This post, and how it explains that there's 30 people working there now, made me realize that if I care about signal continuing (and I do, since I really like it, especially that it has a dedicated desktop client), that I should see how it makes money and whether that's sustainable. Turns out it's donations, and now I'm a donor through monthly charges through the mobile app. I actually opted for that specifically because their web site noted that they can't give you a badge in the app if you donate online, and I thought showing the badge would be a good way for other people to see and inquire about, and hopefully realize they can donate too if they care to.
While this is true, remember that the Signal Foundation was started with a sizeable investment from their new interim CEO Brian Acton.
> In February of 2018, Acton invested $50 million of his own money to start the Signal Foundation alongside Moxie Marlinspike
>
> https://signalfoundation.org/en/
He's worth at least a billion dollars, so one imagines that Signal will continue as long as he's involved.
You can't take him for granted like that. Yeah he donated a lot and yeah he has more and yeah he left $1B on the table after leaving Facebook, but he just can't do it all alone.
If you're rich you get all kinds of people in your life soliciting your money, you gotta watch it like a hawk, it's easy to lose a billion dollars.
> If you're rich you get all kinds of people in your life soliciting your money, you gotta watch it like a hawk, it's easy to lose a billion dollars.
People forget this far too often. No matter how much money a person or an organization has, it can disappear in the blink of an eye if you view it as an unlimited money pot that you can keep going back to.
The average american makes ~2m in a lifetime, 1b$ is 500x that. "Losing" 1b$ is ludicrous unless you are actively looking to lose it (or don't care about it, like musk & al).
How do you lose what 500 people make in their lifetime?
Let's say your net worth is ~100k. That's equivalent to a 2.5k donation. Investing 2.5k in a pet project is pretty common, and you don't find yourself in the streets for doing so.
I think people that say it's easy to lose 2b$ don't have a clear understanding of the amount of money that is. It's a crazy amount for one person.
I think you’ve lost the context. If signal does not figure out revenue, they will require more $50MM donations. Using your analogy, that would be like you spending $5,000 or $10,000 when you originally only planned to spend $2,500. Perhaps you wouldn’t flinch, but many would pull the plug after the first or second time, especially if disappointed about some aspect of the project. Your project is at risk by relying on your continued good graces, even though you may technically be able to afford more investment. Likewise, signal is at risk if it requires periodic investment of millions from Acton, even though he can afford it and currently supports the project. Since he donated a few percent of his net worth, it’s a better situation than if he had donated, say, half, but signal still needs to take the risk seriously.
Sure but even a meagre 8% return on $950M is $76M. Buying and holding SP500 index funds in 2021 would have returned more than triple that, at 26% or so.
You can give away 50 mil a year and still get tens of millions dollars richer if you're sitting on $1B.
It's only "easy" to lose $1B if you have absolutely no idea what you're doing.
10 year treasury bonds are essentially risk free, as they are guaranteed by the US Treasury. Current 10-year yields are a bit less than 2%, so that's essentially your minimum return there.
Assuming that interest rates remain above inflation, which is already no longer true. What's the point of earning 2% a year when the USD is losing 6% a year in value (and that's likely far undercounted).
A meager 8%. You have betrayed your total ignorance when it comes to anything having to do with money. You have no idea what you’re talking about. The only investment that will give you 8% is an extremely risky one and that’s not an appropriate vehicle for a billion dollars. And you say this in the world wide environment of negative interest rates…
The reason not many rich people lose their money is because becoming rich is hard and you have to be smart to do it. You don’t have to be good or moral but you have to be smart. Even then there’s a ton of washout among new millionaires. But you don’t get to a billion by accident. Look at all the people who make tons of money through some other means than intelligence — lottery winners and football players — they all lose their money even if it’s millions. Sorry bud, the system isn’t rigged. Life is just hard.
>The only investment that will give you 8% is an extremely risky one and that’s not an appropriate vehicle for a billion dollars.
Buying SPY returns on average 10% or so, year over year.
Do you consider the S&P500 to be "extremely risky"?
>Sorry bud, the system isn’t rigged.
I feel like you replied to the wrong person? Between you and I, the only one who brought up the question of whether "the system" is rigged or not is you.
Vijay Mallya, Patricia Kluge, and Eike Batista are all entrepreneurs who lost a billion or more and are now worth nothing. Masayoshi Son lost $60 billion and only made back about $20 billion. Technically Bezos, Buffett, and Bill Gates have all lost billions many times, just due to market fluctuations, but that probably doesn't count. Mohammed bin Salman, the Crown Prince of Saudi Arabia, spends $1B like nothing: $500 million yacht, $300 million dollar house (one of many), $450 million on a painting. I'm certain that many members of that family have spent $1B or more.
You know what they say: a million here, a million there, pretty soon it adds up to real money.
Many super-paid athletes famously end up broke very quickly after their careers end. Some NBA names here [0] but it's not specific to basketball - it typically correlates with coming from poverty and/or lack of financial education.
Note that this was an unusual arrangement, to say the least. My understanding, from memory of having briefly looked into this, is that Acton loaned $50m to the Foundation, rather than donating it, in what appears to be a 50-year, interest-free loan with no regular repayments. As an initial donation of that size from an individual would have probably put the Signal Foundation into private foundation status rather than public charity status, this has at least the appearance of trying to circumvent the public support requirements of public charities.
It is somewhat difficult for one individual to consistently single-handedly support a charity in the US without causing the tax status of the organization to change detrimentally.
There are provisions for individual large donations to be excluded from the public-support calculation if the charity can make the case that they are "unusual". No idea if that would apply here though.
But that---a $50m donation from an individual, then sustaining the organization off investing that donation---is exactly what, whether it makes sense or not, a public charity in the US is usually not allowed to do. That would make it a private foundation in the eyes of the IRS.
With that said, if I'm interpreting their 2019 filing correctly, it appears that they are making enough in donations that they may have a legitimate claim to being able to eventually repay the loan, and they are now including imputed interest on the (interest-free) loan as revenue.
> The foundation was started with an initial $50 million loan from Acton, who had left WhatsApp's parent company, Facebook, in September 2017.[8] The Freedom of the Press Foundation had previously served as the Signal project's fiscal sponsor and continued to accept donations on behalf of the project while the foundation's non-profit status was pending.[4] By the end of 2018, the loan had increased to $105,000,400, which is due to be repaid on February 28, 2068. The loan is unsecured and at 0% interest.
Appears it wasn't an outright donation. I've always wondered about the details behind this. Don't think I've seen something like this before.
It wasn't an outright donation as a protection mechanism. If they go full Oculus he wants his money back. If they remain true to the founding principals, it'll likely just be forgiven upon death or put into some funky trust.
I think 501c3s should be barred from taking huge donations like that in situations where it's not 100% clear that such a donor couldn't end up personally benefitting from influencing the charity. For example, I stopped giving money to Wikimedia Foundation when Google showed up with their millions. If there is even just a 0.0001% chance that donations from my hard-earned cash will ultimately just end up lining the pockets of billionaires, then I don't want any part of it.
