Crazy how decentralization improves both, but they are vehemently against that. I trust them in terms of privacy, but their insistence on centralization, blocking third party apps, removing SMS, and refusal to support fdroid, I’m not a fan of the direction they’ve gone recently.
I haven’t been able to trust them since the get go, to be honest. Their whole stance against federation is… FUDdy to stay polite: gultsch.de/objection.html
Wait. Signal was an SMS client. It wouldn’t cost them anything for a user to send an SMS message. IIRC, they nixed the SMS feature for security reasons, not cost.
The Morman church is another US ‘non-profit organization’ yet somehow hordes billions.
Trusting blindly without doing research because something is presented as a non-profit is a good way to be taken for a fool and separated from your money.
When signal made their own cryptocurrency which they entirely premined was a huge red flag. Dropping SMS support was an annoyance that broke the camels back.
Yeah I think you are right. I too was really mad at Signal for ditching sms, and THEN having the audacity to ask for donations! This article shines a light on the reasons, wow.
Still, I would only donate if they kept sms in there. Not without sms because now it’s just one more isolated platform and no longer a one-stop solution at it used to be.
The sms cost is for account creation and verification on new devices, being an sms client didn’t cost anything aside from maintaining that portion of the app
Removing SMS support makes sense. The potential for a user sending something through SMS that they thought was going over Signal is high. Even for the savvier users who would install Signal in the first place.
It killed adoption, since now it’s just another messaging app. Most of my contacts still use SMS, and will stay on it, so being able to use Signal was a smooth all-in-one experience. Now I have no point in keeping it installed because like 3 of my contacts use it, so it has no use to me, thus killing potential adoption.
And if you had spent 3 minutes looking at r/Signal or the support forum before they disabled SMS you would have seen how many people were confused by the feature.
Perfect, that keeps you off signal and lowers their operating costs.
Because if you actually needed signal, you’d still be using it. Security and privacy is not about convenience or a “smooth all-in-one experience”. It’s about actual security and privacy. And that is what signal provides.
Exactly the opposite. Removing sms was the thing that finally made me recommend it to my friends and family. People understand sms replacements. People understand alternate messaging apps. People don’t understand encrypted sms.
If you have people who love whatsapp, it’s super easy to get them to use signal instead.
They do a lot of work to keep your phone number private, or at least any data that is tied to it. This username upgrade is solely for someone to communicate over Signal without needing to hand over your phone number.
For example, you can now be in group chats with internet strangers by just giving them your username.
On top of that, once MLS is adopted, you can communicate with other messengers as well.
I thought peoples big problem with it was not wanting to give others their number to use signal? Like I meet Joe Blog online and don’t want to give him my real number to chat.
Putting a SIM card in a phone exposes it to enormous surface area of attack. People have been asking to register with anonymous emails instead of a phone number, like Wire has had for years
I thought peoples big problem with it was not wanting to give others their number to use signal?
The issue is that giving your phone number to Signal Messenger LLC is giving it to others, and therefore not keeping it private in the usual sense of the word.
Some people may be unconcerned about a corporation knowing their number vs. their contacts knowing their number, but that doesn’t diminish the misleading aspect of this headline.
Personally, I care about the phone number requirement not because I don’t want to reveal it to Signal servers, but because it limits access to Signal for people in countries that block their SMS service - registration messages just don’t arrive
Wrong, it still keeps it private but not anonymous. It’s not the same concept and for most thread models knowing that you use Signal is not really an issue, especially since with this feature no one can check if you have one if you don’t give them your username unless they have access to Signal servers in which case they still have nothing except the knowledge that you have an account.
A PoW could limit bots too. Require say 30 seconds of work before your registration submits. For regular users that isnt to bad. For bots its a PITA to get tons of accounts
Edit: tor uses PoW as DDOS protection and its helped massively
For each account you register, you have to do 30 seconds worth of work. So to register one account, you do 30 seconds worth of work. To register 100 accounts, you do 100*30 or 3000 seconds (50 minutes) worth of work. Registering tens of thousands of accounts then becomes unfeasible.
Exactly! ANYTHING THAT CAN COMPUTE CAN DO IT. Few things have a uniquely identifying piece of information with other levels that are barriers to entry…like a phone number. The idea is to STOP bots from signing up to Signal.
It's ALSO possible to generate virtual phone numbers for a small cost.
Using a cryptographic PoW is a different small cost.
Either way, it only takes a small cost to prevent mass bot registration.
You're treating processing power and time as if it is 100% free just because it can be done in a VM. But it doesn't matter if it is a VM. It is still going to require at least some certain threshold of processor time, and that processor time has a real cost. For the kind of place that can just spin up thousands of VMs and use it to do massive bot registration... they could just be mining bitcoins instead.
It's not just whether you can do this. It's how much value it has vs what ELSE you could be doing with the time and energy. A Signal account is already worth vanishingly little as a spam tool, they just need to give it enough of a cost to make it not worthwhile.
If preventing Jimmy Bumfuck from spinning up a couple sock puppets is your fear, yeah, PoW systems don’t help. But those are rarely the problem.
