I was worried about sharing broadly and leaking info from 1 contact to another, but it seems like the Signal team did all the right things here.
When you create a story you can make it a group story or not.
If you do not make it a group story, reactions and replies to stories get sent to you over your 1:1 chats and not shared across other recipients of the story.
If you make it a group story, and share it with multiple groups each group receives their own copy of the story and replies and reactions can only be viewed by others in the same group.
After having been burned SO OFTEN by other social platforms embarrassingly notifying others when I did something I thought was a passive post, or leaking information from 1 of my subgroups with another I was very worried that would happen here, but great job signal team!
The only awkward part that I've noticed so far is if I have a contact in 2 groups that I create 2 group stories with, they now have 2 identical stories show up on their story board. It makes sense and I think the UI clearly indicates for which group replies and reactions to each story it would go to which is probably the safest (best?) solution, but I could see that getting a little annoying if I share multiple groups with a frequent story poster.
I'm still of the opinion that encrypted private group chats are an impossible UX problem (1:1 chat is fine). But if I were to trust anyone to find a way to do it properly, it would be Signal.
What makes it impossible? Naively I would think that if you have a secure 1:1 communication protocol, then you can send N*(1:1) secure messages to a group of N people. To solve the "fake group message" problem where an adversarial member of the group sends different messages to different members of the group, or delays the message to some members, the protocol could simply allow for a 2nd level "vouch" message to be sent, such that Alice sends the message to Bob, Alice sends the message to Charlie, Charlie messages Bob a receipt with the receive time and a hash of the chat log, and Bob messages Charlie a receipt with the receive time and a hash of the chat log. If the hashes don't match, or the receive time is unacceptably different, then you highlight the message as suspect.
Sure, it takes N^2+N messages, but that's not exactly a massive overhead for text. Multimedia takes N times as much bandwidth as the 1-server, server-many model for the sender, but otherwise isn't terrible.
Ah, but what if I send different vouch messages to different users?
There is actually a way to do it, if you assume PKI (which signal provides) and that all messages will be delivered in some bounded time. It’s called the dolev-strong protocol and it guarantees that all honest members of the group will agree with each other. Unfortunately, it requires one round per group member and delivering all messages within a bounded time isn’t easy.
Since you'd be receiving vouches from all group members, you'd get some data about who trusts who's message. To the user, you'd probably highlight the message with the "something's fucky" notifier (red background? a caution symbol?) and then have the further "of X vouches you've recieved, these Y disputed the message's (content/existence)" type deal.
Which lets you know that Alice and Bob are in contention, which is probably good enough for most situations. "One of these three (or more if you have multiple groups of bad faith actors) sets of users are operating in bad faith" should be plenty of information for a user to make an informed decision. Even if that decision is "wow, how did I end up in a group containing multiple groups of bad actors, I should be elsewhere".
> Naively I would think that if you have a secure 1:1 communication protocol, then you can send N*(1:1) secure messages to a group of N people
IIUC this is what iMessage does (at least when Messages in iCloud or whatever it's called is disabled), except s/people/devices: say you have three devices and someone sends you one message, the message is encrypted once per recipient device, and three encrypted messages get sent. Whether it's 1 person with 3 devices, 3 people each with 1 device, or 2 persons with one having 2 devices and the other a single one becomes largely immaterial.
Why not use a merkle tree/blockchain? Usually a meme, but seems like a good solution here: every message is a blob containing the mssage and the hash of the previous received blob. As long as order and messages are the same, the message is valid.
A bad actor could screw with you in this naive implementation though
What you described is a tendermint-consensus-protocol-like round. It requires a direct connection (or some emulation of such channel) between participants.
https://simplex.chat/ is iterating on this. There’s a lot of pros and cons to any design of private group chats from the perspective of privacy, performance and single points of failure.
Messaging Layer Security (IETF working group) has some interesting solutions to the various associated problems, and it's being developed as an open standard with multiple implementations: https://messaginglayersecurity.rocks/
Thanks for the nitpick. Now let's read this again as "Apps implementing the Matrix protocol...".
If one app found a way to make a nice UX for it, all the others would follow. So in practice it seems perfectly reasonable to say "Matrix" when talking about the general UX found in apps implementing the Matrix protocol, doesn't it?
Any "secure" encrypted messenger that allows more than 1 to 1 connections will always have the potential for the "ghost user" problem.
System level some use additional connections/recipients for spam/moderation and the moment you allow any invisible/visible group users in, there is a massive potential for an exploit.
Additionally you have the potential for forking off messaging to other users at the system level for either oversight or spam/moderation/other. Some of the compromised systems out there use this very well.
A sneaky way some of these "secure" messaging apps are also doing this is ghost participants in the chat that can essentially syphon off the messages even without a compromised client. The ghost participant is always under the guise of moderation or anti-spam or telemetry or some other proprietary shim.
> The code shows that the messages were secretly duplicated and sent to a “ghost” contact that was hidden from the users’ contact lists. [1]
Lots of "secure" messaging apps do this for intel and surveillance and not just the white hats.
Other areas that "secure" messaging apps have holes in is the anti-spam/moderation systems that need to view messages and in the clients themselves who have access to the unencrypted content. This is also taking place in other client apps as well: VPN, password managers, extensions, wallets, even build systems and more. Many like VPNs have logs sent elsewhere but deleted locally -- access to entire machine and all network access. People are way too trusting of "secure" systems/apps that are very common today based on trust.
All of these apps/systems would pass code checks, reviews, security inspections and essentially be encrypted/"secure" though a copy is sent off to another area for review. At runtime the leak is in the direction of the data.
Then you also have governmental oversight that opens up holes that can be exploited.
On Ghost Users and Messaging Backdoors [2]
> to add a “ghost user” (or in some cases, a “ghost device”) to an existing group chat or calling session. In systems where group membership can be modified by the provider infrastructure, this could mostly be done via changes to the server-side components of the provider’s system.
> I say that it could mostly be done server-side, because there’s a wrinkle. Even if you modify the provider infrastructure to add unauthorized users to a conversation, most existing E2E systems do notify users when a new participant (or device) joins a conversation. Generally speaking, having a stranger wander into your conversation is a great way to notify criminals that the game’s afoot or what have you, so you’ll absolutely want to block this warning.
> While the GCHQ proposal doesn’t go into great detail, it seems to follow that any workable proposal will require providers to suppress those warning messages at the target’s device. This means the proposal will also require changes to the client application as well as the server-side infrastructure.
> (Certain apps like Signal are already somewhat hardened against these changes, because group chat setup is handled in an end-to-end encrypted/authenticated fashion by clients. This prevents the server from inserting new users without the collaboration of at least one group participant. At the moment, however, both WhatsApp and iMessage seem vulnerable to GCHQ’s proposed approach.)
It seems to me that, under the hood, stories are implemented as simple messages. To publish a story to 200 friends, you just send 200 photo messages to them. Group stories are a group message (and hence separate per group), which is a very good abstraction.
Of course my first reaction was "I hate this" but then I thought about it and whatever I don't care at all. I downloaded the update and it's a new tab. They don't force it on you at all. They very very clearly state that you can opt-out and how to do it. This was tastefully done, which is fresh air in the world of social media crapware.
A little while back I felt this way about 'stickers'. It seemed like a completely unnecessary feature I've never used and designed to achieve parity.
Last week I spoke to my 20-something sister and learned that it's basically a must-have for her friend group, who sometimes have entire conversations just with stickers shared in her group.
Had no idea, but in hindsight realized I'm no longer tuned in enough to know how people just 10 years younger communicate, let alone from different cultures.
My point is: 100% agree. Glad it's not in my face and not caring is the way to go. Being cynical about these features is probably ignorance
I'm currently 20 and mostly use stickers for “repetitive” messages, like “Good Morning” and the like. Sometimes to convey emotions that are hard to type out at that moment, too.
Creating custom sticker packs is also fun, including memes or cute cats.
But of course I don't speak for everyone my age, and it's different for each culture and personality.
Thank you for the insight. It's always interesting to hear how the experience of tech is different among people of other generations/demographics. Honestly, I wouldn't have pegged your generation as the one to use stickers - somehow it seems more in line with how boomers communicate.
About once a week I accidentally send a sticker in Signal. It feels like it should be impossible, but somehow my subconscious muscle memory uses those positions for something. But I've never met anyone else with this problem and still haven't figured out how or why I'm doing it, so I can't blame them.
This just underlines how unintuitive swipe gestures are. There is no way to tell the feature exists or what swiping might do, and having horizontal finger drag do interactions when vertical drag just browses is simply inaccessible to many people.
I still do not understand why everyone and their cat copied that from Tinder.
I wonder how much companies lose just because people hate being forced into things, and they develop a strong aversion to something they'd actually use otherwise just because its pushed onto them.
What's worse, this even affects the few who try to introduce new things respectfully, because people are so in the "IF SOMEONE OFFERS ME SOMETHING IT'S JUST CRAP I DON'T WANT" mindset that they reject new things outright.
On my phone, that new tab necessitates a tab bar that takes up more than 10% of the screen estate. I immediately disabled stories for that reason alone.
Yeah that was my first reaction as well and I am still not sure how I feel about Signal pursuing this, but I appreciated the opt out option. I also appreciated that they talked about opting out early in the blog post before diving deeper into the mechanics.
Assuming everyone you know isn't already using Signal, I think the most important "feature" for any existing Signal user is getting more users on there.
As far as I can tell, lots of people love stories.
No one on this site should love SMS. It's just a huge security vulnerability and while it sucks having to reactivate the built-in SMS app I totally get their reasoning behind it. Having SMS integrated into Signal was damaging their reputation for something they could never have any control over, so why support it? Any business trying to stay alive would repeat their decision on this.
Because it helps me convince new users to try it out.
I used to be able to tell people, "You can change your messaging app to Signal and it'll send secure messages to other people on Signal and you'll still be able to send text messages to everyone else." Seamless.
Now I have to convince them to use two different apps for messaging.
SMS sucks but it has a massive user base.
Their reasoning for removing SMS was that it was insecure and people didn't know when they were sending an insecure SMS or a secure Signal message. Loads of people suggested they just put SMS in it's own tab to differentiate them and that was dismissed like it was a dumb idea. Then they add "Stories" (a feature nobody is going to use because they don't have a user base for it) and put it in a separate tab.
I honestly don't understand why they think Stories, a feature that caters to social media users, is going to to be used by the new target audience (with the removal of SMS) of security conscious techies.
My gut reaction to this was disappointment that Signal is working on yet another not-messaging feature a la their crypto integration... But the longer I think about it, the more positive I feel. I actually enjoyed using stories on other social media platforms before I left them. The idea of something similar, but end-to-end encrypted, is actually exciting!
The more useful signal becomes to the non tech crowd the better for everyone. Options are good and they are largely competing with WhatsApp although they have tiny market penetration right now
This post seems say that they'd rather avoid the difficult programming challenges of working with the varied devices and protocols people use for communication generally, and just compete with other walled garden apps instead. I wish them luck, but it's a different trajectory than they were on a year or two ago.
It's not a "difficult programming challenge" if you don't even get access to the APIs for the new protocol, I don't think...
