My biggest problem with messaging applications as a whole is that I need
so many of them. I have a few contacts who are reachable with Signal,
a few more who are reachable on Hangouts or whatever Google is calling its
latest thing, and a few more who are reachable with Skype. That's three
programs, to communicate with three different subsets of people.
I'm sure if I used Facebook Messenger and Whatsapp, I'd have two more
subsets of people who are only reachable through those.
XMPP was supposed to solve all those problems when it came out in the early
2000s. But then all the big tech companies who build "ecosystems" decided
to push their own applications, all incompatible with one another. So
here we are again with this proliferation of programs that really only
do one thing: communication. It's like the 90s / early 2000s with the
proliferation of instant messengers: ICQ, AIM, Yahoo, MSN, and on and on and
on.
The players are different, but the game is still the same.
I suspect that twenty years from now, when the players have all changed
yet again, there will still be one reliable method of reaching me: IRC.
If the Googles and Whatsapps and Facebooks of the world had been around
in the early 90s, you'd have one email client from Facebook for mailing Joe
and Fred, an email client from Google for mailing Mary and Jane, and an
email client from Whatsapp for mailing Alice and Bob. Thankfully, email
became entrenched before that could happen.
I want messaging to be like email, where I use one and exactly one program
to communicate with all of my contacts, regardless of what server they use.
People say that federation is more complicated than centralization. I'm
sure that's true for developers, but in fact, federation can be vastly
simplifying for an end user.
I'm a fundamentally lazy person. Having to learn all these different
messaging tools is frankly a waste of my time.
All I want is a federated protocol and an open system, be it Matrix, XMPP,
or something else.
As a final aside,
you know what else that bugs me? The word "ecosystem". I worked for
a big tech company for a while, and the only people I ever heard use that
word were people out to build a walled garden.
> XMPP was supposed to solve all those problems when it came out
That's also what Matrix said it would solve when it started. Except now it's yet another protocol with its own chatrooms that are not reachable from any other protocol by default (even rooms on matrix.org); and bridges are at best in "beta" (except the Telegram bridge, which is "late beta"): https://matrix.org/bridges/
We tend to be pretty conservative on maturity estimates on Matrix (and bad at keeping the website updated).
IRC, Slack, Gitter bridges are all considered stable these days.
XMPP, Discord, Telegram, WhatsApp work usably too.
The UX for managing them is not always great or consistent (we’re working on that currently), but “yet another protocol with its own chatrooms” is untrue. You can certainly access the entirety of Matrix via Bifrost (the XMPP bridge) if you so desire, for instance.
I have lots of warm and fuzzy feelings toward Matrix, but my take is that
XMPP solved my basic problem over 15 years ago. The problem being:
I want to talk to Alice, Bob, Mary, Jane, Fred, and Joe without having
to install ICQ, AIM, and Yahoo Messenger. Or should I say Facebook, Whatsapp,
and Signal? I don't know what Matrix buys me over XMPP, but at this point,
I don't care. I'll gladly drink the Matrix kool-aid, as long as it solves my
problem and somehow ends up being the clear winner among federated protocols.
I don't think XMPP "lost" because it was bad technology. AFAIK the big
players are still using it in various places under the hood. It lost because
big players want to build "ecosystems".
In practice those bridges function very well. It's common to find channels in the Matrix ecosystem that have IRC and Discord users that aren't even aware that there's Matrix participants.
And those are the reasons I use phone calls, sms and email. It is more than enough to keep contacts and to arange where you will meet in-person. For distant relations I prefer email, I always loved a well formed letter where sender has actually put some thought into it.
Yeah, I dont have 999 friends but those 10 good friends is all I need. And they DO call, sms, email me. For everyone else I dont care.
I'm not sure if I want that. Most of my communication over email can be read by Google, regardless of myself using Google. Moreover, there's the risk of things like AMP for email unilaterally changing the protocol in ways that as a user I might not like, but that I can't really influence through my choice of client.
I don't believe matrix.org will become such a thing, but if Matrix becomes as successful as email, I fear it's practically inevitable for a Google, Facebook or whatever to arise and become the dominant player, whereas that is practically impossible with, say, Signal.
I do see the value of the world that's made possible by technologies like Matrix, but I'm not so sure if they're possible with social processes evolving the way they do. I feel like Signal may be the best we can get.
(Though I'm certainly happy that Matrix is trying to prove that wrong.)
> XMPP was supposed to solve all those problems when it came out in the early 2000s. But then all the big tech companies who build "ecosystems" decided to push their own applications, all incompatible with one another.
Facebook Messenger and Google Talk actually used XMPP back then, I'm sad it's no longer the case.
A 'chat' client in the style of eg WhatsApp, but based on S/MIME over SMTP/IMAP, seems perfectly doable, and appropriate for most people's needs, with the obvious advantage of being supported by traditional email clients as a fallback.
Additionally, message threading is the feature I most appreciate in a messaging system, but which is painfully lacking in most products (and no, Slack doesn't cut it). SMTP has built-in support for it.
I'm old enough to remember when this was exactly how email was used. (but using a normal email client).
It was acceptable to send one-word email replies, and there were email chains of hundreds of emails (I was the guy who tended to "snip" them after 20 or replies).
Now email seems to have taken over from where snail mail was: bills, newsletters, and formal communication. Chat is now the norm.
Though I do notice a generational divide: one of my co-founders is in his 60's, and will phone randomly (which is now considered rude), another is a bit younger and prefers email to messaging, but will message to ask if it's OK to call. My younger colleagues send formal email replies, and use Whatsapp/Keybase for all other communication. I vetoed using Slack in the organisation completely ;)
I wonder if in another 30 years, chat apps will be the formal channel, and something else will have taken over for just chatting.
Check out deltachat, it uses autocrypt and pgp for e2ee, smtp for transport and has a UI based on signal. It is compatible with autocrypt-supporting e-mail clients like thunderbird
I guess most of the people that you mentioned can be reached through Email?
Email is a very good system, completely decentralized and yet still agile. It is sad that the protocol (SMTP, POP and IMAP etc) is stopped advancing into today's world.
If somebody from IETF is watching, maybe consider renewing the email protocol standards to make it more modern (like what you guys did in HTTP/2: Binary protocol, multiplex, better security etc)?
I was using multi-protocol clients such as Trillian/Miranda/Pidgin for most of the 00's. It did not matter much what client/protocol somebody was using, in all likelyhood it was supported by such multi-protocol clients.
At some point, reverse engineering/implementing protocols must have lost the interest of that part of the community.
> XMPP was supposed to solve all those problems when it came out in the early 2000s.
The really frustrating thing is that it almost did. I swear I remember at some point in the mid-2000s being able to send a message from Google Chat to Facebook. I think the option was hidden behind some account flags to enable external messages, but it was there.
One frustrating thing about Moxie's original post is that Signal derives huge amounts of value by piggybacking on an existing distributed federated network: the phone system. If phone numbers weren't an existing working identifiers that people had regardless of what OS, carrier, or messaging app, Signal as designed wouldn't work.
People should think harder about how to replicate that experience, instead of how to appropriate it and then abandon it.
In his "The Ecosystem is Moving" talk at CCC, he had many presumptuous and dubious "arguments" but one regarding privacy of phone numbers was that a user's APN would be used to determine their phone number, so there was no point in trying to keep phone numbers private.
This fails to account for the possibility of not using the cellular network. With unlocked smartphones, it is possible to remove the SIM card, clear any APN settings and access WiFi. That can be enough for a messaging app to work.
The only identifier needed for iMessage and FaceTime is a working e-mail address (and only for sign up). No cellular account is required.
That's not the representative experience for most consumers/users. Most people do have a phone number, though, so it's easy enough to bootstrap with.
I might not agree with the phone number thing, but I recognize the tradeoff being made and am willing to begrudgingly accept that for right now, Signal/Moxie are probably making the right call. It's not like they're not moving to fix it anyway.
Also, unless I misunderstood him, the APN bit is referencing push notifications, and he's right - if that's out there, it could identify you not just by phone but by Apple account in general. You realistically can't use Signal without an Apple ID, as you couldn't get it from the store otherwise.
In the context of this talk, APN means "Apple Push Network", I think. The concern is that even if the service doesn't ask for a phone number directly, it does still have an APN or GCM/FCM push token. Through the push provider, that token can probably be linked to the user's phone number.
> With unlocked smartphones, it is possible to remove the SIM card, clear any APN settings and access WiFi.
If you're willing to do all that, I suppose getting some free VoIP number for registering with Signal (e.g. through Textnow) won't be too much of a hassle?
>People should think harder about how to replicate that experience, instead of how to appropriate it and then abandon it.
That's great and all, but because Signal takes advantage of that existing network of identifiers, it is able to deliver usable private messaging to many users today. Replacing phone numbers as identifiers is a much harder problem than what Signal has done so far. We shouldn't wait to solve this at some unknown point in the future before offering "huge amounts of value" to users.
The position you're taking, roughly that with limited resources you have to aim for achievable goals and while distributed federated networks are the underlying reason Signal works, it can't try to replace them right now, is totally reasonable, although not everyone will agree. However, that isn't at all what Moxie said. Instead he made no acknowledgement of the distributed nature of the phone system, he suggested that everyone who disagreed lived in the imaginary past, and suggested that his approach was the only sensible one. So I'm not inclined to read it as charitably as I read your comment.
>One frustrating thing about Moxie's original post is that Signal derives huge amounts of value by piggybacking on an existing distributed federated network: the phone system. If phone numbers weren't an existing working identifiers that people had regardless of what OS
oh my sweet summer child.
I hop countries and switch phones every few years. This entire assumption that my identity is tied to a phone number which I will have forever is patently false. Phone numbers are an anachronism.
I sure as hell don't trust an alleged privacy focused messenger that insists on a hard identifier (even if I know how to subvert said identifier for now). When privacy truly matters, signal runs on an emulated phone and a burner number.
"However, over the past six years, we’ve also seen the user cost of switching
between centralized communication services reduced substantially,
particularly given the tendency towards addressing with user-owned identifiers
like phone numbers."
Does he really believe that phone numbers are user-owned?
My phone carrier owns my number. If I'm lucky, I might be able to take
it to a new carrier. It's far more likely that I'd drop the number in
favor of one in the area code in which I actually live, however.
I own my own domain, and I self-host my own email. I'm not likely to change
it for geographical reasons. It has a much stronger tie to me than some
string of digits used by an analog voice network from the last century.
The other user cost of switching between centralized services is network
effects. If you want to switch from ICQ to AIM, you need to get
all your friends to join you.
When i asked if i could use his libraries in ios/android apps Moxie refused. He licensed them under GPL that prohibits distributing of software via app stores. Quite a strange for a guy who claim that he wants to spread encryption. Sure, but only on your own platform. Fastforward he sold such rights for a whatsapp. Just simple business, nothing about privacy itself.
While some comments here mention freedom zero (ability to run the program) another problem with ios is that you can only build on Apple hardware - so there's limits on how you can distribute and use changes.
Generally, the way app stores work is that the developer uploads a copy of the app to the app store, and then the app store makes and distributes copies of that for people that request the app.