For a phishing scam or astroturf operation to be worth it, you need tens of thousands of accounts all running the same script. Those get filtered hard by PoW systems.
Phone validation works just as well, and stops Jimmy Bumfuck from making sock accounts. But now every user must be stapled to a phone number. Maybe that’s a worthwhile trade to you, but it sure doesn’t seem to be to everyone replying to you.
It was the original purpose of the bitcoin algorithm to limit spam.
If you have to do a lot of maths that takes your computer (for example) 30 seconds, that means it costs 30 seconds of compute to create an account. Nothing to an average user, for a spammer that wants thousands of accounts it gets expensive.
Several captcha[0] libraries already use this and it’s great for accessibility (normal captchas are terrible for it)
Because it’s not. I can spin any number of emulators or VMs that do any amount of work with a simple script, but that’s all it does. How does it prove I’m anything but a scripted, virtual instance of a person with a device?
There’s a reason why Telegram is flooded with bots, Signal as of now has not been.
A more accurate title could be “Privacy is Priceless, but Centralization is Expensive”: with the era of cheap money coming to an end, grows a lot of uncertainty regarding the future of some large internet services. Signal is no exception and this emphasises the importance of federated alternatives (XMPP, fediverse, …) for the good health of the future internet.
Threema is the oldest and most polished option. You do have to buy a license for a one-time fee though. It's entirely worth the play store credit I spent, but if I were to buy now, I'd use their website store so I could use the open source app instead.
If those “normies” aren’t turned away by the creation of an account (and if they can use Amazon, I doubt it’s an issue), they can certainly use XMPP :)
Except it is not free. My carrier does not include them in the main plans (because they’re not as commonplace anymore), and you either buy an additional package or pay per each SMS.
At some point society needs to figure out how we can subsidize the costs of data storage, remote servers, and provision of internet to people for free.
The only real way to do that is government subsidized servers, but that will fall in the same category as literally every other government service: right wing political entities try to privatize it and make it as shitty and parasitic as possible.
You pay for these things with your data. If the government is paying for privacy-respecting storage or safe internet access, then so are you with your taxes. I’d vote for that, but I’d guess the majority of people would not.
Yup, it has a cost, but there’s perhaps a one or two orders of magnitude cost difference between hosting instant messaging + calls with something like XMPP, and hosting mastodon/Lemmy/Kbin (or why I do the former but not the later, and why I’m ok to pay for the service, esp. considering that my instance’s business model isn’t, unlike Reddit, to re-sell influence and data).
And why wouldn’t they? 90% of the software people use daily is free (as in beer), so of course being told that’s going to change is going to cause upset. It takes a lot for people to want to pay money for something that, to those who don’t value free (as in freedom) software, is no different than the costless alternative.
I laid it out elsewhere in this thread, but in short, costs grow non-linearly with scale: you can run thousands of users on a RPi, but a million users requires whole datacenters. Decentralization not only helps with not requiring “whole datacenters” in the first place, they also enable maximization of resources: if you have a NAS at home, or a RPi hanging around, a router idling somewhere, or an abandoned smartphone in a drawer, you can probably host enough accounts for all the people that you’ve ever met in your life. And there are hundred of thousands of such underused devices everywhere, which, put together, would be sufficient to host the whole world multiple times around.
The other issue is sustainability: with this centralization comes single point of failure. It’s no big deal witnessing the disappearance of one or few providers of a federated network. Accounts and data can be migrated easily. For most users, it’s invisible. Now compare this to Signal running into financial issues: you are contemplating million of users losing access to their account and their data, and having to re-bootstrap their whole social graph elsewhere. This is another level of “cost”, or price to pay, for centralization.
Who is maintaining all these “unused” devices that you will want working pretty consistently? Who is responsible for replacing hardware when it dies? Who is looking into it when someone stops receiving messages? What happens when the person hosting thousands of users just stops wanting to do it? Who migrates these accounts?
Frankly, your argument sounds more like wishful thinking than anything practical. You’ve basically described the plan as “Magically some devices in someone’s basement will suddenly start running a messaging service, maintenance free, from now until the end of time”.
This isn’t wishful thinking, this is in defense of a model where our digital needs would be distributed at a level lower than that of the tech majors, which was commonplace before everything on the internet was so consolidated.
I’m not saying that everyone should self-host, I’m saying that federated services could be hosted at family&friends/regional/national levels, simultaneously, and deliver a resilient service at a negligible cost. Hardware, which is very much a problem for Signal & al right now, wouldn’t be in a distributed model, and could be donated and repurposed easily. My example was perhaps a bit too extreme, but I think you get the gist of what I’m saying.
Decentralisation would just spread the costs over more individuals. Those individuals would have to collect contributions from their respective communities. The total amount people who would have to chip in to make the system sustainable won’t change dramatically. Decentralisation isn’t some magic wand that makes infrastructure and labor costs disappear into thin air.
…the costs and the risks: let’s jump forward a few years into financing issues, at what point does Signal become a liability and start operating against their stated mission, if the alternative is that they cannot survive? We are witnessing enough contemporary examples of enshittification to know that it’s a real possibility, and that all centralized providers, but in particular the ones not charging for service, are at risk.