But there's also certainly something to be said for deciding where to spend your time. Sure, getting regular SMS right on many different devices might be a difficult programming challenge, but if that means you can't spend time on making sure your service scales, or that people are able to hide their phone number, or... Then that's not laziness, that's making a hard choice.
There is (sometimes?) a way for Signal users to deregister from RCS which should presumably cause other devices to send messages via SMS instead of RCS.
People's Android devices can be opt in to receive messages via RCS based on phone number with either Google or their carrier. If the number is registered via Google, the number can be deregistered using a form. [1] For Verizon, it seems you can call Customer Support at 800-922-0204 to disable RCS. [2] Presumably other carriers have similar options.
Once RCS is disabled at Google/carrier level at the phone number level, other RCS compatible phones will fall back to SMS/MMS for delivering messages, which will cause the Signal app to be able to read messages via Android SMS APIs.
Disabling RCS, which apparently is encrypted with the Signal protocol for G messaging, so that people can continue to comfortably use unencrypted comms (sms) in Signal messenger itself would be a really wild course of action.
Great context, though from an end user's perspective it was clear why and just left hanging with "find a new SMS messaging". The integration made adoption/integrating new users easier by allowing some to have one messaging app with progressive security for contacts on Signal.
Yeah absolutely, messaging wasn't great, although that's a hard thing to get right, especially considering how they have both very technical and pretty non-technical audiences.
I imagine it's a lot of hassle to maintain and outside of the US SMS is basically as dead as landline phones. They probably consulted their usage statistics when they made that decision.
Why? It hasn't changed in years. It's easy to use and glaringly obvious that it's a non-secure conversation. Sometimes I go to add a reaction to an SMS conversation before remembering that those don't work on SMS - the only problem I have ever had with it.
> outside the US
that's a 330m-person population, which is also home to Signal. Not only do I get SMS from people like neighbors and so that I don't especially want to convert, SMS is used to send payment receipts/pickup notes in restaurants, 6 digit verification codes for many websites and so on. If you are outside the US and don't have to deal with SMS congratulations, but for the large number of people in a territory where it is still a key part of digital infrastructure, arbitrarily yanking the feature is a huge pain.
It has though. RCS has come along, which means that you might send an SMS to someone, and their response gets "upgraded" to RCS. If your app doesn't support RCS (and it's impossible to support RCS right now, because the APIs aren't available), you'll never see it.
The choice is between "Keep maintaining the functionality and have people get progressively angrier that their messages are going missing" or "drop it entirely".
Probably because it is dead in a large number of places (e.g. I haven't used SMS in the last 10 years for anything except these automated things that sometimes are sent), and people tend to generalize that to "outside the US".
I had the same thought process. I still use Instagram, but only post stories. It’s fun and less pressure than posts, and get to share fun and irreverent things with friends.
I wish they would improve the app UI instead of focusing on features like this. Compared to other apps I use regularly, Signal feels kind of clunky -- the share dialog takes forever to load from another app compared to Telegram or Messages. The app feels like it's harassing me every single day to update. On open, the app often takes a few seconds of loading in my chats. Makes me wonder what core userbase Signal thinks cares about Stories more than a functional app. Half the reason I started using Telegram a decade ago was simply because it was faster than most other apps!
From my experiences, Signal has the cleanest, most functional UX and design out of nearly all my apps. I have a mid-range Pixel 4a running CalyxOS and it works without hiccups. Not sure why yours is so slow.
Agreed. Android version is slim, and just several days ago I paired up with the Windows desktop version - a UI to die for.
So happy I got several people to a) drop facebook and b) contact me with/ reply to me on signal (I don't use Whatsapp); and they've done the same with others.
Both my kids (under 20) use signal more and more, especially with their new friends at a new school.
Aside: I asked - they, and their friends, don't give an f about twitter.
I am using an absolutely ancient phone (2016 iphone SE) that's perpetually in low power mode, so it's possible that this isn't a big problem for other iOS users. It's also rather slow on my mac, but I have noticed that my partner's 4a runs it smoothly.
I love HN threads where the complainer is knowingly using an old device on power mode, while complaining about performance… all while the responder is using a custom de-googled niche ROM and claiming somehow it works flawlessly.
I always wonder how non-HNers use such software, if even the dedicated people are struggling.
iPhone SE is an extremely powerful phone. AFAIR it uses iPhone 6S CPU. iPhone 7 CPU beat Intel Core i7700K in some benchmarks, just to put a comparison.
Not sure how much degraded battery affects it. I recently got my iPhone 8 degraded because of battery and honestly I didn't notice anything.
Even my old iPhone 4S is a little beast. I remember playing Asphalt racing game. It pushed it to 60 FPS and its graphics was stunning, better than need for speed. If phone can render AAA game at 60 FPS but struggles with some chat app, this chat app does not respect is users. I mean it's just a bunch of grey squares with some text and lame shadows. DOS on i386 could render it fast enough.
Sometimes I can't decide who's more crazy - me who demands adequate performance from simplistic apps or people who accept this state of things.
> iPhone 7 CPU beat Intel Core i7700K in some benchmarks
Ehhh that's a >5 year old CPU. I wouldn't describe it as "extremely powerful" even on a phone.
Anecdotally, going from an iPhone 8 to a 13 pro max was a night and day difference. Not just because the CPU was noticably faster, but because the 120Hz display makes everything more responsive. Sure you don't need that hardware for a chat app but unless some product guy forces the issue, devs aren't even gonna notice fps dropping below 120 because most of them don't use ancient phones.
It blows my mind that people don't just buy new batteries for these. They are CHEAP, under $10 to DIY replace and not very difficult. If you don't feel comfortable following ifixit guide, then any chain shop shouldn't charge more than $50 for the job, it's 15 minutes or less for someone used to doing it.
I have replaced my SE's battery three times, and the screen/front sensors once. The battery is at 100% health as of my latest replacement a couple of weeks ago.
Signal is still my slowest messaging app. It's not some subjective complaint about jank: compared to Telegram and Messages, Signal is much slower to load and share.
+1 Can we please have a changelog? I don't care whether it's in the app or on Github but it shouldn't only appear to Google Play Store users (and only temporarily).
Indeed. A simple example is photo-sharing, a critical function for many people.
Every time you send you have to manually choose if you want higher quality over smaller size. You can't set a default option.
You can crop crop photos, but the crop handles don't work properly and often spring back if you only want to crop in one dimension.
There's an anti-pattern where there's a separate tool selection and tool edit UI on the screen at the same time, so if you are in a hurry and hit 'Save' without hitting 'done' (immediately above it) your changes are discarded.
But if you hit the discard button, you have to confirm it in a modal dialog. It's faster to discard changes by hitting 'save'.
There are pen and highlighter tools so you can draw on an image. but no shape tools, in case you wanted to blank out someone's face.
There's a text tool with some display options. But it's always in the middle of the image. You can move it around, but only after you have typed the text. You can pick color but you can't change the font. It's faster to make a meme online.
You can't use any text effects like italic, bold, or underline either.
Remember how there were going to be blurring tools built in so you could blur faces if you were an activist or journalist? Offered in Beta, never made it to production.
Well, you could just put a sticker over their face, using one of Signal's (extremely cringey) stickers, or by uploading your own. But you can't paste an emoji.
On desktop, you can drag a sticker over the photo with the mouse, and it gets a little '+' in a box to show you're copying the sticker. Then it disappears. Why? Because it was designed for a touch UI and only clicking on a sticker will actually add it.
These are just the problems with image handling/markup. I could make many more lists for other aspects of the app. The markup tools would be kind of superfluous, but it is useful to be able to do thm within the app...only they're implemented in a way that is a source of constant frustration.
If you bring this up with them on Twitter or so people will rush to say 'well Signal is for secure messaging, use an art program if you want fancy image editing lol.' The same people who rush to defend Stories and stickers as 'broadening appeal' while simultaneously saying 'nobody uses SMS anyway' even though SMS is ubiquitous in Signal's home market. It has degenerated into fanboyism at this point.
Fascinating. I strongly prefer Signal's editing tools over Google Photo's. If they shipped it as a standalone app I'd get it.
> Every time you send you have to manually choose if you want higher quality over smaller size. You can't set a default option.
I didn't even notice I wasn't sending high quality images. The setting they picked sends photos such that they look like original quality on my phone screen. If I want to view a photo on a high quality monitor or print it I'd send it some other way.
> There are pen and highlighter tools so you can draw on an image. but no shape tools, in case you wanted to blank out someone's face.
It's pretty easy to scribble it out quickly. I do use a separate app for sensitive redactions.
> It has degenerated into fanboyism at this point.
Fair criticism. My feelings about Signal are similar to my feelings about voting. It obviously sucks, but no one has figured out anything better after quite a few years.
I love how Signal (and WhatsApp adopting Signal's protocol) made privacy easy for the general public and technically inclined alike. Privacy will never be the default until it's made easy.
I'm guessing some folks won't like use feature because it's too "social media-y" (myself likely included) but as they say in the post:
- You can turn the feature off and you won't see other people's stories
- You can choose the audience and the max you can share it with is with Signal users in your contacts list
Thank you Signal team for giving the general public what they want and making it private.
> I love how Signal (and WhatsApp adopting Signal's protocol) made privacy easy for the general public and technically inclined alike. Privacy will never be the default until it's made easy.
WhatsApp did not really adapt it in privacy mind, to be fair. All metadata is unencrypted.
Meta harvests your contact information, intervals and time when you message specific persons. Often, this information is more interesting than the message content itself.
Pretty sure both work the same way regarding metadata. Think about it: if Signal didn't know that A was messaging B, how would they route that message to B's phone? A has to be able to find B's ip address someway. B can't broadcast its ip address to all the Signal users -- that would be a huge security hole.
It probably works like this:
1) A sends encrypted message + B's phone number to the server
2) server looks up the ip address for B's phone number
3) server routes the message there.
Also, both WhatsApp and Signal hash the contacts data the same way. Signal does seem to go a bit further, however.
WhatsApp contact uplod mechanism continues here [1].
It means, that if the contact list contains numbers which have not accepted WhatsApp ToS, their content is stored only as hash.
When the user starts using WhatsApp, their number and hash is being mapped.
Vaguely described as
> Each cryptographic hash value is stored on WhatsApp’s servers, linked to the WhatsApp users who uploaded the corresponding phone numbers before they were hashed so that we can more efficiently connect you with these contacts when they join WhatsApp.
Which means that WhatsApp knows the numbers of the WhatsApp users, and how they interact together.
Signal does not know numbers or how these contatcs interact.
It is described here [2]. Number is only needed for creating the unique hash.
Server knows only the recipient, not the sender.
> Signal does not know numbers or how these contatcs interact.
> It is described here [2]. Number is only needed for creating the unique hash. Server knows only the recipient, not the sender.
Signal does know everyone's numbers as everybody is logged into a Signal account on the server end (this is how your client fetches messages for your number). That same account and IP are also used when you send a message.
Pretty sure both work the same way regarding metadata.
They don't, that's covered pretty extensively in the many technical writeups of various Signal features. It's one of the main value propositions of Signal, that it doesn't work like most secure messengers especially when it comes to metadata.
