
On Privacy versus Freedom - Arathorn
https://matrix.org/blog/2020/02/01/on-privacy-versus-freedom/
======
blindgeek
My biggest problem with messaging applications as a whole is that I need so
many of them. I have a few contacts who are reachable with Signal, a few more
who are reachable on Hangouts or whatever Google is calling its latest thing,
and a few more who are reachable with Skype. That's three programs, to
communicate with three different subsets of people. I'm sure if I used
Facebook Messenger and Whatsapp, I'd have two more subsets of people who are
only reachable through those.

XMPP was supposed to solve all those problems when it came out in the early
2000s. But then all the big tech companies who build "ecosystems" decided to
push their own applications, all incompatible with one another. So here we are
again with this proliferation of programs that really only do one thing:
communication. It's like the 90s / early 2000s with the proliferation of
instant messengers: ICQ, AIM, Yahoo, MSN, and on and on and on. The players
are different, but the game is still the same. I suspect that twenty years
from now, when the players have all changed yet again, there will still be one
reliable method of reaching me: IRC.

If the Googles and Whatsapps and Facebooks of the world had been around in the
early 90s, you'd have one email client from Facebook for mailing Joe and Fred,
an email client from Google for mailing Mary and Jane, and an email client
from Whatsapp for mailing Alice and Bob. Thankfully, email became entrenched
before that could happen.

I want messaging to be like email, where I use one and exactly one program to
communicate with all of my contacts, regardless of what server they use.
People say that federation is more complicated than centralization. I'm sure
that's true for developers, but in fact, federation can be vastly simplifying
for an end user. I'm a fundamentally lazy person. Having to learn all these
different messaging tools is frankly a waste of my time. All I want is a
federated protocol and an open system, be it Matrix, XMPP, or something else.

As a final aside, you know what else that bugs me? The word "ecosystem". I
worked for a big tech company for a while, and the only people I ever heard
use that word were people out to build a walled garden.

~~~
progval
> XMPP was supposed to solve all those problems when it came out

That's also what Matrix said it would solve when it started. Except now it's
yet another protocol with its own chatrooms that are not reachable from any
other protocol by default (even rooms on matrix.org); and bridges are at best
in "beta" (except the Telegram bridge, which is "late beta"):
[https://matrix.org/bridges/](https://matrix.org/bridges/)

~~~
Arathorn
We tend to be pretty conservative on maturity estimates on Matrix (and bad at
keeping the website updated).

IRC, Slack, Gitter bridges are all considered stable these days.

XMPP, Discord, Telegram, WhatsApp work usably too.

The UX for managing them is not always great or consistent (we’re working on
that currently), but “yet another protocol with its own chatrooms” is untrue.
You can certainly access the entirety of Matrix via Bifrost (the XMPP bridge)
if you so desire, for instance.

~~~
Meldane
Hi, I am trying to write an article in French to introduce Matrix to a wider
public. Especially non tech people.

So I'd like to describe the possibilities accurately. Bridges are a very
interesting feature, but how do you implement them ?

I went to the #whatsapp:maunium.net room and only saw guys wondering the same
thing with no answer given to them.

I went to [https://github.com/tulir/mautrix-whatsapp/wiki/Bridge-
setup](https://github.com/tulir/mautrix-whatsapp/wiki/Bridge-setup) and
understood they have to be implemented from the server itself ? Is that right
? So as a basic user I can't really make any adjustment on my side to join a
Whatsapp group from Matrix, right ?

~~~
Arathorn
[https://github.com/matrix-org/matrix-appservice-
bridge/blob/...](https://github.com/matrix-org/matrix-appservice-
bridge/blob/master/HOWTO.md) explains how to write them.

For adding them to a chat as a user, you need to use an integration manager
(eg t2bot.io) or to run one yourself.

------
samth
One frustrating thing about Moxie's original post is that Signal derives huge
amounts of value by piggybacking on an existing distributed federated network:
the phone system. If phone numbers weren't an existing working identifiers
that people had regardless of what OS, carrier, or messaging app, Signal as
designed wouldn't work.

People should think harder about how to replicate that experience, instead of
how to appropriate it and then abandon it.

~~~
3xblah
In his "The Ecosystem is Moving" talk at CCC, he had many presumptuous and
dubious "arguments" but one regarding privacy of phone numbers was that a
user's APN would be used to determine their phone number, so there was no
point in trying to keep phone numbers private.

This fails to account for the possibility of not using the cellular network.
With unlocked smartphones, it is possible to remove the SIM card, clear any
APN settings and access WiFi. That can be enough for a messaging app to work.

The only identifier needed for iMessage and FaceTime is a working e-mail
address (and only for sign up). No cellular account is required.