Some would even argue that this has already started in the case of Signal with their crypto payments and blocking of 3rd party clients which are clearly user-hostile.
Those individuals would have to collect contributions from their respective communities.
Perhaps, or perhaps not. Running costs get exponential with scale. You can host 1000 users on a shoebox computer/raspberry pi, but delivering a service for millions requires datacenter-level infrastructure and tons of engineering know-how.
Most people into self hosting or having a NAS at home can already accommodate their families, friends and more, which means millions of potential users, without the problem of trust from a single organization
I love Signal but this is one of many problems with centralized servers. Not only can they be disabled by the gov but they cost, as seen here, tens of millions of dollars to keep running at scale.
What is the advantage? Why are we not using P2P systems? If I can download a 30GB video problem-free over and over again, shouldn’t it be simple enough to do with a 1mb text file?
A huge part of their costs is just verifying phone numbers, which is something the service does not need and shouldn’t even have.
I‘m not an expert on this topic, so someone correct me if I’m wrong. Signal is only storing stuff temporarily to pass it on, so I’m assuming you’d have the exact same costs even if it weren’t centralized. Maybe even more as it’s probably cheaper to have it managed in one place. I’m assuming all this would do is distribute the cost, but otherwise be the same?
The difference is that there's enough unused capacity on your personal device to handle all the traffic any typical user needs to handle in a day many times over, for simple messaging. Likely, that load is so little it won't even affect your battery life.
Wouldn’t that mean both have to have a connection at the same time?
Yes.
What if one is offline?
How do you think you’re going to receive messages offline?
How much time does your phone spend offline?
One device can send a receipt when received. If the other device doesn’t receive that receipt it can just keep pinging periodically until it receives it.
You can also just hook up any old phone or computer, install the app, and let it run as the server.
For more info on how this currently works you can check out Keet.io
You can also just hook up any old phone or computer, install the app, and let it run as the server.
If you have a static IP address, if you want to bother with securing and maintaining it, if you're willing to deal with downtime when something inevitably breaks, if you're willing to deal with lost data or also maintaining a backup solution, if... a dozen other things that most people don't want to deal with.
Sure, but you also just... don't have to do that. None of that is necessary fore core functionality of a messaging service, IF you stipulate that both devices must be online at the same time to ping each other.
The only thing you need is some very basic addressing service so they can find each other, and there are entirely P2P solutions for this that already exist and work without issue. See: bittorrent.
The ONLY drawback of having no server, fundamentally, is that the two devices need synchronicity. If they both aren't online at once, messages won't get delivered. Which is not a big deal for a modern smartphone given that most of them are online close to all of the time.
I'm not really going to get into the technical aspect since I feel neither of us know enough to tell how feasible it is (although I think you're wrong since you do need trackers in order to find at least one other member of the swarm), but this part
If they both aren't online at once, messages won't get delivered. Which is not a big deal for a modern smartphone given that most of them are online close to all of the time.
I just a horrible take. You can't base your business model on "modern phones being online close to all of the time". You can't have random data loss whenever someone goes out of service area, has to turn on airplane mode, runs out of battery, has a software error or just an update or some other kind of temporary downtime? That's not how you design any software, less alone a dependable messaging service. You can't just "stipulate that".
What business model? Why does a messaging app need to be a business? And again, how is someone who doesn't have service supposed to be receiving/sending messages? Makes no damn sense.
Basically all bittorrent programs include allowing a peer to act as a tracker directly.
Nothing gets lost. Not having every packet get delivered is already entirely normal on any internet application, and already solved.
Solving that "problem" is as simple as sending an acknowledgement back when a message is received, and retrying when acknowledgement isn't received. Routing P2P is more (but not very) complicated than that is.
You don’t need to do any of those things. It’s functionally no different from your Signal Android and desktop apps. There’s no configuration necessary.
Keet is closed-source app with built-in crypto, I am not touching it with a 10ft pole. Holepunch does sound like interesting technology at first glance. It doesn't solve any of the issues mentioned above besides connectivity however.
You’re not wrong. Federation would have higher costs but distributed over more people. Even with pure P2P a-la BitTorrent things might not be significantly cheaper because you’d likely still need to host authentication centrally or federally. You’d only eliminate the message bandwidth costs.
The thing is, we already have a way to distribute the costs - people subscribe to support Signal. Some pay more, others less. Whether I run a node that serves 100 people or subscribe for $10/month, it’s somewhat equivalent. So the practical takeaway should be - if you want for Signal to keep signalling - subscribe if you can afford it.
If you are curious, you should give XMPP a shot, it’s equivalent to Signal in terms of encryption, but anyone can host their own. Signal is ideologically opposed to anyone but themselves being in control of your account, and because of that I don’t want to trust them.
Indeed. Xmpp is lost as a general purpose chat app for everyone. I have many issues with matrix but it’s the best chance we have, particularly with bridges.
XMPP is the IETF Internet Standard while Matrix is just another custom IM protocol managed by a venture capital funded startup which keeps losing money.