Note that since it is the app store making those copies for end users, the app store needs permission of the copyright owner to do so. There will be something in the agreement between the app developer and the app store that says that the developer grants such permission when the developer submits the app.
For app code whose copyright is actually owned by the developer, that's all that is necessary. The developer is able to grant all the necessary permissions to the app store.
If the app contains code that the developer does not own, then the app store also needs permission from the owner of that code in order to make and distribute copies of the app.
Consider a developer who includes someone else's GPL code in their app. To be able to make and distribute copies of it, the app store is going to have to obey GPL.
Most app stores require downloaders to agree to a license agreement with the app store, which typically includes things like prohibiting reverse engineering and prohibiting reselling or making and distributing copies.
GPL, however, prohibits such restrictions. If you impose such restrictions, GPL does not give you copyright permission to make and distribute copies. This makes the app store license and GPL incompatible, and so the software cannot be distributed on the store.
In this case however, the code is under the GPLv3, which is far more problematic. It contains a "anti-tivoization" clause, which says you cannot require any "methods, procedures, authorization keys, or other information required to install and execute modified versions"
Moxie / signal chooses pragmatism over purity, and is striving towards improve the status quo bit by bit vs a pure perfect solution that never ships, even though that improvement has it's own vital problems.
You can see it in his choices, and you can see how they want to eventually deliver improvements like no phone numbers, with them working on things like secure value recovery.
I kind of wish he spelled it out fully for the nit picky peanut gallery out there, so he can just reference it instead of wasting energy on them. You can just feel the exasperation when you read his writing and see him speak about this.
I'd argue that Matrix also chooses pragmatism over purity - the balance is more that we prioritise freedom as well as privacy.
Signal's whole mantra of "only implement features which are privacy preserving" is a great mentality. It's just a shame it comes at the expense of locking down the platform.
I'd argue you can't prioritise two things: prioritisation means deciding what comes first when you have to choose between two things. And it appears to me that Signal tries to ensure privacy first, and then sees if it can make that work with freedom later (see e.g. the delay in adding support for de-googled Android, or the ground work they're only doing now that might (or might not) lead to accounts without phone numbers), whereas Matrix does it the other way around (by first working on support for many different clients, and then trying to make that work with encryption). I hope that both succeed, and I'm happy that both paths are taken.
As an aside, I'd like to voice my appreciation for how you respectfully acknowledged moxie's point of view, take effort to understand it, and then pinpoint why you reach different conclusions from the same observations. A pleasure to read.
I would make the opposite argument: that at pretty much every point along the way, Signal has chosen purity over pragmatism. Which is why they didn't even have user profiles until recently, why they're just now getting group access control for a Slack-y experience, and why it's taking a fairly spectacular amount of engineering to get them off of phone numbers. Signal has a track record of delaying features common to messenger applications in order to get them cryptographically right. No other mainstream messenger tool has a comparable track record.
I completely agree. Ironically, centralization has not helped them move faster.
They won’t have usable group messaging without proper “mentions only” notifications. I’ve tried to explain so many times on the forum that they don’t need usernames for this. Just allow us to configure our own list of keywords we want to be notified of.
It’s very frustrating to keep up with the development of the apps. I wouldn’t recommend it.
It has been "moving" from the times of Compuserve and AOL trying to prevent e-mail federation. Good thing they failed then! Kudos to Matrix for pushing against such movement in IMs. Someone has to push against it, instead of looking for excuses to proliferate walled gardens.
> If users don’t trust their app provider, they can always go switch apps, which gives them freedom.
Sounds like Moxie meant it's a downside. It's a huge benefit! Forcing one to use something that's not trusted is horrendous.
Note that since a while there is also the possibility of using web sockets. But they are an extreme battery drain, and thus google services are quasi-mandatory. Telegram solves this without being a battery drain, possibly at the cost of delivering messages with a delay, but why isn't that my choice.
I can't tell you how they do it, but Telegram is lightning fast with push notifications across all kinds of devices, including Android. Been rocking it as my primary messenger for years.
Whenever a few of us are sitting around in real life, and someone sends something to a group chat, all the phones on the table will buzz instantly together (iOS and Android).
And on top of that, battery usage is really low on Android. I use it a TON, and it's never in the top n apps of battery usage. Meanwhile, I can just open Snapchat once, and I lose a few percent.
I use Signal without gapps and do not have extreme battery drain. I always get real-time notifications too - no late or missing deliveries. This is both on a galaxy s9 which went from stock ROM to deleted Gapps with no battery impact, and s 1+ 7 Pro with no Gapps from the very beginning (I get the expected excellent battery life).
I suspected that Signal basically took Over Gapps's role since it's the only app I use with notifications. Google keeps open a single optimized connection and apps go through it instead of having 10 open connections. After deleting Gapps, Signal is the only app keeping open a connection so it basically has the same impact.
But then I installed WhatsApp and Signal+WA both work perfectly without Gapps and with no gigantic battery drain. So I have no idea what black magic is making this work.
I just looked up my battery stats; since the last full charge 32 hours ago Signal has used 1% of the power. I got a few notifications and used the app for a few minutes in this time. WhatsApp's power usage is too low to show up in the stats.
Telegram without GCM is incredibly fast. Compared to my computer with the app/website open, it's at most one second slower, and often times faster at delivering messages, even on battery saver. It also uses less than a percent of my battery per day if I don't open the app, and was 2% of my battery usage in the last two days despite being on the app for close to an hour.
Of course not, but what's the point? Who complains that Signal doesn't run without Google Play Services are the kind of users that wants to run a mostly free distribution of Android (like LineageOS) without any Google software on it. Saying well you should buy a more closed and proprietary system that can run Signal without Google software is nonsense.
Email is flawed and will become a one way protocol to receive spam, newsletters and invoices just like paper mail.
I think Matrix is our second chance to build a secure federated communication suite. So far it's going in the right direction...
> Email is flawed and will become a one way protocol to receive spam, newsletters and invoices just like paper mail.
I don't recall the last time I've received spam in my email inbox among the tens of emails I've receive daily, and newsletters/invoices are messages that users intend to subscribe. You might argue that instant messaging scratches an itch that email doesn't, but that's a bit shortsighted and doesn't make a case on why email is flawed.
Agreed. Fifteen year ago I set up an email system that let me give everyone a different email, depending on what service it was/when, and since then I've only had my email clearly sold off to a third party that spammed me once. It was a startup that got bought by a private equity firm (and is still around) and fwiw, after I unsubscribed from the first spam I got, it stopped...
Newsletters and other BS notifications are the new spam.
Sure, you can technically opt-out and keep your inbox clean by spending 5 minutes opting out of the garbage every time you sign up to a new service, but that’s irrelevant considering nobody does this and most of my friends’ mailboxes are pretty much unusable because this kind of spam arrives every minute and they have tens of thousands of unread emails in their inbox.
However, in this case I’m not sure Matrix or any other service would be the solution. If the service is neutral and doesn’t impose policies on the content then scum like marketers will just move to it. On the other hand actually having “acceptable use policies” would require centralisation and bring its own problems to the table.
The real solution here is regulation, not technology.
If we didn't have email we would immediately have to invent something that did the same thing. The world needs non-real time text messaging way more than it needs real time text messaging. After all, we still have phones which work well real time. They don't work well at all for non-real time messaging. That is why we went to all that trouble to invent and use things like teletypes.
I think the timing makes Moxie's point very well without him saying a thing.
All these years later Matrix only has... The ambition to some day try to offer the core privacy features Signal already delivered back then. Some of the most basic stuff is, you believe, almost kinda sorta done.
This is, to be clear, much better than just sitting back insisting you were right but not lifting a finger. But for an actual user who needed privacy and security any time between then and now - and for future users who need it between now and whenever you get this stuff working in the real world, it was Signal that delivered. Moxie was right so far.
Talking about privacy of a system that requires you to sign up with a phone number, that in my country (and in most other European countries as far as I know, and without talking about non democratic regimes) is required to be associated with your ID (it's illegal to buy a SIM without registration) is nonsense.
And you know another thing? Email works great to me, and it's decentralized. I have my email server, with my domain, so I don't depend on anyone to provide me a service. I have full control of my data that is on my server. I can even send encrypted emails with GnuPG without any problem, and it's as secure as Signal, if not better. I can use whatever client I want, a fancy application, a web interface, or as I do a small CLI program since I don't use graphical user interfaces.
Sure, having a chat protocol that is decentralized like email would be great! I wish that Matrix will evolve in something usable in the following years, we need that. I need a chat application where I can have a client that I can use in my terminal, and Signal doesn't do that (Telegram does, for example, since the API is more open, and it's what I use second to email).
> I can even send encrypted emails with GnuPG without any problem, and it's as secure as Signal, if not better.
Alas this requires a fairly contorted definition of "secure" to be true. The cryptography in GnuPG has plenty of problems even if you insist on manually doing everything from your own CLI tools which maybe don't suffer the problems from EFail.
Mostly it's just kinda old, AEAD hadn't been conceived when Phil wrote PGP you know. That's a big foundational idea for modern crypto and instead PGP had to kind of fudge a separate MAC into the design and hope that's good enough.
When you send your GnuPG encrypted mail, how do you decide which cryptographic primitives to use? With Signal the whole _point_ of Moxie's decision is that Signal gets to insist on all clients having whatever the best option is, so that's always used. But in GnuPG you've got to guess, what might the other participant's client be able to handle? If you guess wrong then your email is unreadable, or, worse, bad guys might be able to read it more easily.
> in most other European countries as far as I know
In England at least SIMs are available in the pound shop. You buy a SIM with cash (a single bright coin) and it comes with a phone number. British people do not carry any ID as a habit, and I make a point of never having ID unless I've been specifically asked to bring it for a good reason (e.g. to leave the country or when I got a job that required security clearance).
> And you know another thing? Email works great to me, and it's decentralized. I have my email server, with my domain, so I don't depend on anyone to provide me a service. I have full control of my data that is on my server. I can even send encrypted emails with GnuPG without any problem
OK, and how many non-technical people do you email that have GPG keys? If they don't have GPG, how do you have end to end encrypted communications with them?
This is where Signal won and GPG lost, with the Signal protocol integration into WhatsApp, one billion people instantly got secure comms without even having to know what a key is.
> it's as secure as Signal, if not better.
Signal uses a new key for every single message you send, so it could be argued that actually Signal is better than GPG.
> Some of the most basic stuff is, you believe, almost kinda sorta done.
The core Matrix stuff has been usable for years, and in many ways you've had better metadata and censorship protection available than Signal - given you have the option of running your own server which could be entirely off the grid, and used only for your own conversations.
However, if your point is that Matrix focuses on freedom as well as privacy (rather than privacy at the expense of freedom), then we're agreed :D
No, a hypothetical option to never communicate with anybody on the network isn't "better protection" in any meaningful sense than a system designed from the outset to actually protect you when you communicate with other people.
When you say we're trying to improve I want to believe you. When you stubbornly declare "we're better" in "many ways" while actually being much worse, what could I conclude? Only that your goal is to deceive people because you're not really interested in improving. Blergh.
