Comment by areoform
2 years ago
Signal is one of the great undertakings of our time. And it's one of the last bastions of internet freedom.
A free-to-use global communications platform that doesn't censor, respects user privacy from the ground-up, and is run by a non-profit foundation that is faithfully dedicated to its mission. https://signal.org/bigbrother/.
We should support it. If you haven't already, then consider signing up for a recurring donation to the Signal Foundation. I try to give what I can afford, because I believe that digital freedom is essential for the progress of all humankind, https://signal.org/donate/
Without such projects, our civilization will stagnate and die in darkness.
Yeah, nah, it might be fashionable but I'm not 100% convinced that it's not an operation intended to be a lightening rod for "private" communication.
Given how tightly they control development, disallow third-party clients, disallow federation, disallow self-hosting servers, have a history if disallowing use without google play and have hid huge development features from the public (mobile-coin) despite being open source. etc;
The idea that it's a great undertaking of our time is so bombastic that it's guaranteed to be false even if you truly believe that they are completely altruistic (which I'm willing to believe but it's not coming easy to me based on the above).
"What's better"? Matrix. Which seeks to solve all of my points, the only thing lacking is market share which honestly is partially caused by these "easy to use" services which trade off everything else, which also consumes developer mind-share even if you're unwilling to acknowledge that. (devs are motivated to solve issues for friends, family and themselves if they are exposed more frequently to systems and services that are sub-par).
The reason Signal is successful is because it at least somewhat reliably works, while Matrix is the worst of fiddleware.
https://blog.koehntopp.info/2024/02/13/the-matrix-trashfire.... explains why Matrix is lacking market share, and I think Signal's decision to be aggressively closed is due to a justified fear of becoming that.
I think this is a false dilemma; you can have the high-quality implementations and be more open.
I've criticized Matrix before for their "protocol-first" approach and "too neutral" stance towards clients (which they've changed somewhat it seems; previously [1] was a table of clients with no clue what to choose, now it at least has "featured clients"). I feel they repeated the same mistakes as XMPP, which has not improved their client list.[2] Protocol nerds will say that's a good thing, but all it really does is ensure your protocol remains marginal because most people just get confused. People choose software, not protocols.
But you can write a high-quality client and a specification and allow people to write their own apps. IMHO Signal is needlessly restrictive. Sure, focus on your own implementation and the quality of that first. 100% the right decision. But there's no reason to not at least allow some things down the line. Signal is just a few months shy of their tenth birthday – they're well past the "ensure the quality of our official client"-phase.
[1]: https://matrix.org/ecosystem/clients/
[2]: https://xmpp.org/software/
2 replies →
I don't know if there is a straightforward correlation. I agree that my first Matrix experience was also not that satisfactory, but my university switched from XMPP to Matrix. I really liked conversations and quicksy. It just worked for me out of the box even with OTR stuff. However, it seems that there was not enough development on the server side, which I guess it led to the switch by our computing Center. Also the whole German health system as well as the army is switching to Matrix. I still think it is completely over engineered but it has a decent push.
the matrix protocol immediately fell over on syncing huge channels etc tho
2 replies →
That was a fun read :-)
> https://blog.koehntopp.info/2024/02/13/the-matrix-trashfire.... explains why Matrix is lacking market share
It complains that cyberfurz.chat is a "server with profanity in the name".
...why?
1 reply →
Easy to use is important and it's a shame that you're downplaying that. More accessible than PGP/OTR? Sure. But maybe by a hair's width of an alligator's back.
If I am working with a source who gets frustrated by the impenetrability of communicating with me because I insist they use matrix while they're not technical and likely impatient, then that person will be much more likely to use a fallback method such as SMS or email, and they'll do it without warning. It's legal risk, period. My job is to make sure that they can share information with me as easily as possible and during a particularly sensitive period of that person's life, usually. Matrix, as a sibling post highlighted well, is too difficult for this use-case. That is an enormous failure for a use-case of sensitive information sharing.