The server does not really store IPs, since mobile phones are likely behind CGNAT.
In theory, B could publish a new public key as identity per target user.
I see two main problems: First, push notifications do require the server to actually identify the user and second efficiency: The client would like to maintain a single long connection instead of many short lived requests with pseudonyms.
Of course there would still be some timing patterns …
> Think about it: if Signal didn't know that A was messaging B, how would they route that message to B's phone?
There is no need for signal to know because their servers are not involved to transport the message but only ip routing infrastructure in between and of course the two parties. That's P2P
And all the rest of the data too, for all intents and purposes.
After all it is Meta that provides the keys, operates the network, and controls the closed source apps. Also, it is precisely Meta's type of behaviour that warrants encrypting personal data in the first place.
I'm pretty technically inclined and I lose my Signal history every time I get a new phone because I just can't remember to transfer it. (I don't use it a ton.) I really wish this was more seamless. (I understand the complexity of the security issues around it.)
This is the boat I'm in. My version of Signal already updated and encouraged me to switch SMS out of the app, which I did. Now I'm sort of split between these two apps; my family is, for the moment, still using Signal for both, but I expect they'll soon enough be forced to use Android Messages, at which point we'll have little reason to continue using Signal.
Once my immediate family is out, I expect it'll be a domino effect with my extended family and friends -- those of us on Signal will have fewer and fewer reasons (ie, individuals in our graph) to use it. As much as I'd like this to not be the case, I think it will be. A smallish percentage of my contact list was on Signal, but every few months, another few people would join. I expect this trend will reverse.
Other than the privacy features, that was my #1 selling point when trying to convince someone to install Signal - that you won't need two apps for your SMS since it will become your default app and the UI is better anyway.
Will be a lot harder to tell people to switch now.
I can accept that it is a real argument, since so many people mention it. But I just don't get it.
People have multiple apps for their social networks, and are completely fine with them. Snapchat, Facebook, TikTok, WhatsApp, Telegram. At the end of the day, I think it's just an excuse. They don't want to install Signal because they follow what others do, and it seems like others are not on Signal.
Instead of saying: "Install Signal, it will be your new SMS app", if you said "What? You don't have Signal? That's the new thing man", I'm sure they would try it. Then realize that they don't have contacts there, and uninstall it (because they reaaaaaallly need to save those 6MB badly on their phone, for some reason).
People don't use what's best, people use what other people use. They don't want to think.
Canadians, people in their 30s and beyond, people who aren't on Facebook, random people not in your friend group, businesses. But most of all, the people who keep complaining about SMS support! What you're saying is a bit nonsensical "if I ignore everyone in this group, the group has no one in it".
I use SMS from time to time too - especially random people that call me, but I don't see much added value of having it unified in Signal. I just use the default SMS app on my phone (iMessage app in my case, which also works for SMS). For me Signal is about E2E encrypted messages with more features, SMS is a different much more limited platform.
Discovery. If you and another were texting each other via SMS, but signal was your app, signal would just upgrade your sms to a signal msg. You didn't have to have a conversation ahead of time, or save them in your contacts and let signal scan them - it just worked.
Discovering you're not limited to sms was nice, when now you have to have an aside - "hey, have you ever heard of signal?"
Signal on Android previously worked a lot like iMessage on iOS - you'd use it as your default messenger, it'd SMS if that was the lowest common denominator, or it'd seamlessly upgrade to Signal protocol if both sides had it.
Lots of people like having just one messaging app, for messaging that's basically SMS-like. Apple and Google have both chased that dream for their SMS apps, for a good reason (Apple with more success than Google—does Google still have another messaging service attached to their SMS app, or did they give up on that when the first attempt was a disaster about a decade ago?)
You don't! But that's exactly the problem - you don't need signal at all. All the important messages that you get are gonna come through another platform (SMS, whatsapp, weechat, etc [depending on where you are]). So, now that SMS support is gone, all signal installs are in addition to the apps that you actually need.
Most people will use the messaging platforms that they need to have installed to get through their days. It's nice, ofc, to have friends who are privacy enthusiasts - but Signal main goal has always been to go beyond that group.
I like it! Making it more "mainstream" is the way to go even if purists might say that it's feature bloat for their secure messenger.
It's similar to how it's good if more people use Tor for all kinds of activities as it doesn't immediately label you as suspicious just because you use Tor or Signal.
RCS has been around since 2013 and the only alternative client to Google Messages was your device maker's app that was allowed to tie into Google Messages via a device vendor only API (but essentially these were just a skin for Google Messages).
Google has not provided any public API for RCS, and they control the ecosystem fully. If Google wanted other clients to use RCS as a platform, there would be public APIs that Signal, iMessage, Textra, Facebook Messenger and other SMS clients could integrate with.
On this new Google Pixel 7, the app launcher thing is limited to just 4 apps. Now that I can't use Signal for SMS, it has lost it's convenient spot on my home screen. I find myself using it less, so like you, I'm very displeased about their dropping SMS. The forum thread on Signal's Discourse about the change is full of snide remarks from their moderators, and it's extremely disappointing to see Signal community leaders disparaging their own long-time users over SMS. Turning back on the legacy of TextSecure in this way justifies framing this as a betrayal.
All that being said...
I still trust Signal's Stories implementation over any other. While I believe they could have competed with SMS-capable apps like iMessage, Google Messages, and Samsung Messages, if pivoting into WhatsApp/Instagram/Snapchat/TikTok territory is what they'd rather do, then I believe they can execute it well.
Conversely, when Signal drops support for SMS, I expect to stop messaging anyone still on SMS. So far it's been fairly painless getting the people I actually care about to switch, but YMMV. My mom doesn't care if she has to use a separate app to message me.
I use signal for SMS. Is this an iOS thing? If so presumably it's an Apple restriction?
edit: ah, they announced recently that they are removing SMS support in Android. The reasoning is solid IMO, I've accidentally sent insecure messages before.
Indeed I forgot the "I've never met you but need we need to make a transaction for some reason (buying a house or a TV second hand), so let's start with SMS which will work for sure".
For anything else, using SMS is like using Notepad to write books. Many better alternatives have come through in the decades since that tech was new.
It feels very weird to have both a very good end-to-end encryption (the Signal encrypted messages) and a very bad system (SMS) together in the same app. People should just move away from SMS, it's not like it's hard.
I have no idea (and not living here long enough). But if I had to guess, it could be that cheap/free SMS texting came before cheap/free mobile internet and thus it was already established.
Maybe I'm the odd one but I haven't received an SMS in a decade. It's all iMessage, WhatsApp, Telegram and the only SMS are transactional that I receive but never send.
I was only able to convince family to use Signal because they didn't need two apps for messaging. It's pretty much a dead app for me now and the decision makes my conversations profoundly less private and safe.
Did all of your family members only message you and not each other? I don't understand why they would move away from signal when they were messaging each other using signal. Each one would have several signal contacts.
Did they not see any value in signal over SMS? Didn't you have any group chats?
I know that Signal announced plans to have accounts based on usernames rather than phone numbers in the past. I wonder if the removal of SMS has something to do with usernames.
SMS is very rarely used anymore outside of the US and a few select other countries, and for most people Signal and similar messengers serve as a replacement for text messages, not a supplement. It's probably just not a worthwhile market/feature to keep anymore.
Come to think of it, I'm having a very hard time coming up with any sensible use case for using Signal over text message. Presumably both sides still need Signal for the encryption to work, so what's the point? Might as well use the internet to send the message. The only scenario I can see it being useful is when you have GSM, but no internet connectivity, and that's rare these days.
Signal hasn't supported using SMS as a transport for encrypted messages for years now. The impending change that people are discussing is dropping support for sending and receiving ordinary SMS from non-Signal-using parties.
I'm still extremely disappointed in Signal's choice to drop SMS support, which feels like a key adoption vector to me. However, I'm glad to see that they're still building privacy-first versions of popular social networking features. This does the double-duty of giving privacy conscious folks access to those features and showing that there's no need to invade users' privacy to offer these things - instead when others offer them it is in order to capture more attention and personal information.
My family members will basically all stop using Signal now because they didn't want two apps for messaging. This will make all my conversations less private rather than more. It was a really dumb decision. I was able to convince a lot of people to switch because "it's just text and voice messaging except if we both have the app then it's more secure." I will basically be alone in my usage of Signal after the change goes through and am assuming I'll just uninstall it eventually as well once my family isn't there anymore.
Same. Only now I will be "forced" to ditch Signal as well, for the exact same reason. And I'm an uber-paranoid privacy nut who uses GrapheneOS on my phone.
Thing is, I have all of 2 close contacts who use Signal. The rest use the default messaging app on their phone. So I already had to accept the fact that most of my texts were non-encrypted while I continued to try to persuade people to install Signal. Which was easier to do when it could conveniently replace their default messaging app and give them better security and privacy without any sacrifice.
But like them, I also have zero interest in using Signal to text all of 2 people and a different messaging app for everyone else. As much as I want e2e encryption for my texts, and would like SMS to be universally replaced by something secure, it's not like I text enough (or even use a phone enough) for my texts to be a particularly large attack vector in the first place. It would be way more useful to get MFA codes sent through Signal than it would to have my close contacts switch (and they're not going to anyway so what does it matter if I'm the only one who uses it?)
Are you short of space on your phone? As a "uber-paranoid privacy nut" why wouldn't you keep it installed and continue to message those two contacts securely?
1) Both of those contacts are not "uber-paranoid privacy nuts" so they will be dropping Signal too for the same reason.
2) The inconvenience factor. I don't really like smart phones and would live without one if I didn't need one for very specific purposes. Being able to text close family and friends is one of those specific purposes. I have zero interest in having to juggle different text-ing apps for different contacts.
I should also add that I'm way more concerned about
a) spyware that comes pre-installed with phones that sends data to 3rd parties that have bought it
b) malware (I don't install many apps for this reason, and I like to use FOSS software for the same reason)
b) being in control of a device that I own (same reason I use Linux on my desktops and laptops)
I'm less concerned about SMS messages being intercepted, except for things like MFA codes. So of all the "contacts" that I would like to use Signal, it would be situations where the content is security-sensitive, which [unfortunately] currently accounts for virtually 0% of e2e encrypted messages coming into Signal.
> My family members will basically all stop using Signal now because they didn't want two apps for messaging.
Schedule time in your calendar for helping family with their "lost" SMS. At least at the moment, Signal seems to keep SMS separately from other apps. Uninstalling Signal will probably make any archived messages dissapear, at least temporarily.
The announcement says “give the people what they want”. You know what I really want in Signal for iOS? Backups, not stories. Congratulations for launching stories, but I honestly don’t understand why it has been prioritized over backups (E2E encrypted of course). That’s a major missing piece to replace WhatsApp and other messaging solutions.
There is so much basic functionality missing in Signal as a chat client, news like this - or e.g. integrating crypto payments with a shady cyrpotcurrency [0] - upset me as it does you.
No backups, no drag-n-drop or even pasting support for many things on Mac and iOS, no list of links in chats, no jumping to the context where a media was sent, such an non-native app feel overall are just top-of-my-head annoyances that make Signal a very mediocre chat experience.
Which is a shame, as I share and support most ideas and ideals of Signal.