Back in February 2015 you did not understand the gravity of the mistake in leaving end-to-end encryption as a TODO item for Matrix and defended this decision as "Pragmatic" repeatedly. Matrix itself is a bit older, mid-2014 I think, but 2015 was the first time I ran into the arguments for Matrix. It's important to underscore those dates. I've moaned (including to his face) about Tim's choice not to do encryption out of the box in his toy hypermedia system, but that was almost 25 years earlier and whilst annoying a lot more understandable. 2014 on the other hand is after BCP #188 ("Pervasive Monitoring Is An Attack") and all that implies so there are no excuses. Matrix was a defective design on day zero. 2020 begins with a promise that it'll be fixed soon, kinda, sorta and then a retreat to old arguments about how it's all worth it for "freedom".
When I say "kinda sorta done" I am not referring to being able to send unprotected plaintext over the Internet in 2020. What's "kinda sorta done" is the basic task of sending messages between participants without anybody else knowing what was said, or preferably who by and who to. It sounds like Matrix's _ambition_ is still that in 2020 this will be the case for certain groups of participants, at least some of the time. Not everybody, and not all the time, and not yet unless you go out of your way which we know users will not do.
Building monoliths (like Signal) is easy and that's a core take-away point of Matthew's response in the blog post. Building Matrix is not and has not ever been a small task, but the effort gives us the freedom to run our own services and still be able to talk with our friends. Matrix is the "long game".
And it's a worthwhile pursuit. Moxie's points simply don't make sense, and are infuriating / disrespectful to those who are working on solving decentralization's issues.
_Of course_ it will be difficult. But the same argument could be made for building a completely unencrypted messenger app. You won't have to worry about managing keys, obfuscating metadata, or anything like that.
At the end of the day, it's about realizing the importance of both privacy _and_ decentralization that our current infrastructure threatens.
>All these years later Matrix only has... The ambition to some day try to offer the core privacy features Signal already delivered back then.
E2E on Matrix works, plus key verification is easier than on Signal. Managing metadata is hard, but my Matrix homeserver doesn't have my phone number (unlike Signal) and does not require Google Cloud Messaging. I can even run it on a PinePhone or Pocket CHIP!
>But for an actual user who needed privacy and security any time between then and now - and for future users who need it between now and whenever you get this stuff working in the real world, it was Signal that delivered. Moxie was right so far.
...that wasn't Signal leaking data, though, and unlike Twitter, which until last week allowed anyone to mass-check phone numbers, Signal doesn't publicly broadcast your number.
I don't use Signal, and won't as long as they force a phone number, but at least be accurate.
E2E in Matrix "works" with which Matrix clients? The whole point of a decentralized federated messaging protocol is to allow people to build their own clients. Do Matrix clients uniformly and interoperably support E2E today?
Well, XMPP had working e2e encryption a decade before Signal. That's not really a reason to consider something done. Axolotl and OMEMO improved on OTR, and it seems OTRv4 will improve on it further.
Wait a minute. When you say "Axolotl improved OTR", what you're really saying is that Signal improved on OTR, because that's where Axolotl comes from. The same is true of OMEMO.
Security: sure, but privacy: no. An application focused on privacy should never require a phone number. In many countries phone numbers can easily be tied to individuals.
This reminds me of the book "Zen and the Art of Motorcycle Maintenance", which is also about a father-son roadtrip, and which uses it as an excuse to talk about what happens when we do long, boring tasks requiring some focus but leaving enough of the brain unoccupied. It's a good book and I should probably reread it.
The way they defend WhatsApp is heart-breaking. It's cute to see them saying there is no backdoor when it can't be proven to be the case, since it's all proprietary. They can't show the server side wasn't tampered with. Same with Skype.
The constant repetition of this ignorant claim is starting to be annoying. Think there is a client backdoor? Go find it. It is not like the binary is not available to you. It is not like there are not emulators in which you can step through the code. Please, show us the backdoor.
Server side tampering? Show us how it can be done. Create a server that can tamper with a patched client. Demonstrate your chops.
It's not up to us to reverse engineer a binary every update to guess if it's secure...
It's up to Facebook, which has time and again proven that it is absolutely not trustworthy, to open its code and make builds auditable, inspectable, and reproducible.
This is what ANY secure software does. That's the cost of entry. Imagine if OpenSSH were closed and its devs issued the same response you just did. "Just reverse engineer the binary and prove that it's not secure!"
I think that protocols that are simple and open should be used, rather than very complicated and messy ones. Text-based also helps since it allows to use without specialized software. IRC is designed like this and I think it is good.
This is a very unpopular position from a security perspective. All messages should be exchanged by some type-safe structured container like protobuf to avoid a huge class of bugs that comes from quoting and odd character sets, manually implementing parsers, confusing types, and broken string arithmetic.
"Democracy and republics are hard, so we should all just give up and have autocratic governments"
It may sound flippant or unrelated, but I think this extreme projection of his argument makes it evident how silly it is. This is one of the reasons I switched away from using Signal, as much as I'd like better privacy on my text messages it's not worth handing that much control over to someone I shouldn't have to put my trust in. Instead I do my text messages over Jabber/XMPP with jmp.chat now and for others who have a proper XMPP address I use that (which gives me the option of OMEMO encryption which is basically the XMPP version of the signal double ratchet).
For the average user, installing conversations.im and hitting "create account" or whatever and calling it a day is good enough, so it's not even significantly harder than dealing with Signal.
I saw Moxie Marlinspike's talk when it was posted on CCC's official channel [1] and was disgusted by it. The talk has been now censored and video was made private. It was one of the most defeatist talks I've ever come across when it comes to messaging and privacy. His message was basically that anything you do is pointless and that his and WhatsApp/Facebook's way is the right one.
I've used Signal on few occasions in the past but his talk made me uninstall it. I simply do not trust him after hearing his opinions. I do not support centralization and other ideals he's now pushing (including the use of a phone number as Signal's primary ID).
The talk was mirrored on few channels on YT [2] and you can still see it.
I don't particularly like a centralized model either.
Federation is much more difficult, but can create ecosystems which can survive longer/better than a single company can.
But on the specific issue of phone numbers as ID, they have been making some substantial progress on a technological solution to address this, specifically without running central servers.
You were "disgusted" by the talk? The controversial parts were spelled out in a post Moxie wrote 3.5 years ago, with the same title. The only deviations are new privacy-preserving features Signal is building, one of which is intended to address the most common objection to Signal (the use of phone numbers as identifiers).
The talk wasn't "censored"; the conference made a mistake by recording and posting it in the first place.
I think if Moxie had framed this from a perspective of "centralization has some advantages, so how can we make a centralized service as safe as possible" the outcry would be much less. Because signal is genuinely doing some very great stuff in that area. But the framing as a dismissal of decentralized solutions as unworthwhile is very frustrating, especially when it so transparently overlaps with his business interests.
Yea, how can we talk about privacy of a service that I need to register with a phone number (and in my country to register a phone number is obligatory to give your ID and signature, you can't activate a SIM card anonymously)
Centralized services should be avoided for a multitude of reason, the primary one is being dependent on some company that offers you the service and can and probably will shut down one day, with the result of loosing all the things you had on that service.
Look at the past, how many centralized services closed down and we lost all our data? Instead decentralized services are still up and running: email, usenet, IRC, even if unfortunately a bit forgotten these day (with the exception of email, even if most of people uses GMail anyway so it's in fact centralized...)
It's fine, but you should know that pretty much everything Moxie and Signal talk about contrast sharply with Wire. For instance: last I checked, Wire stores your entire social graph on their servers in a database --- effectively forever, Wire stores a plaintext log of everyone you've communicated with.
I read on a privacy-oriented website that Wire was purchased by an American company not trusted for its record on privacy (or perhaps it was that since the company is American, their data can be read by the US govt.). I can't find it now though. There isn't anything mentioning it on the website of `www.privacytools.io`: https://www.privacytools.io/software/real-time-communication...
First off, I have to say this about matrix: they have by far the best foss community I have seen. Excellent work on managing the community, others should take note.
Second, both signal and matrix collect too much metadata. signal means you're completely screwed by their dependency on phone numbers. I expect little metadata privacy from signal because to me, it is practically the same as using my SSN or fingerprint as my user name,same for all my contacts, this key field is used by everyone and their mother to track everything we do like 1984 was target practice. For matrix, it's the defaults and how easy it is for others to fingerprint you using your specific device (equivalent of a user-agent seen by everyone iirc?) and other profile details ,but none of this is easy to correlate and answer questions like "which social network demographic micro-group does this user belong to so we can perform targeted infiltration of their device?" or "Hey, let's use this phone number to look perform the equivalent of a background check on this person who is sending us a message because we now have their phone number". Oh and the best part is, you can't just get a burner to use for registration, and to link a signal desktop,you need the mobile app. Matrix has none of these issues.
Third, consider your threat models carefully. As an individual, is it better if you have infrasructure diversity and protocol interoperability or is it better to put all your eggs in signal's basket. I never liked their use of google infra at the begining for example because I consider google more of a threat to me than most other parties. I can see the argument both ways. I personally consider the set of parties that have the most to benefit from targeting me as an individual plus those who have the most to benefit from dragnet surveillance where I reside. To me, matrix is more flexible to adopt to various threat models by for example self hosting compared to using a popular matrix server. Signal is better than the competition, if your fear is being exposed to unpatched vulnerabilities and/or if you are worried about metadata snooping (but you trust signal's infra provider, still google??) Then Signal makes more sense. For dragnet, I think matrix is better for me because implementation vulns only apply to a few users,making reliable dragnet attacks less likely. For anyone that might target me, my mobile phone is completely defenseless, so my concern is someone identifying my specific device for targeted attacks, with matrix they need to compromise the matrix server and even then they might need to do a lot more work to correlate which matrix user is me (real life "target worthy" identity). Where as with signal,they can easily micro target a group ,find out everyone's phone numbers (e.g.: hk protesters) and target their device for further exploitation via signal or any other pwnable app that is known to present on a device associated with that phone number.Practically, I am more worried about how each app fits in with everything else I do and matrix wins the security round for me.
Last but not least, I use signal for 98% of my comms because the phone number usage by Signal means I can easily connect to and invite people who don't have signal. If there is a Matrix client app that can be used as an sms client and can discover contacts' matrix account/server over sms without communicating or collecting phone number/name details of the contact, I think i might jump ship. The way I envision this to work is: the matrix client would have an invite button for non-matrix contacts and it will have an option to initiate discovery of contacts. Both options would do a challenge-response with each contact and instead of associating with a phone number they would ask to create a new martrix only contact.
Matthew outlined much of the Matrix problems but not in the context of the latter part of his idealistic thoughts.
Just going to point out that if agreeing on spec is six time slower, that's just the first car of traffic jam slowing down. The next car has to slow down more: The feature needs to move into SDKs. Then the next car, the client vendors need to actually implement and test their implementation of the feature and write documentation. That's even more slow.
"HOWEVER: all of this completely ignores one critical thing - the value of freedom."