I really like the idea of federation, but I haven't seen it be successful in practice. I can't think of a federated service that isn't also highly centralized. This was a big problem for cryptocurrencies and it's not like email isn't almost all Microsoft or Google. Mastodon has been struggling as well.
While I think there are better services to be private and secure from a technical perspective, there's one killer security and privacy feature that Signal has that on one else does: usability. It's pretty hard to get my grandma onto Matrix, but it isn't hard to get her on Signal. The truth of the matter is that you can't have private and secure conversations if there is no one on the other side. So while I really do like Matrix and the like, I think of them as more alpha or beta type projects. I don't find that the bashing of Signal is helpful (like we also do with Firefox) because all it does is creates noise for people that don't understand the bashing is coming over a nuanced and biased point of view (we're mostly highly tech literate here on HN, it is a bubble. But people still read our comments that aren't). End of the day, if we aren't getting 1 click server installs (or literally everyone is a host), federated systems are going to become highly centralized at some point. PGP's always failed because the easiest way to hack a PGP email was to reply that you couldn't decrypt. It wasn't appropriate for the masses even when it wasn't difficult to use. Don't get me wrong, I love Matrix, but it's got a long way to go to get mass adaptation.
Fwiw, I remember a user awhile back offering a bounty for a decentralized pathway in Signal[0]. The idea was to create an AirDrop like system to help with things like local file sharing but then extend the project forward to create a mesh network. Seems like a reasonable idea to me. I think it may be more advantageous to try to push Signal in the right direction than rebuild from scratch. I'd highly encourage people with other opinions to participate in the Signal community because it is a crazy echo chamber in there and for some reason the devs treat it as a strong signal.
[0] https://community.signalusers.org/t/signal-airdrop/
There is still a huge difference between a totally centralized system and partially federated one.
An analogy is the U.S. is a two-party system, but most would consider this significantly different than the one-party system in North Korea or Russia.
A federated system with a few large players is still much better than a centralized one.
4 replies →
XMPP cries in a corner. I wish XMPP had more accessible (to the general public) desktop clients. Conversations is great, but speaking from experience, people aren't going to want to use Gajim because it looks like it's ten years old (even though that's a good thing ;). XMPP needs better clients in general. The last time I used Profanity it had very annoying bugs about sending and saving OMEMO encrypted files.
in a world where iOS users won't install another free app from the app store because they already use iMessage, matrix is like asking for your friends to perform calculus just to talk to you.
Sure, but I don't see whatsapp/telegram as worse realistically if you've already lost at that level.
Signal is very much in the same area of: "trust us".
With a caveat that they also say: "here's a bunch of information on why you should: but you can't really verify any of it and we have proven bad faith before- also we have an army of people who will pile-on if you call us out for not being actually verified, so, just trust us- we are the secure messenger and all those scary things are just so we are easy to use".
9 replies →
Funny enough the best way I found to convince iOS users to talk to me on signal is by telling them it's like iMessage but cross platform. Sure there are differences but most people aren't using those features. I do think signal could really benefit by just linking signalstickers.com into the app since that's the biggest complaint I actually get.
We really should convince Moxie Marlinespike to push the implementation of an out-of-the-box working bridge between the Signal client and the Matrix network. With e2e encryption, of course.
I think we're definitely approaching time when Signal / WhatsApp / Facebook Messenger / Google Messages / Matrix / etc will all become at least somewhat interoperable, and it's gonna happen very fast (~Q3), mostly because EU's Digital Markets App is basically forcing them to. (Well okay, only Meta-owned platforms are forced to.)
Matrix did an interoperability talk on FOSDEM (https://fosdem.org/2024/schedule/event/fosdem-2024-3345-open...) and it's basically confirmed (https://www.wired.com/story/whatsapp-interoperability-messag...) there was some experimental work done on connecting WhatsApp (and ergo every other Signal protocol compatible app) and Matrix.
From Moxie himself (excerpt from Github issue):
> It is unlikely that we will ever federate with any servers outside of our control again, it makes changes really difficult.