I don’t disagree with that statement; however, that doesn’t make it something the general public will embrace. Its mess of extensions are top little too late. That ship has long sailed. And I say this as someone that prefers using XMPP for 1:1 chats
I don’t believe Matrix is better positioned than XMPP to succeed. On a technical aspect, Matrix hasn’t managed to stabilize its protocol, and they’ve been a decade into it. This has resulted in only a single organization being in charge of the protocol, the client and the server implementations. This isn’t sound, this isn’t sustainable. And now, unsurprisingly, this organization is in a financial crisis, has lost important customers, has no budget secured to maintain its staff in the next years, and recently underwent a major licensing change that we can only interpret as a shift towards an opencore model at the detriment of the regular user.
I can’t pretend to know the future, but if you read between the lines and the justifications provided, this isn’t really about AGPL per se, but about Element brokering AGPL exceptions. Practically we can expect all kinds of forks with opencore options that might enshittify the user experience in different ways, and further solidification of Element’s single-handed control over Matrix (which had been a prime concern for many years). Matrix is by the day closer to the closed-source centralized silos it was first pretending to oppose.
Please, don’t recommend pidgin, it’s a security hellhole, and a pretty terrible XMPP client at that. If you want something with a similar vibe, check-out dino.im or gajim.org if you are more on the “power-user” side of things :)
Neither XMPP nor Matrix will ever become “the next WhatsApp”: the current internet has seen too much consolidation for the tech majors to permit it (and open and federated protocols can’t compete, do not have the marketing budget nor the platforms to promote their software, but I salute the EU’s Market Act attempt to shake-up the status quo).
But that doesn’t really matter IMO. What (I believe) is important in the grand scheme of things is that such protocols remain alive, maintained and secure, so that:
<span style="color:#323232;">small-scale instances can flourish and contribute to a more resilient/efficient internet (think of family-/district-level providers ; this is the kind of service I personally offer: family members and friends at large appreciate that the messages and data that we exchange aren’t shared over some cloud or facebook server for no good reason)
</span><span style="color:#323232;">
</span><span style="color:#323232;">IM identities can persist over time: if you are a business or an individual, you may want to look into having a stable/lasting contact address, that will survive the inevitable collapse of facebook/whatsapp/instagram/… If you are old enough, your current email address probably existed before facebook. Why not your IM address?
</span>
And yes, I hear you, this is rather niche, but what got me there (and on XMPP in particular) is having been long-enough on the internet to become tired of the never-ending cycle of migrations from service to service. More and more people will have a similar experience as time goes, so this niche will only grow :)
Which xmpp clients have you used? Conversations and its forks seem far from janky. Movim is nice, Dino is looking good, Kaidan is looking pretty good. Prose could be interesting.
WhatsApp started is an XMPP client, but they use lots of proprietary extensions (doesn't matter since they don't federate). You can build very robust and scalable messengers with it if you want to.
The open source implementations are developed by like 1-2 guys in their spare time and they're not far behind (and sometimes even ahead) other federated messengers which received tens of millions in venture capital funding.
If you need to convince your friends to use some app it might as well be XMPP compatible instead of another walled garden. If you can get your friends on board, you win, even if nobody else uses it.
I assessed XMPP vs Matrix about 8 years ago, and strikingly, the basis on which it didn’t make the cut still applies today. Here’s what I responded to a sibling post: programming.dev/comment/5408356
In short, Matrix dug themselves into a complexity pit with an inadequate protocol, survived for a while on venture capital money (upscaling servers and marketing at all cost), all of it dried up, and now they are in financial trouble. Matrix won’t disappear overnight, but is definitely losing the means to run the managed instances and the client/server ecosystem.
Is Matrix's problem just the large scale? I thought it worked relatively well if you're just using it for personal needs like smaller servers and personal bridges.
If you read between the lines, Matrix 2 is practically about handing the client state over to the server (what they refer to as “sliding sync”). Realistically, this is an admission that the protocol is too complex to be handled efficiently on the user’s devices. I’m not saying there are not clear benefits (and new trade-offs) to the approach, just that in the grand scheme of things the complexity is shifted elsewhere (and admins foot a larger bill).
They are kinda shooting themselves in the foot with all their big rewrites though. Like Vector, Riot, Element, Element X (and I think before vector/riot there was another official client). And Synapse/dendrite… It feels like they spread their development over too many fronts.
It’s difficult to maintain privacy in a P2P environment. In naive implementations, your IP address will be visible to all the peers you connect to. This is the case in e.g. BitTorrent.
Signal has this issue with video/voice calls as well; by default they operate on a P2P basis for performance reasons, and they expose your IP address to the second party. Signal has an option in the settings to relay voice/video calls through their servers specifically to mitigate this.
There are some workarounds for anonymizing P2P, like routing through Tor or I2P. Tor, however, has known exploits and is probably not suitable if you need to hide your activity from advanced adversaries like world governments (e.g. political dissidents, journalists, etc.)
I2P sounds interesting but I’m not deeply familiar with it. I understand that I2P clients also act as relay nodes, which puts an additional bandwidth burden on users. I’m not sure if I2P is more resilient against government-level attacks than Tor. I’d be interested to hear from anyone who is more familiar with the protocol.