But I so rarely see Signal as a chat app improve, it angers me.
I've lost my entire message history 3 times now in the past 6 years because they don't have backups. iOS -> iOS migration is buggy and prematurely wipes the old device every time.
Stopped recommending Signal because of this. Seeing stories, stickers, and crypto payments prioritized over basic data integrity makes me sad.
Signal has done a lot of nice work on building a UI that conveys what nerds/paranoid people want to know for private messaging (e.g. "Your safety numbers with so-and-so have changed") while still providing a usable app. But for the most part, the threat model of "private messaging" is one that software can defend against pretty well; everybody understands that when Signal provides "privacy," they don't mean in the face of an adversarial receiver who wants to share the message with the whole world.
For a service like "messages that the receiver can read offline but the sender can later delete [or that auto-delete after 24 hours]," I'm curious to see how they handle the UI when the threat model is harder to defend against cryptographically, because it depends on software that isn't acting as a user-agent. Are they worried about people running rogue clients that save every message (or about screenshots?)? If so, how do you do a good job communicating to the nerdy/paranoid user that deletion is not guaranteed? Or does everybody already understand that auto-deletion is best-effort and shouldn't be treated as on par with the strength of assurance that Signal provides for privacy?
> Or does everybody already understand that auto-deletion is best-effort and shouldn't be treated as on par with the strength of assurance that Signal provides for privacy?
No, but this is what we should teach. Even "best effort" is misleading. Auto-deletion should be considered a UX feature that only affects your own experience, not those you talk to.
That said, in a high trust relation you can assume that auto-deletion is best effort, same as with your own devices. It should be seen as "this is a hint that helps your peer to delete messages, so that they don't stick around for everyone's sake".
Personally I'd rather avoid the feature bloat. I also think it just waters-down the "secure" image they are clearly going for. I mean, broadcasting images to your contact list isn't exactly what I think of when I think "private messaging".
Everything about Signal will make more sense if you forget every opinion you've had or read on a message board, and accept that the project's mission is simply to transition as many people off insecure systems as they can. For example: message board nerds are apoplectic about Signal's phone number requirement, but the systems ordinary people were already overwhelmingly used phone numbers already. As communications trend towards ephemeral video messages (I have trouble understanding why, too, but then I'm old), that's where they're going to head.
The cool stuff about Signal is what happens under the hood. They don't want a special identity as a "private messenger"; they believe all messaging should be secure.
It supports backing up to a file that you can't specify. This is unhelpful in many use cases.
Example: I am running out of space on my phone. I look, and see Signal is taking 4gb of space. But I would like to preserve a lot of that media. So I buy a mini-SD card and install it in my phone. Yay! Now to turn on Signal chat backups!
Oh, but the backups are hardcoded to a location on your primary storage that you can't change. so even though I have 126gb of free space on the SD card I installed, I can't back Signal up to it and I am still running out of space.
My only option is to try removing every other app I have installed, and hope there is enough space reclaimed to perform a backup, which I can then copy off my system so I can reinstall my apps...WTF.
Meanwhile there is no way to back up a single chat. You can archive it, but that just removes it from your Signal home screen, it doesn't actually create an archive of any kind. And there is no way to back anything up on desktop.
Even a cynic like me wouldn't go so far as to assume bad intent here. Signal is open source so the file format should be readable and likely this is just an oversight, I guess it's not a highly requested feature. Have you filed an issue?
Repeatedly refusing to fix this widely reported issue with non-sensical explanations does imply bad intent.
In the beginning, it might have been an oversight. Now moxie is just making seriously misleading arguments on behalf of people he doesn't know to make their service worse.
Please explain how do I configure Signal for people in my family so they won't lose any message, photo or group membership if their phone falls out of the pocket.
This means:
* Backup must be automatic.
* Backup must be done off device.
* Backup must be common enough that messages aren't lost.
* Restore must be available to person of average technical ability.
* Restore must not require a person to remember typing in a 20+ character pregenerated number they probably lost in last 2 years of having Setup signal.
It absolutely does not do that by itself. As proven by other secure implementations with more user friendly approaches to entering encyption keys.
It's also funny how demanding on use of phone numbers, shoving in crypto currency and demanding everyone to use out-of-date Electron app is somehow fine, but making backups user friendly is suddenly a massive "security" issue.
This is the BS security theater I despise at Signal. It's the software equivalent of having every single airplane passenger take off shoes.
I never said anything about intent. If it's an oversight then maybe they should be thinking a little harder and listening to feedback from beta testers, of which I am one.
Backing up to the same device on which are running out of space is an extremely obvious problem, to which the solution is to just ask the user where they want the backup stored instead of deciding for them.
It's a very First World take on it, though. Mid-to-high-end phones are usually the ones that pack a considerable amount of integrated storage but ditch the SD card slot. Budget ones are the other way around, though.
Then do it insecurely and warn the user. 'We can't figure out how to do this securely' is their BS excuse for every bad design decision or unimplemented feature.
You might say 'but they don't want to make people less secure, people will get the wrong idea!' But they do this already, in ways that are much worse than allowing the user to make a security decision for themselves.
You can change a setting to prevent screenshots inside the Signal phone app, so you can't take screenshots. Your conversations are now secure, right? Nobody can take pictures of your disappearing messages! WRONG. You can turn on that feature and I can still take screenshots all day, including disappearing messages that you send to me.
Likewise, Signal can't tell if you're downloading pictures or copying text I send to you. You could be backing up everything - my only 'assurance' is that you probably aren't doing it because it's inconvenient.
You can change disappearing messages timer to anything you want! Great! But the change of timer is itself a message. So if we are arrested and police get into one person's Signal, they can see when disappearing messages were turned on and when the timer was lengthened or shortened. Sure, the messages disappeared, but what were you doing on August 23rd at 7:39pm that made you change the timer to 10 minute4s for 3 hours? We know where you were because of your phone's IMEI, I guess we will tell the court that you were trying to cover something up during those 3 hours and charge you with obstruction of justice.
I have asked them to change the latter behavior repeatedly, explaining why it could be a problem for users, and all I ever hear is 'good point, we'll look into it' even though there's no reason that information should be stored.
Your former examples are things that quite simply can’t be mitigated in any case. If you want to send a message to someone there is no way to prevent them from storing it in a way you control.
Your latter example is also a security concern they can’t address. A jurisdiction that allows a message about a settings change being used as a basis for obstruction of justice can rule the use of signal as the same (though I do agree that former is problematic on its face).
I dont know the ins and outs of the problems with backups, but it doesn’t take a phd in cryptography to envision a case where your settings about backups open all your contacts to automated dragnet surveillance. In that case it doesn’t make sense for a single user to downgrade everyone else’s security settings.
I'm not saying they can be mitigated, I'm saying that casual users have the illusion of security through settings that seem to mitigate security concerns, but don't.
The disappearing message timer history could absolutely be mitigated by simply not retaining that information or timestamping it.
If you could export/back up single conversations, you would have much more granularity than exporting or backing up your entire message database. Other people could also get a message that the conversation had been exported. there are lots of cases where you might want to do this by mutual agreement, but it isn't possible.
What I don't understand here (though admittedly I haven't been following the iOS discussions closely) is why backups are possible on Android but not on iOS?
The backups on Android are near useless as well - they expect users to remember and save a massively long string of numbers (that are pre-generated, so they can't even choose a password they remember) and then they only do backup manually and onto device storage where it'll be gone together with everything else on the device if it breaks or dies.
Getting that backup off the device is yet another manual process for most users they need to think about.
Compare this to Telegram: user doesn't have to do anything.
Compare this to iMessage: user doesn't have to do anything.
Compare this to WhatsApp: user just needs to click agree.
The last two even save backups in an E2E encrypted fashion unreadable by servers.
As I understand it, iOS backups normally go to iCloud -- where they're stored encrypted but the keys are held by Apple (i.e. not end-to-end encrypted, and not a zero-knowledge system by any stretch). This makes iCloud-stored iOS backups susceptible to subpoena, malicious employees, and/or good-enough hackers.
I'm sorry, but that's just not true. Stickers are widely used in the group chats I am in. I myself have created multiple sticker packs since the sticker feature launched. Before that, several people mentioned they thought Signal looked like a shitty app because it "didn't even have stickers."
Ultimately there was no shortage of boring, cryptographically-secure apps. Signal is filling demand for an app that is both secure and fun to use.
Taking it up after it became available is not the same thing as asking for it. Sorry but this a frivolous cosmetic thing compared to security issues like Signal's ongoing linkage to phone numbers.
That is correct, but "nobody was asking for stickers" isn't, and that sort of thing does dramatically affect adoption. Also, in the cases I am talking about, not using an app because it doesn't have a feature technically does mean they didn't request the feature, but I'm not sure that is a useful distinction if our goal is to get people to use more secure methods of communication.
I really can't buy the proposition that demand for stickers outweighed the years-long pain points about things like your Signal identity being tied to your phone number or a ping going out to everyone in a person's address book who already used signal, both of which are at odds with the core mission of secure and private communications.
Why is that? Not disagreeing but genuinely curious. One of the issues I face sometimes is wanting to stay in touch with someone I met. I'd like to do that over Signal (I don't use any of the popular social media platforms) but I don't feel comfortable sharing my phone number with them. It would be nice if I could use a unique user handle instead.
It allows Signal to work similarly to the messaging services it replaces without having to keep serverside contact lists. Those contact lists, which practically every other "secure messenger" keeps, are the most valuable metadata the service keeps, in many cases more than the content itself: they're a record of who talks to who. Signal's phone number system means they can keep those contact lists clientside by piggybacking on the device contact list, which is keyed by phone number.
My curmudgeonly self would prefer if the stories were off by default. It's not a feature I'm even remotely interested in, and feature creep really isn't a positive thing.
I've tried snapchat and Instagram stories, and I hate that the messages disappear with time. It seems counter-intuitive for an asynchronous communication method, and that doesn't even count how it always feels like another FOMO marketing gag to keep you engaged with the app.
Just let people delete posts (and really delete them to boot).
I think you don’t quite have the right mindset for the purpose of stories. The point is “this is not important enough to interrupt my friends; but here’s what I’m up to if you’re interested”. It doesn’t matter that it expires, because it’s only relevant to what is happening now.
Of course it still has all the usual social media failings where it is used to make the senders life seem more exciting and fun than it really is but I see the point of having the option.
I especially like signal’s groups implementation. I have a couple of large group chats where I am happy to share my day with people but it’s not important enough to notify everyone’s phone and it doesn’t matter if they miss it.
See - that's the part I don't get. Photos, to me, are not ephemeral. They are valuable, even if you don't think they are at the time. I've lost too many photos because I considered them to be ephemeral, and I regret that loss because I now only have vague memories of the events they captured. My only remaining memories of some of my oldest friends who are no longer with me are captured in those "irrelevant" photos.
Future you will thank you for keeping photos of your friends.
I mean the person who took the photo still has it and you can still ask for it if you like it? If anything stories make you likely to see more photos of your friends, not less.
> broadcasting images to your contact list isn't exactly what I think of when I think "private messaging".