I really value freedom. To me freedom means a non-technical dissident doesn't have to sit in jail when their messages weren't E2EE. It doesn't mean I can choose a value from a list of servers and have faceless entity #1, #2 or #3, or worse, Mike - the creepy IT guy from my peers - observe my metadata with everybody, and content with Karen who refuses to switch to Matrix client that supports E2EE.
"Freedom to run your own server (perhaps invisibly in your app, in a P2P world)."
Now this is something I can get behind. Which is why I've spent the last eight years working on P2P messaging system. Perhaps Matrix should move their efforts into being the change they want to see in the world instead of defending a bad solution of decentralization by saying they're thinking about implementing a better solution of P2P.
"Freedom to pick which country your server runs in"
Which you can't do if you're running P2P server on your device. I think every faceless service provider from Signal to any XMPP server has the same guarantee of privacy in practice. The only difference is Signal has to abide by the GDPR, independent users hosting servers don't. Before anyone screams about PRISM, I will point out that coercing insertion of a backdoor is the same as compelled speech, which would violate the constitution.
"Freedom to select how much metadata and history to keep."
We have precedence of Signal keeping none of that. With Matrix servers the server has access to all metadata by default, the server program doesn't attempt to hide anything, there's no sealed sender etc. Your only hope is to run your own server, somehow convince your peers you're the one they should trust with their metadata (there's a third party on every decentralized server with more than two users), and hope you don't grow enough to get hacked by nation state actors or criminals.
"Freedom to choose which apps to use - while still having the freedom to talk to anyone you like. Freedom to connect your own functionality - bots, bridges, integrations etc"
A nice idea, but everyone needs to have same features for it to work, so what you get is differences in UI, implementation language, and platform support. What matters most here is the programming language: Matrix client written in Rust is more secure that one written in C. But unless everyone uses the Rust version, the group chat is as secure as the weakest link. Same goes with bridges. You'll never have security because of this guy who likes to re-live their youth through irssi: https://xkcd.com/1782/
Also, what happens when Facebook implements their own Matrix client that steals your metadata from the endpoint, and what happens when they start bundling their app on every Samsung smartphone? Perhaps it's not your idealistic Riot client that's the problem, perhaps it's the bundled spyware on every peers' device used by people who just, don't care. I'm not saying Signal fixes the problem of user laziness, I'm saying it's better to know what's on the receiving end.
"Freedom to select which identifiers (if any) to use to register your account."
Which is kind of pointless considering the IP-address still leaks to the server by default. And the UUID means all your metadata can be tied together. The social graph is revealed to the server so unless everyone keeps rolling their IDs and exchanging them over some other channel, it's pretty much impossible to hide metadata from a malicious server running statistical analysis. Even if you're not malicious, there's no way to know if your server has been compromised. Or, if you somehow can harden your server against the NSAs of this world, please, go work for the Freedom of The Press Foundation or something.
"Freedom to extend the protocol."
When the protocol fails to mandate BASIC security features like E2EE, it's kind of pointless to talk about the possibilities of extendability. There's always going to be maintainers and theyneed to prioritize, so there's always going to be someone who decides whether something will be implemented by them. Signal doesn't forbid pull-requests if you want something done. The nice thing is, it's at least six times faster to do it for Signal.
"Freedom to write your own client, or build whole new as-yet-unimagined systems on top."
So it's the freedom of the developer we're talking about. Reminds me of BSD vs GPL (BSD says developer has freedom to fuck over users with proprietary fork, GPL says user has right to not be abused like that, and that developers have the obligation to not do that). It's the rights of the users that matter. That is, human rights. You can merge as-yet-unimagined systems to Signal. You might face initial criticism because it needs to be secure by default. But it's not like Moxie will show you the finger for proposing something before it's discovered or announced. I have first hand experience with this: https://github.com/signalapp/Signal-Android/issues/4171
"It’s true that if you’re writing a messaging app optimized for privacy at any cost, Moxie’s approach is one way to do it."
If you consider privacy is a human right, developer freedom isn't, it's easier to see who has their priorities in order.
"you end up thoroughly putting all your eggs in one basket, trusting past, present & future Signal to retain its values, stay up and somehow dodge compromise & censorship… despite probably being the single highest value attack target on the ‘net."
So which one is easier to subvert, community of experts constantly under scrutiny by peer experts trying desperately to make a name for themselves, or open work group on protocol that still isn't secure by default, and that is much more susceptible to stagnation via bike-shedding and mission hijacking. OpenPGP work group still hasn't agreed on v5 fingerprint, the SHAppening happened five years ago. I'm going to have to disagree and say I don't have faith in unnecessarily large organizations.
I'm just going to say this FUD is worth being pointed out, but that it's not worthy of dissection.
"We owe the entire success of the Internet (let alone the Web) to openness, interoperability and decentralization."
A thought that was denounced in the 36c3 talk whether you watched the stream or not.
"To declare that openness, interoperability and decentralization is ‘too hard’ and not worth the effort when building a messaging solution is to throw away all the potential of the vibrancy, creativity and innovation that comes from an open network"
The worth was not addressed by this writing in any way, and the practical problems that far outweigh the idealistic goals were discussed by Moxie because what matters is the human rights to privacy of the users of the tool, not whether the infrastructure is based on idealistic ideas that don't offer tangible security benefits in practice.
Like Moxie said, prove that decentralization works by doing the bare necessities of implementing E2EE, then it's worth discussing whether the idealism part matters, and if decentralization has something useful to offer.
"Sure, you may end up with a super-private messaging app - but one that starts to smell alarmingly like a walled garden like Facebook’s Internet.org initiative, or an AOL keyword, or Google’s AMP. "
The negative connotations of these companies are about lack of respecting privacy. It's really weird to essentially say "you end up with super private app that shares other commonalities with privacy invading companies". Walled garden isn't ideal, but for now, it's more secure and that's what matters more to users.
"So, we continue to gladly take up Moxie’s challenge to prove him wrong - to show that it’s both possible and imperative to create an open decentralized messaging platform which (if you use reputable apps and servers) can be as secure and metadata-protecting as Signal…"
That's the attitude we need. Now go out there and use your preferred methods to make the idealistic protocol secure by default! Just don't expect me or anyone else to recommend its use before that happens.
"and indeed more so, given you can run your server off the grid, and don’t need to register with a phone number"
Will you be getting rid of IP-address leak to servers too? Quick jabs in closing notes that aren't thought out too well are not very nice.
"and in future may not even need a server at all."
Also maybe reconsider ending your refutal of criticism towards decentralized architecture by hinting that users should look towards upcoming P2P architecture.
Signal could be more tolerable if they did not threaten and harass those who develop third-party clients, citing their unreasoned claims that they somehow "burden" them (1). They cannot demand pull requests if they treat the community like that. Depending on the locale, even frivolous lawsuits can be a real nuisance.
Encryption is also not the only thing that matters. Amateurish functionality omissions are really annoying. For example, in 2015, Signal developers removed the option to create, join or leave groups in the desktop client (2), and they apparently haven't still fixed it. They don't want, nor does anyone else. Maybe a less hostile approach towards community would yield better results.
While I agree with you that this Matrix e2ee thing has took way, way too long, let's not pretend that everything happens at time in those walled garden systems...
> I just prefer to present something as part of a conversation that's happening in a place, rather than a webinar that I'm broadcasting forever to the world.
To me it sounds an awful lot like not wanting to be scrutinized or held accountable for what he says.
I also find this rather disappointing as it excludes anyone who is unable, for whatever reason, to be at his talks from hearing what he has to say. Given how influential he's been in this domain, this sadness me quite a bit.
> I have less faith in the internet as a place where a conversation can happen
This feels a bit ironic, given he's built an enterprise on enabling conversations to happen on the internet, though arguably only with a limited set of people.
> , and the timelessness of it decontextualizes.
Not quite sure what that's supposed to mean. Perhaps it's a language barrier thing, but I can't parse that into something sensible.
1. Does the same thing not also apply to the blog post he authored, which contains the exact same points?
2. Is a talk where you get a big stage to preach your opinion from and take two questions at the end really the best way to do this? As opposed to say, a panel discussion or similar.
Moxie has always gaslit users with legitimate concerns because addressing them would mean giving up power. Signal is a self serving design and driven by self serving decisions. I've written about this in depth before:
I still stand by everything I said here, and lots more that goes unsaid in this article. Every single weird decision Signal makes is not because they've reasonably decided to come down on some side of the fence that others haven't - it's because their decisions serve moxie's wants above anyone else.
No personal attacks on HN, please, regardless of how right you are or feel, or how wrong someone is or you feel they are. Maybe you don't owe that person better, but you owe this community better if you're posting here.
My biggest problem with messaging applications as a whole is that I need so many of them. I have a few contacts who are reachable with Signal, a few more who are reachable on Hangouts or whatever Google is calling its latest thing, and a few more who are reachable with Skype. That's three programs, to communicate with three different subsets of people. I'm sure if I used Facebook Messenger and Whatsapp, I'd have two more subsets of people who are only reachable through those.
XMPP was supposed to solve all those problems when it came out in the early 2000s. But then all the big tech companies who build "ecosystems" decided to push their own applications, all incompatible with one another. So here we are again with this proliferation of programs that really only do one thing: communication. It's like the 90s / early 2000s with the proliferation of instant messengers: ICQ, AIM, Yahoo, MSN, and on and on and on. The players are different, but the game is still the same. I suspect that twenty years from now, when the players have all changed yet again, there will still be one reliable method of reaching me: IRC.
If the Googles and Whatsapps and Facebooks of the world had been around in the early 90s, you'd have one email client from Facebook for mailing Joe and Fred, an email client from Google for mailing Mary and Jane, and an email client from Whatsapp for mailing Alice and Bob. Thankfully, email became entrenched before that could happen.
I want messaging to be like email, where I use one and exactly one program to communicate with all of my contacts, regardless of what server they use. People say that federation is more complicated than centralization. I'm sure that's true for developers, but in fact, federation can be vastly simplifying for an end user. I'm a fundamentally lazy person. Having to learn all these different messaging tools is frankly a waste of my time. All I want is a federated protocol and an open system, be it Matrix, XMPP, or something else.
As a final aside, you know what else that bugs me? The word "ecosystem". I worked for a big tech company for a while, and the only people I ever heard use that word were people out to build a walled garden.
> XMPP was supposed to solve all those problems when it came out
That's also what Matrix said it would solve when it started. Except now it's yet another protocol with its own chatrooms that are not reachable from any other protocol by default (even rooms on matrix.org); and bridges are at best in "beta" (except the Telegram bridge, which is "late beta"): https://matrix.org/bridges/
We tend to be pretty conservative on maturity estimates on Matrix (and bad at keeping the website updated).
IRC, Slack, Gitter bridges are all considered stable these days.
XMPP, Discord, Telegram, WhatsApp work usably too.
The UX for managing them is not always great or consistent (we’re working on that currently), but “yet another protocol with its own chatrooms” is untrue. You can certainly access the entirety of Matrix via Bifrost (the XMPP bridge) if you so desire, for instance.