~~~
Klonoar
That's not the representative experience for most consumers/users. Most people
do have a phone number, though, so it's easy enough to bootstrap with.

I might not agree with the phone number thing, but I recognize the tradeoff
being made and am willing to begrudgingly accept that for right now,
Signal/Moxie are probably making the right call. It's not like they're not
moving to fix it anyway.

Also, unless I misunderstood him, the APN bit is referencing push
notifications, and he's right - if that's out there, it could identify you not
just by phone but by Apple account in general. You realistically can't use
Signal without an Apple ID, as you couldn't get it from the store otherwise.

~~~
bscphil
> You realistically can't use Signal without an Apple ID

I do, because I got it and signed up for an account on my Android phone...

Okay, I realize what you're getting at here, but it seriously irks me when
people talk as if Apple was the only ecosystem, or even the most popular
ecosystem, when it is neither.

I probably don't even need a Google Play Store account if I can find an
unmodified APK that's signed by OWS.

~~~
3xblah

       curl https://updates.signal.org/android/latest.json |grep -o "http[^\"]*"
    

[https://updates.signal.org/android/Signal-website-
universal-...](https://updates.signal.org/android/Signal-website-universal-
release-4.52.4.apk)

Source: [https://signal.org/android/apk/](https://signal.org/android/apk/)

~~~
bscphil
Thanks! I must admit I never looked for one, the point was more about the
possibility. I think this implies it is definitely false that OWS would be
able to identify you without a phone number. Because there are ways to use
their app without providing any other personal identifier.

------
novok
Moxie / signal chooses pragmatism over purity, and is striving towards improve
the status quo bit by bit vs a pure perfect solution that never ships, even
though that improvement has it's own vital problems.

You can see it in his choices, and you can see how they want to eventually
deliver improvements like no phone numbers, with them working on things like
secure value recovery.

I kind of wish he spelled it out fully for the nit picky peanut gallery out
there, so he can just reference it instead of wasting energy on them. You can
just feel the exasperation when you read his writing and see him speak about
this.

~~~
Arathorn
I'd argue that Matrix also chooses pragmatism over purity - the balance is
more that we prioritise freedom _as well_ as privacy.

Signal's whole mantra of "only implement features which are privacy
preserving" is a great mentality. It's just a shame it comes at the expense of
locking down the platform.

~~~
Vinnl
I'd argue you can't prioritise two things: prioritisation means deciding what
comes first when you have to choose between two things. And it appears to me
that Signal tries to ensure privacy first, and then sees if it can make that
work with freedom later (see e.g. the delay in adding support for de-googled
Android, or the ground work they're only doing now that might (or might not)
lead to accounts without phone numbers), whereas Matrix does it the other way
around (by first working on support for many different clients, and then
trying to make that work with encryption). I hope that both succeed, and I'm
happy that both paths are taken.

As an aside, I'd like to voice my appreciation for how you respectfully
acknowledged moxie's point of view, take effort to understand it, and then
pinpoint why you reach different conclusions from the same observations. A
pleasure to read.

------
ex3ndr
When i asked if i could use his libraries in ios/android apps Moxie refused.
He licensed them under GPL that prohibits distributing of software via app
stores. Quite a strange for a guy who claim that he wants to spread
encryption. Sure, but only on your own platform. Fastforward he sold such
rights for a whatsapp. Just simple business, nothing about privacy itself.

~~~
nirs
Can you explain how GPL prohibits distribution via app stores?

~~~
tzs
Generally, the way app stores work is that the developer uploads a copy of the
app to the app store, and then the app store makes and distributes copies of
that for people that request the app.

Note that since it is the app store making those copies for end users, the app
store needs permission of the copyright owner to do so. There will be
something in the agreement between the app developer and the app store that
says that the developer grants such permission when the developer submits the
app.

For app code whose copyright is actually owned by the developer, that's all
that is necessary. The developer is able to grant all the necessary
permissions to the app store.

If the app contains code that the developer does not own, then the app store
also needs permission from the owner of that code in order to make and
distribute copies of the app.

Consider a developer who includes someone else's GPL code in their app. To be
able to make and distribute copies of it, the app store is going to have to
obey GPL.

Most app stores require downloaders to agree to a license agreement with the
app store, which typically includes things like prohibiting reverse
engineering and prohibiting reselling or making and distributing copies.

GPL, however, prohibits such restrictions. If you impose such restrictions,
GPL does not give you copyright permission to make and distribute copies. This
makes the app store license and GPL incompatible, and so the software cannot
be distributed on the store.