Neither was signal taking your contact list and uploading a copy along with your name and photo and storing that data forever in the cloud. Neither was refusing to update their privacy policy to reflect their new data collection practices. A company that promotes itself to whistleblowers and human rights activists and then lies to them about what data they collect and keep is highly unethical.
None of this inspires confidence in Signal as a private/secure messaging service. I've moved away from it. I wish them luck as a social media platform.
Yes, “though contacts are encrypted, users are not prevented from using a weak PIN” would have been a better way to word this criticism from the start, rather than implying that they are stored completely unencrypted.
“though contacts are encrypted, users are not prevented from using a weak PIN” ignores that Signal encouraged users to set a weak pin (for many people the word "PIN" means a 4 digit number) and that the data is stored using SGX which has already proved to be vulnerable. In my view the fact that they have been lying in their privacy policy is a much bigger problem for a company we're supposed to trust.
Off topic, but I've been very irritated they're removing SMS support. It was a killer feature that allowed me to adopt signal as my sole messaging app.
I actually like the idea of Stories (vs say a giant group text), but I don't think 24 hours is workable for the people I Signal with because we're not in Signal routinely enough and everything will just delete before anyone sees it. If it were configurable I'd probably set it to a week or a month. Actually, I don't know why they would fix the time at 24hrs. We've always been able to set the time period for disappearing messages.
> I don't know why they would fix the time at 24hrs.
To use fear of missing out to cause people to check the app at least a couple times a day. It's an engagement hack, and the main reason I dislike this feature wherever it appears.
I suppose it does function as an engagement hack, but I like ephemeral messaging like this because it is low-stakes and I often don't care strongly whether any individual sees my post or not. If I did care, I'd simply send them a message directly! So at least in this sense, the short timeframe is a feature that defines the medium for me.
Of course, you could allow customization of the time interval, but that adds another layer of complexity, and other platforms that use stories have already pretty much standardized on a timeframe of 24h, so it's easier for platform newcomers to understand.
I find it interesting that the option to opt out of Stories exists in the Chat settings. Apparently they couldn't be buggered to even create a link to view the settings for Story inside of the Story UI's context menu.
But hey, I'm an old, biased, grumpy man. They're taking away SMS (which was what allowed me to get it onto my family's phones) and shoving TikTok in my face instead. I'm displeased by this and looking for things to pick on.
And after ignoring all the people who were begging them to provide a means to opt of having their data permanently stored in the cloud.
I'm glad they're giving consideration to people here, but forcing this change on people won't cost them as much as forcing people to the cloud and dropping SMS support did.
Please bring back SMS support. It's hard enough to convince people to use Signal in the first place. Nobody is going to juggle multiple apps, they'll just go back to SMS default app.
so many people I've gotten to switch to signal have asked me about them discontinuing SMS support. my family members aren't going to keep using signal just to message a few others, when the majority still use text.
The stance of Signal is insulting to anyone who lobbied to friends and family for them. In addition to making us look like idiots, when they kill the feature it is very likely that we will be called to the rescue, because the Signal archived SMS messages will dissapear.
As a growing company, I don't know how they expect to get away by alienating their staunch userbase. Even Meta made concessions when Whatsapp userbase revolted against upcoming changes.
In the meantime, Google have revamped their messages app, which of course continues to support SMS.
They did same when they forced people into PIN code they didn't want with full screen or 1/3 screen unremovable nag message until you created PIN, it took them about week or two before they backpedalled from forcing it without option to opt out, but it was too late for me and my extended family, we all uninstalled this POS app.
Just for fun now I installed it to use as my default SMS app after this whole hullabaloo with SMS removal, I use Johann's fork, so I am just curious how long it will keep working as Signal messenger with no APK expiration. Though I am definitely not telling anyone I am using it, tried to isntall it on wife's phone, never received verifying message or phone call, no matter how much I tried and mind she has the regular phone with almost stock ROM, while I use Lineage with no gapps.
I will ditch it in a second, if there will be other IM with SMS support other than Facebook Messenger and Skype (Lite), ideally some Matrix client with SMS support, that I could promote even to my family.
Just use Johann's fork with SMS support and no APK expiration and don't update it. This would either buy you some months before proper alternative will be introduced or at best work infinitely.
I'm glad to see the app is actively being worked on, even if the changes aren't ones I care about personally. Here's my wishlist for Signal:
- Edit previously sent messages like Telegram, Discord and Slack lets you do. I'm so damn tired of a big ugly "This message was deleted" if I try to fix a typo/DYAC
- A better way to sync up clients, so when I log in on a computer and verify with my phone, it lets me sync over some or all of my message history.
- A way to set the expiry time for your sessions. I appreciate that they want you to not stay logged in forever if you lose or forget a computer, but I'm so damn tired of having to re-log in on my desktop pretty much every time I try to use Signal there.
- Faster message import when starting desktop clients. Or smarter import - e.g. prioritize the top of the chats list and throw the rest on a background queue instead of hanging the UI until it's done.
None of these are huge, but they combine to make it just feel more annoying to use Signal than their competitors. I really like Signal in principle, but I wish I didn't need to give up UX and QoL-nicenesses that I've gotten used to from other apps in order to use it.
Ability to export my conversations is a very basic feature that's lacking; I have years of conversation with my wife that I'd like to preserve but no way to do it within Signal. (I could back up the SQLite database at the OS level but that immediately starts to get complex).
Also no text formatting, how come I can't just use markdown in 2022?
Very much agree on the edits as long as history is preserved. Same for the clients - it would be nice to be able to send history from client to client (or even just have cross-client backup loading).
Personally, I would like a long press / long click option to switch to "send and enable disappearing messages." It's a small thing, but it would make it easier to move back and forth between archived and unarchived conversations.
I use it daily on the M1 Air that I work on, and probably 1-3 times a month on my desktop gaming PC. I never need to re-login on my Mac, and on my PC it feels like 50/50 odds whether I'll have to log in again or not - it's infuriating.
Not the OP, but I have to re-sync (and thus lose my existing chat history) on various machines often enough that I know exactly what OP is talking about, and these are on machines that I use at least once a month, so they don't go that long without checking in. It's annoying.
I'm curious how it encrypts. I've got 500 "Signal connections"... Does it do them all at once (with some kind of "group key" like in group chat) and in a way that can be decrypted by any of the individual keys? Can't find any details on github or the official forum...
I've always thought creating a shared key which rotates as soon as a single individual is added or removed is smart. There are security implications related to whose decryption key leaked, not sure if that's a legitimate threat model for almost any scenario though.
Am I in a bubble and these features are, in fact, widely used on WhatsApp?
I'm in groups with a whole lot of other people including a few who keep up with modern social media stuff, use TikTok, use Instagram, et c., and zero of them use the Status feature or Stories or anything but messaging. For us it's just ICQ/text with better media embedding (but still really bad, somehow). Some of us regularly use similar features, but only on other platforms, never on WhatsApp.
Is that unusual, and these are in fact much-beloved features by a good chunk of the WhatsApp user-base?
Can't speak for the world but WhatsApp Statuses (stories) are used by many many people in East Africa. It is basically what keeps me coming back to WhatsApp over Signal so I am quite thrilled to see Signal now have them. Maybe that will shift more people over.
I'm using WhatsApp everyday, but have never encountered anybody using stories (I can't even find it in WhatsApp on Android, is it the camera-ocon in the top-left?)
A lot of people around me in Germany from all ages and bubbles use this feature in WhatsApp as if it were some kind of Instagram. I see multiple status updates every day.
By my experience only people in poor countries outside Europe use this feature. Don't ask me why this specific group chose this instead of Facebook/Instagram. Literally none Europeans from various countries in my Whatsapp use this.
Nice, I like seeing new features being added - despite on my personal opinion about them. As someone else pointed out, the more feature parity we reach with WhatsApp (or other popular messengers) the fewer battles we'll have to fight to bring people over.
Don't really care for this but more feature parity with WhatsApp or SnapChat could hopefully attract more people and make it somewhat mainstream. Personally, I know a lot of people that use these messengers just to look at or post stories.
What are "stories"? What is the use case? If it's a low effort way to spam one's acquaintances, seems like a website/blog would be better for sharing images/text and also has the advantage of not being tied to some platform's walled garden.
Also, why does a secure messaging app need stories? Is this part of a trend to make signal more like social media, or to balkanize the web?
I think Telegram has something like this because often on the desktop browser I'll want to follow a link to something and it wants to open it in telegram. No thanks!
'Stories' were made popular by Snapchat in 2013, and they became the most-frequently used part of the app. They're a good way to give life status updates to a lot of friends at once, and provides a good conversation starter. This revives friendships and keeps communications going.
From my experience, they are a non-optional part of socializing. By my estimation, my social and professional networking has materially suffered by not using Instagram or a Snapchat for most of my life. I wish this were not the case.
Stories are popular because a lot of people have uses for them, but it's hard to articulate why they're useful. I'll try to explain:
A website/blog wouldn't be better, because (1) a tiny fraction of people know about RSS, (2) a tiny fraction of people know how to make their own website/blog, (3) a website/blog is not as well-suited for on-the-fly updates like stories, and (4) absent RSS, nobody will check all $n$ of their friend's personal blogs as often as they open their messaging app.
Furthermore, (1) stories are not crawled by default in an easy-to-access way (like Google or the internet archive), (2) the 24-hour time lock leads to different kinds of posts
> They're a good way to give life status updates to a lot of friends at once, and provides a good conversation starter.
I've found with experience that whenever you share something, it needs to be deliberate to chosen people, otherwise it deteriorates into popularity seeking and least-common-denominator feel good spam. I much more prefer the "take photo/video or find a meme, send to specific people each time" flow. With snap, it takes a few seconds to choose, because contacts are sorted by recency. This is the only part of snap I'm using, and it existed before stories.
Signal ended up somewhere inbetween, where you have to create a story (an imo unnecessary layer of i direction) and then add people to the story, which is minor from a tech perspective but huge issue for UX. It increases the friction for this flow.
> From my experience, they are a non-optional part of socializing
I must not have much of a social life then, since I've apparently managed to go 9 years without having anything to do with them. Maybe I'm just getting old.
Rather being hooked on social media, I believe. I never seen this feature as useful or interesting at all anywhere and I'm in mid 30s. My friends who are either bit younger or slightly older and who are still sitting on fb for whatever reasons or ig appear to be using stories - at least that's what I've seen last time I've check facebook.
I wish they would figure out how to have one account on multiple devices. The work around now is using groups, but that's kludgy. I use Signal to chat with friends and family. I want to be able to switch between personal and work phone and my conversations go with me. Again, groups are a work around, but I'd rather something better.
I feel like this should be a priority over more features because it's been asked for for ages and they say they're working on it.
Not likely to happen. While it's OSS, there's still a central Signal backend, and they don't like clients other than their own to connect to it. Any fork would eventually need to have their own backend, and now you're basically no longer using Signal since you won't be able to communicate with anybody else not using yours.
I think that's called Matrix and we already have that.
Anyway, good luck getting Signal to federate with you until you have enough of a user base that they're losing users to your backend. They have zero reason to want to do this, and it introduces some privacy issues (what if your server doesn't respect deletions, etc?).
We even had it long before that. It's called XMPP, it's the internet standard for instant messaging and modern clients implement Signal style encryption.
