If people in Iran could find themselves in trouble for using Signal I'd strongly advise they avoid it and look for some other solution.

Ever since Signal started collecting and permanently storing sensitive user data in the cloud (your name, photo, number, a list of everyone you contact using Signal) it's become much more dangerous for people who want to protect themselves and the people they are in contact with. Because Signal insists on keeping your contacts in the cloud it's possible in some cases for someone to collect a list of your contacts simply by brute forcing a 4 digit pin.

It would be horrible to end up in trouble or see your friends and family hurt because Signal wasn't forthcoming about the fact that they were collecting your info and keeping it on their servers.

Whoa!

In Signal, Contacts’ multiple phone numbers are strictly computed each into its hashed value before only hashes of contacts being store on Signal. You can always turn that off via “Settings->Chat->Share Contact with iOS/Android” option (and it is recommended but it puts the onus of adding contacts on you, which is fine for OpSec mode). Failure to turn that off and you also get that “surprise” User just joined Signal message.

Metadata of you being stored on Signal server can be just a single user ID and heavily-ratchet encrypted before sent over network. But you would have to clear/omit your primary self contact info at OS level also.

Avatar Photo of you is problematic. Easiest not to use it in the first place. Turn off “Settings->Chat->Use System Contact Photos” option as well.

once settings are done, relevancy of PIN is reduced to (rubber-hose) OpSec and remaining forensic footprint (outside of User ID) to just within your Phone and others’ phone (and not the server, much less over network).

Turn everything off under “Settings->Privacy->Advanced” except “Circumvention” and only this one under extreme Internet duress.

What is painfully clear is while the cleartext content of your message is never stored on Signal server in any form at most states and never has your key to these content (a good thing), the association with other User ID remains forensically extractable, which is why burner phones are most helpful there there. This is where “timer” for deleting message can protect you even further (less the phone falls into the hand of an adversary within that period before timed message deletion).

If you do not mind the obtuse associativity with others, this app is excellent in keeping the actual content of your conservation off of and away from servers, network, and nation-states outside of said phones involved. Which is just fine for me and my family and close friends.

If you are striving for absolute anonymous in the area of association with others, I weakly recommended Telegram but the message is plain as day and can be read by nation-state simply because Telegram holds the encryption keys of yours.

In short, you have only one choice:

- near-absolute anonymity of message content

- near-absolute anonymity of association

It remains a hard problem.

> Contacts are strictly computed into a hashed value before only hashes of contacts being store on Signal.

Wait, are you saying only a hash is ever sent to signal's servers and stored there? How then are you able to install signal on a totally new device and have your contacts downloaded to it? You seem to think this is about contact discovery, but the data collection was about contact recovery. I've got links in other comments that describe this usage.

Data is uploaded as soon as you set a pin or opt out of setting one. If you do disable "everything" under “Settings->Privacy->Advanced” is all of the data that has been uploaded to the cloud then deleted?

By the virtue of having OS-based contact.

Which is why you disable contact.

It asked up front if you want Signal to access contact at install time.

If you say yea, then only a hashed value of each phone number found in each contact is sent. Nothing else from each and all of your contacts in your contact address book.

If you say no, then nothing of contact address book is looked at.

In a new phone, typically contact address book is empty.

If backup is restored at new phone, then it becomes important to ensure that you say no at Signal install time when prompted and asked for permission to access your contact address book.

Okay, so you're saying that if I install signal and don't give it access to my contacts (at the OS level) then when I manually add contacts in Signal itself, those never get uploaded to SVR or to storage service as anything other than a hash and those contacts can no longer be recovered in Signal using SVR?

For example see:

https://community.signalusers.org/t/faq-signal-pin-svr-kbs-s...

https://community.signalusers.org/t/what-contact-info-does-t...

I haven't seen that documented anywhere. Do you have a source?

Correction. ONLY the contacts WITHIN Signal contact address book is used.

Signal contact address book is wholly kept separate from your phone OS contact address book, even when you say yes to permission to share the OS contact address book.

If you say no to the sharing of contact, then ONLY those contacts created WITHIN Signal’s own contact address book would have each Signal contact’s phone number as numerically big-hashed (within your own phone), then only those hash value of your limited Signal contact address book would be (naturally) sent to Signal server.

This is why I said “if you don’t mind the obtuse associativity”. And that is OK for most OpSec.

What is most important here is whatever you typed, only that other contact’s phone would be able to see this, no place else. That is, until the adversary gets their hand on one of the phone before its timed message deletion period.

This is all in the source code here

https://github.com/signalapp/Signal-Android