
Looking back at how Signal works - ssklash
https://signal.org/blog/looking-back-as-the-world-moves-forward/
======
StavrosK
I love Signal and use it as much as I can, but I'm thinking of switching to
Matrix solely because the desktop client is pretty bad. It won't show me
messages until it syncs everything (so I can't even see old messages while
things sync), and, what's worse, it skips messages, and multi-device just
doesn't work. My laptop just shows "Message could not be decrypted" until I
delete everything and reset.

I'm not sure why it works so poorly after years of existence, but
unfortunately I'm losing hope that it'll be fixed. I sometimes feel like the
Signal team doesn't use their product, or they would have noticed this.
Meanwhile, yes, Matrix took years to add encryption, but it works much better
than Signal, even with quite a few small bugs.

~~~
rachelbythebay
But they have stickers! Who needs good sync when you have stickers! Oh, and
arbitrary emoji reactions!

Seriously... I do not understand how they keep investing in this gold-plating
when the plumbing keeps getting clogged up.

~~~
kalenpw
Signal doesn't have arbitrary emoji reactions, that is one feature I do wish
it had. Though obviously I'd prefer a better desktop client first.

~~~
smichel17
They're coming, currently in beta (source: am using the beta, it's public,
check the play store page)

------
Gys
> how we think about concepts like privacy, security, and trust

I was disappointed to see that a mobile number is needed and that this number
is shown by default in groups. Mobile numbers are much more trackable then
email addresses in my opinion. And I do not understand at all why others
should be able to see them so easily.

So I now prefer Telegram because at least it hides numbers in groups by
default.

~~~
harry8
Burner sim to setup and throw away addresses this concern.

Telegram, messages in plaintext on the server? Encryption that isn't open?
Yeah telegram is a bit of a non-starter if you have these kinds of concerns as
far as I'm aware.

~~~
K2L8M11N2
In most European countries you need to submit your ID to get any sort of
working SIM card.

~~~
fossuser
If that’s the case doesn’t it matter even less that signal requires it since
it’s already known anyway?

Signal’s use of phone numbers as IDs means they don’t have to have any of your
contacts sent to their servers.

As shown in the article they have no metadata and nothing to reveal beyond
your phone number and when you signed up.

These other apps send your social graph to their servers, track and store
metadata, don’t have encryption on by default, roll their own cryptography, or
some combination of all of these things.

The phone number obsession on HN seems dumb to me - a meaningless thing for
people to repeat and complain about that doesn’t actually matter so they can
sound like they know what they’re talking about.

I don’t get it.

The only real criticism I have for signal is that they’re not federated so
they’re vulnerable to shutdown. I think that’s okay though because we have
Matrix working on that problem and having both is probably a good thing.

It’s also a thoughtful and intentional choice: [https://signal.org/blog/the-
ecosystem-is-moving/](https://signal.org/blog/the-ecosystem-is-moving/)

The response from Matrix: [https://matrix.org/blog/2020/01/02/on-privacy-
versus-freedom](https://matrix.org/blog/2020/01/02/on-privacy-versus-freedom)

~~~
K2L8M11N2
Assuming you’re using Signal for organizing something the government doesn’t
want you organizing, if one member of the group gets rubber-hosed into
unlocking their phone, the govt instantly gets a list of verifiably correct
names of people involved. In contrast, with a service that lets you use
usernames that maneuver would reveal nothing but those usernames (which are as
pseudonymous as it gets).

~~~
walrus01
One of the other problems with using phone numbers, is that it provides an
opening for adversaries. Now they know your phone number, which can be used
for social-engineering attacks to attempt to bypass 2FA for any other online
services tied to your phone number. Either for 2FA or for account-
recovery/i-forgot-my-password functionality. 2FA by SMS is wrong and broken
and nobody should use it, but they do.

Adversaries will attempt to social engineer customer service for your phone
carrier into issuing them a new SIM or porting out the number, so they can
receive verification SMS and phone calls.

~~~
goatsi
Signal uses a registration pin to prevent that exact attack.

~~~
vinay427
Maybe I misread, but the GP doesn't seem to be talking about impersonating a
user on Signal, but rather impersonating that user on other websites that
depend on SMS 2FA sent to their phone number that is now visible through
Signal.