A MitM sniffer would be able to see the source and destination IP addresses, not just the person you’re chatting with. Even if the data is encrypted, P2P is still vulnerable to a layer 3 attack.
Depends on who is in the group chats. Primarily I am concerned with keeping them out of the hands of corporations, eg: Google, Meta, MS, AWS, etc. to be added to giant databases and used to profile me or unjustly subpoenaed by the gov.
If you’re using it for personal correspondence with people you know and trust, that’s probably fine. However, a secure and private communications platform should support more extreme use cases as well.
If you’re a journalist, for example, you might need to communicate with people you do not know or trust. You could realistically be talking to someone who wants to kill you, or who is being monitored by people who want to kill you, particularly if you are covering high-profile political issues or working with whistleblowers (or are yourself a whistleblower). Even revealing information as broad as what city you’re in (which would be revealed by your IP address) could be a risk to your physical safety.
Even though I do not personally face such high-level threats in my life, I feel better using services that allow for the possibility. Privacy is a habit, and who knows what tomorrow might bring?
The cost of these registration services for verifying phone numbers when people first install Signal, or when they re-register on a new device, currently averages around $6 million dollars per year.
That’s pretty crazy. Wonder which third party providers they are using. Maybe the identity verification methods we have today is due for some significant changes?
No, I think they are merely working on user ids no longer mandating to be your phone number (so that it can be pseudonymous, e.g. tja@signal instead of +xx0123456@signal), I don’t believe they hope to drop SMS verification at this point because of the spam issue getting worse otherwise
SMS is dead, so they will need to move on eventually. Most carriers are moving towards high data plans now. I mainly use it for verification, although I’d rather use more secure methods.
Also Signal cannot add RCS support, because Google Jibe servers won’t allow other app than Google Messages… And you must use them because native RCS support for Android is halted for years… And you cannot install some module with RCS support yourself because of anti-Unix monolitic Android userspace architecture…
Without SMS verification, spam would be so much worse that they’ve been kind of obliged to keep it, even though it defeats/undoes most of the privacy features they like to advertise about
The article says it’s to limit spam. I don’t feel platforms like Lemmy (or the other platform) are particularly spammy though. On the other hand I get a lot more spam on Whatsapp, even though it’s phone number bound.
Signal is pretty good in terms of limited spam, but I’m curious about the impact if they A/B test the removal and see how much spam would arise. Obviously that could only be implemented after they remove the need to add contact via phone number.
If you go to Reddit which is more popular for bots certain subs are completely filled with spam and votebots. r/worldnews is like a giant circle of pro IDF bots jerking eachother off. LSF became a shitshow too.
If more people joined Lemmy you’d see the amount of spam this place would get. Now it’s only a bunch of nerds who will quickly report any spammy activity. It’s a small “friendly” community for now.
You are correct my friend, because Lemmy is for smart people like us. And a smart person like you could easily make 10k per month on the side.
With just a small initial investment you could create a huge passive income in no time.
Just go to shadyscamspam.com and become your own boss.
Anonymity is a form of privacy. While for most people it’s not necessary to be anonymous to have privacy, it’s essential in some cases, like whistleblowers or people living under dictatorships (or even in some democracies where governments keeps trying to get their paws on all metadata).
Even if they federated (which I doubt they will do), someone would have to foot the bill for those servers. Same thing on lemmy, someone’s eating the server costs here even if it isn’t a major corporation.
I mean, without browsing levels.fyi or anything like that you can get 4 to 10 software engineers for 1 million (anything from 100k to 250k depending on location, experience, etc.).
Not all employees are engineers but that would imply 80 to 200 staff for the 20 million they state.
That’s only the component paid to the actual staff though. There are additional costs like Healthcare, unemployment, social security, etc, and other benefits that may not be included in wages (though some portion may be deducted from salaries), but they are including in that statement / summary.
about half of Signal’s overall operating budget goes towards recruiting, compensating, and retaining the people who build and care for Signal. When benefits, HR services, taxes, recruiting, and salaries are included, this translates to around $19 million dollars per year.
Still, the cost equals almost 400 000 dollars per employee. That is a LOT of money. Even half that (twice the employees or half the cost) would still be a lot.
I’ve got roughly 25 years in the software development industry and depending on what talent market you’re working in, that 400k may not even be enough for one engineer or architects salary.
I don’t need to believe, I work with these guys on a daily basis (not the Signal guys, but devs) and I know your statements to be true. Still, I very much doubt that they need 50 devs with that salary. It’s a chat app! Of course they have other people too, like marketing, project leads, blah blah - still doesn’t put the price into my mind.
They develop a lot of software themselves. They aren’t just throwing together a few established libraries and call it a day like 80% of software development. They also take the hard and correct way every time instead of the fast, easy and bad way. Quote from the article:
The same dynamic played out again when Signal introduced support for animated GIF searches on Android and iOS. Instead of quickly and easily integrating the standard GIF search SDK that most other apps were using, engineers spent considerable time and creativity developing another unique privacy-preserving technique that hides GIF search terms from Signal’s servers, while also hiding who is searching for those terms from the GIF search engine itself. We later expanded those techniques to further obfuscate GIF search information by obscuring the amount of traffic that passes through the proxied connection.