In Germany there is now a party running on a program trying to forbid political parties from taking donations from any individual above €5000 per year, and barring politicians from staying in office longer than two terms of 5 years each. -- This is roughly the standard I expect from any charity that wants to have any shot at getting money from me.
I don't think it's hard at all to imagine scenarios where his other assets could benefit from a player like Signal competing with Facebook, even if Signal is non-profit.
This is similar to how Google Docs competes with Microsoft Office. It hurts Microsoft's cash-generation and thus benefits Google as they compete with Bing.
If Google had been even smarter (or poorer, so as not to be able to afford footing the bill for Google docs entirely on their own), they could have established Google Docs as a 501c3 foundation, benefitting from tax exemptions and donations from individuals and just dominated that foundation through large donations and putting the right people in charge.
This may or may not be an accurate analogy for Acton's true motives with Signal, but I just can't know the truth of it and am therefore not taking that risk with my cash.
People said the same about Keybase because of who was behind it. Just because it's got moneyed people running it doesn't mean they won't sell once their priorities change.
If you have one person giving a lot of money to an organisation, that person might be tempted to use their influence to change the direction of said organisation.
If you have millions of people giving a small amount of money, chances are the organisation will try to preserve the users' best interest.
Now I get it that the person who gave a lot of money also happen to be the interim CEO, but you gotta start somewhere.
Hearing about Wikipedia's deceptive fundraising messaging [0] made me question all donations to large non-profits -- but I guess a 30-people org is a different matter. Plus, Signal doesn't seem to be aggressive about it.
When the WMF announced the creation of an endowment with the Tides Foundation in January 2016, on Wikipedia’s 15th birthday, its goal was to accumulate $100 million over 10 years, as “a permanent source of funding to ensure Wikipedia thrives for generations to come.”
Just five years later, the endowment passed $90 million, and the $100 million mark, now described as an “initial goal,” will be reached this year.
What you're quoting is InfluenceWatch's description of the Tides Foundation, not their description of themselves. Their own description (from their About page) is "Tides is a philanthropic partner and nonprofit accelerator dedicated to building a world of shared prosperity and social justice."
IANAL but declaring a political leaning is not the same as supporting a candidate for public office. Many, many political 527s have an associated 501(c)3 or (c)4 to handle donations for their charitable work, like the obviously left-leaning MoveOn.org.
I forget the precise rules on political activity, but when the IRS investigated what was (blatent, IIRC) violations of it by right-wing organizations several years ago, the right and GOP pointed their propaganda cannons at the IRS and its head, a non-partisan public servant, making it clear that such rules were not to be enforced (and the rule of law is inferior to the GOP).
This is extremely interesting, and explains my experiences with the obvious shift in moderation to an Americanised left-leaning perspective. It has been quite jarring to see something I had so much trust in undermined by America's identity war.
Take the large number of science articles that have become politicized. Next, please name a couple of them that don't support the left side of the argument.
If there are a large number of these articles post a few examples. Posting articles where "the left side" and the scientific consensus happen to align is cheating of course. There are a lot of those.
There is research to support all kinds of propositions regarding the vaccine's efficacy and safety. Of topical consideration is its efficacy in reduction of transmission. The article has been scrubbed (and all updates are being removed) which cite the current research that the vaccine is less effective at reducing transmission against more recent strains of covid-19; and especially compared with typical live-attenuated and inactivated vaccines.
Further, all citations have been scrubbed (and all updates are being removed) which explain that mask efficacy in reducing transmission for children is questionable at best, and also demonstrably harmful.
Further, all citations have been scrubbed (and all updates are being removed) which explain that vaccine efficacy wanes rather quickly compared with typical live-attenuated and inactivated vaccines.
Further, all mention of "natural immunity" has been scrubbed (and future updates are being removed) discussing the reality that those who have already recovered from covid-19 possess natural immunity to the virus which is at least as effective as vaccines.
These are all relevant and credible citations to an article discussing many aspects of the virus, yet they are being actively removed.
I feel the need to postface my comments with the disclaimer that I love vaccines and have three covid-19 vaccines already, and am prepared to receive more. My comments are purely to provide a relevant and factual example to support OP's premise that there is some form of bias present in moderation of Wikipedia now. This bias is extremely difficult to quantify and qualify because there are millions of layers of bureaucracy built into Wikipedia's moderation system. It is almost ungovernable now, and those who have attained sufficient power and coordination can and do use that power to affect bias.
If by "the left" and "the right", you're thinking of US political definitions, please name a couple of politicized scientific disputes where the right-wing side of a scientific argument has merit.
I can think of one family of scientific subjects where the "progressive" side is almost as unscientific as the "conservative" side, and a particular case[0] where the "progressive" agenda was loudly denying the scientific state of the art.
But I cannot think of any cases where the "conservative" side had actively better scientific grounding. But that, of course, is probably due to my bias, my thought bubble, etc. So please, if you can rise to the standard you're setting, I'd like to learn about it. (If nothing else, almost all of my friends and family are left of me, and it's nice to be able to reality-check them, when social mores permit.)
[0] I'd provide my example, but I'm sufficiently afraid of progressive culture to not want to discuss the particular case under my own name. But I checked WP on the subject, and while it's not incredibly detailed either way, I don't think it supports the progressive side of the case w.r.t. the science. (In my assessment, the alleged progressives were wrong about the science in this particular case, although they may have been right about everything else, I dunno.)
There is the left narrative, and then there is everyone else.
The classic example is CAGW. If I know a person's position on that, I find I can predict their position on most any other contentious issue.
The average people on the street have plenty of received opinions that they are happy to share, but know little about the actual science relevant to them.
But, we were discussing Wikipedia science articles. The issue with Wikipedia is what is permitted to be said on some science pages, and what is quickly reverted.
Everyone is political. Good scientists (and good encyclopedists) ought to try hard to suppress that.
>The classic example is CAGW. If I know a person's position on that, I find I can predict their position on most any other contentious issue.
In case anyone was curious, it seems to stand for "catastrophic anthropogenic global warming" [0] (or Citizens Against Government Waste, which seems an equally stark signifier of the invoker's political position -- who better to exemplify "waste, fraud, abuse, and mismanagement in government" than, uh, Bernie Sanders?!).
"CAGW", for "catastrophic anthropogenic global warming", is a snarl word (or snarl acronym) that global warming denialists use for the established science of climate change. A Google Scholar search indicates that the term is never used in the scientific literature on climate[104][105] except in reference to denialist tactics.[106]
Ok, I can guess your positions on the issues now ;)
It’s not a “snarl” word. It’s an acronym which is used because the whole fully qualified set of words is too long.
All four words are necessary to state what’s being discussed. Anything less is trying to deflect the debate.
Working backwards, Warming: it’s a rare scientist that thinks the world isn’t warming. We are still coming out of the last ice age. Fifteen thousand years ago, there was ice a mile thick where I’m sitting. We are also coming out of the Little Ice Age. A couple of centuries ago, you could walk from Manhattan to Staten Island on the ice in the winter.
Global: local climate change happens all the time. No one disputes that. The discussion is about global climate change.
Anthropogenic: significantly caused by humans, specifically by emitting excessive CO2. This is theoretical, because by itself, CO2 can’t account for the projected warming. There must be a feedback to the real greenhouse gas, water vapor.