> ... I understand that federation and defined protocols that third parties can develop clients for are great and important ideas, but unfortunately they no longer have a place in the modern world. ...
Also, hasn't Moxie basically left Signal?
Signal has its problems, some of them sever. It's also buying "us" much needed time to build out federated and self-hosted chat platforms.
I truly believe they are altruistic, although it is unrealistic to expect that to last forever.
By the way, some of the claims you made about their "bad actions" are actually false. And Matrix is still incredibly annoying to work with for "normies" and only recently got first-class E2EE and retention policy, both things needed for a secure chat experience. And btw, those things aren't deeply supported in the ecosystem, and also it doesn't have client feature flag alerting (to allow good intentioned clients to de-facto report they don't support certain security features).
I do think Matrix (or something like it) is the future, but it's certainly not the present.
*severe
Matrix?! As someone who runs is own Matrix homeserver, oh, man, no way. Matrix is super fiddly, unreliable, and user-unfriendly (and I say this as someone who has at times agreed that Signal can be user-unfriendly).
Matrix also is just not particularly private. Servers control and know far too much about users, and pretty much no mainstream client enables E2E encryption by default. Matrix is an impressive piece of technology, but it has a long way to go before it's as usable for an average mobile phone user as Signal is.
Just because a project is open source doesn't mean everything the team works on or releases will be in the public eye, nor does it even imply that it has to be open source as well.
That's not what this is about.
It's not just any open-source project.
It's a privacy-orientated open-source project.
They could at least BSL the server code and allow others to verify the server code and host but not compete.
1 reply →
I agree about the passing utility of Signal [0] but Matrix (which I do use) is a barely adequate dumpster fire. They spent all this effort developing a generic synchronization protocol, but yet didn't include native encryption in 2014 and had to bolt it on as an afterthought? And the last time I tried to find a native client it seemed like they were all still using web engines for rendering (inherently slow and insecure), presumably because the markup is too complex to make straightforward native apps.
[0] I don't even use Signal. My tack is to isolate and contain my "mobile phone" device as much as possible (when I'm home it generally stays next to the door on a charger). Whereas Signal has been designed around that single device as a critical part of my life. When I can sign up using only a username, and use Signal from a native client or web browser without any sort of Android device in the picture, then I'll be interested.
They don’t and can’t disallow third party clients. The client is GPL.
https://github.com/LibreSignal/LibreSignal/issues/37#issueco...
> If you think running servers is difficult and expensive (you're right), ask yourself why you feel entitled for us to run them for your product.
4 replies →
> And it's one of the last bastions of internet freedom.
I don't want to be too negative on Signal since they do some good work and I do use it.
But freedom? No. It is another completely proprietary platform. A better one, but still proprietary, so the antithesis of internet freedom.
For example just earlier this month the Signal client overnight stopped working on my old Mac because they decided to no longer support older OSX releases. So I can longer use it on that machine, my primary desktop.
If Signal was in any way open or free (as in freedom) I'd just compile my own client to speak an open protocol and be back in business. But no, Signal is just a proprietary service with a proprietary client.
>If Signal was in any way open or free (as in freedom) I'd just compile my own client to speak an open protocol and be back in business. But no, Signal is just a proprietary service with a proprietary client.
Isn't the source code available? What's preventing you from compiling your own copy?
The server is centralized -- you might be able to stand up your own but it doesn't matter because you can't use it to talk to anyone else who isn't using your custom built app that uses your server
1 reply →
As far as I'm aware, everything is open[0]. Only issue I know of is that the server code isn't consistently up to date and you can't run your own. But you can compile the app and desktop clients yourself. I guess there's also the issue of reproducible builds but AFAIK this is a play store issue and doesn't seem that problematic since you can compile from source. I mean they even have a commit from 4 days ago for the Android app.
[0] https://github.com/signalapp
Signal has documentation on how to reproduce their Play Store builds and compare them with what you've installed locally:
https://github.com/signalapp/Signal-Android/blob/main/reprod...