When Meta acquired GIPHY, and many other apps were scrambling to contend with the privacy implications of the deal, Signal employees slept soundly knowing that we had already built this feature correctly several years earlier.
Don’t forget the CEO’s salary is $5.7M. If you subtract the CEO’s and other execs’ salary from those $20M total, the salary of ordinary employees would probably way less than $200k.
About time!! Been waiting for this for so long. This will definitely make the usability of Signal better and it’ll also be more accessible to people who wanted a Telegram like way to talk to other folks. Requiring a number to still register isn’t a bad thing in my eyes though sometimes it can be frustrating so I hope that there’s an option to create an account without a number. Maybe the account will have finite time before it’s auto-deleted if you don’t input a number some time later to ensure that this option isn’t abused to all hell by bots and malicious actors alike.
Maybe the account will have finite time before it’s auto-deleted if you don’t input a number some time later to ensure that this option isn’t abused to all hell by bots and malicious actors alike
we’re already banning bots, thus effectively making them time-limited. Yet we still have bots and spam on there. This sadly won’t work.
its a sensible choice because many potential implementers hae been dissuaded by the anxiety attached to risks of giving out phone number. (harrassment, stalker, spammer, scammer) . the telephone system has paralyzed itself in fear. yet we all keep buying their shit.
Signal had something good when it could simply be your default messaging app on your phone, and it’d transparently send either encrypted messages, or plain-text SMS. Now that they’ve removed SMS, they’ve just turned into a worse Whatsapp (because nobody is on it). Network effects are important in messaging apps.
I don't see the issue? Just use your native messenger for SMS. Why does it need to be part of Signal? It just makes things convoluted and confusing to have an unsecure messaging service inside an otherwise secure messaging app.
Was that the punch in the face, or was it all the morons intentionally misinterpreting this argument and saying “but why would u want to send nonsecure messages are you aware SMS isn’t secure it’s like so insecure to send SMS bro it’s not secure it’s like literally a security risk bro SMS isn’t secure at all and also are you aware SMS security is poor”
Totally agree. Good opsec is all about building good habits. Having 1 app for secure and a different app for normal creates a healthy compartmentalization in the mind for ease of building and maintaining habits.
You literally made up an argument no one made in this thread.
The fact of the matter is that it is unwise to have both secure and insecure messaging side-by-side. Depending on where you live, this could translate to a simple mistake resulting in imprisonment or worse. It's very important that a "secure messaging app" only allow secure messaging.
You, like myself, probably live in an area where accidentally sending a message critical of the government over an insecure message would not have any tangible consequences, so perhaps you're weighing the convenience as more important due to lack of perspective.
By that logic tho, you can also accidentally open a different app and send an sms, because on Android all the apps need to look and behave basically exactly the same for some reason.
Strawman, one of those big words people use when they can’t make a decent argument.
Would it be that difficult to have two versions of the app then? One without sms for the more security conscious and easily distracted people, and one with sms, that I could install on any grandma’s phone?
Difficulty of implementation was never an argument, only ideological ones, with which Signal fucked over so many people. Literally all of my Signal contacts have gone offline soon after they axed the sms support, and so I have no use for Signal at all.
So, mission accomplished I guess. Secure messaging has won- oh wait, everyone is back on WhatsApp.
All my friends and familiy are still on signal.
This is a you problem not a signal problem.
Maybe you should have told your familiy why facebook is bad instead of being “look fancy chat”
I never needed the sms tool(who writes sms anyways?) what i need is more secure coms that I can use.
One thing that still bothers me is that with the phone number…. I am still waiting for uniq identifiers to uncouple my phone from my messenger!
I’m not here to do Signal’s marketing for them, especially since I never liked it in the first place (due to the phone number thing). They had a good thing going for being an acceptable alternative, and they fucked it up. Definitely not my problem.
You literally made up an argument no one made in this thread.
I literally was not confined to this thread, which is blatantly obvious if you know how context works.
The fact of the matter is that it is unwise to have both secure and insecure messaging side-by-side.
Skill issue. If it’s too hard for some people to pay attention to what they’re doing and use a tool correctly, they can buy a Vsmile. This is all ignoring the fact that no human being could possibly fuck it up on Signal unless they’re too illiterate to send text messages—or indeed use a cell phone—in the first place.
I literally was not confined to this thread, which is blatantly obvious if you know how context works.
Making up an argument no one in the discussion has made is called the "Strawman Fallacy". Why should anyone in this thread care that you talked to someone (allegedly) that was so dense that they made a bad argument that you got frustrated with?
If it’s too hard for some people to pay attention to what they’re doing and use a tool correctly
Ah, so much hyperbole. If I'm successfully stripping all of it away, is seems that your argument is that it is impossible (P=0) to accidentally send an SMS message in Signal, thinking it was a secure message. Is that really your stance? Admittedly, there was a lot of hyperbole so I might have missed the actual point. Please correct me if I'm wrong.