Catastrophic: The amount of warming is going to alter the global climate to the point that the Earth’s ecology and human civilization will be seriously affected.
The last two points are in scientific dispute. The computer models, which have many knobs, predict a bad outcome.
Historic satellite measurements of the global tropospheric temperature show that nothing unusual is happening. The increase is 0.14 C per decade.
It appears to me that the CAGW hypothesis is disproved.
Global climate change is a topic for some very interesting science. The solar system's position in the galaxy, for example. Or, the effect of the sun on the intensity of galactic cosmic rays.
The climate models can't address even recent pre-industrial global changes.
A "snarl word" is a neologism for the age-old practice of the creation of derogatory labels by people who are trying to dismiss things without the listener realizing they don't have good cause.
>The last two points are in scientific dispute
I don't think that's true. I think that a casual google will show that climatology is actually in overwhelming agreement that human activities are driving climate change, and here's one I did earlier [0]. To the reader: this is a testable hypothesis!
>It appears to me that the CAGW hypothesis is disproved
Argument by personal incredulity isn't always a fallacy. Sometimes, smart people are intuitive and well-informed enough to jump directly to conclusions without needing to cover the intervening intellectual distance. Maybe this is happening here, and I'm just not an exceptional person, but if I were you I'd consider wondering why the likes of Dr Roy Spencer and I couldn't turn our ability to outthink entire scientific disciplines to a more profitable end.
The issue is that stupidly oversimplified models from 40+ years ago have been borne out, sourced from both capitalist and Soviet science [1][3]. By all means, there are many, many inputs into the grand planetary system, but the inconvenient truth, if you will, is that atmospheric CO2 increases seem to track with temperature increases, in both modeling and the historical record. I think, by "many knobs", that you're trying to suggest there are many variables that can be tweaked -- nope! It's actually very straightforward. Are there complex, "more realistic" climate models that produce unorthodox results when their knobs are twiddled? Probably! But for every one of those you fixate on, remember that there is one big, simple one that continues to track with the thing we're trying to measure: observable reality. Bald-faced denial of observable reality is a pretty good signifier that some aspect of science has been politicized, whether in a Wikipedia article or in a congressional hearing.
You've made a lot of claims, but haven't really backed any of them up, or even explained them; "CAGW" is pretty clearly a snarl word.
A relevant example of this is COVID. It became politicized, with [some of] the left taking the "we must vaccinate all infants and become hermits indefinitely or everyone will die" position and [some of] the right taking the "vaccines are harmful and useless and the virus is just a cold" position.
Neither of these positions is The Truth, as usual, but the result is that some of the things the right has been saying have been accurate but previously disparaged. For example, the difference between dying of COVID and dying with COVID, or accurately pointing out that the large majority of fatalities have been people with comorbidities.
This is literally an irrelevant example because it's not related to Wikipedia. New, evolving science (especially as it intersects with many governments' policies) is always going to be wrong to some degree.
> This is literally an irrelevant example because it's not related to Wikipedia.
rel·e·vant
/ˈreləvənt/
closely connected or appropriate to what is being done or considered.
appropriate to the current time, period, or circumstances; of contemporary interest.
> New, evolving science (especially as it intersects with many governments' policies) is always going to be wrong to some degree.
Now this is an irrelevant criticism. Nobody asked for an example that isn't in dispute.
New, evolving science is the thing you would expect there to be the most political disputes over because the uncertainty causes people to believe whatever most benefits their coalition.
For me I stopped using Signal when they started permanently storing sensitive user data in the cloud, they were extremely unclear about doing it confusing many of their users, they ignored the objections and security concerns of their users who realized what they were doing and they never updated their privacy policy to reflect that information (and still haven't). For an app that insists that you be able to trust it, they just did not come off as remotely trustworthy.
Signal then announced that because of all the hate they'll make the feature optional, but opting out would just set a pin for you and upload your data anyway. This also caused a bunch of confusion.
It's worth pointing out that they're collecting the type of data they still brag about not being able to turn over because they "don't keep user data".
Between that and not updating their privacy policy it's a pretty massive red flag, but so many people don't even know about the data collection. Look at the answers this guy gets:
It's insane, and I hope every user who has to learn what signal is really collecting from some random internet comment thinks long and hard about what that says about how transparent and trustworthy signal is.
This feels more interesting than most cryptocurrency uses. One thing a cryptocurrency can be is an open protocol for payments - it makes sense to try and make one into such a protocol. The privacy preserving aspects of MobileCoin are interesting and feel like they fit with Signal too.
I am ridiculously negative on all things "crypto", but person-to-person payments (in fiat) are currently pretty annoying and limited (at least in the US, even with things like Venmo and Zelle), and integrating private payments with a privacy-preserving messenger would seem to be a good thing. I don't know if MobileCoin is the best solution here, but I also don't see Signal starting partnerships with big traditional banks or payment processors, either (and wouldn't really want to see Signal in bed with those sorts of folks). So something like this might be the right move, even though I'm unlikely to use it myself.
> and wouldn't really want to see Signal in bed with those sorts of folks
Why?
This has been ongoingly why we have bad encryption technology. No one wants to taint their ideological purity by trying to solve problems for organizations that can pay for them which would actually solve problems for private citizens, and simultaneously ensures that good technology doesn't secure important social interactions for private citizens.
Why should I not be able to verify I'm talking to my bank through Signal? Why can't I have messages from my local government secured to me via Signal?
It's a 2-sided problem, and one side is this bizarre rejection of any attempt at enterprise marketing for a platform with enterprise utility.
Because we all saw where it leads with Google/FB. They might start by just doing the simple things you proposed. But once a government or bank is a customer, they would be the largest/most powerful customers by far. Meaning Signal would begin to bend to doing what those customers want, maybe collecting analytics or personal information, or selling your contact data to advertisers. Maybe one of those banks donates money to Signal and wants favors in return.
The biggest customers of a company inevitably shape the incentives and behavior's within that company. easy to dismiss as a "slippery slope fallacy" but it's historically true. No one who's using Signal to get away from the shitty enterprises that built/own FB Messenger wants a repeat of the same thing. Even if you don't agree, many Signal users probably do, and it would be silly for Signal to piss off their customers.
IIRC the privacy aspect relies entirely on Intel SGX (Which isn't really unprecedented for Signal) which is not ideal. Since it's centralized anyway, I would rather have seen a blind-signature based payment system. It would be more private and probably more efficient.
From what I remember reading, without SGX it is reliant on an older model of Monero that is missing a critical newer mitigation that prevents people from decloaking upwards of 80% of transactions due to a timing bias in how older transactions are selected for including in the ring signature.
Do you have reason to believe MobileCoin scales any better than any other open blockchain protocol? I doubt it.
Also, payments with free floating crypto like MobileCoin and bitcoin really isn't practical in most of the western world, due to the requirements of capital gains tax reporting, not to mention the instability of the price.
That’s right and I stopped using Signal for that reason. Tax authorities have every right to look into any account that facilitates transactions in taxable assets (even just to confirm that no transactions have taken place)
I have nothing in principle against crypto currencies and I am very much in favour of strong privacy for personal communication, but mixing the two is obviously contradictory. It completely defeats the purpose of Signal.