5 replies →
I have lots of warm and fuzzy feelings toward Matrix, but my take is that XMPP solved my basic problem over 15 years ago. The problem being: I want to talk to Alice, Bob, Mary, Jane, Fred, and Joe without having to install ICQ, AIM, and Yahoo Messenger. Or should I say Facebook, Whatsapp, and Signal? I don't know what Matrix buys me over XMPP, but at this point, I don't care. I'll gladly drink the Matrix kool-aid, as long as it solves my problem and somehow ends up being the clear winner among federated protocols.
I don't think XMPP "lost" because it was bad technology. AFAIK the big players are still using it in various places under the hood. It lost because big players want to build "ecosystems".
2 replies →
In practice those bridges function very well. It's common to find channels in the Matrix ecosystem that have IRC and Discord users that aren't even aware that there's Matrix participants.
5 replies →
And those are the reasons I use phone calls, sms and email. It is more than enough to keep contacts and to arange where you will meet in-person. For distant relations I prefer email, I always loved a well formed letter where sender has actually put some thought into it.
Yeah, I dont have 999 friends but those 10 good friends is all I need. And they DO call, sms, email me. For everyone else I dont care.
Personal emails also help with the urge to reply "right then" and there are no single, double, blue, grey ticks.
> I want messaging to be like email
I'm not sure if I want that. Most of my communication over email can be read by Google, regardless of myself using Google. Moreover, there's the risk of things like AMP for email unilaterally changing the protocol in ways that as a user I might not like, but that I can't really influence through my choice of client.
I don't believe matrix.org will become such a thing, but if Matrix becomes as successful as email, I fear it's practically inevitable for a Google, Facebook or whatever to arise and become the dominant player, whereas that is practically impossible with, say, Signal.
I do see the value of the world that's made possible by technologies like Matrix, but I'm not so sure if they're possible with social processes evolving the way they do. I feel like Signal may be the best we can get.
(Though I'm certainly happy that Matrix is trying to prove that wrong.)
> XMPP was supposed to solve all those problems when it came out in the early 2000s. But then all the big tech companies who build "ecosystems" decided to push their own applications, all incompatible with one another.
Facebook Messenger and Google Talk actually used XMPP back then, I'm sad it's no longer the case.
A 'chat' client in the style of eg WhatsApp, but based on S/MIME over SMTP/IMAP, seems perfectly doable, and appropriate for most people's needs, with the obvious advantage of being supported by traditional email clients as a fallback.
Additionally, message threading is the feature I most appreciate in a messaging system, but which is painfully lacking in most products (and no, Slack doesn't cut it). SMTP has built-in support for it.
I'm old enough to remember when this was exactly how email was used. (but using a normal email client).
It was acceptable to send one-word email replies, and there were email chains of hundreds of emails (I was the guy who tended to "snip" them after 20 or replies).
Now email seems to have taken over from where snail mail was: bills, newsletters, and formal communication. Chat is now the norm.
Though I do notice a generational divide: one of my co-founders is in his 60's, and will phone randomly (which is now considered rude), another is a bit younger and prefers email to messaging, but will message to ask if it's OK to call. My younger colleagues send formal email replies, and use Whatsapp/Keybase for all other communication. I vetoed using Slack in the organisation completely ;)
I wonder if in another 30 years, chat apps will be the formal channel, and something else will have taken over for just chatting.
1 reply →
There's an open source (GPL) client app (last updated last week) on F-Droid called Dib2Qm for exactly this, and it's apparently e2e as well.
I haven't used it, I just happened across it yesterday out of sheer coincidence.
Link: https://f-droid.org/en/packages/net.sourceforge.dibdib.andro...
2 replies →
Check out deltachat, it uses autocrypt and pgp for e2ee, smtp for transport and has a UI based on signal. It is compatible with autocrypt-supporting e-mail clients like thunderbird
I guess most of the people that you mentioned can be reached through Email?
Email is a very good system, completely decentralized and yet still agile. It is sad that the protocol (SMTP, POP and IMAP etc) is stopped advancing into today's world.
If somebody from IETF is watching, maybe consider renewing the email protocol standards to make it more modern (like what you guys did in HTTP/2: Binary protocol, multiplex, better security etc)?
I was using multi-protocol clients such as Trillian/Miranda/Pidgin for most of the 00's. It did not matter much what client/protocol somebody was using, in all likelyhood it was supported by such multi-protocol clients.
At some point, reverse engineering/implementing protocols must have lost the interest of that part of the community.
> XMPP was supposed to solve all those problems when it came out in the early 2000s.
The really frustrating thing is that it almost did. I swear I remember at some point in the mid-2000s being able to send a message from Google Chat to Facebook. I think the option was hidden behind some account flags to enable external messages, but it was there.
One frustrating thing about Moxie's original post is that Signal derives huge amounts of value by piggybacking on an existing distributed federated network: the phone system. If phone numbers weren't an existing working identifiers that people had regardless of what OS, carrier, or messaging app, Signal as designed wouldn't work.
People should think harder about how to replicate that experience, instead of how to appropriate it and then abandon it.
In his "The Ecosystem is Moving" talk at CCC, he had many presumptuous and dubious "arguments" but one regarding privacy of phone numbers was that a user's APN would be used to determine their phone number, so there was no point in trying to keep phone numbers private.
This fails to account for the possibility of not using the cellular network. With unlocked smartphones, it is possible to remove the SIM card, clear any APN settings and access WiFi. That can be enough for a messaging app to work.
The only identifier needed for iMessage and FaceTime is a working e-mail address (and only for sign up). No cellular account is required.
That's not the representative experience for most consumers/users. Most people do have a phone number, though, so it's easy enough to bootstrap with.
I might not agree with the phone number thing, but I recognize the tradeoff being made and am willing to begrudgingly accept that for right now, Signal/Moxie are probably making the right call. It's not like they're not moving to fix it anyway.
Also, unless I misunderstood him, the APN bit is referencing push notifications, and he's right - if that's out there, it could identify you not just by phone but by Apple account in general. You realistically can't use Signal without an Apple ID, as you couldn't get it from the store otherwise.
8 replies →
In the context of this talk, APN means "Apple Push Network", I think. The concern is that even if the service doesn't ask for a phone number directly, it does still have an APN or GCM/FCM push token. Through the push provider, that token can probably be linked to the user's phone number.
> With unlocked smartphones, it is possible to remove the SIM card, clear any APN settings and access WiFi.
If you're willing to do all that, I suppose getting some free VoIP number for registering with Signal (e.g. through Textnow) won't be too much of a hassle?
3 replies →
I believe he was speaking of Apple push notifications and google cloud messaging
>People should think harder about how to replicate that experience, instead of how to appropriate it and then abandon it.
That's great and all, but because Signal takes advantage of that existing network of identifiers, it is able to deliver usable private messaging to many users today. Replacing phone numbers as identifiers is a much harder problem than what Signal has done so far. We shouldn't wait to solve this at some unknown point in the future before offering "huge amounts of value" to users.
The position you're taking, roughly that with limited resources you have to aim for achievable goals and while distributed federated networks are the underlying reason Signal works, it can't try to replace them right now, is totally reasonable, although not everyone will agree. However, that isn't at all what Moxie said. Instead he made no acknowledgement of the distributed nature of the phone system, he suggested that everyone who disagreed lived in the imaginary past, and suggested that his approach was the only sensible one. So I'm not inclined to read it as charitably as I read your comment.
>One frustrating thing about Moxie's original post is that Signal derives huge amounts of value by piggybacking on an existing distributed federated network: the phone system. If phone numbers weren't an existing working identifiers that people had regardless of what OS
oh my sweet summer child.
I hop countries and switch phones every few years. This entire assumption that my identity is tied to a phone number which I will have forever is patently false. Phone numbers are an anachronism.
I sure as hell don't trust an alleged privacy focused messenger that insists on a hard identifier (even if I know how to subvert said identifier for now). When privacy truly matters, signal runs on an emulated phone and a burner number.
Snipped out of context from: https://signal.org/blog/the-ecosystem-is-moving/
"However, over the past six years, we’ve also seen the user cost of switching between centralized communication services reduced substantially, particularly given the tendency towards addressing with user-owned identifiers like phone numbers."
Does he really believe that phone numbers are user-owned? My phone carrier owns my number. If I'm lucky, I might be able to take it to a new carrier. It's far more likely that I'd drop the number in favor of one in the area code in which I actually live, however.
I own my own domain, and I self-host my own email. I'm not likely to change it for geographical reasons. It has a much stronger tie to me than some string of digits used by an analog voice network from the last century.
The other user cost of switching between centralized services is network effects. If you want to switch from ICQ to AIM, you need to get all your friends to join you.
2 replies →
When i asked if i could use his libraries in ios/android apps Moxie refused. He licensed them under GPL that prohibits distributing of software via app stores. Quite a strange for a guy who claim that he wants to spread encryption. Sure, but only on your own platform. Fastforward he sold such rights for a whatsapp. Just simple business, nothing about privacy itself.
https://signal.org/blog/license-update/
Aha, yeah: https://github.com/signalapp/curve25519-java/issues/5
3 replies →
Why would GPL prevent distribution via app stores? I think I have at least one GPL app installed that way.
While some comments here mention freedom zero (ability to run the program) another problem with ios is that you can only build on Apple hardware - so there's limits on how you can distribute and use changes.
1 reply →
Can you explain how GPL prohibits distribution via app stores?
Generally, the way app stores work is that the developer uploads a copy of the app to the app store, and then the app store makes and distributes copies of that for people that request the app.
Note that since it is the app store making those copies for end users, the app store needs permission of the copyright owner to do so. There will be something in the agreement between the app developer and the app store that says that the developer grants such permission when the developer submits the app.
For app code whose copyright is actually owned by the developer, that's all that is necessary. The developer is able to grant all the necessary permissions to the app store.
If the app contains code that the developer does not own, then the app store also needs permission from the owner of that code in order to make and distribute copies of the app.
Consider a developer who includes someone else's GPL code in their app. To be able to make and distribute copies of it, the app store is going to have to obey GPL.
Most app stores require downloaders to agree to a license agreement with the app store, which typically includes things like prohibiting reverse engineering and prohibiting reselling or making and distributing copies.
GPL, however, prohibits such restrictions. If you impose such restrictions, GPL does not give you copyright permission to make and distribute copies. This makes the app store license and GPL incompatible, and so the software cannot be distributed on the store.
4 replies →
Some people argue that the GPL2's clause
"You may not impose any further restrictions on the recipients' exercise of the rights granted herein."
is violated because you need to agree to additional terms from Apple to use the apps.
https://www.fsf.org/news/2010-05-app-store-compliance
In this case however, the code is under the GPLv3, which is far more problematic. It contains a "anti-tivoization" clause, which says you cannot require any "methods, procedures, authorization keys, or other information required to install and execute modified versions"
4 replies →
According to the FSF, the App Store is incompatible with the GPL because its Terms of Service restricts what people can do with the apps they download: https://www.fsf.org/blogs/licensing/more-about-the-app-store...
1 reply →
It doesn't. The Apple app store prohibits the GPL.