~~~
amluto
IMO this is pure laziness on the part of the app store. Any store could just
say “this app is licensed to you under the GPL — download source here.”

Even ignoring licensing, I think app stores could add considerable value by
offering reproducible builds. Let developers upload source, verify the has
(git tree hash or plain sha256sum), and rebuild in a sandbox server-side.
Reject the submission unless the binary’s hash matches the developer’s.

Now stick a badge on it: “verified open-source build”. And give it a small
bonus in ranking relative to other apps.

~~~
toohotatopic
Adding that license information doesn't help the end user to run modified
code. You need an apple developer license to run changes that you have made.
Thus, the code is not free.

On the other hand, apple offering to compile and run any modification that
users made will never happen. Then, people could start with one program and
run whatever they want. The app store would collapse.

~~~
amluto
That doesn’t contradict my point. Apple could achieve two goals here:

1\. Allowing GPL code in a lightweight and compliant manner at a essentially
no cost to Apple.

2\. Adding a class of free (or paid) open-source apps that are more
trustworthy. If Apple could effectively replace a decent fraction of the free
shitware apps on the App Store with better free, open-source apps, the value
to end-users and hence the value of the platform would increase.

There is no requirement in the GPL that recipients of source code be able to
run modified versions of the code on the target device.

------
shmerl
_> The ecosystem is moving_

It has been "moving" from the times of Compuserve and AOL trying to prevent
e-mail federation. Good thing they failed then! Kudos to Matrix for pushing
against such movement in IMs. Someone has to push against it, instead of
looking for excuses to proliferate walled gardens.

 _> If users don’t trust their app provider, they can always go switch apps,
which gives them freedom._

Sounds like Moxie meant it's a downside. It's a huge benefit! Forcing one to
use something that's not trusted is horrendous.

------
ksbakan
I won't touch signal because I care about user freedom more than privacy.
(Both are important)

No 3rd party clients, mandatory updates, mandatory google play services, and
mobile only are all deal breakers.

~~~
est31
> mandatory google play services

Note that since a while there is also the possibility of using web sockets.
But they are an extreme battery drain, and thus google services are quasi-
mandatory. Telegram solves this without being a battery drain, possibly at the
cost of delivering messages with a delay, but why isn't that _my_ choice.

~~~
jyrkesh
I can't tell you how they do it, but Telegram is _lightning_ fast with push
notifications across all kinds of devices, including Android. Been rocking it
as my primary messenger for years.

Whenever a few of us are sitting around in real life, and someone sends
something to a group chat, all the phones on the table will buzz instantly
together (iOS and Android).

And on top of that, battery usage is really low on Android. I use it a TON,
and it's never in the top n apps of battery usage. Meanwhile, I can just
_open_ Snapchat once, and I lose a few percent.

~~~
sudosysgen
Telegram is GPL, I think it would be worth it to see how they use it, because
it honestly is absolutely incredible.

~~~
shmerl
Telegram server is closed.

~~~
sudosysgen
Yes but the implementation of the notification handling is impressive on the
client side. The server side software as far as this is concerned should be
easily deducible and isn't the interesting part.

------
thesorrow
Email is flawed and will become a one way protocol to receive spam,
newsletters and invoices just like paper mail. I think Matrix is our second
chance to build a secure federated communication suite. So far it's going in
the right direction...

~~~
rumanator
> Email is flawed and will become a one way protocol to receive spam,
> newsletters and invoices just like paper mail.

I don't recall the last time I've received spam in my email inbox among the
tens of emails I've receive daily, and newsletters/invoices are messages that
users intend to subscribe. You might argue that instant messaging scratches an
itch that email doesn't, but that's a bit shortsighted and doesn't make a case
on why email is flawed.

~~~
Nextgrid
Newsletters and other BS notifications _are_ the new spam.

Sure, you can technically opt-out and keep your inbox clean by spending 5
minutes opting out of the garbage every time you sign up to a new service, but
that’s irrelevant considering nobody does this and most of my friends’
mailboxes are pretty much unusable because this kind of spam arrives every
minute and they have tens of thousands of unread emails in their inbox.

However, in this case I’m not sure Matrix or any other service would be the
solution. If the service is neutral and doesn’t impose policies on the content
then scum like marketers will just move to it. On the other hand actually
having “acceptable use policies” would require centralisation and bring its
own problems to the table.

The real solution here is regulation, not technology.

~~~
samdixon
Most sites will allow you to opt out from account creation and also will allow
you to unsubscribe without even having to login to your account. If your
mailbox has 10k+ spam messages it is IMO a personal problem of either not
opting out, or signing up for total garbage sites in the first place.

~~~
Nextgrid
Most subscription options at signup are using dark patterns to make you
subscribe against your will (“untick this box if you want to miss out on the
inconvenience of not receiving our latest deal”).

There’s also the issue of it being implemented badly (mostly by mistake rather
than on purpose) where there are several spam systems & lists, the website
opts you out of one but there’s another one in the background you can’t opt
out of without at least receiving one and clicking the unsubscribe link -
sometimes they make multiple campaigns so opting out of one doesn’t mean
you’re safe from the next one, etc.

And finally there are those who aren’t technically marketing but a huge lack
of respect for the person’s time & attention - customer service reviews and
the “how did we do?” emails. Why can’t you put the feedback buttons in the
existing emails instead of sending a new one and interrupting my flow &
wasting my time?

For the latter I had a company doing this every single f’ing time for every
ticket I opened about a benign bug or suggestion (using in-app chat still
opens a ticket thanks to Zendesk Chat). I’ve eventually started forwarding
them straight back into the main support email. I think they got the hint
after several months - I’ve removed the forwarding rule and the feedback crap
is nowhere to be seen. VICTORY!

Even if there are not technically marketing a lot of companies just have a
complete lack of respect for their users time. Let’s take Facebook, Twitter or
even Spotify for example; they have like over 20 categories of email
notifications (excluding the newsletter) which are guaranteed to fill up your
inbox by themselves, let alone having signed up to multiple of those services.
You shouldn’t have to be manually unticking 20+ checkboxes just to enjoy a
clean inbox.

------
tialaramex
I think the timing makes Moxie's point very well without him saying a thing.

All these years later Matrix only has... The ambition to some day try to offer
the core privacy features Signal already delivered back then. Some of the most
basic stuff is, you believe, almost kinda sorta done.

This is, to be clear, much better than just sitting back insisting you were
right but not lifting a finger. But for an actual user who needed privacy and
security any time between then and now - and for future users who need it
between now and whenever you get this stuff working in the real world, it was
Signal that delivered. Moxie was right so far.

~~~
StudentStuff
>All these years later Matrix only has... The ambition to some day try to
offer the core privacy features Signal already delivered back then.

E2E on Matrix works, plus key verification is easier than on Signal. Managing
metadata is hard, but my Matrix homeserver doesn't have my phone number
(unlike Signal) and does not require Google Cloud Messaging. I can even run it
on a PinePhone or Pocket CHIP!

>But for an actual user who needed privacy and security any time between then
and now - and for future users who need it between now and whenever you get
this stuff working in the real world, it was Signal that delivered. Moxie was
right so far.

Tell that to the people getting imprisoned due to Signal's metadata leaks:
[https://news.ycombinator.com/item?id=21747424](https://news.ycombinator.com/item?id=21747424)

~~~
tptacek
E2E in Matrix "works" with which Matrix clients? The whole point of a
decentralized federated messaging protocol is to allow people to build their
own clients. Do Matrix clients uniformly and interoperably support E2E today?

~~~
Arathorn
Nearly; we’re aiming to force on E2E by default at end of Jan (but it’s
getting tight). There are at least 6 complete independent implementations, and
once cross-signing lands it’s good to go. For clients/bots/bridges without E2E
we have pantalaimon (a clientside daemon which you proxy all the traffic
through in order to encrypt it).

~~~
progval
Out of curiosity, what are these implementations?

~~~
Arathorn
matrix-js-sdk, matrix-ios-sdk, matrix-android-sdk, matrix-androidx-sdk (soon
to be refactored out of riotx), matrix-nio (py3), mtx-client (c++).

In dev you also have libQuotient, metaolm and matrix-purple.

matrix-python-sdk also has support, but got replaced by matrix-nio.

