PSA: For those who want signal on secondary phone, use molly.
Recently discovered this. Molly supports link with existing device just like on signal desktop. It even has benefit of getting entire chat history unlike signal desktop. Just restore the signal backup file during setup and then click link with existing device. Then scan with you primary phone. Beauty of open source.
Molly: https://molly.im/
Also you can run the normal signal client, and Molly on the same phone. To have two different signal accounts. If you use work profiles this could be four accounts etc
Is there any real security-minimizing reason why it's not wanted by the official app to have multiple mobile devices linked to one Signal account? (I'm not even talking about a second phone with another SIM card, I just wanna use it on my tablet).
I would appreciate a simple/ELI5 style explanation if there is one, I don't work in IT.
One goal of the signal foundation, has been making end-to-end encryption accessible for normal people. Keeping things simple one phone number per account is one method they used to do this. It does diminish an anonymity, it's using phone numbers as a form of global ID. Which isn't great.
So people could argue, that well having multiple signal accounts on the same device aren't against the philosophy, they're not going to spend any engineering effort making it happen.
Also worth noting that communication between signal and matrix through most bridges requires the message to be decrypted and reencrypted, thereby breaking E2EE which kinda defeats the point.
Unless you’re running a bridge on a locked down home server on your own network, not sure it’s the most secure.
This is the solution I'm considering. Does it make sense if you have no actual contacts on Matrix? Do you think it would work on localhost instead of remote server? My use case is to get a single conversation view that includes Signal and Telegram contacts, but I don't need it on multiples devices, one desktop box is fine.
I use it unfederated. Its on my local network server, running in docker with bridges to Signal, IRC, and Discord, no Matrix contacts. Works great for me.
F-Droid doesn't want to host Molly because Signal doesn't want any forks on F-Droid. Seriously, that's the whole reason. Molly devs would be fine with it.
Molly is actually reproducible and has a fully FOSS version, so it is trustworthy.
Molly now merged the long-awaited UnifiedPush feature that Signal refuses. This means the notifications go thru my server instead of Google’s.
That said, I hate the entire concept of only allowing one Android device but also requiring an Android device with a SIM or you get no service. iOS is also supported but feeds into that duopoly, requirements to have a phone, & the freedom use whatever devices you want how you want.
I would prefer XMPP, but I have too many folks that refuse to move from Signal despite the conspiracies.
I got a chunk of friends & family to Signal a couple years back. Now I have some regrets due to the architectural decisions of the Signal ecosystem (and that battery drain + Electron app being huge). I wish I had had resources for an XMPP server as even a lazy person could run Snikket, but now they don’t want to remigrate after on a few years.
I'm in the same boat. To be frank, if I didn't have to use WhatsApp to talk to those in my family that remain in my motherland, I would be more than happy to get a simple dunbphone.
Yea, the mobile device requirement is so pointless and annoying! I have to use Signal with only a couple of people and had to use signal-cli, which is pretty annoying because it doesn't display history. Now I have it on Waydroid, but you should NOT have to do that.
I'm using molly for several months now it is really nice but recently I dive myself in XMPP and it is superior to molly/signal just because XMPP servers are auditable amd you can actually see if the server is using encryption or not while signal servers are closed source unfortunately, it's their only flaw
The signal source code is open source, it is hard to prove that the servers are running the source code that's published, and we know they have admitted to having source code they don't publish for anti-spam purposes.
But you could take the signal server source code and stand up your own signal servers today.
Your client encrypts and decrypts everything, so it is actually not a privacy concern regarding message content when we don't know what the server does.
Every time I want to try molly the version is too far behind to restore backup of signal. Currently my signal is at 6.37.2 and latest Molly is at 6.35.3