For me I stopped using Signal when they started permanently storing sensitive user data in the cloud, they were extremely unclear about doing it confusing many of their users, they ignored the objections and security concerns of their users who realized what they were doing and they never updated their privacy policy to reflect that information (and still haven't). For an app that insists that you be able to trust it, they just did not come off as remotely trustworthy.
Signal then announced that because of all the hate they'll make the feature optional, but opting out would just set a pin for you and upload your data anyway. This also caused a bunch of confusion.
It's worth pointing out that they're collecting the type of data they still brag about not being able to turn over because they "don't keep user data".
Between that and not updating their privacy policy it's a pretty massive red flag, but so many people don't even know about the data collection. Look at the answers this guy gets:
It's insane, and I hope every user who has to learn what signal is really collecting from some random internet comment thinks long and hard about what that says about how transparent and trustworthy signal is.
This feels more interesting than most cryptocurrency uses. One thing a cryptocurrency can be is an open protocol for payments - it makes sense to try and make one into such a protocol. The privacy preserving aspects of MobileCoin are interesting and feel like they fit with Signal too.
I am ridiculously negative on all things "crypto", but person-to-person payments (in fiat) are currently pretty annoying and limited (at least in the US, even with things like Venmo and Zelle), and integrating private payments with a privacy-preserving messenger would seem to be a good thing. I don't know if MobileCoin is the best solution here, but I also don't see Signal starting partnerships with big traditional banks or payment processors, either (and wouldn't really want to see Signal in bed with those sorts of folks). So something like this might be the right move, even though I'm unlikely to use it myself.
> and wouldn't really want to see Signal in bed with those sorts of folks
Why?
This has been ongoingly why we have bad encryption technology. No one wants to taint their ideological purity by trying to solve problems for organizations that can pay for them which would actually solve problems for private citizens, and simultaneously ensures that good technology doesn't secure important social interactions for private citizens.
Why should I not be able to verify I'm talking to my bank through Signal? Why can't I have messages from my local government secured to me via Signal?
It's a 2-sided problem, and one side is this bizarre rejection of any attempt at enterprise marketing for a platform with enterprise utility.
Because we all saw where it leads with Google/FB. They might start by just doing the simple things you proposed. But once a government or bank is a customer, they would be the largest/most powerful customers by far. Meaning Signal would begin to bend to doing what those customers want, maybe collecting analytics or personal information, or selling your contact data to advertisers. Maybe one of those banks donates money to Signal and wants favors in return.
The biggest customers of a company inevitably shape the incentives and behavior's within that company. easy to dismiss as a "slippery slope fallacy" but it's historically true. No one who's using Signal to get away from the shitty enterprises that built/own FB Messenger wants a repeat of the same thing. Even if you don't agree, many Signal users probably do, and it would be silly for Signal to piss off their customers.
IIRC the privacy aspect relies entirely on Intel SGX (Which isn't really unprecedented for Signal) which is not ideal. Since it's centralized anyway, I would rather have seen a blind-signature based payment system. It would be more private and probably more efficient.
From what I remember reading, without SGX it is reliant on an older model of Monero that is missing a critical newer mitigation that prevents people from decloaking upwards of 80% of transactions due to a timing bias in how older transactions are selected for including in the ring signature.
Do you have reason to believe MobileCoin scales any better than any other open blockchain protocol? I doubt it.
Also, payments with free floating crypto like MobileCoin and bitcoin really isn't practical in most of the western world, due to the requirements of capital gains tax reporting, not to mention the instability of the price.
That’s right and I stopped using Signal for that reason. Tax authorities have every right to look into any account that facilitates transactions in taxable assets (even just to confirm that no transactions have taken place)
I have nothing in principle against crypto currencies and I am very much in favour of strong privacy for personal communication, but mixing the two is obviously contradictory. It completely defeats the purpose of Signal.
> Are they still doing the crypto scheme? I stopped donating when that started, but would be more than happy to pick it back up if they reversed course.
Yes it seems they are still doing the MobileCoin thing. I'm against cryptocurrencies, blockchain, NFTs, etc also, but nothing is forcing me to use it. I'd be curious to read some case studies or blog posts about how it is being used. For example, are people using it to pay for milk in rural India, send money to family in Myanmar, split dinner bills in New York?
Regarding donations, I would be happy to donate, but it would be great to see some financial reports. Other initiatives like Software in the Public Interest (SPI) and the OpenStreetMap Foundation publish yearly reports, which makes it easy to see how the projects spend their money, how much cash they have in the bank, etc. Pardon me, but I don't want to donate to Signal if they still have $50 million in the bank, or if their CEO is taking home a huge salary, or if they spend the money on fuse-ball tables. ;)
I'm not sure. I'm a bit torn on that. If they can sustain themselves though some method, that's good, but I would rather that method be aligned fairly closely with their initial goals of security and privacy, which crypto pays good lip service to but it's always the best at achieving, given public ledgers.
I guess I'm just worried about perverting what makes it a good messaging client, and would rather they get money from people that support that cause so they aren't as tempted to chase some other path because the alternative is to shutter.
That said, that can happen even if they can sustain themselves through donations if the management/board decide to do so. Just have to hope it stays the course.
I did the same thing. I had setup a monthly donation to Signal several months before the crypto announcement. When I heard about the crypto thing I cancelled my monthly donation.
Are they still doing the crypto scheme? I stopped donating when that started, but would be more than happy to pick it back up if they reversed course.