1 reply →
I think Apple bans strong copyleft licenses somehow, by having store requirements that aren't compatible with them. I'm not sure about details.
Moxie / signal chooses pragmatism over purity, and is striving towards improve the status quo bit by bit vs a pure perfect solution that never ships, even though that improvement has it's own vital problems.
You can see it in his choices, and you can see how they want to eventually deliver improvements like no phone numbers, with them working on things like secure value recovery.
I kind of wish he spelled it out fully for the nit picky peanut gallery out there, so he can just reference it instead of wasting energy on them. You can just feel the exasperation when you read his writing and see him speak about this.
I'd argue that Matrix also chooses pragmatism over purity - the balance is more that we prioritise freedom as well as privacy.
Signal's whole mantra of "only implement features which are privacy preserving" is a great mentality. It's just a shame it comes at the expense of locking down the platform.
I'd argue you can't prioritise two things: prioritisation means deciding what comes first when you have to choose between two things. And it appears to me that Signal tries to ensure privacy first, and then sees if it can make that work with freedom later (see e.g. the delay in adding support for de-googled Android, or the ground work they're only doing now that might (or might not) lead to accounts without phone numbers), whereas Matrix does it the other way around (by first working on support for many different clients, and then trying to make that work with encryption). I hope that both succeed, and I'm happy that both paths are taken.
As an aside, I'd like to voice my appreciation for how you respectfully acknowledged moxie's point of view, take effort to understand it, and then pinpoint why you reach different conclusions from the same observations. A pleasure to read.
I would make the opposite argument: that at pretty much every point along the way, Signal has chosen purity over pragmatism. Which is why they didn't even have user profiles until recently, why they're just now getting group access control for a Slack-y experience, and why it's taking a fairly spectacular amount of engineering to get them off of phone numbers. Signal has a track record of delaying features common to messenger applications in order to get them cryptographically right. No other mainstream messenger tool has a comparable track record.
I completely agree. Ironically, centralization has not helped them move faster.
They won’t have usable group messaging without proper “mentions only” notifications. I’ve tried to explain so many times on the forum that they don’t need usernames for this. Just allow us to configure our own list of keywords we want to be notified of.
It’s very frustrating to keep up with the development of the apps. I wouldn’t recommend it.
4 replies →
> The ecosystem is moving
It has been "moving" from the times of Compuserve and AOL trying to prevent e-mail federation. Good thing they failed then! Kudos to Matrix for pushing against such movement in IMs. Someone has to push against it, instead of looking for excuses to proliferate walled gardens.
> If users don’t trust their app provider, they can always go switch apps, which gives them freedom.
Sounds like Moxie meant it's a downside. It's a huge benefit! Forcing one to use something that's not trusted is horrendous.
I won't touch signal because I care about user freedom more than privacy. (Both are important)
No 3rd party clients, mandatory updates, mandatory google play services, and mobile only are all deal breakers.
> mandatory google play services
Note that since a while there is also the possibility of using web sockets. But they are an extreme battery drain, and thus google services are quasi-mandatory. Telegram solves this without being a battery drain, possibly at the cost of delivering messages with a delay, but why isn't that my choice.
I can't tell you how they do it, but Telegram is lightning fast with push notifications across all kinds of devices, including Android. Been rocking it as my primary messenger for years.
Whenever a few of us are sitting around in real life, and someone sends something to a group chat, all the phones on the table will buzz instantly together (iOS and Android).
And on top of that, battery usage is really low on Android. I use it a TON, and it's never in the top n apps of battery usage. Meanwhile, I can just open Snapchat once, and I lose a few percent.
4 replies →
I use Signal without gapps and do not have extreme battery drain. I always get real-time notifications too - no late or missing deliveries. This is both on a galaxy s9 which went from stock ROM to deleted Gapps with no battery impact, and s 1+ 7 Pro with no Gapps from the very beginning (I get the expected excellent battery life).
I suspected that Signal basically took Over Gapps's role since it's the only app I use with notifications. Google keeps open a single optimized connection and apps go through it instead of having 10 open connections. After deleting Gapps, Signal is the only app keeping open a connection so it basically has the same impact.
But then I installed WhatsApp and Signal+WA both work perfectly without Gapps and with no gigantic battery drain. So I have no idea what black magic is making this work.
I just looked up my battery stats; since the last full charge 32 hours ago Signal has used 1% of the power. I got a few notifications and used the app for a few minutes in this time. WhatsApp's power usage is too low to show up in the stats.
2 replies →
Telegram without GCM is incredibly fast. Compared to my computer with the app/website open, it's at most one second slower, and often times faster at delivering messages, even on battery saver. It also uses less than a percent of my battery per day if I don't open the app, and was 2% of my battery usage in the last two days despite being on the app for close to an hour.
> mobile only
It requires a phone number, but it has iPad, Windows, macOS and Linux apps that function dependently of the mobile device once set up.
Google Play Services obviously aren't required to run Signal on iOS.
Of course not, but what's the point? Who complains that Signal doesn't run without Google Play Services are the kind of users that wants to run a mostly free distribution of Android (like LineageOS) without any Google software on it. Saying well you should buy a more closed and proprietary system that can run Signal without Google software is nonsense.
1 reply →
Google Play Services aren't required to run Signal on Android either.
Email is flawed and will become a one way protocol to receive spam, newsletters and invoices just like paper mail. I think Matrix is our second chance to build a secure federated communication suite. So far it's going in the right direction...
> Email is flawed and will become a one way protocol to receive spam, newsletters and invoices just like paper mail.
I don't recall the last time I've received spam in my email inbox among the tens of emails I've receive daily, and newsletters/invoices are messages that users intend to subscribe. You might argue that instant messaging scratches an itch that email doesn't, but that's a bit shortsighted and doesn't make a case on why email is flawed.
Agreed. Fifteen year ago I set up an email system that let me give everyone a different email, depending on what service it was/when, and since then I've only had my email clearly sold off to a third party that spammed me once. It was a startup that got bought by a private equity firm (and is still around) and fwiw, after I unsubscribed from the first spam I got, it stopped...
Newsletters and other BS notifications are the new spam.
Sure, you can technically opt-out and keep your inbox clean by spending 5 minutes opting out of the garbage every time you sign up to a new service, but that’s irrelevant considering nobody does this and most of my friends’ mailboxes are pretty much unusable because this kind of spam arrives every minute and they have tens of thousands of unread emails in their inbox.
However, in this case I’m not sure Matrix or any other service would be the solution. If the service is neutral and doesn’t impose policies on the content then scum like marketers will just move to it. On the other hand actually having “acceptable use policies” would require centralisation and bring its own problems to the table.
The real solution here is regulation, not technology.
3 replies →
If we didn't have email we would immediately have to invent something that did the same thing. The world needs non-real time text messaging way more than it needs real time text messaging. After all, we still have phones which work well real time. They don't work well at all for non-real time messaging. That is why we went to all that trouble to invent and use things like teletypes.
I think the timing makes Moxie's point very well without him saying a thing.
All these years later Matrix only has... The ambition to some day try to offer the core privacy features Signal already delivered back then. Some of the most basic stuff is, you believe, almost kinda sorta done.
This is, to be clear, much better than just sitting back insisting you were right but not lifting a finger. But for an actual user who needed privacy and security any time between then and now - and for future users who need it between now and whenever you get this stuff working in the real world, it was Signal that delivered. Moxie was right so far.
Talking about privacy of a system that requires you to sign up with a phone number, that in my country (and in most other European countries as far as I know, and without talking about non democratic regimes) is required to be associated with your ID (it's illegal to buy a SIM without registration) is nonsense.
And you know another thing? Email works great to me, and it's decentralized. I have my email server, with my domain, so I don't depend on anyone to provide me a service. I have full control of my data that is on my server. I can even send encrypted emails with GnuPG without any problem, and it's as secure as Signal, if not better. I can use whatever client I want, a fancy application, a web interface, or as I do a small CLI program since I don't use graphical user interfaces.
Sure, having a chat protocol that is decentralized like email would be great! I wish that Matrix will evolve in something usable in the following years, we need that. I need a chat application where I can have a client that I can use in my terminal, and Signal doesn't do that (Telegram does, for example, since the API is more open, and it's what I use second to email).
> I can even send encrypted emails with GnuPG without any problem, and it's as secure as Signal, if not better.
Alas this requires a fairly contorted definition of "secure" to be true. The cryptography in GnuPG has plenty of problems even if you insist on manually doing everything from your own CLI tools which maybe don't suffer the problems from EFail.
Mostly it's just kinda old, AEAD hadn't been conceived when Phil wrote PGP you know. That's a big foundational idea for modern crypto and instead PGP had to kind of fudge a separate MAC into the design and hope that's good enough.
When you send your GnuPG encrypted mail, how do you decide which cryptographic primitives to use? With Signal the whole _point_ of Moxie's decision is that Signal gets to insist on all clients having whatever the best option is, so that's always used. But in GnuPG you've got to guess, what might the other participant's client be able to handle? If you guess wrong then your email is unreadable, or, worse, bad guys might be able to read it more easily.
> in most other European countries as far as I know
In England at least SIMs are available in the pound shop. You buy a SIM with cash (a single bright coin) and it comes with a phone number. British people do not carry any ID as a habit, and I make a point of never having ID unless I've been specifically asked to bring it for a good reason (e.g. to leave the country or when I got a job that required security clearance).
3 replies →
> And you know another thing? Email works great to me, and it's decentralized. I have my email server, with my domain, so I don't depend on anyone to provide me a service. I have full control of my data that is on my server. I can even send encrypted emails with GnuPG without any problem
OK, and how many non-technical people do you email that have GPG keys? If they don't have GPG, how do you have end to end encrypted communications with them?
This is where Signal won and GPG lost, with the Signal protocol integration into WhatsApp, one billion people instantly got secure comms without even having to know what a key is.
> it's as secure as Signal, if not better.
Signal uses a new key for every single message you send, so it could be argued that actually Signal is better than GPG.
>I need a chat application where I can have a client that I can use in my terminal, and Signal doesn't do that
Have you looked at signald or Signal-CLI?
https://gitlab.com/thefinn93/signald https://github.com/AsamK/signal-cli
2 replies →
> Some of the most basic stuff is, you believe, almost kinda sorta done.
The core Matrix stuff has been usable for years, and in many ways you've had better metadata and censorship protection available than Signal - given you have the option of running your own server which could be entirely off the grid, and used only for your own conversations.
However, if your point is that Matrix focuses on freedom as well as privacy (rather than privacy at the expense of freedom), then we're agreed :D
No, a hypothetical option to never communicate with anybody on the network isn't "better protection" in any meaningful sense than a system designed from the outset to actually protect you when you communicate with other people.
When you say we're trying to improve I want to believe you. When you stubbornly declare "we're better" in "many ways" while actually being much worse, what could I conclude? Only that your goal is to deceive people because you're not really interested in improving. Blergh.