> Are they still doing the crypto scheme? I stopped donating when that started, but would be more than happy to pick it back up if they reversed course.
Yes it seems they are still doing the MobileCoin thing. I'm against cryptocurrencies, blockchain, NFTs, etc also, but nothing is forcing me to use it. I'd be curious to read some case studies or blog posts about how it is being used. For example, are people using it to pay for milk in rural India, send money to family in Myanmar, split dinner bills in New York?
Regarding donations, I would be happy to donate, but it would be great to see some financial reports. Other initiatives like Software in the Public Interest (SPI) and the OpenStreetMap Foundation publish yearly reports, which makes it easy to see how the projects spend their money, how much cash they have in the bank, etc. Pardon me, but I don't want to donate to Signal if they still have $50 million in the bank, or if their CEO is taking home a huge salary, or if they spend the money on fuse-ball tables. ;)
I'm not sure. I'm a bit torn on that. If they can sustain themselves though some method, that's good, but I would rather that method be aligned fairly closely with their initial goals of security and privacy, which crypto pays good lip service to but it's always the best at achieving, given public ledgers.
I guess I'm just worried about perverting what makes it a good messaging client, and would rather they get money from people that support that cause so they aren't as tempted to chase some other path because the alternative is to shutter.
That said, that can happen even if they can sustain themselves through donations if the management/board decide to do so. Just have to hope it stays the course.
I did the same thing. I had setup a monthly donation to Signal several months before the crypto announcement. When I heard about the crypto thing I cancelled my monthly donation.
Oh wow, I read the post and thought congrats Moxie, job indeed done. We are still not there, so a lot of empathy for the feelings behind that :)
... Except if it is donations and esp. Brian Acton's, or even say Firefox with most of their money being one Google or Bing search bar deal... the sustainable business isn't there yet. A replacement CEO can be good just for that. Marlin as a CEO found amazing product/user fit, and as a tech leader, hired enough and built enough for a great dev culture. But there is no sustainable product/customer fit yet, esp if they view the user as not the established product: the market isn't paying. A CEO focused on solving that would be quite healthy for achieving sustainability! Hopefully Brian and his successor will have more room now to figure that out, it's not easy, esp given their privacy mission!
(And still congrats and a lot of respect to Moxie for building something people want & helps security, and growing a team to deliver it, and everyone else for pushing into the next phase!)
Was it an overreaction? I don't think so. I feel dumb stuff like this, massive conflicts of interest, happens too often these days, and I'm voting with my wallet.
The Signal Foundation is in Benevity, which powers lots and lots of corporate gift matching. I give a yearly matched donation each december as I try to reach the max matching for my company.
Thanks for pointing this out, I had no idea it existed. Uggg I just made some donations last week which look like they could have benefitted from this.
For my company at least there's a very easy interface for declaring donations for matching post hoc; sometimes it asks for a receipt. Totally fine to use it in January, too; it's a head start on this year's donation goal...
I too took to donating through the app so that I could get the icon. My donations continue through their website, but it's also important to spread the word to folks like you that Signal needs funding to continue its mission!
I just went to donate but at least on Calyx, I do not have Google Pay installed. I just checked their blog post and they will add other payment methods in the future so I hope I can become a sustainer too.
They are planning to integrate their own sketchy crypto-coin, I think they will get money from that. Although not sure how is that going, haven’t heard about MobileCoin for months now
Personal privacy for commerce is great, but for money laundering I'd compare that to paying for political influence in the way that it mixes up speech and money in a bad way.
And yet, both kinds of privacy depend on the same freedom-of-technology. If you give up your privacy-of-commerce based on fears of 'money laundering', your privacy-for-speech is probably already dead.
100% agree with you here! Privacy is privacy, it doesn't matter what the activity is. Most money today is just digital information, no different than that text message being sent. It seems impossible to allow complete privacy when sending one type of digital information but not another.
I could send someone the recovery keys for a bitcoin wallet and launder money via any messaging service. If we need to regulate that then privacy goes out the window, you'd have to know what the content of my message was to know if it was allowed.
I consider entropy a troublesome thing. I wish it could be reversed. But, the universe is how it is. Privacy is general-purpose, and the things you can do with it resistant to unbundling.
I just hope that moxie's replacement is someone with as strong a reputation for fighting for the principles at stake and the ability to defend them. How many people could have written the Cellebrite blog post? Probably not many. The hidden pressures on Signal staff must be enormous, as likely the the world's single most valuable surveillance target.
Adding MobileCoin to Signal really changed my perceptions about just how principled the Signal foundation really is. I have a lot of respect for much of Moxie’s work, but the MobileCoin thing is still a head-scratcher.
Why so? Moxie helped design MobileCoin. Besides, his recent post on web3 lays it bare what he thinks of it.
MobileCoin, in time, I hope grows up to be a credible alternative to Facebook's USDP (Diem), like how Signal is to WhatsApp. I don't think its inclusion a head-scratcher at all. If anything, I hope it serves its purpose well, and isn't unfairly regulated to oblivion.
I got the impression that his web3 post [0] only talks about token incentives, DAOs and other decentralisation for decentralisation's sake. There's no mention of MobileCoin, which I gather he just sees as tool to facilitate anonymous payments (it's a token on top of Stellar).
You're right, sorry I have misread this then. According to Wikipedia, MobileCoin uses its own blockchain based on mechanics from Stellar and Monero [0]. That also makes a lot more sense technically, and explains the supposed 4 years of development [1].
I balk at any mention of crypto as a rule (since the landscape is so saturated with hucksters) but I have to assume it is to provide a functionality similar to WhatsApp Pay, Venmo and whatever WeChat has.
Those in app type payments are a huge part of message app usage in some parts of the world where I am sure Signal would like to increase uptake.
Mobilecoin is a quasi-security and not a stablecoin. The price went 5X in the days before Signal announced that they have built MobileCoin integration (in secret).
In a way, crypto has given non-profits a way to take profits out to personal accounts.
I hate most of the cryptocurrency-bs, but mobilecoin seems to have been designed carefully to avoid most of the objectional aspects of blockchain stuff.
He sold an earlier company to Twitter, pretty sure he already is "rich" (most of us here are, comparatively).
I'd like to think about Moxie as the most honourable person in all of this. Leaving the CEO role could be a sign that he doesn't agree with everything that's going on.
I'm also very skeptical of all things crypto but you did mention principles and I think there is an angle of mobile coin that is clearly ideological and very much fits into Moxie's reputation.
That is to take the transfer of money away from old and large institutions.
The lure if getting rich by creating your own money is irresistible and thus corrosive. Even the most principled person will have difficulty ferreting out all the wats it undermines that integrity.
Meanwhile bitcoin serves that same purpose and much mire efficiently with lightning.
> I just hope that moxie's replacement is someone with as strong a reputation for fighting for the principles at stake and the ability to defend them
Yes, and who has a better reputation for fighting for principles than Brian Acton, one of the guys who made Whatsapp and subsequently sold it to the most morally correct company in the world: Facebook.
