← Back to context

Comment by vld_chk

2 years ago

This is a fundamentally different problem for a fundamentally different audience.

If we take privacy issue, it can be divided into 3 segments:

* Privacy of user data. The basic level. When you use Google or Apple, they collect data. Even if you minimize all settings — data is still collected. This data is used to train models and models is used to sell ads, target you or do anything else you have no clue about (like reselling it to hundred of “partners”).

* Privacy against undesired identification. Next layer of privacy. When you want to have some personal life online without sharing much about you. Like Reddit, anonymous forums, or Telegram (to some degree).

* Privacy against governments. The ultimate boss of privacy. When you want to hide from all governments in the world your identity.

Signal was perfect at first layer strong but not perfect at 3rd layer (e2e encryption, no data collection to share nothing with governments who seek for data, good privacy settings, always tell you if your peer logged to new device to protect from cases when government operates with telecom companies and use sms password to make a new login), and almost non present at 2nd because they have no public features except group chats where you share your number.

Now they in one move close gaps at 2nd layer — you can hide phone number and stay fully anonymous, and strength their positions in 3rd layer, leaving the last piece open: government still will know that you have some Signal account.

As for me, this setup solves 99,999% cases for regular people in democratic and semi-democratic countries and address the most fundamental one: privacy of data and actions online.

Yes it is not perfect but barrier for government to spy on me is that high that I reasonably can believe that in most cases you should never be worried about being spied, especially if you live in some places which are named not as Iran or Russia.

The only scenario, in my perspective, you can want to have a login without phone (with all sacrifices to spam accounts, quality of peers and usual troll fiesta in such places) is when you want to do something you don’t want ever be found in your current country.

But in this case, IMO, Signal is the last worry you usually have on your mind and there are a lot of specialized services and protocols to address your need.

10 comments

vld_chk

Reply
cookiengineer  2 years ago

1,2 and in part 3 were already fixed with the Signal FOSS fork back then, but Moxie and his army of lawyers decided to send out multiple cease and desist letters against those projects. Which, in return, makes Signal not open source, no matter what the claims are. If they don't hold up their end of the license and argue with their proprietary (and closed to use) infrastructure then I'd argue they are no better than Telegram or WhatsApp. Signal's backup problem is another story which might blow up my comment too much.

Because of your mentioned points I would never recommend Signal, and rather point to Briar as a messenger and group/broadcast platform. Currently, it's still a little painful to use and e.g. QR Codes would already help so much with easing up the connection and discovery/handshake process.

But it has huge potential as both a messenger and a federated and decentralized platform.

idatum  2 years ago

I just don't want my metadata (contact graph) hoovered because I send a (encrypted) message to someone that may be an over sharer on FB, etc.

I use Signal because I am a "nothing to hide and I like to own my privacy as much as possible" type online person.

Signal == more peace of mind just generally in this online world we have.

autoexec  2 years ago

> no data collection to share nothing with governments who seek for data,

That isn't true anymore and hasn't been for years. Signal collects your data and keeps it forever in the cloud.