Recently @twilio, which provides SMS verification services for Signal, suffered a phishing attack. Via Twilio, attackers may have accessed phone numbers & SMS registration codes for 1,900 Signal users. 1/
Message history, profile info, contact lists, & other data were NOT & could not be accessed. The information attackers accessed could allow them to attempt to register a Signal user’s phone number on a new device if that user had not enabled registration lock. 2/
We have identified and are contacting the 1,900 potentially affected users. We are prompting them to re-register their Signal numbers and encouraging them to enable registration lock. We are also working with Twilio to ensure they upgrade their security practices. 3/
Signal's commitment to your privacy –to building a product that protects your information from third parties including Signal–is what ensured that message history, profile info, contact lists, and other data were not vulnerable in this incident. FIN
Our registration lock function protects against these kinds of attacks.
Enable registration lock by going into your Settings >> Account >> Registration Lock.
Introducing usernames and phone number privacy on Signal! We’re making it possible for people to connect with each other without having to share phone numbers. Now launching to beta users, available for everyone soon. signal.org/blog/phone-num…
1. New default: Your phone number will no longer be visible in Signal 2. You can create an optional username to connect without sharing your phone number 3. You can enable a new, optional privacy setting to require people to connect with you via username instead of phone number
A Signal username isn't the profile name that’s displayed in chats, and isn't visible to the people you chat with on Signal. A username is simply a way to initiate contact on Signal without having to share your phone number. (You still need a phone number to sign up for Signal.)
Signal is a nonprofit. But what does this mean in practice? Today we do something most tech co’s avoid: talk money. What does it cost for Signal to play in a lane dominated by billion $ corporations, while rejecting the surveillance business model? 1/
We’re doing this to provide transparency into Signal, and to make clear why our choice of nonprofit status isn’t just nice to have, but a fundamental safeguard against the pressures of a profitable business model that fundamentally contradicts our stance on privacy. 2/
By being transparent about Signal, we also hope to shed light on the industry. We show how expensive the development of high- availability consumer tech is & by implication the massive profitability of the surveillance business model underwriting most tech. 3/
Signal is supported by your donations. Not ad money, not investors. Privacy is central to everything we do, and of course this includes accepting donations. 1/
You can make in-app donations to Signal using Apple Pay or Google Pay and choose to display a badge showing your support. We receive the donation (thank you!) but–this is important–we never connect your donation info with your Signal account. Here’s how it works: 2/
Usually, apps that accept donations or payments link your profile information with the personal info you provide when making a payment, like your address and bank info. Signal works differently. 3/
Welcome to all the newcomers! A few things to get you started on Signal:
Group calls can now hold up to 16 people. Across iOS, Android, and desktop, you can go ahead and get your whole rugby squad together for an overdue catch up.
You can make your own sticker packs for you and your friends. We recently collaborated with the artist Plastic Thing on one. All you have to do is upload your custom stickers via the Signal desktop app. Learn more about making stickers here: support.signal.org/hc/en-us/artic…
Signal is experiencing technical difficulties. We are working hard to restore service as quickly as possible.
We have been adding new servers and extra capacity at a record pace every single day this week nonstop, but today exceeded even our most optimistic projections. Millions upon millions of new users are sending a message that privacy matters. We appreciate your patience.
We are making progress towards getting the service back online. Privacy is our top priority, but adding capacity is a close second right now.