Acton has had an interesting road since selling WhatsApp to Facebook. That includes leaving Facebook with $850 million USD in shares on the table for leaving early and telling people to delete their Facebook accounts. Looking at what he's done tells the story of someone who learned many lessons since he sold WhatsApp.
> That includes leaving Facebook with $850 million USD in shares on the table for leaving early and telling people to delete their Facebook accounts.
Honestly this action was one of the things that really made me like Acton. It was more than words. Granted, he already had a few billion dollars at that point -- and I'm under the opinion that $2bn isn't much different from $1bn (except bragging rights) (current work 2.8bn[0]) -- but it shows that money isn't his (only) motivating factor. It is also pretty hard to tell people to leave something you built.
i wonder if Acton figured that WhatsApp might lose to competitors and privacy-focused people would migrate to a new app anyways, and he could do more good with almost $1 billion.
There are two types of people in the world: those who sell their start ups for 16 billion, and those that dont have startups people are willing to pay 16 billion for.
I am very doubtful that very many people here would turn down that sort of money if given the opportunity. Its very easy to wax poetic about virtue when nobody is trying to tempt you.
> I am very doubtful that very many people here would turn down that sort of money if given the opportunity. Its very easy to wax poetic about virtue when nobody is trying to tempt you.
Indeed, not a lot of people would be able to turn that down. Moxie? That's one of them, that I like to believe they would though.
I mean, he walked away from $800 million in Facebook stock because his belief in privacy wouldn't allow him to continue working on WhatsApp, post-acquisition. I think that speaks louder than selling WhatsApp in the first place.
What he's been trying to do can also be interpreted as spending a few tens of millions here and there to generate PR with the goal of whitewashing his treachery when he sold out his WhatsApp userbase to Zuck and the most privacy invasive company on the planet...
I'm reminded of the old gag:
Would you sleep with me for a million dollars?
Yes, of course!
Would you sleep with me for one dollar?
What kind of woman do you think I am?
We've already established that, now we're just haggling over the price.
Acton already whored himself out to Zuck for $19billion. We've established what kind of person he is.
It would be awfully hard to turn down nineteen billion dollars for the sale. The social ills caused by Facebook were also a little less undeniable in 2014.
Since the sale he has criticized the hell out of Facebook, too.
Sure, he isn't a martyr. But there are way way way worse behaviors in the valley.
This is my biggest concern. Hopefully the replacement will truly care about user privacy and have the balls to fight for it, even if it means going up against large (governmental) organizations.
I've been a user and evangelizer of Signal (aka TextSecure and even RedPhone when the audio piece was split off as a separate app) for a very long time now. I admire the work that Moxie and the entire team have put in over all these years. Thank you all so much for the great work, whether it be writing blog posts rebutting the "I have nothing to hide" people or implementing open and secure-by-default protocols and apps that put privacy within reach of even the least technically-savvy among us!
I hope the next adventure is as fruitful as this one was Moxie. Cheers!
> In early 2018, Acton and Marlinspike announced the formation of the Signal Foundation, a nonprofit. Acton, the foundation’s chairman and sole member, seeded it with a no-interest, fifty-million-dollar loan.
additionally from Wikipedia:
> By the end of 2018, the loan had increased to $105,000,400, which is due to be repaid on February 28, 2068. The loan is unsecured and at 0% interest.
Just invent an awesome and innovative set of cryptographic protocols, make an incredibly usable set of secure communications tools with them, and agree to give them away for free to the world. Hopefully you will be blessed in return with the same kind of support that Moxie was!
It also helps if you can find someone with $16 billion of Facebooks blood money burning a hole in their conscience. And a hundred mil or so that'd fallen behind the couch cushions they can throw your way as a PR stunt or reputation management exercise...
I get your skepticism, but on the other hand I don't see the Jan Koums of the world throwing their money away, even if for PR. Acton is walking the talk, and it looks like his presence has meant some ex WhatsApp engs have joined him at Signal, too. What more could this man do?
Which is why it is extremely important to have a solid 'business'model behind your FLOSS project.
To align sustained development and ongoing maintainance with a FLOS licence model.
Because the alternative is to have volunteers spending their evenings and weekends on hobby projects that sometimes grow way over their hobbyish status. Which is both scary and sad.
I see the terms as a donation or grant. The money still is a loan (vs a grant), but the terms are well below "market" in order to support the non-profit's cause.
My guess was that it is a way of keeping the organization from failing the public support test (https://www.irs.gov/charities-non-profits/exempt-organizatio...), which generally requires that at least 1/3 of the organization's support comes from the general public, not from, eg, one individual donor. Failing the public support test would make the foundation a private foundation instead of a public charity, which would change a number of regulations and have a small (usually 2%) on investment income.
What's particularly odd is that, if they were they a private foundation, as Acton is a board member (who also appears to have sole power to determine board members), I think the loan itself would be a prohibited act of self-dealing.
Might have also been an attempt to appear less of a target for that breed of self-serving administrators that seem to haunt certain other foundations in tech. And to keep reasonably humble people reasonably humble.
The mobile coin pumpup powered by the nonprofit Signal Foundation was weird.
They got the coin up to $60 from something like $3.
This starts to be another hustle (and with the money folks can make exploiting a nonprofit in this way no surprise really).
Normally the nonprofit would own the asset it is improving in this situation or get a BIG cut of the upside for leveraging an asset like the Signal network (just as any crypto coin company would).
In this case it all seemed very very shady.
My guess is someone wants to cash out somewhere on using the nonprofit to pump things up perhaps? I'd pay attention to what they are doing in the crypto space recently to see if there are any correlated activities
One of the men listed on there was the subject of a wild gossip thread that had to be deleted here recently. One is the MobileCoin CEO. The other is dead.
Thank you Moxie for all your hard work, commitment and mission driven leadership to get Signal where it is today. I have many friends and family living across the world and I was able to replace WhatsApp with Signal and got out of FB ecosystem and really enjoying the peace of mind that comes with Signal’s privacy and non-tracking for my communication needs. A big thank you indeed.
There is a cli version. Is that not stable enough?
I imagine at Signal this is not decided based on the whim of a CEO, but on how to implement it secure,privacy friendly and free enough. E.g. if you havd to upload your private keys to some bot service, that may work but is terrible. Or if the service can easily bd flooded with bots spamming us. Or if the security model requires some apple alike central checking comittee. And so on.
This all seems like good stuff, but as someone who used to work with Moxie, I think the obvious should be stated: the only reason for an interim CEO is to move out of the role immediately. He could just as easily have stayed in the role while he hunted for a successor.
I'm curious why he wants to vacate post haste, but I'm used to not having my curiosity satisfied when it comes to Moxie. :)
>I will continue to remain on the Signal board, committed to helping manifest Signal’s mission from that role, and I will be transitioning out as CEO over the next month in order to focus on the candidate search. Brian Acton, who is also on the Signal Foundation board, has volunteered to serve as interim CEO during the search period. I have every confidence in his commitment to the mission and ability to facilitate the team for this time.
Signal has already changed history in a way. The past few years, as trust in a certain type of ethically challenged tech company has come crashing down it was vitally important to have a tangible example of a working, usable alternative.
