berlin and beyond. So using “White Propaganda” they knew that thousand if not hundreds of thousands of radios all over occupied europe would be tuned in for those news broadcasts thus creating an impossible task for the German Radio Service. We know that Herman Goreing was well aware of the “aspidistra issue” problem, but chose not to do anything about it as it would compromise the German leadership “grey propaganda”.

What people do not realise is exactly the same game is being played out on the Internet today, in an almost identical way. The loss of those CIA agents in China and Iran is just one small but deadly part of a larger game being “Oh so Secretly fought, in plainsight”.

Something a lot of this sites readers appear “unaware of” which could at some point have the same negative effects it had on those CIA agents killed and in some cases butchered publically to send a message to those they worked with.

The old saying of,

“Evil is, as evil does”

Still very much applies today in our modern world. It’s one of the reasons I worked out how to use the Google Search Engines that nobody dares jam/block/stop as a way to pass messages covertly. Which in turn gave rise to me describing how to use the process to have “bot nets” be not just “headless” but effectively untracably managed to nearly all Government Agencies with the exception of perhaps the one or two “Collect it all” SigInt agencies that could nearly but not quite “see all” due to the “All roads lead to Rome” or more correctly via Alice Springs in Australia, and Bude in Cornwall England, ending eventually in that ecological disaster in Utah USA where they allegedly “Collect it all”.

[1] The MI5 surveillance staff used early “radio cars” on fixed frequencies that became known to the Russian Embassy Staff. If the Russian’s were “upto something” in London on a given day, they made the mistake of tuning a receiver into the MI5 frequency used. As MI5 knew what equipment the Russian’s used, they could pick up the local oscillator radiation from it and know if it was listening in to MI5 surveillance teams. This then enabled MI5 to run “counter counter surveillance” in various ways.

[2] There are lots of stories and legends about the “GPO Detector vans” that could be seen around “Englands Green and Leafy Suburban lands” from the 1950’s through 1970’s. The way they worked is apparently in some cases still classified under the Official Secrets Act (OSA) so in theory can not be told even though it’s been published. So instead the story from mote than half a century ago of a still in junior school boy, who liked the Thunderbirds TV Puppet show made by the Andersons and broadcast on Saturday mornings, when his parents insisted he “tidy his room”… A battle of wills that played out over many a weekend thanks to a naughty elder sister. Well said school boy had a small portable –large pocket sized– VHF transistor radio in his room, and if he kept the volume down and used a “crystal ear piece” he could appear to be “tidying” when infact he was listening to it. Because he had found a harmonic not of a neighbours TV’s local oscillator –which was unmodulated– but of the Intetmediate Frequency (IF) that had the shows audio on it. Which caused a signal in the lower part of “Band II” VHF radio. It turns out that the TV concerned was across the quite wide road and about six doors down so with front gardens and TV’s being in “back rooms” getting on for 300ft away… So yes easily in range of a van driving slowly down the street, especially with better designed antennas. Three things stopped this being possible today, firstly we nolonger use valve/tube TV receivers, secondly Band I TV stopped being transmitted in the UK back before the 1980’s and by that time “interference” was so bad that the EU pushed out the “Electromagnetic Compatability”(EMC) directive to stop such egregious receiver emissions happening.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.