Welcome feature, as hopefully it increases adoption, but seems like Signal is going the wrong direction. Getting feature like stories right and picked up is hard. You need to do a lot of analytics and UX testing. Signal team is not set up for this. This something, that is nice to have and can be iterated on until a sweet spot found, but in the meantime Signal is missing some important features directly related to it core mission: secure communication:
1. support multiple phone numbers
2. support usernames without phone number
3. ios message export
4. Hidden chats(not visible unless a secret combination is entered) – this is really necessary, because oppressive regimes don’t crack your encrypted, they detain and ask you to unlock your phone and show your message history.
5. Call quality between the US callers is pretty good. But in Europe it wasn’t as smooth for me.
6. Offline mode - when Internet isn’t available. Either using local servers or mesh networks. This is a massive change, but it would truly boost Signal resilience.
My initial reaction was "oh no. Signal finally broke down and has begun adding the annoying social features."
After thinking about it, I actually don't mind it.
I am in a big (~15 people) group chat with my family. Often times someone will spam the chat with vacation pics or something they cooked for dinner. I don't particularly dislike that, but it seems like posting those pictures to their story would be a much better way to share. The audience would remain the same and it would still be private. The viewing process would just be much better.
The main problem is, and always has been, getting a bunch of iPhone users in the US to use any messaging app besides iMessage. Let alone having them post to a story within that app.
I don't understand why so many folks are compelled by ephemeral photo sharing, even while I'm happy for those that want it to have it. It's just not for me.
First of all, the older I get, the more precious memories are because frankly, I'm forgetting more and more and it terrifies me. I don't understand why something that was worth sharing today needs to be gone tomorrow. What if I was busy that day? What if I want to see it again tomorrow? What if I'm at a party three weeks later and want to show somebody your funny puppy photo?
Second, if you think about it, it's often the most casual, lo-fi and accidental shots that end up carrying the most authentic value. Quick snaps that you don't know are "last photos with" at the time. People pass unexpectedly; too bad all of the pictures of them were set to fucking evaporate.
Third, if something is truly not photographed with enough intention or effort to keep it around for more than 24 hours... was it really worth sharing in the first place?
Finally, it's super weird to me that people don't assume that anything downloaded or displayed can be captured. In fact, having something set to self-destruct in a day probably means that people are more likely to save a copy locally than they would if you just left it there.
Removed SMS support and then added stories. Worried about signal's recent direction.
Being able to interact with my remaining non-signal contacts was huge. Really going to miss it. In contrast they are now adding a feature I do not care about at all.
It doesn't look like it has anything to do with Signal's direction in particular, but rather the changing environment they're in. (Specifically Android/Google making things harder.)
"SMS is on the way out". I'll believe it when I see it. Apple isn't going to adopt it because they have no incentive to do so and apple has huge market share. Android hasn't even implemented it yet! We're killing super useful features because 50% (or whatever android market share is) of mobile phones might have something better next year???
Having SMS support as a workaround was huge for signal usability for me. Taking it away burns so much good will.
You can still communicate with your SMS-using friends via the normal means… IMO mixing totally secure and totally insecure communications in the same app (the same list view even!) was always a poor idea.
From an outsider/non-user's perspective, there are two angles to this: dropping the ability to use Signal as your default SMS handler does make the program much more secure, but it also means the barrier for getting new, casual users to onboard much harder. When it functions as an SMS app, you can get friends/family/whoever to install it and set it as default, and it will opportunistically use E2EE when available.
It seems to me like this improves OPSEC for very privacy focused Signal users, but increases the barrier to entry for "casual" users who may not care enough to use a separate app for certain people, but may be convinced to use Signal for SMS.
All that said, I'm not sure how any of that actually plays out in the real world, or if there were that many actual users doing just that.
I have never had any problem distinguishing between encrypted and unencrypted communication sin signal because they put a giant padlock icon next to the name of the contact. Now I have to use 2 different apps to handle messaging and set up a different color scheme or something to provide a visual cue about which is which if I respond to a notification in a hurry.
It's fine if you don't use SMS in the Signal app much. But a lot of us only downloaded Signal because it could replace the built-in Android SMS app. By dropping the SMS feature, we now have to use N+1 apps just to receive the occasional shipping notification or 2FA message.
I'm glad that dropping SMS means nothing to you. But "i don't see how you can known signal in anyway" for dropping a feature sounds disingenuous.
I mean thats a slight inconvenience at the cost of not letting people be confused that they are not actually having an encrypted conversation. I still stand by my original statement and don’t understand how people are so mad about that. Sure “it sucks” you need another app now but the comments about this in the threat are treating it like signal is doing something malicious
This removed-sms-without-reason is going to be a myth that persists for a while
> RCS is coming, and it doesn’t play well with Signal.... and Signal can’t add RCS support because there’s no RCS API on Android. Honestly, the days of any third-party SMS app are numbered.
That reason might be a nice scapegoat that they invented after criticism because it's mentioned nowhere in their official announcement.
>There are three big reasons why we’re removing SMS support for the Android app now: prioritizing security and privacy, ensuring people aren’t hit with unexpected messaging bills, and creating a clear and intelligible user experience for anyone sending messages on Signal.
While this is true, RCS isn't here yet and when it is there likely will be APIs for it. The argument that there aren't APIs for a feature that isn't present isn't a valid one in my book.
Don't forget integrating and pumping a shitty crypto altcoin, completely ignoring the vastly more legitimate and well trusted privacy coin monero while also potentially opening itself up to legal attack vectors for helping to facilitate money transfers, not just protect speech.
Lots of reasons recently to develop deep distrust for Signal leadership, and start calling into question whether the app is still legitimately private.
> Lots of reasons recently to develop deep distrust for Signal leadership, and start calling into question whether the app is still legitimately private.
How about when Signal started storing people's contacts, their name, their photo, and their phone number in the cloud ignoring cries from their users that Signal should provide a way to opt out and bringing up security concerns, then refusing to update their privacy policy to reflect the new data collection meaning that for years now they've been outright lying to people about what data is being collected and how it's used. That was when I moved off the platform.
If you want private/secure consider looking elsewhere.
I know, I was also a fan and had to go to friends and family and advise against using Signal after I'd told them years ago how great it was. You're right though, every great application seems the grow until it turns to trash and needs to replaced with something else. Very few apps escape that cycle. VLC is one of the good ones holding out.
The very first line of their privacy policy reads:
"Signal is designed to never collect or store any sensitive information" which is a total lie. For someone like a human rights activist or a whistleblower a list of all their Signal contacts is absolutely "sensitive information". It really used to be true that they didn't collect and store anything, but it hasn't been the case now for years!
If this is the first time you're hearing about the data Signal is collecting and storing in the cloud that should tell you all you need to know about how much they can be trusted.
The reason it's not the "best Signal" is that WhatsApp doesn't have reproducible builds or any guarantees that e2e isn't subverted on the client side or removed entirely. And it's run by a company with incentives that are misaligned to e2e encryption and a history of product updates that don't respect the privacy or preferences of the end user.
Both tor and signal are funded By one or another branch of the American intelligence community. If you want more info i recommend googling "signal radio free Asia" It's original function was to allow CIA agents posing as reporters for the CIA mouthpiece called Radio Free Asia to be able to report their discoveries. I use the app but in many ways we are actually providing cover for the military and state intelligence agencies of the United States government much in the same way as when people use tor which is openly a project of naval intelligence
It is not the same. WhatsApp (and Meta) collects all the metadata, which might be worse than the message contents itself. It is just their marketing, it is not very private after all.
WhatsApp is completely unusable unless you grant it access to your contacts though. That's my biggest issue with it -- I don't want to hand over my data to FaceBook.
Reading the comments here I believe there is one detail that needs to be mentioned. Many seem to uphold the opinion that, while the feature is not for them, they aren't mad about it as they feel it brings Signal closer to the masses and is hence a good thing.
One key aspect to consider, however, is the fact that at the end of the day the feature requires code in order to work. Code can contain flaws. When working in encryption it's usually the less code the better, as it limits the attack surface.
It begs the question, just like with the introduction of their payments feature, whether the additional amount of code, which could realistically introduce new flaws, is justified by the benefit it brings to a platform that's main focus is private, encrypted communication?
To put it differently: Will citizens, dissidents and journalists in authoritarian regimes be benefitting enough from this feature to justify the additional attack surface its code has introduced?
I was so annoyed when I saw this. Luckily you can deactivate it. I've done so, moving on with my life. Can't believe how much I hate modern design pet-peeves and features... mozilla VPN app recently switched to having a menu bar at the bottom for 'home' (default view), 'messages' (update notifications and crap) and 'settings'... because this is how to do it now... of course it has fancy rounded corners... sigh...
For all the people still complaining about the SMS thing: I get it, at the same time, I don't. When I first installed Signal I was surprised and annoyed it wanted to be my default SMS app. What does SMS have to do with encrypted messaging? I immediately saw people would use Signal, send SMS, and assume they were securely messaging. Now Google is pushing https://en.wikipedia.org/wiki/Rich_Communication_Services which Signal can't implement.
Are they supposed to 'keep' people esp non-techies from using RCS 'by default' and make them use SMS? The app that cares so deeply about encrypted communication?
My thinking: integrating SMS into Signal was a dubious move to aid adoption. I could make the reasonable argument it should've never been done. With the arrival of RCS and SMS falling by the wayside more and more, it just can't be justified any further.
Sucks for adoption? Maybe. But honestly, Signal can't want people to use SMS, right?
> Are they supposed to 'keep' people esp non-techies from using RCS 'by default' and make them use SMS? The app that cares so deeply about encrypted communication?
While I agree with most of what you said, it appears you are implying that RCS provides a security guarantee somehow that Signal is impeding. RCS is badly fragmented, mostly not E2E (except Google private E2E extension), and does not have Apple's buy in. Signal does clearly indicate that SMS chats are not secure.
Signal originated as ChatSecure- the encrypted SMS app.
Historically, Signal (then known as Text Secure) was encrypting vanilla SMS between users! If you got rid of the app and somebody texted you through it you would get an encrypted chat! Then they moved away from sms, partly to allow for more anonymity (i think) from metadata and a better experience. So the sms capabilities are more historical than a design choice to do both.
I think menus are moving to the bottom because phones are so big now - that's where your thumbs are. Probably the only reason phones ever had menus at the top is because they were just copying desktop app UI.
This doesn't really seem to do anything I want. I have a channel with my extended family called "Baby Pictures" which is a "subscribe if you want to" channel for sharing pictures of my son without blowing up the other channels, and this seems like a use case for stories...but that 24 hour timer is kind of way too short for it?
This would be much more interesting to me with more options - namely: I'd like to be able to setup an untrusted client somewhere (Syncthing can do this, but its not a social app) which would archive the stream of content into a story in encrypted form for me, and let people with channel access recover it without keeping it fully cached on their phones. That way all those photos which I would like to keep would go somewhere where I could get them.
Obviously none of this is necessary, I do other things right now (Syncthing and not using inbuilt camera apps in applications).