Important for users, but also important for policy makers and other people in high places that are typically tech-illiterate and may assume that trillion dollar valuation implies TINA (there is no alternative).
Moxie and that tiny group of developers @ signal have been granted a moment of extreme leverage and they made great use of it.
If you get good value out of Signal and you can afford 5, 10 or 20 bucks a month get that auto-donate signed up. I can't think of a more cost effective way to directly contribute to practical privacy.
Will Apple still able to get the 30% cut if I do using in app payment? Any idea? Does it make more sense to sign up for monthly donation via web to get more money donated to Signal vs not getting a badge?
Is it different? I just did it via app without a second thought.
If you only get the badge via app I think it's better even if a chunk is taken by the app store, because then people ask "wtf is that heart thing?" and then I can tell certain contacts what it is get them to do it too.
If you are using In-App Purchase then yes, for almost whatever it is (I think they might have at least a couple special deals with major publishing companies... not Signal ;P) you are "donating" 30% of your money to Apple.
I'm sure you don't remember this story, but I remember years ago (2011?) having a drink with you and Stuart while we were working out of I/O Ventures. I was talking about buying a cheap sail boat and you very calmly told me that the ocean will kill me. That it was always trying to kill me.
Anyway, I think about that conversation nearly every time I'm in or on the water and it's definitely kept me alive.
I used to race/rally $500 cars and had mentioned we had planned to do something similar with boats in the Caribbean and Moxie looked like I slapped his mother. Moxie and Stuart are arguably some of the kindest and smartest people I've crossed paths with in SF.
Hopefully remains as interim. I'm still suspicious based on previous experience with him selling Whatsapp to Facebook and all that. Actually, very surprising move, are they planning to sell Signal?
The only reason Whatsapp was bidded up to an insane 19 Billion sale value was because Acton did not want to sell. Note that it's not insane in terms of value (in hindsight this was clearly a good buy for FB), but insane when considering that value for your small 30 person company.
That's a crazy sale price, I'd like to see you turn it down.
It can be true that he didn't want to sell and regrets it and just couldn't reject that offer, the opportunity costs available to you at the level are nuts. This is a risk with centralized services, it's why we need systems that don't require benevolence: https://zalberico.com/essay/2020/07/14/the-serfs-of-facebook...
Most people don't have principles valued at 19B.
I think Urbit is a potential way to get there, but a lot of the web3 ownership model points in this direction.
That said, I think Matrix is cool and appreciate what they're trying to do. I just think without solving the upstream problems you won't be able to succeed beyond a niche audience.
For all its flaws in Facebook integration, WhatApp is the single most impactful system ever in getting people to use secure communication. 1B+ people started using end-to-end encrypted communications overnight when WhatsApp enabled e2ee. This move pushed the entire industry towards adoption of e2ee.
Yes, they sold to Facebook. Yes, Facebook is doing everything it can to get the contents of WhatsApp communications so they can monetize. But it is impossible to not see the change they made on the landscape of communication privacy.
From my perspective, it's also remarkable that WhatsApp managed to enable e2e while already being owned by facebook. It probably won't last, but to me that demonstrates a commitment to security and privacy on the part of the WhatsApp team.
That's an important part of getting step 3 to happen.
You need proof of regret, and $800 million seems to have been enough. Cheap money if you can make step 4 happen such that it nets more than 0.8 billion.
They incorporated Signal as a nonprofit, so it is illegal for anybody to personally profit from the sale of Signal. Of course, that hasn't always stopped people from trying (eg, the recent debacle with the .org tld).
Given that Brian Acton apparently "left over a dispute with Facebook regarding monetization of WhatsApp, and voluntarily left $850 million in unvested options on the table by leaving a few months before vesting was completed"[0] and that he went on to found the Signal Foundation one year later with Moxie Marlinspike in 2018, I feel it's not a super clear signal that Acton or Marlinspike are trying to "sell" Signal.
Okay, but still. It seems like a stretch that the guy is secretly evil but voluntarily gave up almost $1 billion to deceptively prove he's not actually a bad guy. You can claim to be a good guy and wait a few months to cash out - leaving money on the table IS a real signal, even if he's already rich.
Depends on if he actually left money on the table or if he speculated that there would be more money coming to him if he publicly left FB when he did.
Social/public good will is a kind of money itself that can't easily be measured in dollars. That's a big part of the reason extremely wealthy people engage in philanthropy.
Good will is a currency that opens some doors that no amount of raw dollars can open.
I can't imagine they intend to sell Signal but then when I say "they" it's always been a stand in for Marlinspike. We can only hope he's correct in terms of the team he's built continuing the mission that had formerly been guided by his judgment.
The WhatsApp sale also happened back in 2014. I don't think FB was especially well liked at that time, but they didn't have as bad a reputation as they do now. 7-8 years is a long time.
I remember WhatsApp touting the fact that they charge a $1/year subscription to be evidence that they will not sell out data about your use of the app and your contacts, presumably as a contrast to the chat apps offered by Facebook, Google, Microsoft, and others wanting to sling ads.
Obviously, the offer from FB was worth selling out for.
Signal is the purely the best messenger we have so far, I remember OpenWhisper Systems RedPhone and TextSecure and how much it evolved since then. It pushed and helped other messengers to roll e2ee too.
PS. On Twitter Moxie mentioned that Usernames and e2ee Statuses are coming soon -- last missing pieces IMO, what a legend, huge respect and thanks for changing the industry Moxie!
I think Moxie is right, federation will lead back to recentralized services (for the reasons Moxie outlines in his recent Web3 post). People don't want to run their own servers. In that world you'll have federated services that are mostly centralized with a much worse user experience than centralized competition. Signal's real competition isn't Matrix, it's FB messenger, Whatsapp, and iMessage.
The incentive failures are actually upstream from the application layer of the web. Running a linux server is too hard, spam and auth are issues with the current tech stack, dependencies are a mess of complexity and federated systems built on the current stack can't really solve these issues so end up recentralizing to sysadmins that do (at best). This is the reason I started working on Urbit, I think to fix this for real you have to fix problems farther up the stack.
Given the current landscape, Signal is the best available option imo for most people. Hopefully if Urbit succeeds we can have the federated system we want with UX that's actually competitive.
The "problem" of federated systems is that it dilutes power across businesses and does not allow any single entity to control the ecosystem. This is a good thing, except that it makes it harder to fight head-to-head with trillion dollar companies that use messaging platforms as loss leaders.
Thing is, Signal has the exact same issue: the top post of this thread is about how people are feeling compelled to donate to Signal so that it does not rely on one kind benefactor. If people want to donate to Signal, why not donate/hedge a bit by donating to Matrix or to the Conversations (the best XMPP client) developers?
> Signal is the best available option imo for most people.
Signal is still centralized. It is "open source" only in name, as the client code was constantly out-of-date and it is basically impossible to fork it or run your own server. It has a very poor record cross-client vulnerabilities and it forces everyone to be dependent on the security of their smartphones. How many times do we have to re-learn not to put all of our eggs in the same basket?
We agree on the issues, but don't agree on the solution.
I don't think Matrix will be able to compete. I think Signal is the best available option today for most people, but the risks you outline are real. I think Urbit is our best shot at a better future.
