Comment by novok
6 years ago
Moxie / signal chooses pragmatism over purity, and is striving towards improve the status quo bit by bit vs a pure perfect solution that never ships, even though that improvement has it's own vital problems.
You can see it in his choices, and you can see how they want to eventually deliver improvements like no phone numbers, with them working on things like secure value recovery.
I kind of wish he spelled it out fully for the nit picky peanut gallery out there, so he can just reference it instead of wasting energy on them. You can just feel the exasperation when you read his writing and see him speak about this.
I'd argue that Matrix also chooses pragmatism over purity - the balance is more that we prioritise freedom as well as privacy.
Signal's whole mantra of "only implement features which are privacy preserving" is a great mentality. It's just a shame it comes at the expense of locking down the platform.
I'd argue you can't prioritise two things: prioritisation means deciding what comes first when you have to choose between two things. And it appears to me that Signal tries to ensure privacy first, and then sees if it can make that work with freedom later (see e.g. the delay in adding support for de-googled Android, or the ground work they're only doing now that might (or might not) lead to accounts without phone numbers), whereas Matrix does it the other way around (by first working on support for many different clients, and then trying to make that work with encryption). I hope that both succeed, and I'm happy that both paths are taken.
As an aside, I'd like to voice my appreciation for how you respectfully acknowledged moxie's point of view, take effort to understand it, and then pinpoint why you reach different conclusions from the same observations. A pleasure to read.
I would make the opposite argument: that at pretty much every point along the way, Signal has chosen purity over pragmatism. Which is why they didn't even have user profiles until recently, why they're just now getting group access control for a Slack-y experience, and why it's taking a fairly spectacular amount of engineering to get them off of phone numbers. Signal has a track record of delaying features common to messenger applications in order to get them cryptographically right. No other mainstream messenger tool has a comparable track record.
I completely agree. Ironically, centralization has not helped them move faster.
They won’t have usable group messaging without proper “mentions only” notifications. I’ve tried to explain so many times on the forum that they don’t need usernames for this. Just allow us to configure our own list of keywords we want to be notified of.
It’s very frustrating to keep up with the development of the apps. I wouldn’t recommend it.
You can make this argument about anyone simply by changing the metrics you're judging them by. So if you judge Signal by usability and messaging features, of course centralization isn't paying off. But that's not what Signal is optimizing for. On privacy features, no mainstream messaging app is doing anything resembling what Signal is doing; Signal's "competitors"† obtain their messaging features by storing vast amounts of valuable metadata in plaintext on their servers. Signal gets those features, with privacy assurance and without accumulating the hazmat, by inventing and deploying new high-end cryptography.
Consider how long it's taken Matrix to get to a point where it's just E2E by default. That's table stakes, Matrix very much wants to get there, and if they're lucky (see downthread) they'll be able to flip that switch in Q1 2020.
If Signal invents some new feature based on Attribute Based Encryption or pairing curves or PQ exchanges or whatever, they'll have it deployed within a week of merging the code into master. You've seen them do things like that repeatedly. That's what centralization buys.
† I'm not sure I accept the premise that it has competitors; the companies you're thinking of are, to my mind, competing more with WhatsApp and Slack than Signal.
3 replies →