I'm guessing this is the signal for the end of these "short-snap-tik-stories". The idea about "Stories" is that making a short video is harder than a photo (which is harder than a text post); and as a result it'll generate more engagement vis-a-vis the competition. Now that everyone is doing it, the average engagement for each "Story" will be lowered; and "Stories" actually require significant effort to produce (comparing to say, a 100 words tweet).
We're back full circle. I wonder what's the new, next shiny thing that will attract people. Maybe Zuckerburg is not so crazy after all. If you've seen these TikTok videos 10-15 years ago, you'd think these people should be admitted to a mental institution.
I have never understood all the song and dance about stories. I can see how they differ from simple posts in the sense that they can be interactive and last only last some time before disappearing (and even then, it seems the concept was extended by allowing permanent stories), but I just don't see the appeal. It forces me to check another section of the app to stay up to date with things, while I could just check classic posts. There's nothing technically impossible in improving classic posts and adding stories-like features to them, but it seems the main goal is to fully leverage fullscreen media and autoplay in order to retain users as much as possible in the app.
This rules, this really cements Signal as the best real-life social networking tool out there. It’s the app I use the most to talk to my real friends, and I love all these new features that make using it more fun. Fantastic work!
I can imagine it would be a useful alternative to having a bunch of group-chats for people who want to share baby/cat/travel photos. And I can disable it. Win-win.
I'm happy to see this! I've always liked the idea of them but refuse to use any social media app that implemented them previously.
I know some people are not going to like it, but let's face it, this is a feature people use and now it'll be easier for friends and family to continue using Signal.
Group-chat specific stories would be an interesting idea. What I dislike about social media is the wide-reaching effects, being able to constrain this to a close circle of friends (like what G+ alluded) to could catch on.
Perhaps more due to frustration at prioritization of features that subjectively seem less important than some other desired feature?
For example, I would like to be able to log into signal from multiple devices, which currently isn't possible.
So, I could imagine switching to something like telegram (even though less secure) or matrix (even though a little trickier for non tech users), both of which allow me to do this.
Personally though, I'm still using signal, donating, and have converted a few people, I'm just speculating here.
Hahaha, you're kind of right. The app peaked in popularity when I was in high school, so of course I used it with everyone else. I can't stand it now, though.
The issue, is, what if you fired original mobile team who released this version ?
Main issue with current industry, is, the product changed eventually , but mostly for worse. As original makers have gone.
Universal solution, is, everyone should have ability to make their own social circle (think contact platform), with a federated protocol to connect with other's circle contact.
I seriously think Signal missed the boat with this one. I was one of those folks who used the WA privacy policy change to attract folks around me to use Signal. It worked and they all started using Signal as well. It would have been an easy thing for Signal to prioritise Stories. That was the only thing that differentiated WA with Signal at the moment. Only thing we needed back then to make folks stick to Signal. Instead Signal was building some irrelevant cryptocurrency feature and split their own userbase in half. That feature was already going to be used by only a minority anyway.
Everybody went back to WA after FB's stunt on retracting the privacy policy. I am back to square one on who all are using Signal around me. I don't think there is going to be a better chance than what we got with WA policy change.
Signal had the funding, they had the tech and folks. The momentum, people, media and even people like Snowden, Jack and Elon Musk were with us. They chose something completely different and irrelevant to what would've helped make Signal a standard. What is the point in having this now? Majority of the users who were going to use it are already back in WA. This feature will be used only by a minority.
Another fascinating learning from the whole journey was that a lot of "loud" privacy folks use privacy through obscurity (like security through obscurity) to keep themselves private. They jump ship when their tool gets popular. And these were the loud ones during the whole discussion in Signal forum with respect to Stories. With AI advancements and big corps, we need more folks in the privacy space using private tech. If we don't accommodate non-privacy folks as well, this will be a harder fight than it has to be.
The phone contact list becoming the root of trust for defining personal trust relationships is rather unwelcome. Then software taking that data and wordlessly interpreting it as a binary trust/do-not-trust decision is also unwelcome.
If I am networking at a conference, I frequently exchange contact info by entering info into each others' contact app or sending each other a text. I'm sure I'm not the only one to do this.
It's one thing to tell two users that both parties are using Signal and in each other's contact list (contact discovery). It's another thing to encourage users to broadcast messages to all of them (via Stories, and the default share setting is all contacts)
In summary, while I'm neutral on the Stories feature, I think the implementation/rollout has been clumsy.
Well, I suppose the ecosystem is moving [1], and now the ecosystem has moved to stories.
If you had asked your friends to get a Matrix client instead (eg. Element), at least you'd be able to move to a new client [2] if you didn't like the direction it moved in - and you'd still have your group chats and keep your contacts because it's federated.
Unfortunately you're now stuck with stories (or maybe crypto payments one day [3]) because Signal doesn't federate, and likely never will, and the amount of effort to ask your friends to move _again_ is just too big.
This is _exactly_ the argument I make when friends ask why Matrix over Signal. I'm exhausted of picking up and moving again.
I hate that protocols became so tightly bundled to client implementations. It's like if the WWW could only be browsed by Chrome. Really unfortunate (for the public) that IM protocol standardizations died over time (FB and Google dropping XMPP for example). Matrix shows some promise with larger adopters like the French government. I'm rooting for them to succeed even more.
Many people signed up after the new WhatsApp T&S debacle, but Facebook played it like a boss by delaying the change and draining the news cycle and they won.
Almost no body uses signal, I have chat group of my friends on signal, and I'm really thinking of moving it to WhatsApp, so they actually see the messages instead of it being 20 messages from me and 1 from the others.
Its not that they don't have signal installed, they just never open it, I use it as a video/voice call app and it works well, but messages? Its a PITA to get people to actually read them, especially since many of them are complaining of notifications not working.
I like the stories feature, especially because its totally encrypted, but its basically useless as almost no one in my social circle uses Signal.
Speak for yourself. At least 80% of my messages run over Signal these days. And I communicate with a wide variety of people, not just techies.
I think a major contributor to this was that Signal got normalized early as the venue for a large group chat started by some friends who moved to my neighborhood years ago. Over time this chat became a sort of neighborhood forum where people advertised open rooms, traded goods and services, and exchanged news and gossip. And because it was on Signal, everyone installed Signal.
I know I'm in somewhat of a strange bubble, but I just want to underscore that this kind of world is possible. The adoption fight hasn't been lost yet, especially since some cracks are starting to show in the incumbents' moats these days.
It was analogous to the “Messages” app that iPhones have—a single, zero-decision place to go for texting, that opportunistically upgrades privacy without the user having to understand anything.
Casual users don't understand (and don't want to understand) the difference between SMS and other messaging services. And it makes sense - it's all a kind of chat, so why would they expect two different apps with the same core functionality?
When I first opened the app and saw a "Stories" tab, I thought "oh no... not here too, ffs...". Then I immediately went to the settings and was mildly relieved (but perhaps I'm naive) to see that I could opt-out.
Now I dread the day when they might decide to make it so that you won't be able to opt-out. Why can't we have nice things?
Perverse incentives to get folks to use signal more. Checking it when you get a message isn't good enough, need to get creators and influencers on the platform to let folks doom scroll.
Is there anyone that actually gets excited when they see a platform has stories, or is adding them?
I feel like it's just out-of-touch product managers who see everyone else doing the stories thing and blindly aping it cause it's the thing to do.
In reality, the only place people seem to use stories is Snapchat, Instagram, and seemingly some people post to Facebook stories but I think it's mostly cause of the toggle in Instagram to cross-post to there.
> Is there anyone that actually gets excited when they see a platform has stories, or is adding them?
I was honestly excited when I saw the headline, not because I have any intention of using stories myself, but because my friends have repeatedly tried to explain to me why they use stories on Whatsapp and Snapchat, and I have some hope this will make Signal more attractive to them.
I feel the same way about stickers and the Giphy proxy, both of which are features I would never have asked for and was initially skeptical of, but that have wound up being widely used by most of my friends who use Signal.
As of now, Signal still has no concept of followers. My stories are at most only visible to all my contacts on Signal. In my mind this is a big difference between all the other major platforms with stories.
I don't like this: it seems like Signal wants to morph into a social network rather than a secure messaging platform. I predict the next major features will be unencrypted public groups and API messaging access like Telegram has.
Would you rather live in a world where Signal is laser focused on secure messaging to the point where no one uses it? Telegram is growing rapidly because it's adopting social media paradigms. I use both, and I wish I only used Signal.
About once a week I get a notification that random person X I haven't talked to in a decade is now on signal. About two months ago the super at my old apartment building got on signal and I got a notification. My late coworker's phone number finally got recycled and the new person using it is on signal too. They appear to be reaching critical mass.
Still really mad about them dropping SMS support. I'll be deleting it when that happens.
I really don't understand the qualms with SMS support. SMS was never secure, and it certainly doesn't become more secure when you push it through a pass-through on one app or another. There is nothing you can do to SMS to make it more secure except to send encrypted strings: but then you have the same problem of sharing secrets, etc. that requires a separate app to manage anyway.
It means I need an extra app now. Signal replaced my SMS app. I'm not going to stop using SMS completely, so if Signal drops it I need to use one more app.
And one that I have been able to happily ignore for years because Signal handled all my messages. If you are not a long-time Signal user then maybe you don't remember how they made a big song and dance out of offering this feature in the first place to make Signal more usable and accessible.
Because I already have an encrypted messaging app. It's called Whatsapp. This bumps up to E2E encrypted if both people using "SMS" have signal installed. Now this is just an alternative to WhatsApp. I will just keep using WhatsApp.
That let's me turn off annoying notifications from other people. Guess what, it doesn't help someone who would prefer not to advertise their adoption of Signal to everyone who ever had their contact details.
Really, is it so hard to think about both sides of this equation?
But isn't, because there's a giant icon that clearly Signals it and it pops up a warning the first time you send a message to someone new over SMS, every time. In over 5 years of using Signal, I have never sent an SMS message in the mistaken belief that it was secure, and I typically get hundreds of incoming messages per day and typically send out 100 or so.
'We're taking features away for your security' is a lowkey way of telling users that they're idiots who can't be trusted to operate their own devices. This is really pretty offensive to the people who have been evangelists for Signal for the last 6-7 years.
Telegram is an interesting comparison, because it isn't focused on security at all: it's a social network delivered through an app that looks like a messaging app.
I'm not against social media fundamentally, I'm against the lack of privacy and emotional exploitation as means to sell more ads on social media. Social media could be done solely in the interest of its users, and I think that could be fantastic. So far, Signal has a reputation good enough to make me optimistic about it adding social network features.
I definitely do not expect Signal to drop encryption by default in any feature though. That's their fundamental value.
I too am not a fan of such a move. However, their goal is to increase usage rates among the mainstream audience hence why such a feature is being introducing, just like stickers back in Dec 2019.
Though I'm not sure how many will actually use Stories. WhatsApp has something similar as well but I have never seen anyone among my contacts use it
I just want to share some stories with friends in my contact list. On Signal you don’t have “followers”, just people you are in contact with. This is an unobtrusive way to for example share something interesting, or some event happening near you and so on.
I don't see how Signal adding features that shift communications from insecure venues to private encrypted channels would lead you to think they are abandoning privacy.
