• Off Topic

  • Temporary phone numbers for a multi-profile Signal / Molly / Molly-FOSS setup?

applesbana

I can't speak to those services, but for Signal / Molly I believe the phone number is for 1st-time signups only. After that, your account can only be restored via backup files and/or a PIN code.
https://support.signal.org/hc/en-us/articles/360007059792-Signal-PIN

I think you're right that using smspool.net for accounts on more "standard" services like Google / WhatsApp runs the risk of getting hijacked at some point.

      4ano5gnice

      Thanks for the recommendation!
      I'll definitely keep something like this in mind for different use cases in the future.

      For this use case, I'm more interested in around 10x temporary numbers that are very cheap and only need to function for like 5-10min. If I'd bought physical SIMs for this purpose on a site like that, it would have set me back $100+ USD.
      Very grateful that I could get the same thing done on a site like SMSPool.net for just $3.

        zzz can't speak to those services, but for Signal / Molly I believe the phone number is for 1st-time signups only. After that, your account can only be restored via backup files and/or a PIN code.

        I think that's incorrect. Each time I installed the Signal app, I have had to confirm my phone number via SMS code. That's irrespective of whether I was transferring my messages from another device, restoring my messages from a backup, or not restoring at all.

            treequell
            Oh good to know, thanks!

            Thankfully these extra Signal accounts for my use case are more like "throwaways" for casual & low stakes cross-profile data transfer.

            I set each conversation with these throwaways to have "disappearing messages", so even if one is somehow hijacked hopefully there will not be much data for the attacker to abuse.

            Thanks again for clarifying!

                zzz I would advise that you enable a registration lock on those accounts, to make it harder for somebody to steal your Signal number, even if throwaway.

                    Yes Signal/Molly are somewhat safe if you use registration lock. If somebody else gets ahold of your number, they won't be able to see past messages anyway since they are stored on device and not in the cloud, but without registration lock they would be able to see future messages intended for you, and you cannot restore access for yourself.

                    Just generally make sure that you know what you want to achieve. A number you don't control has the advantage of not getting ahold of your hardware identifiers or geolocation like any anonymous SIM card would, but you need to make sure to have forward privacy set up and a backup solution to inform your contacts in case you lose access to the account. And obviously don't store any compromising information if you use it on WhatsApp, Google etc.

                    Not related to the question OP asked, but since we are talking about Signal/Molly, let me ask here instead of creating a new post. I know Signal/Molly on Android uses websocket if there is no Google Play Services. My experience with Signal websocket was not very good in the past in regards to battery drain. It used to drain my battery faster and constantly waking up my device from deep sleep. Is it the same now or did they fix the battery drain issue? I think FairEmail also uses websocket but it doesn't drain my battery at all even though it's running in the background 24*7

                    • zzz replied to this.

                      SoulKeeper
                      I've been using websocket Signal installed on a Pixel 7 directly from the developer's apk for the past 6 months.

                      Battery usage set to "Optimized".

                      No google anything on the profile.

                      Settings -> Battery -> Battery Usage usually reports about 20% of my usage from Signal.

                      I average about 30 notifications/day from Signal.

                      I usually expect 1.5-2 days on a single charge.

                      Hope this helps.

                        2 months later

                        • [deleted]

                        • Post #17

                        treequell I don't think Registeration Lock will make it harder to steal your Signal number (I assume you meant the number used to register for Signal), It will prevent someone only having access to the Registered phone number from logging in to your Signal account.

                        zzz Thankfully these extra Signal accounts for my use case are more like "throwaways" for casual & low stakes cross-profile data transfer.

                        You can use Syncthing for this. Here's a guide by @dgzeij for setting up Syncthing to sync data between user profiles.

                            3 months later

                            What about the Cloaked app? is it viable with Graphene, or are there any no go vulnerabilities or unnecessary risks?