A fallacy is just pointing out that your argument isn't likely to arrive at the truth. As I explained, your "I met a dumb person and so all arguments against this are dumb" stance isn't useful, even if we agree you're not just making that all up.
I asked for clarification. Is that your stance? That it's fundamentally impossible that someone could accidentally send a SMS in Signal while thinking it is secured? I'm going to assume that you don't believe it's fundamentally impossible, so that mean your real stance is that if that happens and someone gets sent to jail or worse, that's a small price to pay for your convenience of not having to *checks notes* switch between two apps.
Do you see how your lack of perspective might be leading you to make a poor argument?
What's bad faith about my argument? There's only two options: You believe what you typed and that it's impossible to make this mistake, or that you were using hyperbole, and you acknowledge that it is possible to make this mistake. These two options are both mutually exclusive and binary-- there can be no other stances. (and notably you haven't actually clarified which one you believe.)
I didn't make you choose to defend a poorly thought out stance. That's on you.
Well, I happen to disagree. I’m a privacy-conscious person, but I’m not an activist. Most of my contacts in real life (i.e the people I need a messaging app to talk to) are non-technical, and not really privacy-conscious. They’re not going to install a different app just to talk to me. The big draw of TextSecure (before it became Signal) was that they could just set that as their default SMS app, and it’d magically start to send encrypted messages if the other end was also using TextSecure, and they had to change exactly 0 of their habits.
I guess it depends on how you view it:
Move as many people as possible over to encrypted comms with the least friction possible, or
Provide a niche secure messaging platform for niche activists with niche needs.
I thought the goal was 1, but turns out it was 2. All my contacts are now back to Facebook Messenger…
It sounds like you’re slightly mis-remembering this oft-cited Hacker News comment from Moxie from 2015. I’m going to quote the main bit here because honestly a lot of people in this thread could stand to think about it:
If we were going to rank our priorities, they would be in this order:
Make mass surveillance impossible.
Stop targeted attacks against crypto nerds.
It’s not that we don’t find #2 laudable, but optimizing for #1 takes precedence when we’re making decisions.
I wasn’t actually quoting this, but yeah, I think that’s the point. Supporting SMS was helping adoption by promoting a seamless transition for users. Dropping it feels like prioritizing #2 to me. (All this comment thread about opsec, compartimentalization, activism, etc is really about #2, IMO)
This always struck me as strange thinking.
Are most people really unable to understand and use different messengers with different contexts and groups?
Honestly I use a few myself. My job has Tiger Connect. I use Signal with all my family and friends. Then I use SMS for some companies automatic notifications. It’s pretty simple and easy.
Well, yes. But when all your friends are already on Facebook Messenger, good luck getting them to install Signal only to talk with you. Network effects are important; a messaging app has no use when you have nobody to message on the app. Supporting SMS was taking advantage of its network effect, and I don’t think their network was big enough to be self-sustaining for most users (it wasn’t in my case, my only contact in there is my wife).
Convincing people to leave Facebook Messenger isn’t that hard. Just let them know Zukerberg and everyone at Facebook can see everything they send.
It is easier with a whole group of friends. If none of your friends known each other, you should work on that for other reasons. Groups of friends are better in general.
Signal was very slow to putting this out icl but at least it’s an option now, which is better than none at all, though sucks you still got to put your number in it though to use it.
Anything better than Telegram (which is has no E2EE via DMs by default) and WhatsApp (which is owned by Facebook) is good step in my eyes despite Signals flaws, cuz we honestly need less big tech controlling our media consumption in our world today.
Yeah although not having a tablet or web client is frankly ridiculous. It’s not 2000 any more, plus their desktop client is already running in a package Chrome anyways.
I think its great. Its for people who simply don't want to share their phone number with other people which is a huge privacy concern, as you can find out a lot about a person by looking up info connected to their phone number.
I’d just be happy if there was a way to restore my messages from Android to iOS (or vice-versa). I’m going to lose my messages from the past 4 years because of this. And it’s been an open request with the devs for 5 years now.
Yeah, they seem to put a lot of energy into esoteric features, when the app is in serious need of some quality of life improvements. I donate a tiny monthly sum to the project and honestly feel conflicted about how effectively it’s being used.
Like the checking for messages notification on Android, I use notification reminder app to remind me of missed messages (ring every 5 minutes) and sometimes randomly in the middle of the night Signal creates a notification that says “checking for messages” and it stays there for a while getting my notification remjnder to think there is an unread message and ringing in the middle of the night. I can’t turn off notifications I might need to be waken up for important stuff.
I think it might have a good reason to post that notification. Android kills apps that are doing background operations for too long without also posting a persistent notification about it.
You can disable the notification channel corresponding to that kind of notification, though. I’m not totally sure if that way your other app won’t see it either, but I think it’s worth a try.
Or maybe chat history just isn’t that important overall. I can do backups just fine on android but have only used that once. I wouldn’t be too concerned if I lost all of my chats, as I’ve already read them.
The core security and privacy features are what’s most important. I’d prefer they keep those as the top priority.
A lot of people use this as an SMS replacement, cool story that you don’t use it that way, but there are plenty of people that do. And the fact that it can also take over and send normal SMS and not just signal means people have more tightly integrated it.
