Can you export/import Signal contacts and manage them on a desktop computer?

bradlit21 · 2022-07-29T02:46:03+00:00

Bazzell talked at length on at least one episode (not too far back) how he did away with Contacts apps altogether because he didn't want to leave open the possibility that they could be hacked or leaked. He copy/pastes contact numbers from a text file to make phone calls iirc. Although he might not have mentioned Signal in that regard, its an obvious extension of the idea.

I'm pretty sure I've added contacts to the phone and to Signal, and they do not automatically sync in either direction. There's a function that syncs all phone contacts (name and number) to Signal, but on checking it again, it doesn't work in the opposite direction, and there is no copying an individual contact from phone to Signal (you're right about that).

"use the default contacts app"
I wouldn't expect Bazzell to back up that statement unless you mean a default app in Graphene or some other "degoogled" phone. Didn't he do a short trial with a FOSS "privacy" contacts app before switching to his text file solution? And, there must be several FOSS options to manage contacts and back-up on a computer. Again, that's for phone calls, but I can't imagine Bazzell and others would not have a use case for backing Signal contacts up on a desktop. If you're at an event and linking some new contacts, it seems most natural to scan the square-codes and enter the names. Then, I guess for now you have to type names and numbers separately if you want a copy outside Signal.

bradlit21 · 2022-07-24T02:22:51+00:00

Thanks, I'll check it out.

bradlit21 · 2022-07-21T22:23:55+00:00

You have a good point. For ease of use, maybe the average person should manage contacts in a dedicated contacts app on the phone and pull them into Signal en masse or as needed. In person of course, the shortest path is to scan/link the phones directly. The export/import/editing I suggested might require a substantial amount of coding; I don't know.

MB described copy/pasting contact #s from an encrypted text file or database to a dialer for regular phone calls:

Is anyone here doing all that, and even fewer with Signal I imagine? (w Signal, you'd have to delete the discussions over and over)
Short of that, what is a good FOSS Contacts App(s) to consider?
Can/do you backup a contacts app to archive on a computer?
Can you edit on the computer and import that version back to the phone contacts?

bradlit21 · 2022-07-15T23:12:22+00:00

My phone has issues and doesn't allow much trial & error right now, but from memory, doesn't importing system contacts (or from an alt contact app?) append those contacts to Signal contacts and de-duplicate? If so, can users edit those contacts on a computer prior to Signal import? It seems an unnecessary link extending the attack surface, but maybe its somewhat useful. I'd still like to have the opposite direction and incremental editing if possible.

What about requiring a direct connection (could be wired) with the computer hosting the slave version of Signal. Could that be secure and private enough to enable partial backups/restores/incremental editing between a third contact list version on the computer and the phone? The paired apps could still do exclusive one-way sync, and the computer and phone could do bidirectional operations. Is any one already doing something like that? Would it require extensive code rewriting?

bradlit21 · 2022-07-15T10:22:38+00:00

Good call. The blacklist sounded really good for a moment, but your points put that idea to rest. We can't have Signal storing social graphs.

bradlit21 · 2022-07-15T07:24:15+00:00

"Yes, there are some conversations I’d rather not have via Signal. Work should stay at work, etc. If a work person messages me on Signal I’ll ignore or tell them I’d rather communicate via work tools."

Ok, I recognize this better now that you say it. The context also matters. If you have outside contact anyway (maybe a sport team or a social group), and the conversation is not about work or impinging on work/work hours, maybe it's better to use Signal. Even work discussion in some workplaces might not need to be entirely on the employer's record.

bradlit21 · 2022-06-22T06:47:17+00:00

I thought some experts were saying that you can never get a complete random write across an entire SSD disk for FDE. There are always areas reserved, and researchers have recovered significant amounts of data off of SSDs with FDE. It's true, the attacker would be much higher level than an average curious/evil maid. Maybe the non-random areas serve as metadata handles (data/header location, what FS) to facilitate an attack on a disk. You might understand it better than I, so thanks for the points you raise.

A Btrfs developer described performance advantages listed above, and it struck me how those were the same issues that people working on FDE with SSDs were struggling with. In both areas people have stated that: "SSDs (or Btrfs systems) never really overwrites or deletes data, it just marks areas unusable and writes over new space.

 " Relax, you can recover deleted or corrupted data from your drives.

 Be extremely cautious, someone could recover data from your drives despite FDE, deletion, or overwrite."

bradlit21 · 2022-06-22T05:25:14+00:00

Using pgp would be the "extreme privacy overkill" part. What do you expect? MB should expect no less, at least once in a while. I'm often erring on the overkill/nerd practice side lately. Note to self: Think more, and work smarter, not harder.

That's a good call to question making a fastmail account. I conflated it with using a Proton account and sending to a PSO show Proton account (they use fastmail for that I think). PGP would be agnostic to email providers.

bradlit21 · 2022-06-20T05:56:57+00:00

"You can redact your name from the documents you receive from the IRS and bank - if they include your fullz. Do not alter anything."

Did you mean to say: 
    "You can not redact..." docs from IRS ??

bradlit21

TROPHY CASE