Right. Exactly my point? Phone numbers are not, like, the only way to identify a user. You have to know who they are. You posted an xkcd but failed to derive the conclusion that if a user is 'compromised' and they know who they're talking to, then so are the people they're talking to, regardless of whether phone numbers are involved. There's no practical way to mitigate against that, it becomes a paranoid's nightmare.
Ok but a messaging app that doesn't let you know who a message is from is completely pointless? I feel like you're not really addressing this issue here
No the most important thing a chat app needs to do is send messages between the intended recipients making them unavailable to anyone else. Signal does this. You're worried about ppl receiving messages and knowing who they're from. Generally knowing where a message is from is considered a feature -- if you want anonymous broadcast, pick a different technology that's geared towards that
If your threat model is deanonymisation of chat users via phone numbers after one chat is fully compromised, then yeah I guess you need to register the accounts with relatively 'untracable' phone numbers (ie unregistered or incorrectly registered burner sims), but that's not my threat model. I'm more concerned about server-side broad-spectrum government surveillance than I am about targeted device seizures. And of course there are mitigations even with data access on device seizure, provided you're unwilling to provide device passwords. But, like, if you're cooperating to the point of providing passwords you're probably sharing what you know about other users identities anyway, so it's a very niche case this applies to.
Does it really? Iirc, you can determine: when the account was made, and when the last message was sent. This doesn't sound 'highly vulnerable' to me... Doesn't permit inspection of metadata e.g. contacts, so as vulnerabilities go it's pretty weak sauce
Oh man I loved the underworld. One of the very first things I did in that game was trying to get to all the light roots. Skipped past most of the monsters and treasures, just grinding the travel.
Not very good as a novel, though. Same as Aldous Huxley, the characters barely exist, it's just a platform for pontification. Give me George Eliot or William Faulkner any day of the week.
Right. Exactly my point? Phone numbers are not, like, the only way to identify a user. You have to know who they are. You posted an xkcd but failed to derive the conclusion that if a user is 'compromised' and they know who they're talking to, then so are the people they're talking to, regardless of whether phone numbers are involved. There's no practical way to mitigate against that, it becomes a paranoid's nightmare.