Back in February 2015 you did not understand the gravity of the mistake in leaving end-to-end encryption as a TODO item for Matrix and defended this decision as "Pragmatic" repeatedly. Matrix itself is a bit older, mid-2014 I think, but 2015 was the first time I ran into the arguments for Matrix. It's important to underscore those dates. I've moaned (including to his face) about Tim's choice not to do encryption out of the box in his toy hypermedia system, but that was almost 25 years earlier and whilst annoying a lot more understandable. 2014 on the other hand is after BCP #188 ("Pervasive Monitoring Is An Attack") and all that implies so there are no excuses. Matrix was a defective design on day zero. 2020 begins with a promise that it'll be fixed soon, kinda, sorta and then a retreat to old arguments about how it's all worth it for "freedom".
When I say "kinda sorta done" I am not referring to being able to send unprotected plaintext over the Internet in 2020. What's "kinda sorta done" is the basic task of sending messages between participants without anybody else knowing what was said, or preferably who by and who to. It sounds like Matrix's _ambition_ is still that in 2020 this will be the case for certain groups of participants, at least some of the time. Not everybody, and not all the time, and not yet unless you go out of your way which we know users will not do.
1 reply →
Building monoliths (like Signal) is easy and that's a core take-away point of Matthew's response in the blog post. Building Matrix is not and has not ever been a small task, but the effort gives us the freedom to run our own services and still be able to talk with our friends. Matrix is the "long game".
And it's a worthwhile pursuit. Moxie's points simply don't make sense, and are infuriating / disrespectful to those who are working on solving decentralization's issues.
_Of course_ it will be difficult. But the same argument could be made for building a completely unencrypted messenger app. You won't have to worry about managing keys, obfuscating metadata, or anything like that.
At the end of the day, it's about realizing the importance of both privacy _and_ decentralization that our current infrastructure threatens.
5 replies →
>All these years later Matrix only has... The ambition to some day try to offer the core privacy features Signal already delivered back then.
E2E on Matrix works, plus key verification is easier than on Signal. Managing metadata is hard, but my Matrix homeserver doesn't have my phone number (unlike Signal) and does not require Google Cloud Messaging. I can even run it on a PinePhone or Pocket CHIP!
>But for an actual user who needed privacy and security any time between then and now - and for future users who need it between now and whenever you get this stuff working in the real world, it was Signal that delivered. Moxie was right so far.
Tell that to the people getting imprisoned due to Signal's metadata leaks: https://news.ycombinator.com/item?id=21747424
> Tell that to the people getting imprisoned due to Signal's metadata leaks
Isn't this rather Twitter's metadata leaks in your source?
...that wasn't Signal leaking data, though, and unlike Twitter, which until last week allowed anyone to mass-check phone numbers, Signal doesn't publicly broadcast your number.
I don't use Signal, and won't as long as they force a phone number, but at least be accurate.
> Tell that to the people getting imprisoned due to Signal's metadata leaks:
Please explain how Signal leaks metadata given:
- everything behind the client and the server goes over TLS
- all Signal messages are end to end encrypted with the Signal protocol
- the Signal server doesn't even know who is messaging whom in the majority of cases: https://signal.org/blog/sealed-sender/
E2E in Matrix "works" with which Matrix clients? The whole point of a decentralized federated messaging protocol is to allow people to build their own clients. Do Matrix clients uniformly and interoperably support E2E today?
3 replies →
bruh did you honestly just say home server.... might as well just say use "tor and pgp".
Well, XMPP had working e2e encryption a decade before Signal. That's not really a reason to consider something done. Axolotl and OMEMO improved on OTR, and it seems OTRv4 will improve on it further.
Wait a minute. When you say "Axolotl improved OTR", what you're really saying is that Signal improved on OTR, because that's where Axolotl comes from. The same is true of OMEMO.
It seems like they are both right based on their values? Signal put privacy and security first, and Matrix put federation first.
They are both idealistic in their own way.
Security: sure, but privacy: no. An application focused on privacy should never require a phone number. In many countries phone numbers can easily be tied to individuals.
Actually Moxies talk "36C3 - The ecosystem is moving" was recorded: https://www.youtube.com/watch?v=Nj3YFprqAr8
He didn’t want it to be, though.
https://twitter.com/moxie/status/1211427007596154881?s=21
It was mostly stuff he has said in previous blog articles, so you are not missing too much.
Nice essay, Matthew, thanks!
I'll stay with XMPP until they take it from my cold, dead hands.
thanks :) (you can always use XMPP via Matrix via Bifröst - just sayin' ;D)
This reminds me of the book "Zen and the Art of Motorcycle Maintenance", which is also about a father-son roadtrip, and which uses it as an excuse to talk about what happens when we do long, boring tasks requiring some focus but leaving enough of the brain unoccupied. It's a good book and I should probably reread it.
Signal really tries hard to not be trustworthy.
The way they defend WhatsApp is heart-breaking. It's cute to see them saying there is no backdoor when it can't be proven to be the case, since it's all proprietary. They can't show the server side wasn't tampered with. Same with Skype.
The constant repetition of this ignorant claim is starting to be annoying. Think there is a client backdoor? Go find it. It is not like the binary is not available to you. It is not like there are not emulators in which you can step through the code. Please, show us the backdoor.
Server side tampering? Show us how it can be done. Create a server that can tamper with a patched client. Demonstrate your chops.
I see you're formerly from FB.
It's not up to us to reverse engineer a binary every update to guess if it's secure...
It's up to Facebook, which has time and again proven that it is absolutely not trustworthy, to open its code and make builds auditable, inspectable, and reproducible.
This is what ANY secure software does. That's the cost of entry. Imagine if OpenSSH were closed and its devs issued the same response you just did. "Just reverse engineer the binary and prove that it's not secure!"
Rediculous.
3 replies →
That is not how security works.
I think that protocols that are simple and open should be used, rather than very complicated and messy ones. Text-based also helps since it allows to use without specialized software. IRC is designed like this and I think it is good.
This is a very unpopular position from a security perspective. All messages should be exchanged by some type-safe structured container like protobuf to avoid a huge class of bugs that comes from quoting and odd character sets, manually implementing parsers, confusing types, and broken string arithmetic.
"Democracy and republics are hard, so we should all just give up and have autocratic governments"
It may sound flippant or unrelated, but I think this extreme projection of his argument makes it evident how silly it is. This is one of the reasons I switched away from using Signal, as much as I'd like better privacy on my text messages it's not worth handing that much control over to someone I shouldn't have to put my trust in. Instead I do my text messages over Jabber/XMPP with jmp.chat now and for others who have a proper XMPP address I use that (which gives me the option of OMEMO encryption which is basically the XMPP version of the signal double ratchet).
For the average user, installing conversations.im and hitting "create account" or whatever and calling it a day is good enough, so it's not even significantly harder than dealing with Signal.
How about that being in an atocracy might be much better when you have a population of 51% wolves and 49% sheep.
I saw Moxie Marlinspike's talk when it was posted on CCC's official channel [1] and was disgusted by it. The talk has been now censored and video was made private. It was one of the most defeatist talks I've ever come across when it comes to messaging and privacy. His message was basically that anything you do is pointless and that his and WhatsApp/Facebook's way is the right one.
I've used Signal on few occasions in the past but his talk made me uninstall it. I simply do not trust him after hearing his opinions. I do not support centralization and other ideals he's now pushing (including the use of a phone number as Signal's primary ID).
The talk was mirrored on few channels on YT [2] and you can still see it.
[1] https://www.youtube.com/watch?v=DdM-XTRyC9c (it's a private video now)
[2] https://www.youtube.com/watch?v=Nj3YFprqAr8 (working link, who knows for how long so mirror it).
I don't particularly like a centralized model either. Federation is much more difficult, but can create ecosystems which can survive longer/better than a single company can.
But on the specific issue of phone numbers as ID, they have been making some substantial progress on a technological solution to address this, specifically without running central servers.
https://signal.org/blog/secure-value-recovery/
You were "disgusted" by the talk? The controversial parts were spelled out in a post Moxie wrote 3.5 years ago, with the same title. The only deviations are new privacy-preserving features Signal is building, one of which is intended to address the most common objection to Signal (the use of phone numbers as identifiers).
The talk wasn't "censored"; the conference made a mistake by recording and posting it in the first place.
I think if Moxie had framed this from a perspective of "centralization has some advantages, so how can we make a centralized service as safe as possible" the outcry would be much less. Because signal is genuinely doing some very great stuff in that area. But the framing as a dismissal of decentralized solutions as unworthwhile is very frustrating, especially when it so transparently overlaps with his business interests.
Yea, how can we talk about privacy of a service that I need to register with a phone number (and in my country to register a phone number is obligatory to give your ID and signature, you can't activate a SIM card anonymously)
Centralized services should be avoided for a multitude of reason, the primary one is being dependent on some company that offers you the service and can and probably will shut down one day, with the result of loosing all the things you had on that service.
Look at the past, how many centralized services closed down and we lost all our data? Instead decentralized services are still up and running: email, usenet, IRC, even if unfortunately a bit forgotten these day (with the exception of email, even if most of people uses GMail anyway so it's in fact centralized...)
Wire seemed like a decent alternative where you're not required a number, I think only an email. Also you can delete your account.
It's fine, but you should know that pretty much everything Moxie and Signal talk about contrast sharply with Wire. For instance: last I checked, Wire stores your entire social graph on their servers in a database --- effectively forever, Wire stores a plaintext log of everyone you've communicated with.
13 replies →
I read on a privacy-oriented website that Wire was purchased by an American company not trusted for its record on privacy (or perhaps it was that since the company is American, their data can be read by the US govt.). I can't find it now though. There isn't anything mentioning it on the website of `www.privacytools.io`: https://www.privacytools.io/software/real-time-communication...
2 replies →
Is no one going to talk about how much more complex matrix is than signal?
overall it's more complex thanks to the decentralisation.
First off, I have to say this about matrix: they have by far the best foss community I have seen. Excellent work on managing the community, others should take note.
Second, both signal and matrix collect too much metadata. signal means you're completely screwed by their dependency on phone numbers. I expect little metadata privacy from signal because to me, it is practically the same as using my SSN or fingerprint as my user name,same for all my contacts, this key field is used by everyone and their mother to track everything we do like 1984 was target practice. For matrix, it's the defaults and how easy it is for others to fingerprint you using your specific device (equivalent of a user-agent seen by everyone iirc?) and other profile details ,but none of this is easy to correlate and answer questions like "which social network demographic micro-group does this user belong to so we can perform targeted infiltration of their device?" or "Hey, let's use this phone number to look perform the equivalent of a background check on this person who is sending us a message because we now have their phone number". Oh and the best part is, you can't just get a burner to use for registration, and to link a signal desktop,you need the mobile app. Matrix has none of these issues.