------
DaftDank
What happens to Signal when the EARN It Act passes? I assume that eventually
the Apple App Store and Google Play Store will just stop allowing it to be
downloaded if they do not add the backdoor in? Is there a workaround that will
allow people to use it still? I've heard people mention locating the servers
in other countries, but wouldn't the various App stores be bound by US law and
still not allow them?

~~~
billme
Signal’s official statement on the EARN It Act is here:
[https://signal.org/blog/earn-it/](https://signal.org/blog/earn-it/)

~~~
nickthemagicman
Thanks for the link. There's a subtle threat in there, that they'll move out
of the country if they have issues which I think a lot of tech companies
would.

This bill is so stupid in that tech companies can relatively easily move.

~~~
m52go
The legal entities can move to other jurisdictions, sure, but it doesn't
matter because app distribution still occurs primarily through USA-based
Google Play and USA-based Apple App Store—both of which can easily geofence
apps as they please (or as they're required).

This is one of the reasons I've started to appreciate Matrix a lot more
lately.

[https://matrix.org/blog/2020/01/02/on-privacy-versus-
freedom](https://matrix.org/blog/2020/01/02/on-privacy-versus-freedom)

~~~
billme
Putting aside Signal officially declining to the add option to discover or
manually add a server via the client, theirs nothing stopping anyone from
going to GitHub, downloading the code for the server and client, editing the
code however they see fit as long as it follows the legal guidelines.

~~~
CGamesPlay
> long as it follows the legal guidelines.

So like, as long as they add in the backdoor?

~~~
jayp1418
Nope. But following GPL open source license guidelines and releasing your
changed codes. And not using signal name and their copyright materials.

------
EmilioMartinez
I'm glad to see the discussion about what privacy should look like progress,
with increasingly big actors treat data as something too delicate to play
warden until the next breach.

But it just feels cheap and detrimental to LARP as a tool for revolutionaries.
I want a clear concept of privacy for a stable society to rely upon. That even
the most trustworthy authority be kept out by design as a security principle.
I don't want my messaging app to be opinionated, pick sides or declare
themselves part of the ongoing "progress". Will they sing the same tune when
it's other group taking the streets? Because everyone has a different idea of
the kind of revolution that is needed, and certainly my phone should not have
a say.

~~~
chishaku
> feels cheap and detrimental

Cool, pick a new app.

It’s naive to think a small group will work against very powerful forces and
against all odds and not be ideologically driven.

~~~
EmilioMartinez
I'm talking about the discourse sorroundig privacy, not literally specifically
about my phone. I hate to see it marketed as a tool of revolution instead of
just common sense practices.

Your use of "ideologically driven" is confusing. Of course they should be
driven, by their ideology on how a messaging app should be. But how could
their opinion on the protest drive them? Just some weeks ago a whole different
crew was taking the streets fighting for their own "freedom reasons". Some
years ago there was the sad tiki parade.

It's like setting up a gun shop in Syria and claim your guns kill "the bad
guys", whatever that means to the customer.

I'll choose the app that works best for me, and will call it out when someone
feeds the meme that privacy is for rioters, unwittingly even.

~~~
chishaku
> how could their opinion on protest drive them?

Some people believe in first and fourth amendment rights.

Moxie, one of the original developers of the Signal protocol:

 _Tracking everyone is no longer inconceivable, and is in fact happening all
the time. We know that Sprint alone responded to 8 million law enforcement
requests for real time customer location just in 2008. They got so many
requests that they built an automated system to handle them.

Combined with ballooning law enforcement budgets, this trend towards
automation, which includes things like license plate scanners and domestically
deployed drones, represents a significant shift in the way that law
enforcement operates.

Police already abuse the immense power they have, but if everyone’s every
action were being monitored, and everyone technically violates some obscure
law at some time, then punishment becomes purely selective. Those in power
will essentially have what they need to punish anyone they’d like, whenever
they choose, as if there were no rules at all.

Even ignoring this obvious potential for new abuse, it’s also substantially
closer to that dystopian reality of a world where law enforcement is 100%
effective, eliminating the possibility to experience alternative ideas that
might better suit us._

[https://moxie.org/2013/06/12/we-should-all-have-something-
to...](https://moxie.org/2013/06/12/we-should-all-have-something-to-hide.html)

ACLU: _For more than a decade now, Americans have repeatedly encountered
illegal and unnecessary spying by local, state, and federal law enforcement on
lawful and peaceful protesters._

[https://www.aclu.org/issues/free-speech/rights-
protesters/sp...](https://www.aclu.org/issues/free-speech/rights-
protesters/spying-protesters)

EFF: _Theft, damage, confiscation, or forced deletion of media can disrupt
your ability to publish your experiences._

[https://ssd.eff.org/en/module/attending-
protest](https://ssd.eff.org/en/module/attending-protest)

EFF: _Here is a review of surveillance technology that police may be deploying
against ongoing protests against racism and police brutality._

[https://www.eff.org/deeplinks/2020/06/how-identify-
visible-a...](https://www.eff.org/deeplinks/2020/06/how-identify-visible-and-
invisible-surveillance-protests)

> feeds the meme that privacy is for rioters

Ok, I get it. You’re upset about the “rioters”. Choose your new app and carry
on.