It’s hard to tell what chats you’ll want to retain, so people will just use the other app…
On the other hand, I usually know ahead of time when I don’t want a certain conversation saved. Even if I don’t, I can delete a message for everyone right after something is sent. That stuff won’t get backed up.
Retaining data for years is not.
I don’t see why this is the case? Sure deleting your data completely is always more private than keeping it, but why would it be that much worse keeping it. If the information is important, people will keep it in other forms instead (ex. insecure chat app, personal notes, text messages).
are you 14? People have a lot of reasons to archive their communication: forgotten conversations, random details, family, memories, relationship, business,
But I can understand why an edgy teenager won’t have any of those.
I search through my chats pretty often, both on Signal and things like FB Messenger. Sometimes I want a link that was sent, sometimes I want to review something we talked about, or sometimes I need to figure out when something happened and I can do that by checking when I talked about it with a close friend.
It’s ok if you don’t use it, but it’s important to a lot of people
Even backups on android could be simpler, such as automatically storing the backup file on a cloud drive. Right now we need to set that up manually with a separate app.
Also while history isn’t important for you, it IS important for other people. If I couldn’t do the bare minimum with backups, I’d probably have dropped signal. I know some friends didn’t take up Signal just because of chat history reasons (iOS, couldn’t set up cloud backups on android, etc.)
One stupid thing I’ve come across…you can either choose per contact or overall what the chat bubble color is, but when I do so, MY chat bubbles are colored and everyone else’s are grey. That seems backwards to me. If I want to do “Pink is this person, blue is that person, green is that person” it ends up going “wait whose end of the conversation is this again?”
Does someone have a patent they’re trying not to infringe?
Although I have no use for storing chat history, SimpleX Chat has an (encrypted) database export feature that should, as far as I know, let you keep your chat history forever so long as you back it up.
Plus this refusal to allowing Chats to Whatsapp and Facebook Messenger now that EU forced meta to open this up…
I know the devs are not happy about meta tracking everything on their end but why can’t this be a users choice to enable communication with no-signal servers as well?
Did Signal devs openly refuse making use of that? Honestly I think it’s understandable.
They are marketing the app as a very-very secure messaging app, but all the security with no exception would go out of the window if you were to send or receive a message from messenger.
And they are also making it very-very easy, because - as bad as it sounds - a lot of people don’t understand what is encryption, what are platforms, and they don’t even care to get to know about it, and because of that, these users would have no idea that their chats with messenger users is not encrypted.
Well I didn’t found anything regarding this on GitHub. And to be honest I only find some german language articles about this speaking of an announcement that signal don’t likes the idea enabling Chats with WhatsApp… so I assume this comes from Twitter.
Like I said turn it of by default so that only people who activity made the decision can be chat with WhatsApp. Also showing a hint in the chat that this account is not on a signal server should also not be that hard to implement.
That is dumb that they’d remove a feature, but I tried it and switched back to a dedicated texting app. The feature wasn’t full featured enough for me to want to use it.
Not being able to copy my SMS message history into Signal kept me from switching… Well, I might have anyway if googie didn’t make it so their app only lets you see your message history if you make it the default
Especially when your identity on Signal is STILL only tied to a phone number, instead of a username, and there is nothing less private than actually giving out your real phone number.
Lol, that was the worst feature ever. If you forgot disabling it at install, it was nearly impossible to see it’s going to be a sms or signal message. (Especially for people who aren’t tech savvy)
Signal stands for privacy and not selling your data to be spied on and sold, and you’re STILL using SMS, spam ridden, high cost, old infrastructure, easily read, technology.
I suppose you want email in your Signal client too?
It’s not about that. It’s about moving people over.
You know why RCS is picking up steam? Because it’s 1 app. If the person you’re talking to has RCS, you’ll send messages via RCS. If they don’t, it’ll fall back to SMS. If RCS was a separate app from SMS, adoption would be really low.
Older people especially don’t want to juggle 2 apps. If you get your dad on signal, and then his friend who uses SMS messages him, he’ll be back in his SMS app and won’t go back to signal, meaning the next time he messages you, or anyone else that has signal, he’ll instead just send an SMS since he’s already in the SMS app.
Removing SMS fallback was a surefire way to kill adoption of signal.
Well if you look back and read, you’ll see where I said I’m not sending baby pics, so no, I’m not juggling separate apps.
If someone wants to send me a pic, MMS is fine, because it’s good enough quality to get the point across. If I cared about quality, I’m not using any messenger, including signal, to send my photos. I’ll send them uncompressed another way.
Signal removing SMS fallback was dumb, plain and simple. I’ve switched to Google messages now where I can use encrypted RCS and fallback to SMS.
I also prefer not to have one of the most garbage companies apps on my phone (WhatsApp). The messages may be encrypted, but the location data and storage permissions you’re giving it aren’t.
i live in Ukraine and I don’t know anyone who uses sms.
also Whatsapp is not prevalent here either, basically everyone is using Telegram (or in case of older population, viber, which is installed on like 90% of devices)
are there any countries in which sms is still used?
signal.org
Top