Matrix is already competing. It's just taking a different strategy (going after governmental institutions and enterprises) than the one you'd like. The fact that Element is going after a market with a very long deployment/usage cycle makes me believe that Matrix has a lot more staying power than Signal.
Signal is nice, but it all it takes is one catastrophic bug - or one Government pushing to break it, or some good amount of years with lots of developers on payroll without any real revenue - away from disappearing or selling out.
> I think Urbit is our best shot at a better future.
No. The problem to "fix" is not a technological one. It's socio-economical. When (if?) individuals and SMBs learn TANSTAAFL, we´ll be able to have a diverse/healthy (and cheap) industry of professional service providers.
Maybe we should first establish what's your idea of "winning"?
Because my idea of "winning" is one where there is no central entity controlling what should be basic infrastructure. My idea of winning is one where we have more options and that we can hedge one player against the other.
I don't (necessarily) want Matrix to grow to a point where it goes unchallenged. I want it to grow enough to the point where none of the other players has a clear upper hand.
I use Matrix already to talk with my immediate family, a good amount of my friends also managed to install it. Does this mean that I got to use Matrix exclusively? No, far from it. But I do have the option, and in the past when there were issues with WhatsApp and Signal, a lot of my friends were glad that all my nagging gave them an alternative.
"Bad UI", "complex onboarding", "technical issues"... those are all things that are easy to fix compared with the "issue" of having a oligarchy controlling all of the communication platforms of the Western Hemisphere and then China trying to encroach in.
I guess my idea of winning is like the web vs. gopher. I want the good, federated protocol to become the default. I want my friends to be using it not because I have to nag them to, but because it's just objectively a better experience. The federated nature of the thing being invisible and irrelevant to them.
I think today that's impossible - not because of issues related to Matrix, but because of deeper problems with our computing stack and the web. Federated systems can't match the UX of centralized ones and when they come close its often because they've recentralized anyway.
I think we agree more than we disagree probably. I just see Signal as good given the current tradeoffs.
The fundamental issue is that I don't see how we can define what is a "objectively better experience", not for any sufficiently large group of people with different values and priorities.
Any attempt at establishing these comes through some central planning which leads at best to some cookie-cutter "one-size-fits-all" Apple-esque design that while functional, it's just a local maxima that destroys any kind of creativity and makes everything uniform and bland.
> Federated systems can't match the UX of centralized ones and when they come close its often because they've recentralized anyway.
I think it is easier to see it as an issue with the amount of resources that the big companies have vs the "underdogs".
If Element had the same amount of resources as Facebook, it wouldn't be hard for them to say "we will build a client that is just like WhatsApp for those that think that WhatsApp is the benchmark. For those that want something like Discord, we will build another client. And those that want to use Matrix to replace Slack will get another client that does exactly the same".
It does not matter if it is federated or centralized, what matters is that Element does not have those resources, so they can not develop as fast as their competitors and then are seen as "lagging".
I prefer the Element UX especially since I can actually use it for WhatsApp/Telegram which I still use heavily, there are a lot of people/businesses/governments backing on Matrix, Signal is just another app that is controlled by the US government and I don't see much privacy there in the long term... Yes it will be recentralized but not completely, how come E-Mail did so good?
You may personally prefer it just as some niche audience still personally prefers to run their own email server, but your grandma will never prefer it or use it and neither will 90% of the public.
Email is an example of this class of failure. Almost everyone uses a centralized provider (mostly Google) and even if you do go through the effort to run your own server since nearly everyone you interact with is using gmail it's mostly pointless anyway.
Signal is not controlled by the USG (see recent doc about what metadata they have access to via Signal). I ran a Matrix server for a while, the UX around setting up encryption is bad (not for lack of trying, it's just a hard problem given the constraints). Most people just use the Matrix.org server and will never run their own (which is the recentralization risk I'm talking about) - at best you'll have a couple providers, and dealing with spam is still a problem. You'll also have a system that adapts slowly because it's harder to make changes to this kind of system, it'll always be worse.
To escape the incentives that lead back to recentralization and to create a federated system that isn't just another niche nerd hobby, you really have to think about the issues that lead back to centralization from first principles. I think Urbit's design and the tradeoffs they make do this.
> You may personally prefer it just as some niche audience still personally prefers to run their own email server.
No. This is a false dichotomy. There is a very healthy market for email service providers. Basically every domain registrar runs one, a good amount of ISPs... there can be a cottage industry for service providers.
> Almost everyone uses a centralized provider
Because the large companies make it free to try to make their money by either exploiting the data or by using the email service as a loss leader. Signal can not do either, so they will have to rely on some other revenue stream, or they will end up like Mozilla.
> You may personally prefer it just as some niche audience still personally prefers to run their own email server, but your grandma will never prefer it or use it and neither will 90% of the public.
I think this is just not true, my grandmother would use whatever I tell her to use she doesn't care if Signal has "better UI" according to some people. The reason in my opinion why people don't use Element or other Matrix clients yet is because people aren't aware of them. Signal has a billionaire behind them and that means they advertise the shit out of Signal.
> Email is an example of this class of failure. Almost everyone uses a centralized provider (mostly Google) and even if you do go through the effort to run your own server since nearly everyone you interact with is using gmail it's mostly pointless anyway.
Why can't Moxie and Signal just run a Matrix server and offer this service to people? Your point seems to be - we lost the fight already so there's nothing to do. I think there's a lot to do and Google/Facebook/Apple have not yet won. Even if they have most people at least the people who really care have the opportunity to stay private AND free. Many people still use Hotmail, Yahoo, university accounts, business accounts, privacy concerned providers, government accounts and even famous country specific providers. Gmail is the most used one but it's by far not the only one and the way to fight that is not by giving up on a free world.
> Signal is not controlled by the USG (see recent doc about what metadata they have access to via Signal).
Signal is a company registered in the USA they will have to abide the US law when push comes to shove, so this is not a long term solution.
> I ran a Matrix server for a while, the UX around setting up encryption is bad (not for lack of trying, it's just a hard problem given the constraints).
It's getting better and it's partially like that because it's more private(no phone number) and secure(no US company) than Signal, it also contains an encrypted backup on the server which is a huge feature that Signal just does not have.
> Most people just use the Matrix.org server and will never run their own (which is the recentralization risk I'm talking about) - at best you'll have a couple providers
Most people use WhatsApp maybe Telegram, not Signal and definitely not Matrix the future will tell us if this catches on or not, so let's just stop speculating. There is already now some governments using Matrix and a lot of projects, so there are already many servers and many providers, you can also just pay for your own server at Element and you're already not using Matrix.org
> and dealing with spam is still a problem.
That's a general problem that you'll have with any platform, Telegram and Facebook are still fighting spam with little many failures. If anything this is something that I see a good future with Matrix since a lot of different companies/individuals will try to fight this together instead of a big company trying alone and failing.
> You'll also have a system that adapts slowly because it's harder to make changes to this kind of system, it'll always be worse.
Or better because many people are working on it compared to 30 people (!!)
