Comment by nwellinghoff
2 years ago
Wish they provided some numbers of actual messages, type etc. per day. Seems like a good game plan would be.
1) Get off the major cloud providers that charge insane egress fees. 2) Remove SMS verification. A simple solution might be the app gives you a code and then you dial in to them and punch in the code to them. Like a reverse voice based authentication. 3) Remove voice and video calling for non donating users. 3) Remove media texting until both users allow a p2p connection. 4) Remove no contact list message hosting for non donating users.
Lot of unpleasant trade offs there. But I would rank having a text based private messaging app as the top feature. Everything else is a "very" nice to have. I applaud what they are doing and the sacrifices that have been made so far.
Removing essential features like voice/video calling for non-paying users would be a terrible choice IMHO. This is a communication app, which means it is only useful if others use it too.
And how are you going to convince others to pay for Signal when there are many free alternatives, including WhatsApp, which most people already have and while not as privacy focused as Signal, does have end-to-end encryption. If Signal makes people pay for voice calls, they will simply use WhatsApp, regular phone calls, or whatever is free and popular at the moment.
The success of Signal came from being very low friction, privacy is the "nice to have" feature, at least for most users. But add friction and they will look elsewhere, Signal is not WhatsApp, it doesn't have enough of a critical mass to keep users on its network.
All that will remain will be a small core of cypherpunks and people who really have something to hide. This is bad because one strength of Signal is that it is a mainstream app, making it hard to single out "interesting" people compared to those who just use it because their geek friend told them to and they like the shade of blue.
Valid but if there is no model that is sustainable then who cares if its successful? Some trade offs will have to be made. How can they keep going if the vast majority of people don't pay? They don't have the model of "ok we are going to flip and monetize after we get to X mass". Its like a growth startup but with no end game plan.
Call to donations, ads, pre-mined cryptocurrencies, selling cosmetics, premium features no free service offers, partnering with other organizations, etc...
They already do some of these, and some are less popular than others, but the key is to keep the essential features free and easy.
On Discord for instance, a free account is enough to cover all of most people needs, but you get a little extra by paying a subscription, and it is enough for Discord to be worth billions. Maybe not the perfect example since Discord has a critical mass, but no one wants to leave just because they don't have premium features (larger uploads, higher resolution streaming, flashy emoji) for free.
For Signal, it seems like just calling for donations is enough. They have a good image, so they can do that. It can actually be a solid business plan, look at Wikipedia, they get more than $100M a year doing that despite the controversy.
About the SMS verification, it depends on the goal. If the goal is to verify a phone number, you can't trust the _sender's_ address in the phone network.
So, you can't trust the address in the "From" on an SMS or the "From" of a phone call.
That means a voice call to Signal would not work to validate phone numbers.
Good point, I guess we are proving why the resorted to using numbers in the first place. Unless you have a verification point that includes a "charge". Indirect or direct, your platform gets flooded with spam/bots. Does anyone have ideas of how this problem can be solved while also preserving privacy?
Problem: A system that enforces a monetary penalty to prevent sign up abuse while also not tying a users identity to said system.
Without doing some pain in the a crypto stuff it seems like there are no easy solutions other than the #
You can charge for SMS. You send a message to signal, charged at an amount to cover the return message which contains a code.
does the dial-in suggestion work? Seems like spoofing phone numbers is trivial, while spoofing numbers for inbound SMS is harder.
> Get off the major cloud providers that charge insane egress fees
At on demand prices, yeah. But companies of sufficient demand can enter into volume discount programmes.
> Get off the major cloud providers that charge insane egress fees.
And run their own DCs? Cool, they'll just need a lot of upfront capital aaaaaand they're back in the "need money" boat. Except more so.
There's a ton of options between paying premium cloud prices on egress and running your own data centers.