Signal wants to improve the security of its messenger with several small changes. On the one hand, the surface is supposed to put a stop to widespread spam messages: from now on, the software makes profile pictures of an unknown contact unrecognizable. In this way, criminals should no longer be able to lure their victims with stimulating photos of potential partners or the logo of a bank. Signal only displays them correctly after an explicit click on the symbol. Links in contact inquiries can also no longer be clicked, so that users cannot easily be redirected to a prepared website.
If a user rejects a contact request, he can mark it as spam if desired. At this point, Signal does not want to collect any further data about the users, but rather to pursue criminals differently to protect privacy: In addition to the spammer’s telephone number, the client sends an anonymous one-time ID of the message to the server. If Signal repeatedly receives such messages from users, they must pass a CAPTCHA test. This should at least slow down the delinquents, but at the same time not restrict the regular flow of messages.
While large parts of the messenger are under a free license, the developers do not want to make the server part of the anti-spam software public. They justify this with the fact that they could be ahead of the criminals. All information about the update can be found in the announcement from Signal.