> To escape the incentives that lead back to recentralization and to create a federated system that isn't just another niche nerd hobby, you really have to think about the issues that lead back to centralization from first principles. I think Urbit's design and the tradeoffs they make do this.
I heard of this project before, it sounded cool at the time but I didn't get enough info the details to remember much, I don't really understand how this is relevant though, care to elaborate?
I don't think Element or Matrix is aiming to be a niche nerd hobby, they have a lot of money invested in them (last I read it was 30 million) and the UI is super cool (much cooler than Signal)
At the end of the day Signal and Matrix are both niche and it's just such a pity that we don't go for the obviously better choice but instead put all our eggs in one American basket yet again.
> "I think this is just not true, my grandmother would use whatever I tell her to use she doesn't care if Signal has "better UI" according to some people."
Protocols are slower to change, this is why XMPP lost to competing messaging services. Maybe grandma is a bad example, but a highschool kid is going to use the messaging service that has the emojis and crap they like - not one with a crappy app and confusing encryption setup. I don't think it's lack of knowledge I think it's just harder to create an experience as good and you're at a perpetual disadvantage to roll out new features.
> "Why can't Moxie and Signal just run a Matrix server and offer this service to people?"
> "Most people use WhatsApp maybe Telegram, not Signal and definitely not Matrix the future will tell us if this catches on or not, so let's just stop speculating. There is already now some governments using Matrix and a lot of projects, so there are already many servers and many providers, you can also just pay for your own server at Element and you're already not using Matrix.org"
This is kind of my point? Except that I'd go further and say most use FB Messenger, iMessage, or Discord. I did pay for an Element server for a while to support the Matrix devs. While I want them to succeed I think the existing incentives are such that they will remain niche. Most will use centralized options because they provide a better experience and most users don't care about federation. The UX is everything.
> "[Spam] is a general problem that you'll have with any platform"
Unless you think about it from first principles and actually come up with a way to solve it: https://urbit.org/understanding-urbit - if you have NFTs as a permenant pseudonymous ID with a low but non-zero cost, moderation becomes trivial and spam is no longer economically possible. Today centralized services have an advantage fighting spam (email is the easiest example) and decentralized services struggle with this.
> "Or better because many people are working on it compared to 30 people"
I think this has been shown to be empirically false with this kind of service. Not because of the number of people, but because of the reasons federation on the existing stack is hard.
> "I heard of [urbit] before, it sounded cool at the time but I didn't get enough info the details to remember much, I don't really understand how this is relevant though, care to elaborate?"
The pitch is basically that the problems that cause federated systems to fail (at the application level) run pretty deep. To fix it you have to rethink some assumptions with modern operating systems and how you handle identity across the web. If you fix these issues, then it becomes possible (but not easy) to solve the UX problems that causes federated applications on the web to fail and provide a better experience than the existing web for applications. If you can fix the incentives then you can escape the trap we're in.
> "I don't think Element or Matrix is aiming to be a niche nerd hobby, they have a lot of money invested in them"
You're totally right - they want to take over the world, and I want them to win too, I just don't think they can because of the current local maximum we're trapped in. It's moloch (https://slatestarcodex.com/2014/07/30/meditations-on-moloch/).
Email is decentralized. Most people (including me) decided to sell their data for a better service which is why we ended up with Gmail and a few other services that are very popular. If Google and the other services are forced by law to not be allowed to do that we could easily just create an account in the thousands of not millions of email providers that offer alternatives, if Signal goes down, we all have to go back to WhatsApp.
Even in the hypothetical case of this law leading to google not providing email (neither of which I think would happen) you'd just end up on some other server run by some other corporation with all of the risks that entails.
You could argue that's better than trusting one service (debatable imo), but you're still a thin client vulnerable to the whims and data protection capabilities of that provider. Even worse, if everyone is using just 3 or so main providers then since you're communicating with people centralized primarily on these other services you're also vulnerable to their security practices too.
All of this is because of a few core problems with the current stack. Linux servers are too hard to run. Modern dependency requirements are a mess, operating systems were designed without an eye toward the web or identity so spam is a problem. You can't fix this without thinking more deeply about these issues, I think Urbit might be a way out. Without fixing these issues the options available in the current system are niche communities or centralized services. The idea of people running their own decentralized nodes at scale given these constraints is dead on arrival. PGP is a failure - even when people's lives literally depend on it they cannot or will not do it.
Trust me, I wish this wasn't the case - but I care about winning more than I care about idealistic purity. You have to think pragmatically about what the best option is today and what crazy changes are required for this to succeed in the future. Today with the existing tech stack I think Signal is the best we can do at scale in competition with whatsapp, fb messenger, and iMessage. Tomorrow I hope urbit gives us a way out.
Uh, on-device servers are a thing for Matrix. These aren't your grandpa's servers that live in a 19" rack, or even your mom's server that's an off-the-shelf consumer-grade NAS. Matrix is shooting for portable identities. Matrix is planning to do Bluetooth BLE mesh nets too for offline usage.
User lock-in is not just a glitch. It's the whole reason why people invested in signal. It's yet another walled garden masked as an open source no-profit.
Can someone shed some light on moxie's true identity? Did he change his name at some point and why is there no record of a name change nor does even the topic ever come up online?
If anybody is displeased by this news, check out Matrix protocol. Grab yourself a client like Element for it. You can even bridge Signal to Matrix if others don't want to switch.
Thank you to Moxie and the entire team at Signal for building this incredible software and releasing it out in the world! I've been using it since the TextSecure and RedPhone days and moving more and more of friends and family to it ever since.
To the HN crowd, please become a sustainer (monthly donations) of Signal through the app. You get a badge that way, which is an opportunity for those you communicate with to learn about becoming a sustainer too.
To host a privacy-first IM platform is really challenging. If they took advantage of the users' privacy (behavior, interests, contacts, etc.), they would make good revenue. But they will not.
Then how to make this good thing sustainable is a question. Users would think donation is fair enough. But the fact is a world-class IM platform needs an exceptional engineering workforce. Those people are not just looking for users' donations at will.
I stopped believing in Signal some time ago because of their attempts to avoid taking a side in the moderation issue - their policy is just not clear enough [1, 2, 3]. Moxie advocating that you don't need to trust the servers just worsens it [4].
Another thing I don't like about Signal is how they conduct their development, doing everything in their own private repo and just throwing the code at GitHub to say they are open-source and trustable (remember when the server code wasn't updated for months because they were adding the mobilecoin feature ?). The only way you can really discuss some bigger thing is in the beta testing forum posts.
My hope is that maybe with new leadership Signal can finally get export/migration features. There seems to have been a deliberate resistance to adding them.
A big risk is that the new leader, having less authority and fewer credentials for their choices, will compmromise Signal's security to pressure from the public.
With only 30 people, I am glad things are delayed. That is necessary if Signal doesn't develop and release them before they can be done right.
Security isn't just confidentiality. It's availability too. Losing all your data if a single device is lost or stolen or breaks is bad availability.
Export isn't delayed. The Android app has export and import already. They said it's likely they'll remove it once the Android app has history transfer like the iOS app.
Thanks for pointing that out, as I was quite unaware! Last time I checked this wasn’t available and I didn’t see any news about it. I should have checked before posting.