I used Signal once on CyanogenMod and it didn’t make me think during the registration. Now that I want to recreate a secure communication with my previous communication partner on LineageOS (OS reinstallation) I face the following problem after installing Signal from the Google PlayStore:
- I can send SMS invitations and receive them. They contain an obfuscated HTTPS link which is opened in the default browser which redirects to https://play.google.com/… from https://signal.org/… and offers to “Open in Play Store App” which redirects to https://play.app.goo.gl/… (a phishing scam? And if not why would anyone choose such a URL?). The problem is that the websites offers to install the app although it already is installed (maybe the web app doesn’t have access permissions to that information and always offers to install which would make me think even more).
- https://support.signal.org/hc/en-us/articles/219377827 doesn’t mention the reception of SMS and doesn’t like any information how to proceed with it.
- Not matter which unnecessary inacceptable confusion the first two points cause: there’s no way to confirm the invitation because everything ends in the request to install an already installed application. Since I was hoping for better support of using the invitation when using Signal as the system-wide SMS application, I cannot deinstall it because I’d loose all my SMS or at least those exchanged after making Signal the system-wide SMS application. This comes very close to malware behaviour (not all criteria is fulfilled, though)…
How to get started using Signal as secure messenger instead of SMS application and how to undo the setup as system-wide SMS application with as few data loss as possible?
I’m using LineageOS 14.1.
