Hello! We are running our annual fundraising. Please consider making a donation if you value this freely available service or want to support people around the world working towards liberatory social change - https://riseup.net/donate
and _Wait until additional software has been installed successfully_
and _Wait until additional software has been installed successfully_
4. Choose Applications ▸ System Tools ▸ Terminal
4. Choose Applications ▸ System Tools ▸ Terminal
5. signal-cli-jre runs via Java runtime environment (jre). We need to tell jre to use torsocks' SOCKS proxy exporting the following value executing
5. signal-cli-jre requires at least Java Runtime Environment (JRE) 17. We need to tell jre to use torsocks' SOCKS proxy exporting the following value executing
**Replace $PHONE_NR with your phone number using the international format (e. g. +15758941234 for a number registered in Truth or consequences, New Mexico)**
**Replace $PHONE_NR with your phone number using the international format (e. g. +15758941234 for a number registered in Truth or consequences, New Mexico)**
_Tip: If you want to acquire an anonymous phone number for registering signal, one can do so using free temporary phone numbers for receiving text messages online. For example https://quackr.io/ is quite reliable service if you choose numbers of so-called "Western countries". Please note, that everyone can re-register your phone number with signal, revoking your access to your newly acquired number. Therefore [set a registration lock PIN](#Registration-and-registration-lock-pin) immediately after successful verification. Receive/send messages **at least once every 7 days** in order to keep your number. This is the reason why many of the freely available numbers can not be registered with signal w/o PIN, 'cause they already have been registered by someone else who subsequently set a registration lock pin. Be patient and keep trying newly added numbers should do the trick._
## Registration and registration lock pin
## Registration and registration lock pin
1. Follow steps 1 through 5 at section [General use of signal-cli on Tails](#General-use-of-signal-cli-on-Tails)
1. Follow steps 1 through 5 at section [General use of signal-cli on Tails](#General-use-of-signal-cli-on-Tails)
2. Follow the steps on https://github.com/AsamK/signal-cli/wiki/Registration-with-captcha
2. Follow the steps on https://github.com/AsamK/signal-cli/wiki/Registration-with-captcha
...
@@ -89,7 +91,7 @@ torsocks --shell
...
@@ -89,7 +91,7 @@ torsocks --shell
~~~
~~~
signal-cli -a $PHONE_NR setPin "verysafepassword"
signal-cli -a $PHONE_NR setPin "verysafepassword"
~~~
~~~
Tip: Use [KeepassXC preinstalled on tails](https://tails.boum.org/doc/encryption_and_privacy/manage_passwords/) for generating and storing safe passwords.
_Tip: Use [KeepassXC preinstalled on tails](https://tails.boum.org/doc/encryption_and_privacy/manage_passwords/) for generating and storing safe passwords._
### Additional Tips:
### Additional Tips:
- If you want to register a number which is only able to receive phone calls, add the `--voice` parameter to the register command:
- If you want to register a number which is only able to receive phone calls, add the `--voice` parameter to the register command:
signal-cli -a $PHONE_NR verify --pin "yourPIN" 123456
signal-cli -a $PHONE_NR verify --pin "yourPIN" 123456
~~~
~~~
## Provisioning Signal-Desktop
## Provisioning Signal-Desktop & hardening
1. Start your Tails unlocking your persistent storage
1. Start your Tails unlocking your persistent storage
1. _Wait until additional software has been installed successfully_
1. _Wait until additional software has been installed successfully_
2. Choose Applications ▸ System Tools ▸ Terminal
2. Choose Applications ▸ System Tools ▸ Terminal
...
@@ -132,16 +134,24 @@ signal-cli -a $PHONE_NR addDevice --uri "PasteTheQrCodeLinkHere"
...
@@ -132,16 +134,24 @@ signal-cli -a $PHONE_NR addDevice --uri "PasteTheQrCodeLinkHere"
signal-cli -a $PHONE_NR listDevices
signal-cli -a $PHONE_NR listDevices
~~~
~~~
It should list your Signal Desktop with the name you set in step 13. among the master (signal-cli).
It should list your Signal Desktop with the name you set in step 13. among the master (signal-cli).
10. Use Settings to enable/disable features such as link preview, incoming calls etc. Recommended settings in terms of privacy are:
### Hardening
Use Settings to enable/disable features such as link preview, incoming calls etc. Recommended settings in terms of privacy are:
- Grant access to microphone only if using voice messages or voice calling.
- Grant access to microphone only if using voice messages or voice calling.
- Grant access to camera only if using video calling.
- Grant access to camera only if using video calling.
- Disable link preview.
- Disable link preview.<sup>*</sup>
- Activate incoming calls only if you want to make Signal calls.
- Activate incoming calls only if you want to make Signal calls.
- Set calls to indirect.
- Set calls to indirect.
- Disable read receipts.
- Disable read receipts.<sup>*</sup>
- Disable typing indicators
- Disable typing indicators<sup>*</sup>
- Set a value for default disappearing messages
- Set a value for default disappearing messages
*These configurations can also be set using `signal-cli` (useful if you prefer a TUI like [scli](https://github.com/isamert/scli/) over a GUI like Signal Desktop):
1. Follow steps 1 through 5 at section [General use of signal-cli on Tails](#General-use-of-signal-cli-on-Tails)
## Every now and then: Receiving messages with signal-cli
## Every now and then: Receiving messages with signal-cli
Every now and then you should also receive events with your signal-cli, so in case something needs to be done via signal-cli, it doesn't take ages to sync last 300 days or so of events:
Every now and then you should also receive events with your signal-cli, so in case something needs to be done via signal-cli, it doesn't take ages to sync last 300 days or so of events:
