Categories
Uncategorized

“I don’t want to give out my phone number” — A gendered security issue

I’d just given a talk and was having a nice chat with a young man who was doing similar work and wanted to stay in touch.

“Great, just give me your Signal number,” he said.

I hesitated. I’ve been using Signal for several years, since it was TextSecure. It’s by far the most trusted messaging app in my circles, and although it’s been slow to catch up to WhatsApp and other tools when it comes to fancy features, I use just as much among friends.

But Signal—as well as WhatsApp and Viber—require you to register with and use your phone number as an identifier. What this means practically is that when I meet someone with whom I wish to connect on one of these apps, I have to give them my phone number for them to be able to message me. Other apps, including Wire and Telegram (the latter of which I do not recommend at all), allow you to connect using a handle of your choosing.

I’ve been thinking about this as a security issue for awhile. As a woman, handing out my phone number to a stranger creates a moderate risk: What if he calls me in the middle of the night? What if he harasses me over SMS? What if I have to change my number to get away from him?

I’m not so surprised that the mostly-male developers of these tools didn’t consider these risks. They’ve focused carefully on ensuring that their encryption works (which is key), that their user-verification models are usable and make sense, and I’m grateful for that…but I still don’t want to give my phone number out to a stranger.

Luckily, I have a workaround, and a policy recommendation for app developers. Let’s start with the latter:

Allow users to create alias handles

I’m not a technologist, but I’ve asked around, and a number of smart friends have suggested that it wouldn’t be so hard for apps like Signal to allow for aliases. What do I mean? Well, imagine that young man at the conference had asked me for my Signal, but instead of giving him my number, I could give him a temporary or permanent handle associated with my account. Registration wouldn’t change—my Signal would still be tied to my phone number—but the public-facing identifier could be the phone number or an alias of my choosing.

I don’t know why this hasn’t been done, but I’d love to know. Perhaps the men running these teams simply haven’t thought of it?

A workaround to protect your phone number

A few years ago, I discovered a way to use Signal and WhatsApp while keeping them disconnected from the SIM I carry with me in my phone. It requires you to purchase a second SIM card (I use a pay-as-you-go that I top up every couple of months). Here’s how you do it:

1. Put your secondary SIM card in your regular phone and register your Signal account to that number.
2. After it’s registered, take that SIM card out and put your regular one back in. Do not change your Signal account to that number.

You’ll want to hold on to the SIM card, and make sure it stays operational, because if the number goes back out onto the market, someone can register a new account with it, thus kicking you off of yours (seriously, this happened to a friend in Lebanon, where numbers go back onto the market frequently).

You can treat the secondary number as a public number (mine is on my business cards, and I keep the SIM in an old Nokia so I can take work calls on it), or as your own little secret.

21 replies on ““I don’t want to give out my phone number” — A gendered security issue”

I agree totally. I rarely sign up to things that ~require~ a phone number.

The flip-side reason not to use the number as your ID, is that anyone who ~does~ know your number can connect to you via the service, or at least sniff out whether you are a user or not.

This is only mildly sexist. Giving out a phone number is not the end of the world, and should not be assumed to automatically lead to scores of men calling at wee hours of the night. Let’s try not to generalize an entire gender to justify your personal paranoia. As a woman in tech, albeit in my forties, I’ve found life gets much more enjoyable when we stop assuming all men just want to have sex with us.

These services also need to let us use numbers from services like Google Voice that we can verify* by text, but block callers by their phone numbers.

I can give out one of my several google numbers depending on the level of contact I want with the person… the same way that i used to give some people my mobile number, and others my unlisted landline.

*and they can force me to verify it weekly, IDGAF, but to disallow virtual numbers makes it harder for people who want to protect their anonymity.

FWIW, telegram lets you use a handle as an ID, and even though I registered with a private, i-don’t-give-out number, it was trivial to change it to a google voice number.

“A few years ago, I discovered a way to use Signal and WhatsApp while keeping them disconnected from the SIM I carry with me in my phone. It requires you to purchase a second SIM card”

no sh~t

Or just don’t use Signal with people you don’t trust with your phone number (when such people ask to stay in touch I suggest ChatSecure or PGP email). This is not a gendered issue, OWS has women on their team and I know many men who share this same concern for the same reasons. I appreciate you drawing attention to this issue but IMHO making it a gendered issue just distracts from the validity of the underlying argument that requiring the use of phone numbers and only phone numbers is a poor design choice.

