Conversation

Notices

karl (karl@soykaf.com)'s status on Thursday, 04-Aug-2016 05:45:24 UTC karl
- Eric Duhamel
@ericxdu23 It's not so much about authentication, as it is about needlessly collecting highly-unique personal data. Combine one's phone number with one's network of contacts, and traffic analysis becomes trivial no matter how good the encryption is.

Given that Signal, Whatsapp, Telegram, and all the rest never actually use the phone network (except for a one-time account setup authentication), there's no technical reason for requiring a phone number. All those services run entirely over data networks after account creation. Collecting phone numbers is entirely about connecting social graphs to real-world identities, for the purposes of law enforcement and advertising data mining.

In conversation Thursday, 04-Aug-2016 05:45:24 UTC from soykaf.com permalink
- ghostDancer likes this.
- Claes Wallin (韋嘉誠) repeated this.
- Claes Wallin (韋嘉誠) (clackemovedtoheldscalla@quitter.se)'s status on Thursday, 04-Aug-2016 06:36:55 UTC Claes Wallin (韋嘉誠)
  in reply to
  - Eric Duhamel
  @karl @ericxdu23 It's about re-use of existing authentication and identification. The main reason WhatsApp sees more use than XMPP is this.
  
  In conversation Thursday, 04-Aug-2016 06:36:55 UTC permalink
- Claes Wallin (韋嘉誠) (clackemovedtoheldscalla@quitter.se)'s status on Thursday, 04-Aug-2016 06:39:38 UTC Claes Wallin (韋嘉誠)
  in reply to
  - Eric Duhamel
  @karl @ericxdu23 The kids, when asked to find friends using accounts, QR codes, or random strings rather than phonebook, walk the other way.
  
  In conversation Thursday, 04-Aug-2016 06:39:38 UTC permalink
- karl (karl@soykaf.com)'s status on Thursday, 04-Aug-2016 15:52:05 UTC karl
  in reply to
  - Claes Wallin (韋嘉誠)
  - Eric Duhamel
  @clacke @ericxdu23 I've never bought that excuse by messenger-app makers. They could just as easily use an email address as an ID instead of a phone number. It's not a new concept.
  
  The only reasons to choose phone numbers over email addresses is to track real-world identities and limit people to one account. Combining those two aspects is a data-miner's dream. Why do you think so many web-based services are trying as hard as they can to get users to supply their phone numbers?
  
  In conversation Thursday, 04-Aug-2016 15:52:05 UTC permalink
  
  Claes Wallin (韋嘉誠) repeated this.
- Claes Wallin (韋嘉誠) (clackemovedtoheldscalla@quitter.se)'s status on Thursday, 04-Aug-2016 17:20:38 UTC Claes Wallin (韋嘉誠)
  in reply to
  
  @karl It is both. The first messenger service to treat the phone as a phone rather than a generic internet device won the non-geek users.
  
  In conversation Thursday, 04-Aug-2016 17:20:38 UTC permalink
- lnxw48 (Linux Walt) (lnxw48@fresh.federati.net)'s status on Friday, 05-Aug-2016 00:27:09 UTC lnxw48 (Linux Walt)
  in reply to
  - Claes Wallin (韋嘉誠)
  - Eric Duhamel
  @clacke There is effectively no authentication behind phone numbers, so that can't be the reason. Sure, making it easier for friends to find you (with telephone numbers or e-mail [style] addresses) is a big motivator, but I think @karl is mostly right on this. @ericxdu23
  
  In conversation Friday, 05-Aug-2016 00:27:09 UTC permalink
  
  Claes Wallin (韋嘉誠) repeated this.
- Claes Wallin (韋嘉誠) (clackemovedtoheldscalla@quitter.se)'s status on Friday, 05-Aug-2016 08:13:34 UTC Claes Wallin (韋嘉誠)
  in reply to
  - lnxw48 (Linux Walt)
  - Eric Duhamel
  @lnxw48 @ericxdu23 @karl Clonability of SIM cards and broken GSM (non-)crypto aside, it's two-factor authentication. You need SIM and PIN.
  
  In conversation Friday, 05-Aug-2016 08:13:34 UTC permalink
- Claes Wallin (韋嘉誠) (clackemovedtoheldscalla@quitter.se)'s status on Friday, 05-Aug-2016 08:14:24 UTC Claes Wallin (韋嘉誠)
  in reply to
  - lnxw48 (Linux Walt)
  - Eric Duhamel
  @lnxw48 @ericxdu23 @karl So from a street perspective, it has recognition, perceived effectiveness and security, and convenience.
  
  In conversation Friday, 05-Aug-2016 08:14:24 UTC permalink

Public

Notices

Feeds