1 reply →
> Only issue I know of is that the server code isn't consistently up to date and you can't run your own.
Why can't you run your own? Sounds like it is not entirely open. (Never looked into it, so would be interesting to understand what is missing.)
> But you can compile the app and desktop clients yourself.
This has been talked at length here in HN before, they prohibit any clients other than their proprietary binary distribution.
If that has changed, I'd be thrilled. Can anyone point at it having changed?
4 replies →
> old Mac
> older OSX
How old OSX are we talking? Is it older than current Xcode with Sonoma supports? If it's that, then you have your answer. If you want to daily drive and older machine Linux or even Windows should be fine, but this is not really the way with Apple hardware - if it was, Xcode would make this easier for the developer. For reference, you can still build for Windows Vista using current Windows 10 SDK - I haven't tried Windows 11 SDK, so not sure how things are there.
I believe signal is completely open source...
Here u go
https://github.com/signalapp/Signal-Desktop
> We should support it. If you haven't already, then consider signing up for a recurring donation to the Signal Foundation.
I always like to remind people that you can also donate through your employer and many will match. This is a great way to multiply your donation and everybody wins. Your org is going to donate x amount a year anyways and so might as well "vote" on where some of this money goes.
Requiring a phone number is like asking for an id. What does signal offer that whatsapp doesn‘t? Serious question.
Edit: Ok, ok, I was wrong, signal does have advantages over whatsapp.
It encrypts your metadata (the most important data) and doesn't use it to manipulate you. It's a non-profit. And now you can use it without exposing your phone number to other users.
Again: Metadata. WhatsApp records a timestamp of every message you send/receive, and who the other party is. Signal only records two pieces of metadata: timestamp of when you signed up, timestamp of the last time you sent a message.
Whatsapp only e2e encrypts message contents. The only thing Signal knows about you at any given time is the time of account creation and the date of your account’s last connection to Signal servers. That's tied to your phone number. They don't know who you chat with, the contents of those messages, your phone contacts, anything.
I'd get a chuckle out of comparing that with the privacy of Whatsapp.
My 2¢, as someone who tried using WhatsApp once and ran away screaming:
WhatsApp requires you to give it access to all your contacts (your entire address book) in order to use it at all. This information is uploaded straight to Facebook’s servers where they’ll inevitably use it to place your WhatsApp account in a social graph so they know who you are based on your contacts. I found this to be unacceptable so I uninstalled it.
Whatsapp message content can be pulled via a subpoena along with a lot of other private data. Signal's can not.
FBI doc on what messaging apps can provide via subpoena pulled by a FOIA request...
https://propertyofthepeople.org/document-detail/?doc-id=2111...
That link says for WhatsApp:
> Message Content: Limited*
> * If target is using an iPhone and iCloud backups enabled, iCloud returns may include WhatsApp data, to include message content
> Whatsapp message content can be pulled via a subpoena along with a lot of other private data. Signal's can not.
Your own link does not say that. At all. It directly disputes that.
I think this link is better
https://signal.org/bigbrother/
WhatsApp does not provide real encryption - all the metadata is unencrypted!
And they're also owned by Facebook, not exactly a company that should be trusted
People who subpoena Whatsapp know who your friends are.
Even if all the other things sibling posters mentioned didn't exist, the simple fact that Whatsapp is owned by Meta and Signal is not... well, that'd be enough for me.
No data sharing with FB
1. Facebook owns WhatsApp and uses it to collect data about people, such as who they communicate with, how and when. They also know about many of the websites you visit and what you do there. They know everything you do on Facebook, Facebook Messenger and Instagram. They buy mountains of data about us from other sources. By analysing all of that data they can probably do a reasonable job at guessing the content of your WhatsApp messages.
2. WhatsApp tries to get every user to accept the option to backup messages and photos to Google Drive, where they sit unencrypted and accessible by Google. Even if you reject that option yourself, your correspondents are likely to have enabled it (if only just to stop WhatsApp from nagging about it) and so your messages are available for Google to read. Example of why this can be bad: https://www.vice.com/en/article/zm8q43/paul-manafort-icloud-...