Session seems OK. I sort of like the look of Matrix but it's a lot harder to establish a security policy when 10 different people might be using 10 different Matrix clients, and nobody can do technical support for anyone else.
Disregard this comment. This feature, while disappointing to me, is a fine addition to Signal for many people who would like to use the Story format without snooping or ads from Meta. That is a good thing and we should celebrate it.
I previously commented something much more negative and snarky. I regret it.
Don't be snarky. Have curious conversation; don't cross-examine. Please don't fulminate. Please don't sneer, including at the rest of the community. Edit out swipes [...]
Please don't pick the most provocative thing in an article or post to complain about in the thread. Find something interesting to respond to instead.
It might be a smidge snarky, but it's literally the only justification Signal provides for adding this feature to their app. Why is it not OK to analyze their reasoning?
Because it's not analysis, just generic sneering. Picking N boring things to complain about is not any better than picking one boring thing to complain about.
I wouldn't write this today either - it was a much, much smaller HN and a smaller nerd internet. Although amusingly enough, the Rails release notes were edited after that showed up on HN but I don't think Signal is going to give you even that satisfaction, sadly.
People aren't expecting to get quote sniped so they assume that you have read the previous section where they explain in exacting detail what value they see in the story format.
> In the past years, stories have emerged as a new way to communicate, with their own unique purposes, norms, and idiosyncrasies. Ephemeral, low-stakes, and image-heavy, people use stories to share updates about their lives without the expectation of a response.
> Sometimes you just need a chill way to show your crush that you went to a very cool concert, without having to text them. Stories let you share your life with a select group of people in a way that doesn’t result in a new message notification. They give you a place to tell the kinds of jokes that work better in a sequential image or video format, and to share what you’re doing without the pressure of a conversation.
> Stories have emerged to serve these specific functions and others in the broader communications landscape, and many of us have integrated them as one of the ways that we connect with one another. That’s why they have a natural place in any messaging app, including Signal.
> Stories also happen to be one of the most common feature requests we receive from all over the world. People use them, people want them, so we’re providing a way to do stories privately. And without having to wade through a sea of ads.
Good point. I do not like the Story format, so I'm pretty prejudiced against them. The author does a good job earlier in the announcement of explaining the reasoning, so my sniping above is exactly that -- unfair sneering.
Thanks for calling me out here. It goes to show that even when you feel very grumpy about a change, you shouldn't resort to unfair arguments like I did.
So did Moxie leave because Signal got overtaken by Feds? Why is a secure messenger adopting the appearance of social media? Doesn't this work explicitly against the entire claimed reason for not having an account system?
> So did Moxie leave because Signal got overtaken by Feds?
No, he worked on Signal for so long that he probably just wanted to take a break to work on other passions too - he's still on the Signal Foundation board (https://signalfoundation.org/)
> Why is a secure messenger adopting the appearance of social media?
I'd argue that Stories (or equivalent) is nowadays a standard feature in many messengers.
To more directly answer your question no - Signal is missing a key aspect of Social Media: discovery. Stories is pretty much equivalent to share a picture to a group of people.
You can also easily disable the feature in settings.
> Doesn't this work explicitly against the entire claimed reason for not having an account system?
I'm not sure specifically to what you refer to but in general: phone numbers is still the primary way to find new folks, but they're working on a username feature. They will still use phone numbers for simplicity as "account" but again, Stories is simply a new interface to share pictures with your contacts.
"Standard" implies a lot, and definitely there is nothing about "enabling two-way communication between willing participants" that requires "make available a video on the screens of my contacts in a non-directed way" to be part of the offering.
Signal is not social media. That is not its intention, nor its purpose, nor even its design. It is a messaging service. We already have a discovery feature in Signal: using your contacts, you can see who has Signal installed or not.
This feels like bikeshedding to the max, because it is.
> Let's not conflate "normalized" with "standard".
Good point - I agree, should have phrased better.
> We already have a discovery feature in Signal
Another point I should have been more clear. I agree that contact discovery is ... well, discovery! I think what I meant is that right now you can only discover folks you already know (i.e.: have the number for) but you don't get recommendations.
So yeah... I'd say that one of the major points distinguishing Signal from a Social Media (at least one of the definitions of) is the lack of recommendations of new people to follow or things to discover. Signal in that sense is a communication platform.
[note I mean Signal the app not the company]
> bikeshedding
You mean if Signal is or isn't a Social media? Or it's run by the feds?
I mean I replied to the above company with a serious comment but I thought the original one was not particularly useful to any discussion around Stories per se.
I mean, it is now since they just added a stories feature. Sorry that your view of the product doesn't align with Signal's.
You're also using the word bikeshedding in a way unfamiliar to me. I use that word to mean intense debate about inconsequential changes that don't matter, like the right color for a bicycle shed. Which ofc is ludacris because there is no right or wrong color for a bicycle shed. In contrast to that, there are absolutely product decisions about the app that are material to its desired and undesired functionality. If signal decided to change the functionality of their product and stop encrypting texts, would discussion about that be bikeshedding? Why then, is this change in functionality not of similar concern?
The important part of "bikeshedding" is the part about ignoring more important changes by focusing on trivial changes around the edges. If stories are more than trivial, I'd like to know how.
Personally, I think call quality and server reliability with respect to private messages are more important for a service that is explicitly (and, until this change, exclusively) about private messaging, especially considering recent outages.
If Signal changed the encryption protocol to an insecure one, or simply removed it, then they are fundamentally altering the promise of the app vis a vis its core technology, ie, the essence of the provided service. Obviously that is analogous to the foundation of a house, not to the shed in the backyard.
I guess its up to uoaei to define companies instead of themselves. They have a mission statement and othing more and that mission could be achieved as a social media company.
* Doesn't require users to provide a phone number.
* Doesn't use centralized servers.
Hopefully Session will stay legit for a while. Just when I get most of my contacts to use Signal, Signal moves to embed a cryptocurrency in the app and starts pushing Storytime.
F-Droid list them as having anti-features "the upstream source code is not entirely free" - how are we supposed to know if it does what it says it does if it's proprietary?
This seems to be a case of "damned if you do; damned if you don't". Session relies on Firebase to get faster notifications from Google servers. This can be disabled in the applications preferences but changes the behavior from push-notifications to polling Session's decentralized messaging network, which makes messages notifications slower.
For the sake of clarity it would be nice if instead of making such a vague pronouncement, F-Droid would specify precisely what about the upstream source code is not entirely free.
Why use multiple apps to text people? I don't us FB messenger, WhatsApp, Telegram, or any of that. I use Signal. Signal lets me send a message to ANYONE else with a phone number protocol agnostic. That's very useful, especially when I'm talking to committed iMessage users.
I get you but it feels like a weird hill to die on. Questionable why SMS support was added to Signal in the first place but removing it makes sense in the context of where they want to take Signal (e.g. usernames).
The problem is that for many other people, this one feature is the only reason to even have Signal - they won't bother with it if it can't be used to message random people already on their contact list.
And then once those people drop it, you have to do so as well if you want to keep talking to them.
What the fuck happened with Signal? Why did we remove SMS (step 1 into "only criminals use this app") and then start adding stuff that has absolutely nothing at all to do with messaging? Did a federal agent start running the show with the sole mission of destroying the entire app?
Why did we remove SMS (step 1 into "only criminals use this app") and then start adding stuff that has absolutely nothing at all to do with messaging?
I think that "only criminals use this app" is always going to be used on anything that uses encryption by folks that are against encryption (usually governments for some reasons...). SMS or not is always going to be there. I don't think that having secure communication apps intentionally offer insecure communication is the right way to solve this. SMS was a legacy feature for Signal that just got removed now.
> adding stuff that has absolutely nothing at all to do with messaging?
Stories?
> Did a federal agent start running the show with the sole mission of destroying the entire app?
I just replied to another similar comment, not sure if it's the same person or not... but then I'd say...
Use Telegram! It's unencrypted by default!
Use WhatsApp - unfortunately encrypted by default, but at least Meta will collect so much more metadata than you can keep track for.
Use iMessage - It will upload your encrypted chat and the decryption key to Apple servers for you.
My point saying "it's the feds running it" without proof like that is not the most constructive conversation - Signal is by all accounts one of the most secure and private (not necessarily the same as anonymous) messaging apps out there with no clear competitors at the same level of privacy and security.
You mean the messaging service with no SMS support and an assumption that criminals are the main users?
Signal was great because it gave encrypted messaging to people who didn't know they needed it. When you take away SMS support, the only people who use it are people who know they need it.
Not sure I understand. My impression was that the end-to-end encryption algorithm was probably the most secure thing about Signal, allowing strong encryption between sender and recipient without relying on trust of the central server. Regardless of where or how it was developed, it's open-source.
Reading into that article, it looks like the NSA made a random-number generation algorithm standard, but upon inspection by cryptographers it was seen to be suspect due to its unclear origin of particular constants, and this was discovered as soon as the standards were published [0]. It was also slow compared to other standards, and as a result it was never widely adopted.
By contrast, I can't find any significant security criticisms about Signal's double-ratchet algorithm, nor anything that would suggest that some sort of bad actor is pushing it to become standard. It seems to me like it was widely adopted because it's a solid end-to-end encryption algorithm.
I also couldn't find where the algorithm was developed. If you have any sources for this I'd be glad to read it.
The OTF was created in 2012 as a pilot program of Radio Free Asia (RFA), an asset of US Agency for Global Media (USAGM)/CIA, which is in turn funded by US Congress. The algorithm for signal/whisper was developed next door to the NSA headquarters in Hawaii.
All of this is public information at the moment.
Don't know if ALL OTHER messaging apps are better, but would at least prefer a messenger not sponsored/blessed by well-known spy agencies.
What are your alternatives? The signal protocol is basically the gold-standard. If the NSA has a backdoor (and yes, they might), I don't know of any other protocols that wouldn't.
Signal has already committed suicide by removing its most important feature, "compatibility with other messaging apps", from its list of supported features. It's a dead app walking at this point, though it will probably take a few years to wind down and die.
Yep, and if you check your local app store, it's full of thousands of also-ran messaging apps that are, indeed, dead. While Signal had SMS it had a feature that was NOT common on other apps, now it has the SAME feature set as, say, Whatsapp, and so instead of being a better Whatsapp (because it had features Whatsapp didn't) it's now a worse Whatsapp (same feature set, much smaller userbase), so it's doomed. Just like all the other also-ran apps.
When you create a story you can make it a group story or not.
If you do not make it a group story, reactions and replies to stories get sent to you over your 1:1 chats and not shared across other recipients of the story.
If you make it a group story, and share it with multiple groups each group receives their own copy of the story and replies and reactions can only be viewed by others in the same group.
After having been burned SO OFTEN by other social platforms embarrassingly notifying others when I did something I thought was a passive post, or leaking information from 1 of my subgroups with another I was very worried that would happen here, but great job signal team!
The only awkward part that I've noticed so far is if I have a contact in 2 groups that I create 2 group stories with, they now have 2 identical stories show up on their story board. It makes sense and I think the UI clearly indicates for which group replies and reactions to each story it would go to which is probably the safest (best?) solution, but I could see that getting a little annoying if I share multiple groups with a frequent story poster.