I doubt you'd want to use it if it didn't use your contacts, though. Not many people are prepared to deal with a whole separate set of contact ids for the sake of a small amount of arguable extra privacy.
It's entirely possible for Signal to work with contacts and yet not transmit address books to OWS. I sketched out a protocol for doing so awhile back: https://news.ycombinator.com/item?id=11289223
So people could use their address books securely if they wanted — if OWS would allow them.
If I want someone I don't know yet to reach me, I expect them to Google search my phone number/email to make initial contact.
For those I already established initial contacts with, I'd like an account on a service that knows practically nothing about me other than my username(like coolkid654) and lets me send messages to others(coolkid655).
Given the state of data leaks[data snooping by the Gov or anyone else], and spam, it wouldn't be a terrible idea for someone to have a username that they reveal to only the people they trust(are worth). More like a Blackberry key.
If packaged well, and made to look 'cool', it could even catch on and everybody would create one(or many).
Sure, most won't right. But clearly in this thread some people are willing to do that and I'm not convinced that there is a large burden/cost to signal to allow this.
The problem for me is that my contact list of Signal users is quite small (1 or 2 people) and everyone else isn't using it. I don't see the reason to allow Signal access to that list of people "Just in case" they decide to. It's incredibly unlikely bordering on near impossible.
This isn't the golden bullet of reasons that it should be this way, but the fact that in design Signal has made the choice to force access to contacts to me, says one of two things.
1. We haven't thought about cases outside of our own experience and expressly reject those as being outside of the market we're interested in. "You're not the user we're looking for."
2. There is value/commoditisation in that contact list that signal is interested in and this is the price to play in their system.
The problem is that either of these two options run pretty counter to the idea of secure privacy focused messaging client designed to be seperate from the user.
People's value of privacy is nuanced enough that making broad scoped decisions like this can run afoul of their expectations. Considering that Signal is aiming itself at the privacy conscious (Over-conscious in a lot of instances I'm sure), it's very weird that they would forgo this obvious affordance of information.
There could be two separate versions, one for paranoid users, one for those who don't care. The number of permissions Signal app requires is scary. It gets almost full control over your phone including reading SMS messages.
> The number of permissions Signal app requires is scary.
This is exactly why I'm shying back from recommending Signal to my family. I taught them that the equation "permissions = bad" generally holds, so Signal would look like spyware to them, even if every single permission turns out to be justified for some reason.
