Reminder that Signal server source code is not fully released and the app is heavily dependent on google services to operate. Signal also takes measures against third party or unofficial apps.
Whatever you say about privacy Signal is not an ally of user freedom.
I had actually considered donating to Signal, but the addition of Moxie's crypto scheme to the app scared me completely away.
Signal kind of hits a sweet spot of usability and security, but it's incredibly tenuous and I don't trust the company to hold my interests at heart. It seems like we should be able to do better.
Well your signal client performs SGX remote attestation before sending any contact data to ensure that the server codebase matches a valid release. So if they're not running the published source, your client will refuse to share your contact information and social graph. Note that messages are e2e encrypted on the client side, so they don't enter into it.
These are not requirements for most messaging app users. I just want secure messaging. I don’t care if it’s open or interoperable. WhatsApp if it was run by a non profit.
Most messaging app users don't really care about encryption either. Most (or at least a large minority) probably wouldn't mind if their messages were used to 'deliver ads more suitable for you'.
It doesn't mean these aren't important issues. Until Signal drops the phone number requirement (nothing beats that for efficient user tracking), allows desktop use without requiring a smartphone anywhere in the process, open sources their server code, and allows for third party clients in a reasonable way; I agree with dfkajglag: not yet an ally of user freedom.
> Until Signal drops the phone number requirement (nothing beats that for efficient user tracking), allows desktop use without requiring a smartphone anywhere in the process
I could handle the closed server for enabling me to use IM to talk to people. But these two points are what make it a non-starter for me.
The phone number requirement is the only thing making Signal remotely close to usable for the wider public. Similarly, non-phone messaging is niche in the extreme. Unusable software is not an ally of user freedom.
The actual problem with Signal is that they took US State Department funding. That doesn't mean it's an op necessarily, but suspicious nonetheless.
Why? If someone wants to use a phone number for their identifier, fine. But make it optional. If I join Signal with another alias (free-form string perhaps) then they could just add me via that. Not really harder than using my phone number.
> Why? If someone wants to use a phone number for their identifier, fine. But make it optional
Network effects.
If you’re only findable via custom handle versus the phone number your network already has, you’ve reduced the network’s value to your contacts. Put another way, if I join a messaging service and it says two of my contacts are on it (but many more may be), that’s close to a non-starter.
I'm fine with people not finding me automatically. If Signal wants to keep the low-resistance method of bulk-checking your contact's phone numbers, fine. Just give me the choice of joining without it.
That’s a private gain at the network’s cost. For a challenger, their decision to bar that albeit limited form of free-riding is perfectly rational. For a dominant network, I am much more sympathetic to the call for anonymity.
Why would messengers without phone number collection not be usable by anyone with a smartphone?
Even if that was the case, " it's strictly less usable than WhatsApp" is not true, because other messengers can provide other quality of life features.
" That means in practice, it's unusable." is not true either. Remove "Status" support from WhatsApp and you get strictly less usable than WhatsApp. Still, it is not unusable.
Signal is pretty close to being strictly less usable than WhatsApp btw.
People can request to write you without being in your contacts.
I have received several spam messages this week in this way.
Imagine how much more with a lower barrier to entry
If it's optional, then there is more than one way to identify users. For a non-technical user, that means they have to make a choice and understand that choice, as opposed to just always using a phone number.
Unfortunately, you can't simply choose.
Messaging apps that don't interoperate inherently create forces to use their app if you have contacts you want to reach on that app
The most people don’t understand their own requirements. For example before Apple’s privacy features, Facebook (Meta) could try to guess the message contents with certain probablity based on other app usage. (Facebook trackers on different apps and cross-app tracking)
> Whatever you say about privacy Signal is not an ally of user freedom.
Good reminder for those that don't know, but did anyone ever claim otherwise? From the very start, releasing the source code was meant exclusively as a way to ensure trust == security. It was never about software freedom - the only freedom the devs mentioned was freedom of speech (encryption and censorship-resistence).
The “next-generation” text messaging standard to replace SMS/MMS. Higher quality images, read receipts, etc. I believe it also supports some form of encryption.
Interesting, I'm surprised to find Google as a big promoter of this, doesn't this go against their walled garden approach if there is a universal messaging infrastructure?