~~~
EmilioMartinez
But I am not upset in the least about the rioters or anyone else, I can assure
you.

Guarding people's privacy and rights to a voice (during protests or otherwise)
is a good use of the first and fourth amendments. But let's not confuse form
and content. The protests are not advocating privacy, and I'm not even going
to voice my opinions about them. There's a difference between backing the
content of the protests, and defending the rights that incidentally enable
them. The blogpost in question ended with "it’s your powerful voices that are
out there organizing and advocating for change". I can only construe that as
either explicitly siding with whatever ongoing protest there is, or an empty
general statement (I assume it's the former though, but makes little
difference to me).

I think my point got side-tracked by fault of my own. I don't require every
single thing I use not to have ideologies attached, because it's simply
impossible. And everyone has every right to voice their idiotic opinions, God
knows I'm doing that. But it saddens me that more often than not people who
could choose to be content-agnostic instead leverage their position to fight
the good cause. And there's a thousand conflicting good causes.

Thanks for the links, btw.

------
gdmka
I love Signal. I've convinced a multitude of people to switch and some use it
day to day currently, but mostly to talk to me. So i feel my contacts do it
out of respect and `compatibility` of communication.

What baffles me is the the incompatible feature matrix.

First of all, for some reason iOS users get the updates faster than the
Android. I was exploring emoji reactions yesterday while my Android contact
admitted the feature was not yet available for his device. I had to double
check with Play Store to confirm.

I've found peace with the sync issues for the desktop client though, it got
much more stable compare to 8 months ago. What still feels like a massive UX
problem is inability to forward messages on the desktop. Given, i have lots of
people coming from different places that do not know each other but share same
interests it's just painstaking to copy/paste the same URL five time in a row.

And at the same time, there's no support for the Android tablets as secondary
devices.

For a person deep in Apple ecosystem it felt weird to learn that Android users
don't share the same experiences i do. That makes the sales pitch to try
Signal way less appealing for the Android folk.

~~~
bsaul
Never tried Signal, but from what you're telling, it seems that they redevelop
the core functionalities for each platform.

That's interesting, because i've been looking for a way to share core logic
code across platform (mobile & desktop at least), and still haven't found
something really user friendly. From my brief lookup (rust & gomobile are the
ones i've looked at), it seems that most dev environment seem to support some
kind of C-style interfacing, but it becomes much more clumsy as soon as you're
trying to have it run on java.

Has anyone found a solution that he's comfortable with and would recommend ?

~~~
spians
Honestly there are no perfect solutions to this. There are cross platform
frameworks (React Native, Xamarin etc) that you can try but you'll definitely
hit the wall when trying to access low level native APIs. Kotlin Multiplatform
seems to be the step in the right direction. It has first party support on
Android and works seamlessly for Android apps, but it's too early to tell for
the other platforms. In an ideal scenario, you can share the core business
logic using Kotlin Multiplatform and then implement UI and platform specific
stuff using native APIs (or something like Flutter (again, not production
ready)).

~~~
bsaul
I’ve heard of people running all the logic in a self-contained local http
server (developped in whatever language) then rely on local socket connection
+ protobuf for communicating between the native and the cross-platform codes.

i had hoped some people here would chime in with this trick, but it doesn’t
seem like it

------
lsiebert
Lately I've been wishing Signal had a bridgefy type mesh mode that enabled
operation peer to peer over wifi direct or bluetooth, either directly or via a
mesh of such devices.

First I think it would be useful at protests, to preserve privacy (and
whatever side of the political divide you are on, I hope we agree that covert
government surveillance and tracking of people at a protest is wrong, here, in
HK, or wherever).

But it would also be nice to have when outside the reach of cellular or wifi
internet. Think camping, traveling, people living with intermittent power, or
those who lost power in some sort of disaster or emergency.

I'm honestly not sure if this would be feasible, as I don't grok the signal
protocol fully, but the signal protocol does support async messaging.

~~~
brnt
You're looking for the [https://briarproject.org](https://briarproject.org)

~~~
lsiebert
Unfortunately Briar only handles direct connections, and doesn't work on IOS.

------
losvedir
Is it worth trying to move my friends from WhatsApp to Signal? As I understand
it, they're both e2e encrypted.

I'm also trying to move my chats from SMS and Gchat to something encrypted,
but am torn between WhatsApp and Signal. The former has more of a buy-in with
my contacts already.

I realize WhatsApp is owned by Facebook, but isn't the whole point of e2e
encryption that you don't have to trust the intermediate infrastructure? And
if you enable the setting to warn if the key changes, there's no danger,
right?

~~~
jwr
> As I understand it, they're both e2e encrypted

The important distinction here is that WhatsApp uploads your entire contact
book to Facebook. They have up-to-date information on your entire real-life
social graph (including people who are not on Facebook and/or never shared
their phone with Facebook) and the groups you belong to. If you don't believe
me, request a copy of your data in WhatsApp and see for yourself.

So, by using WhatsApp, you are basically snitching on your friends and
uploading their data.

Think about the implications — one day, you or one of your friends will add a
phone number to Facebook (of course, "for security purposes only, to recover
your account". From that moment, Facebook will be able to link an online
identity to an offline one, and mine a trove of data: friends, groups,
locations.

If you want a different way of looking at it, Facebook paid $19 billion for
WhatsApp. That's how much it was worth to them. You don't spend 19 billion
dollars just to watch e2e encrypted messages fly by.

I admire the way WhatsApp markets itself as the "encrypted" communications
app, somehow hiding the whole problem with groups and contacts as
insignificant. Another frequently seen spin is on Signal: that it "only
hashes" the phone numbers and that it's "effectively the same thing". Good PR
moves, both.

~~~
Gaelan
It is possible to use WhatsApp (on iOS, at least) without giving it contact
access. I do this and it isn't too bad—you still see people's WhatsApp
nicknames, so it's not like you're just looking at phone numbers. Of course,
that does nothing to stop them from tracking who you actively communicate
with.

------
redrobein
The only reason I don't use Signal is because it still uses your phone number
for ID. What is even the point of verifying by number?

~~~
Joeboy
I suspect you are massively outnumbered by people who _do_ use it because it
integrates with their existing phone book, and is a drop-in replacement for
the default SMS app. Without those things it'd be just another niche app for
weird nerds.

~~~
throwaway2048
there is a difference between making it possible to use phone numbers and
making it a hard, unavoidable requirement.

~~~
tfehring
The fact that you can reliably add Signal users using only their phone number
is a feature for the users who don't care about that level of anonymity,
though apparently not a feature the developers care about preserving.

------
dbg31415
I want to love Signal, but it's just so meh.

* Message sync is like non-existent. Messages on my phone or laptop aren't kept in sync at all. Delete one one place, they don't delete in both.

* Let me edit messages, like every other message platform. I also want to be able to delete messages from the group. When I delete it deletes locally but not for the group, not even between my own devices I don't think. This sucks because deleting the message implies to anyone who has used a message system that the messages are deleted from everyone, but they aren't. Oof.

* When you set messages to expire, you can't make them expire. It only applies to future messages. I want to set this at the conversation level, not on a weird message-by-message basis with no way to change it globally after.

* I want to be able to sign in without using a cell phone number. Let me sign up with anything else, don't tie it to a cell phone line that can be hijacked.

* Let me add emoji responses to messages. Like every other message platform.

* Bonus, be peer-to-peer somehow. Dunno, like Blockchain magic it or something. Don't make me rely on some server somewhere. Just makes me feel uneasy that there's a middle man with all my messages.

How unrealistic is all this? (=

~~~
Well_hello
you are just using the wrong tool

------
voicedYoda
I appreciate this, even fighting the gag order. Thanks @moxie0!

------
bogwog
Anyone have information about how/where they get their funding and/or income?

~~~
windthrown
They are funded by the Signal Foundation: [https://signal.org/blog/signal-
foundation/](https://signal.org/blog/signal-foundation/)

"...Today, we are launching the Signal Foundation, an emerging 501(c)(3)
nonprofit created and made possible by Brian Acton, the co-founder of
WhatsApp, to support, accelerate, and broaden Signal’s mission of making
private communication accessible and ubiquitous. In case you missed it, Brian
left WhatsApp and Facebook last year, and has been thinking about how to best
focus his future time and energy on building nonprofit technology for public
good.

Starting with an initial $50,000,000 in funding, we can now increase the size
of our team, our capacity, and our ambitions. This means reduced uncertainty
on the path to sustainability, and the strengthening of our long-term goals
and values. Perhaps most significantly, the addition of Brian brings an
incredibly talented engineer and visionary with decades of experience building
successful products to our team."

~~~
secfirstmd
Yep, originally the Open Tech Fund was a big funder. They funded apps like our
own Umbrella App and also lots of Guardian Project and Tor etc

------
rb808
matrix and riot is awesome open source alternative. Awesome API too.

~~~
false-mirror
They pair really well together too.

At the moment Signal really thrives at replacing texts (ephemeral one-to-one
chats), while riot excels at team communication.

~~~
Well_hello
actually Riot is not worse at replacing texts..

------
korethr
Somewhat tangential, I got into an argument about Signal last night. The other
guy claimed that Signal was insecure because:

* It's "Custodial E2EE"

* Needs a phone number

(I'm not going to bother with his complaints about the crappiness of the
desktop client or convenience of the design because those are non-sequiturs to
the security of the app)

I asked him to define "Custodial E2EE". His words: "They have ownership of my
keys, use phone number auth to access them and I cant expatriate them"

I managed to suppress my xkcd-386 instinct and go to bed, but my intuition is
still that he's quite wrong about that. I may or may not resume my arguement
with him; I got the impression that his disagrements were rooted in a Matrix
fanboyism, but I'd like to be equipped to refute such arguments in the future.

I can somewhat sympathize with the phone number argument, and I think it comes
from a concern about metadata leaks or opsec. I think that concern ultimately
stems from a wrong threat model, but I'm not sure how to refute that. I have
however, come across a number of tutorials which cover how to register a
Signal account without using your phone numbers, so I feel confident I can
refute the argument that signal must have _your_ phone number, even if I can't
refute the underlying wrong thinking.

Regarding the "Custodial E2EE" argument, I'm not sure where to begin. Anyone
have any suggestions?

~~~
jcrawfordor
On the first point, their understanding of Signal's key management doesn't
seem to be correct. The private key is held only by the client on the mobile
phone, which is one of the reasons that the desktop client is rather clumsy -
it is dependent on the mobile app for initial key setup. It's also just very
slow compared to the mobile app.

On the second point, I think they are quite correct. Yes, this depends on your
use-case, but I consider the ability to have multiple and disposable
identities to be somewhat critical to any messaging system calling itself
suitable for security-sensitive use. Unfortunately, Signal is designed
explicitly to make multiple or disposable identities impractical. Above and
beyond their desire to be a drop-in replacement for SMS, a reason for this is
almost certainly to reduce spam, as the need for a valid phone number makes it
difficult to register accounts en masse.

In general, this method to mitigating abuse means that Signal cannot
practically be used anonymously, which somewhat conflicts with the popularity
of Signal as a mechanism for e.g. contacting journalists.

In the vein of criticizing Signal, I would also throw out that it largely
abandons the problem of key distribution, effectively implementing a TOFU
model that is lightly enforced at that, with "safety number changes" being
pretty much normal. It is possible to verify Signal identities out-of-band but
not common, and the Signal app does not really provide much tooling to make it
easier.

I wouldn't say that Signal is bad, it does a great job of implementing
effectively the identity semantics of SMS (including the shortcomings) but
with the addition of E2E encryption and TOFU. I would stop short anyone who
claims Signal to be a "perfect" or "complete" solution for encrypted messaging
as there are common use cases that it has actively decided not to address.

I'm also, to be honest, somewhat baffled that your starting position seems to
be that no criticism of Signal could possibly be valid, when attributing the
other's viewpoint to fanboyism. Don't take that too seriously, it just stood
out to me on reading. :)

~~~
korethr
>I'm also, to be honest, somewhat baffled that your starting position seems to
be that no criticism of Signal could possibly be valid, when attributing the
other's viewpoint to fanboyism. Don't take that too seriously, it just stood
out to me on reading. :)

Touche. That wasn't my position, but re-reading what I posted, I agree that's
it unnecessarily implies that position. Part of me wants to correct that, but
I think I'll own my words and leave it there.

------
DarkmSparks
Been a big fan of whisper systems since the redphone project. Great to see
them maturing.

However, given the topic title it would have been nice to see some actual
documentation on how signal actually works rather than just claims that it
doesnt work like the others.

~~~
jlund
Does this help?

[https://signal.org/docs/](https://signal.org/docs/)

~~~
DarkmSparks
It seems to be about the clients rather than the server.

A level deeper than "how signal works" and more "how signal is made"

For example, I'd expect a "how signal works" article to explain why they even
need when an account was registered and when it was last used.

"this phone number is using signal" is still a pretty large metadata leak.

Especially when state actors and probably a fair few non state actors can
remotely compromise devices via the stuff in the baseband processor.

~~~
goatsi
>"this phone number is using signal" is still a pretty large metadata leak.

>Especially when state actors and probably a fair few non state actors can
remotely compromise devices via the stuff in the baseband processor.

A more accurate phrasing would be "this phone number was used to activate
signal". If you only care about messaging other Signal users, you only need to
have a baseband connection exactly once, when you receive the text message to
confirm the number. After that you can toss the sim card and put in a
different number, or run without a sim card at all and just use WiFi.

You don't even need to have the sim card in the same phone you will use with
Signal when you receive the confirmation text.

~~~
DarkmSparks
wifi is still in the baseband processor.

There have been mutiple baseband RCE exploits published in the literature and
demonstrated at blackhat - and they dont include any that were put there
intentionally.

If you are not using a sim smartphones are pretty useless.

Im a long way from convinced that centralised servers have any role to play in
reasonably secure e2ee, they certainly are not a requirement for other
services such as firechat used to use before they got shutdown and bridgefy is
making use of.

~~~
goatsi
> wifi is still in the baseband processor.

> There have been mutiple baseband RCE exploits published in the literature
> and demonstrated at blackhat - and they dont include any that were put there
> intentionally.

You can't target a WiFi exploit against a phone number though, so that's
irrelevant to the Signal situation.

>If you are not using a sim smartphones are pretty useless.

Maybe I spend too much time hanging around places with WiFi, but I almost
never need to have a sim card. I don't even have data on my current plan.

------
javajosh
Signal is open source; I'm wondering, has anyone here ever built the service
and one or more clients and run it on-prem, or even as a white-labelled
competing service?

~~~
jayp1418
Yes there are forks/clones you can search that on signal community website.

------
clarkmoody
The anti-Signal rhetoric has already started. News articles about Antifa
specifically mention that they communicate via Signal.

If Antifa is designated as a terrorist organization, then we'll see all the
counter-terrorism tools brought to bear against them. If the state can't break
Signal encryption, then you'll see renewed energy for anti-encryption / anti-
privacy policies.

~~~
troughway
Why would antifa result in anti-signal rhetoric?

Genuine question because antifa is a mixed bag - there isn’t really any
consensus on whether what they do is good or bad. Seems to be all over the
damn place.

~~~
Cenk
There is no consensus on wether being against fascism is good or bad? Being
against fascism is not a group or organisation. It’s like calling bird
watching an organisation. Yes, there are bird watching organisations, as there
are antifa organisations, but neither bird watching nor antifa is an
organisation.

~~~
grandmczeb
This is like asking if there's no consensus on whether "all lives matter". Or
no consensus on being "pro-life". Phrases often have context that mean more
than their literal dictionary definition.

Edit: The comment I replied to originally asked "There is no consensus on
wether being against fascism is good or bad?"

~~~
anamexis
Well, there isn't. "All lives matter" and "pro-life" represent specific
political views, but they don't represent any specific groups or
organizations. Just like antifa.

~~~
r7373hd
You're being obtuse for no reason. This is like saying ISIS isn't an a
specific group because it is comprised of transregional autonomous cells
instead of any specific group. Sure, maybe in the most literal application of
terms, but it's obvious what's being discussed from context clues.
Decentralized movements are the status quo of activism these days, that
doesn't mean you can't reference the movement as a collection when discussing
how to combat it or or if it should be combatted.

~~~
troughway
Thanks for this, but it’s not worth it to get into a spat on HN over this to
be honest.

It’s clear from the downvote brigading that this isn’t a thread for
discussion.

------
eeZah7Ux
Signal is a walled garden. They refuse to allow federation and even prohibit
any modified client to use their servers.

It's the least open "open source" model, and once (if) they gain significant
market share they can easily close down the app and lock-in the users.

Please use and spread federated alternatives. Donate and contribute.

~~~
jjtheblunt
What alternative would you recommend?

~~~
0d9eooo
I'm surprised Briar isn't coming up more in these discussions. Maybe it's
locked down too tight for everyday use, but for protesters and individuals at
risk it seems ideal.

I admit I could be missing something though, as I've not used it heavily.

~~~
goatsi
Briar doesn't have an iOS version, making it useless if you want to
communicate with more than 50% of the population in the US.

------
crorella
Really nice design, in the future I see a market for "privacy tools that also
happens to ..." kind of software, for example a Privacy tool that also happens
to browse websites, or a Privacy tool that also happens to help you to send
messages (like Signal); in summary, privacy aware services.

------
sneak
iCloud contacts is not e2e encrypted. Apple, as well as FBI/DHS and the US
military intelligence apparatus can access your entire contacts list and infer
your whole social graph.

This is why a messenger needs an e2e contacts sync, whether Moxie wants to be
responsible for it or not.

------
billme
Anyone have a link to Signal’s 2019 IRS Form 990?

Most recent I was able to find was this 2018 version:
[https://news.ycombinator.com/item?id=23431076](https://news.ycombinator.com/item?id=23431076)

~~~
windthrown
The 2019 filing deadline (including Form 990) was extended to July 15, 2020 so
it may not be published yet.

~~~
billme
Thanks, makes sense, though guess I would expect a non-profit to communicate
this; don’t believe Signal even links to the 990 I linked to on their own
website; possible they don’t want the public to (easily) know salaries,
assets, etc - but unclear.

~~~
windthrown
True, but remember that Signal (the app developer) is an LLC. The 990s may
eventually be posted on the Signal Foundation website if they ever finish it:
[https://signalfoundation.org/](https://signalfoundation.org/)

~~~
billme
Thanks, good point, was aware of that, but others might not be; never seen a
good explanation for their legal structure, both as it relates to the present
& future.

I have checked both URLs for 990s, only way I found it was via a link in the
footer of Signal’s Wikipedia page.

~~~
windthrown
ProPublica's database is my go-to for 990s. Only the 2018 form so far:
[https://projects.propublica.org/nonprofits/organizations/824...](https://projects.propublica.org/nonprofits/organizations/824506840)

------
user764743
They need to allow us to not reveal phone numbers in a group, especially now.

------
paulcarroty
"Secure" messengers which use google play services sucks.

------
rglullis
Or use something that you (or someone you trust) can self-host, so then even
the company/CEO/TLA-with-subpoenas are out of the picture.

Not only do I get to get Moxie out of the picture, I also get my phone and the
phone companies out of it.

------
djaouen
All encryption is broken wrt a quantum cracker. How will, say, the future look
at these Signal uses?

~~~
im3w1l
You are wrong that all encryption is broken with a quantum cracker. But as far
as I know Signal is not quantum resistant. It's certainly something to keep in
mind - that whatever you say might resurface later.