Have you considered a software-based phone number? Like Sideline, Flyp, or Pio? You might have a small monthly fee, but no risk at losing that second number.

Thanks for your post and bringing up this point. I understand your concerns and I agree with you, that having usernames for Signal would solve this issue, but would also open the door to new problems: Could you easily spot the difference between Jillian and JiIIian (lower case L vs capital i)? Also consider homographs using Unicode chars. Now in Signal, if you add a contact, you type the username yourself, so this is probably not a problem. But what if you get a message from someone that found out your username and uses a slightly modified name of one of your friends?

To answer two of the questions you asked in your post:
“What if he calls me in the middle of the night? What if he harasses me over SMS? ”
Block his number, either through your phone or through your service provider. You would do the same on all other instant messengers or social networks. I don’t get why this should be such a bis issue.

Also, please stop blaming the mostly-male developers for this, as if being male in this case would be the cause for this. I’m sure there are many men out there who also don’t want to give out their phone numbers.

So overall, I get what you’re saying, but I’m not sure if there’s a perfect solution to all our problems.

Great security mindset. Might a google number also work? Those are easy to obtain, manage and discard if needed – no SIM required.

Even having a professional relationship with someone should not prompt them to think it’s okay to ask for your phone number just to stay in touch, even professionally. That would definitely make me uncomfortable. I don’t think this is gendered at all. Maybe I’m just out of touch, but if that happened to me I would hesitate as well, regardless of what the gender of the other person was. Carrying a secondary SIM card is an interesting solution, a better one might be too just not tolerate those kinds of requests.

I’m possibly misunderstanding the mechanics of this fully, but I’d take your suggestion further to independent affinity tokens.

Using an alias mapped (invisibly) back to the phone number still means you have two lists: people I trust and people I don’t.

If you could generate a token from the Signal app with a button press (e.g. “create single user token”) you could give a different token to EACH person you don’t trust. If they become a creep or you wish to break off the connection for any other reason you can rescind the token – no number change needed, and you haven’t destroyed your connections to other folks on the untrusted list.

Obviously Signal would need to store the token mappings on their servers to route calls and texts, but they need to store your key currently, so I don’t see it as less secure.

Just a suggestion to improve on your idea, but I think you’re on to something either way.

I totally share your stance on that matter.
I do have a public SIM and a private one which is tightly controlled, and I also dislike very much having my Signal or Telegram account tied to my number, but as a matter of fact, those are already restricted to close people only, hence I would not even consider giving them despite the phone number issue; but I also understand as you refer to yourself as a writer/activist (I do not know you and just stumbled on your article from a tweet), hence him doing similar work might require a secured channel for you to exchange.
Though, I think it is a misconception to consider that valuing the privacy your phone number is a gender related issue. To me, it is more a state of mind: I am a man, and I do value my privacy to such a level that I only recently started to decide to leave an actual (search-engine available) footprint on the internet due to some personal events, whereas I’ve been online since 1993 and you could only find one reference of me in a text file of that era, despite me having a extremely uncommon name.
Of course, I do understand that as a generality, but I could honestly write the same story with reversed gender: I do know some women who have no issue giving their WhatsApp or phone number, or to keep the roles the same, ask yours.

Also note that regarding a possible harassment issue, you can nowadays very easily block any phone number on any Android or iPhone mobile, if your carrier does not allow it at a lower level.

The same trick would work with Whatsapp and other services that use SMS verification. In fact, with Whatsapp (not sure about Signal), you don’t even need to put the SIM in the phone where Whatsapp is installed, you can receive the SMS on another phone and then type it into the phone that has Whatsapp (there is almost always the opportunity to type in the code received by SMS manually because the software may not pick it up automatically.)

However, problem with this method – if you use a non-public number, on one will be able to find you. Signal and Whatsapp look in your contacts to see who else is on the service. If you use a number that none of your friends have, no one will find you.

Signal is for social interaction with people one knows and trusts. OpenPGP email is for contacts such as described in the opening paragraph (and many other)

It’s not about gender. Handing over your phone number to strangers is a stupid idea. People who use WhatsApp is just plain stupid

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.