Just a simple one here in response to all the chatter about Signal. If you use Signal “bare” on your cell phone or desktop, the other party will see your public IP.
Unless you have activated Always relay calls. That puts Signal in the middle of all your calls, which is OK since they are ZRTP encrypted end to end.
My personal protection(s) in this area are:
When using Signal it’s always the desktop, not a phone.
Desktop installs are in VMs with fail closed VPN config.
Signal numbers are always Google Voice, no carrier/SIM games.
Compartmentalized numbers are used.
What do I mean by compartmentalized in this context?
202-642-1717 is easily found by Googling my name, hasn’t had a phone attached since 2014, no Signal.
706-47-TROLL (706-478-7655) is an actual working number of mine that I’ve had for the last nine or ten years, which never has a real phone associated, has Signal, only active when I’m expecting someone.
There are probably some other numbers …
I hope none of you ever face hazards like the ones I blundered into back in the day. Attention to details like this are what divides safe and sorry.
Share this post