Third, consider your threat models carefully. As an individual, is it better if you have infrasructure diversity and protocol interoperability or is it better to put all your eggs in signal's basket. I never liked their use of google infra at the begining for example because I consider google more of a threat to me than most other parties. I can see the argument both ways. I personally consider the set of parties that have the most to benefit from targeting me as an individual plus those who have the most to benefit from dragnet surveillance where I reside. To me, matrix is more flexible to adopt to various threat models by for example self hosting compared to using a popular matrix server. Signal is better than the competition, if your fear is being exposed to unpatched vulnerabilities and/or if you are worried about metadata snooping (but you trust signal's infra provider, still google??) Then Signal makes more sense. For dragnet, I think matrix is better for me because implementation vulns only apply to a few users,making reliable dragnet attacks less likely. For anyone that might target me, my mobile phone is completely defenseless, so my concern is someone identifying my specific device for targeted attacks, with matrix they need to compromise the matrix server and even then they might need to do a lot more work to correlate which matrix user is me (real life "target worthy" identity). Where as with signal,they can easily micro target a group ,find out everyone's phone numbers (e.g.: hk protesters) and target their device for further exploitation via signal or any other pwnable app that is known to present on a device associated with that phone number.Practically, I am more worried about how each app fits in with everything else I do and matrix wins the security round for me.
Last but not least, I use signal for 98% of my comms because the phone number usage by Signal means I can easily connect to and invite people who don't have signal. If there is a Matrix client app that can be used as an sms client and can discover contacts' matrix account/server over sms without communicating or collecting phone number/name details of the contact, I think i might jump ship. The way I envision this to work is: the matrix client would have an invite button for non-matrix contacts and it will have an option to initiate discovery of contacts. Both options would do a challenge-response with each contact and instead of associating with a phone number they would ask to create a new martrix only contact.
Matthew outlined much of the Matrix problems but not in the context of the latter part of his idealistic thoughts.
Just going to point out that if agreeing on spec is six time slower, that's just the first car of traffic jam slowing down. The next car has to slow down more: The feature needs to move into SDKs. Then the next car, the client vendors need to actually implement and test their implementation of the feature and write documentation. That's even more slow.
"HOWEVER: all of this completely ignores one critical thing - the value of freedom."
I really value freedom. To me freedom means a non-technical dissident doesn't have to sit in jail when their messages weren't E2EE. It doesn't mean I can choose a value from a list of servers and have faceless entity #1, #2 or #3, or worse, Mike - the creepy IT guy from my peers - observe my metadata with everybody, and content with Karen who refuses to switch to Matrix client that supports E2EE.
"Freedom to run your own server (perhaps invisibly in your app, in a P2P world)."
Now this is something I can get behind. Which is why I've spent the last eight years working on P2P messaging system. Perhaps Matrix should move their efforts into being the change they want to see in the world instead of defending a bad solution of decentralization by saying they're thinking about implementing a better solution of P2P.
"Freedom to pick which country your server runs in"
Which you can't do if you're running P2P server on your device. I think every faceless service provider from Signal to any XMPP server has the same guarantee of privacy in practice. The only difference is Signal has to abide by the GDPR, independent users hosting servers don't. Before anyone screams about PRISM, I will point out that coercing insertion of a backdoor is the same as compelled speech, which would violate the constitution.
"Freedom to select how much metadata and history to keep."
We have precedence of Signal keeping none of that. With Matrix servers the server has access to all metadata by default, the server program doesn't attempt to hide anything, there's no sealed sender etc. Your only hope is to run your own server, somehow convince your peers you're the one they should trust with their metadata (there's a third party on every decentralized server with more than two users), and hope you don't grow enough to get hacked by nation state actors or criminals.
"Freedom to choose which apps to use - while still having the freedom to talk to anyone you like. Freedom to connect your own functionality - bots, bridges, integrations etc"
A nice idea, but everyone needs to have same features for it to work, so what you get is differences in UI, implementation language, and platform support. What matters most here is the programming language: Matrix client written in Rust is more secure that one written in C. But unless everyone uses the Rust version, the group chat is as secure as the weakest link. Same goes with bridges. You'll never have security because of this guy who likes to re-live their youth through irssi: https://xkcd.com/1782/
Also, what happens when Facebook implements their own Matrix client that steals your metadata from the endpoint, and what happens when they start bundling their app on every Samsung smartphone? Perhaps it's not your idealistic Riot client that's the problem, perhaps it's the bundled spyware on every peers' device used by people who just, don't care. I'm not saying Signal fixes the problem of user laziness, I'm saying it's better to know what's on the receiving end.
"Freedom to select which identifiers (if any) to use to register your account."
Which is kind of pointless considering the IP-address still leaks to the server by default. And the UUID means all your metadata can be tied together. The social graph is revealed to the server so unless everyone keeps rolling their IDs and exchanging them over some other channel, it's pretty much impossible to hide metadata from a malicious server running statistical analysis. Even if you're not malicious, there's no way to know if your server has been compromised. Or, if you somehow can harden your server against the NSAs of this world, please, go work for the Freedom of The Press Foundation or something.
"Freedom to extend the protocol."
When the protocol fails to mandate BASIC security features like E2EE, it's kind of pointless to talk about the possibilities of extendability. There's always going to be maintainers and theyneed to prioritize, so there's always going to be someone who decides whether something will be implemented by them. Signal doesn't forbid pull-requests if you want something done. The nice thing is, it's at least six times faster to do it for Signal.
"Freedom to write your own client, or build whole new as-yet-unimagined systems on top."
So it's the freedom of the developer we're talking about. Reminds me of BSD vs GPL (BSD says developer has freedom to fuck over users with proprietary fork, GPL says user has right to not be abused like that, and that developers have the obligation to not do that). It's the rights of the users that matter. That is, human rights. You can merge as-yet-unimagined systems to Signal. You might face initial criticism because it needs to be secure by default. But it's not like Moxie will show you the finger for proposing something before it's discovered or announced. I have first hand experience with this: https://github.com/signalapp/Signal-Android/issues/4171
"It’s true that if you’re writing a messaging app optimized for privacy at any cost, Moxie’s approach is one way to do it."
If you consider privacy is a human right, developer freedom isn't, it's easier to see who has their priorities in order.
"you end up thoroughly putting all your eggs in one basket, trusting past, present & future Signal to retain its values, stay up and somehow dodge compromise & censorship… despite probably being the single highest value attack target on the ‘net."
So which one is easier to subvert, community of experts constantly under scrutiny by peer experts trying desperately to make a name for themselves, or open work group on protocol that still isn't secure by default, and that is much more susceptible to stagnation via bike-shedding and mission hijacking. OpenPGP work group still hasn't agreed on v5 fingerprint, the SHAppening happened five years ago. I'm going to have to disagree and say I don't have faith in unnecessarily large organizations.
I'm just going to say this FUD is worth being pointed out, but that it's not worthy of dissection.
"We owe the entire success of the Internet (let alone the Web) to openness, interoperability and decentralization."
A thought that was denounced in the 36c3 talk whether you watched the stream or not.
"To declare that openness, interoperability and decentralization is ‘too hard’ and not worth the effort when building a messaging solution is to throw away all the potential of the vibrancy, creativity and innovation that comes from an open network"
The worth was not addressed by this writing in any way, and the practical problems that far outweigh the idealistic goals were discussed by Moxie because what matters is the human rights to privacy of the users of the tool, not whether the infrastructure is based on idealistic ideas that don't offer tangible security benefits in practice.
Like Moxie said, prove that decentralization works by doing the bare necessities of implementing E2EE, then it's worth discussing whether the idealism part matters, and if decentralization has something useful to offer.
"Sure, you may end up with a super-private messaging app - but one that starts to smell alarmingly like a walled garden like Facebook’s Internet.org initiative, or an AOL keyword, or Google’s AMP. "
The negative connotations of these companies are about lack of respecting privacy. It's really weird to essentially say "you end up with super private app that shares other commonalities with privacy invading companies". Walled garden isn't ideal, but for now, it's more secure and that's what matters more to users.
"So, we continue to gladly take up Moxie’s challenge to prove him wrong - to show that it’s both possible and imperative to create an open decentralized messaging platform which (if you use reputable apps and servers) can be as secure and metadata-protecting as Signal…"
That's the attitude we need. Now go out there and use your preferred methods to make the idealistic protocol secure by default! Just don't expect me or anyone else to recommend its use before that happens.
"and indeed more so, given you can run your server off the grid, and don’t need to register with a phone number"
Will you be getting rid of IP-address leak to servers too? Quick jabs in closing notes that aren't thought out too well are not very nice.
"and in future may not even need a server at all."
Also maybe reconsider ending your refutal of criticism towards decentralized architecture by hinting that users should look towards upcoming P2P architecture.
Signal could be more tolerable if they did not threaten and harass those who develop third-party clients, citing their unreasoned claims that they somehow "burden" them (1). They cannot demand pull requests if they treat the community like that. Depending on the locale, even frivolous lawsuits can be a real nuisance.
1) https://github.com/LibreSignal/LibreSignal/issues/37#issueco...
Encryption is also not the only thing that matters. Amateurish functionality omissions are really annoying. For example, in 2015, Signal developers removed the option to create, join or leave groups in the desktop client (2), and they apparently haven't still fixed it. They don't want, nor does anyone else. Maybe a less hostile approach towards community would yield better results.
2) https://github.com/signalapp/Signal-Desktop/issues/530
While I agree with you that this Matrix e2ee thing has took way, way too long, let's not pretend that everything happens at time in those walled garden systems...
> Moxie didn’t want the 36C3 talk recorded
Curious why. Anyway it's there: https://peertube.co.uk/videos/watch/12be5396-2a25-4ec8-a92a-...
Here's his reasoning: https://twitter.com/moxie/status/1211443530335281153
> I just prefer to present something as part of a conversation that's happening in a place, rather than a webinar that I'm broadcasting forever to the world.
To me it sounds an awful lot like not wanting to be scrutinized or held accountable for what he says.
I also find this rather disappointing as it excludes anyone who is unable, for whatever reason, to be at his talks from hearing what he has to say. Given how influential he's been in this domain, this sadness me quite a bit.
> I have less faith in the internet as a place where a conversation can happen
This feels a bit ironic, given he's built an enterprise on enabling conversations to happen on the internet, though arguably only with a limited set of people.
> , and the timelessness of it decontextualizes.
Not quite sure what that's supposed to mean. Perhaps it's a language barrier thing, but I can't parse that into something sensible.
1 reply →
This seems kind of silly to me because:
1. Does the same thing not also apply to the blog post he authored, which contains the exact same points?
2. Is a talk where you get a big stage to preach your opinion from and take two questions at the end really the best way to do this? As opposed to say, a panel discussion or similar.
1 reply →
To save people a click, here is a line taken ironically out of context:
"I have less faith in the internet as a place where a conversation can happen, and the timelessness of it decontextualizes."
Moxie has always gaslit users with legitimate concerns because addressing them would mean giving up power. Signal is a self serving design and driven by self serving decisions. I've written about this in depth before:
https://drewdevault.com/2018/08/08/Signal.html
I still stand by everything I said here, and lots more that goes unsaid in this article. Every single weird decision Signal makes is not because they've reasonably decided to come down on some side of the fence that others haven't - it's because their decisions serve moxie's wants above anyone else.
No personal attacks on HN, please, regardless of how right you are or feel, or how wrong someone is or you feel they are. Maybe you don't owe that person better, but you owe this community better if you're posting here.
https://news.ycombinator.com/newsguidelines.html
Sorry, you're right. I've edited it to be about the behavior instead of the person.
3 replies →