Is it still viable to use Signal for privacy in 2026? It’s centralized, and has had many suspicious occurrences in the past.(Unopen source server code, careless whisper exploit which is still active as far as I know, and the whole mobile coin situation.)
Thoughts?
They have your phone number. You gave it to them when you signed up.
Signal wouldn’t know how to route messages if it didn’t store this info.
These are super cool parts of signal’s architecture, that are not obvious to understand, but you can truly verify client side that (1) signal only sees an IP address, no phone number, associated with each outgoing message, and (2) signal has no idea who is in which group chat and which permissions you have in those chats.
The first one is pretty simple: you don’t prove to signal who you are, signal just routes packets and lets the receiver verify that the sender is who they say they are by verifying a short lived certificate attesting your identity.
The second one is more interesting: group chats are implemented as a complete graph of direct messages between all participants. In order to update the group state, you send Signal a zero-knowledge proof that you are a member of the group, which convinces Signal that you can add or remove people, without ever revealing your identity. This same mechanism is used to prevent griefing, spam, and DDOS attacks for sealed sender.
Again, both of these can be verified by only looking at the client source code, and nothing else.
More info: https://signal.org/blog/sealed-sender/ https://signal.org/blog/signal-private-group-system/
These are all “trust me bro” claims.
Give me ssh access to their server so I can verify that this “sealed sender” is working correctly and not using the info you already gave them. We would demand this transparency of open source messengers, so why not signal?
I’ll just say one last time: none of this information ever leaves your client device, so even if signal wanted to know the phone number of a message sender, or which group chats you’re in, they have no access to this because it all never leaves your phone. As long as you’re running the correct client code, the server can be arbitrarily malicious, and it doesnt matter.
Have a great day
The phone number you gave to signal to sign up never left your device? Do you truly believe that?
When you send a message through signal, do you actually think “nothing” left your device?