3. Google Photos asks WhatsApp users if they'd like it to back up their WhatsApp photos. Even if you reject that option, your correspondents may have enabled it and so your photos are stored online unencrypted and accessible by Google.
4. Why should we limit what Google and Facebook know about us? Google and Facebook influence our behaviour for the benefit of their paying customers. Their computer systems are too powerful for our minds. They work against us, not for us. Companies like Facebook will come to be seen like tobacco companies, except that the harm is as from mind altering drugs. There is a documentary on Netflix called The Social Dilemma which explains this well. The polarisation of societies and the spread of conspiracy theories are some of the effects. The only defence is to disengage.
5. Read about Chinese-style social credit to understand why you want companies like Facebook and Google to know as little about you as possible. This is a good overview: https://nhglobalpartners.com/wp-content/uploads/2021/10/chin...
> backup messages and photos to Google Drive, where they sit unencrypted and accessible by Google
WhatsApp provides an option (off by default) to encrypt the backup with a password so that it cannot be decrypted by Google.
While I am thankful that Signal exists and is a considerate of privacy concerns I don't think their decisions are always right.
For instance, I would love to see picture sent to me by my spouse automatically saved to camera roll. Signal has no option for this because it could put the privacy of me and the sender in jeopardy.
I actually like it this way. Occasionally (not always, which is even more confusing), images from random Whatsapp conversations ends up in the Android equivalent of my camera roll, and it annoys me to no end.
My camera roll is for photos that I have taken. If I want to put something from someone else in there, that's a decision I will pro-actively make. Other apps shouldn't be doing that for me.
WhatsApp has this feature and it drives me nuts. My roll is full of crap people (especially chat groups) send me and I have to clean it up every now and then. I surely hope Signal doesn't do this and keeps the current approach of allowing users the option to download the images they want, when they want.
They have a community forum with a feature request system. Though I'll admit it's a big echo chamber there. But every new user adds a new voice and I can't see how that isn't a good thing.
Fwiw, I want this feature too. And others. I've submitted feature requests in the past. I even asked that usernames add QR codes and links. I'm not sure if I was heard, but hey, the feature is there and even some of the echo people were against it.
They need to actually listen to users. Signal needs to support SMS, they need to support backups, they need to support easily migrating to new devices. I don't care if it makes me slightly less secure, make it a checkbox in the client that I agree if I enable the features, I'm a moron because some nation state could abuse it.
Otherwise, it'll always be niche. I'm never getting non-technical friends and family to adopt a messaging app that isn't unified for SMS and secure messaging. When they say "users might not know they're sending insecure SMS messages" - fine, you own the client. Make the client bright red with a flashing "INSECURE MESSAGES" across it for all I care. It's not hard to inform a user in 2024 that they are sending a less secure message.
Signal has so many footguns that I stopped recommending it. I know more than one person who lost all their messages and pictures when they switched phones.
> I'm never getting non-technical friends and family to adopt a messaging app that isn't unified for SMS and secure messaging
Er, what? So no one you know uses Whatsapp, FB Messenger, Telegram, Google Talk, or anything else? I suppose it's possible that's true, but even if so, you and the people you know do not represent the common-case user.
I thought I read that Signal has some funding by the US government. Was that not correct?
That's correct, but so what? So does Tor. The US isn't a single unified entity. They get some funding from groups that promote encryption. Gov still wants encryption for their own people and for people in authoritarian countries (it's hard for normal people to overturn an authoritative government when all communications are watched. No need to discuss CIA). But also remember there's plenty of US gov groups that attack Signal too. Just saying "US funded" isn't strong enough on it's own. The gov has it's hands in everything so it's too noisy. You'd need to make an argument about it's dependency on that money, which they aren't. Records are public btw, they are a nonprofit.
[dead]
[dead]
[dead]