------
maltewirz
Actually Moxies talk "36C3 - The ecosystem is moving" was recorded:
[https://www.youtube.com/watch?v=Nj3YFprqAr8](https://www.youtube.com/watch?v=Nj3YFprqAr8)

~~~
liamcardenas
He didn’t want it to be, though.

[https://twitter.com/moxie/status/1211427007596154881?s=21](https://twitter.com/moxie/status/1211427007596154881?s=21)

------
DygFiul
Nice essay, Matthew, thanks!

I'll stay with XMPP until they take it from my cold, dead hands.

~~~
Arathorn
thanks :) (you can always use XMPP via Matrix via Bifröst - just sayin' ;D)

------
pcstl
This reminds me of the book "Zen and the Art of Motorcycle Maintenance", which
is also about a father-son roadtrip, and which uses it as an excuse to talk
about what happens when we do long, boring tasks requiring some focus but
leaving enough of the brain unoccupied. It's a good book and I should probably
reread it.

------
dancemethis
Signal really tries hard to not be trustworthy.

The way they defend WhatsApp is heart-breaking. It's cute to see them saying
there is no backdoor when it can't be proven to be the case, since it's all
proprietary. They can't show the server side wasn't tampered with. Same with
Skype.

~~~
evgen
The constant repetition of this ignorant claim is starting to be annoying.
Think there is a client backdoor? Go find it. It is not like the binary is not
available to you. It is not like there are not emulators in which you can step
through the code. Please, show us the backdoor.

Server side tampering? Show us how it can be done. Create a server that can
tamper with a patched client. Demonstrate your chops.

~~~
hellcow
I see you're formerly from FB.

It's not up to us to reverse engineer a binary every update to guess if it's
secure...

It's up to Facebook, which has time and again proven that it is absolutely not
trustworthy, to open its code and make builds auditable, inspectable, and
reproducible.

This is what ANY secure software does. That's the cost of entry. Imagine if
OpenSSH were closed and its devs issued the same response you just did. "Just
reverse engineer the binary and prove that it's not secure!"

Rediculous.

~~~
evgen
Actually it _is_ up to you; put up or shut up is a fairly well-known
principle. Find the backdoor and make yourself famous, or continue to whine
and listen to everyone laugh.

I left FB because it was getting too creepy and I would not trust 99% of FB
dev with a single shred of my personal info, but the code is right there for
you and people who actually have skills to disassemble and examine. They are
under no obligation to do your work for you and the people who can actually do
the work make good money so maybe you will learn a useful skill or two.

~~~
olah_1
There’s no obligation for Whatsapp to prove that there is no backdoor? Yeah I
guess when a product is too big to fail, they’re not obligated to do anything.
True.

------
zzo38computer
I think that protocols that are simple and open should be used, rather than
very complicated and messy ones. Text-based also helps since it allows to use
without specialized software. IRC is designed like this and I think it is
good.

~~~
aiphee
This is a very unpopular position from a security perspective. All messages
should be exchanged by some type-safe structured container like protobuf to
avoid a huge class of bugs that comes from quoting and odd character sets,
manually implementing parsers, confusing types, and broken string arithmetic.

------
SamWhited
"Democracy and republics are hard, so we should all just give up and have
autocratic governments"

It may sound flippant or unrelated, but I think this extreme projection of his
argument makes it evident how silly it is. This is one of the reasons I
switched away from using Signal, as much as I'd like better privacy on my text
messages it's not worth handing that much control over to someone I shouldn't
have to put my trust in. Instead I do my text messages over Jabber/XMPP with
jmp.chat now and for others who have a proper XMPP address I use that (which
gives me the option of OMEMO encryption which is basically the XMPP version of
the signal double ratchet).

For the average user, installing conversations.im and hitting "create account"
or whatever and calling it a day is good enough, so it's not even
significantly harder than dealing with Signal.

~~~
nickik
How about that being in an atocracy might be much better when you have a
population of 51% wolves and 49% sheep.

------
Jerry2
I saw Moxie Marlinspike's talk when it was posted on CCC's official channel
[1] and was disgusted by it. The talk has been now censored and video was made
private. It was one of the most defeatist talks I've ever come across when it
comes to messaging and privacy. His message was basically that anything you do
is pointless and that his and WhatsApp/Facebook's way is the right one.

I've used Signal on few occasions in the past but his talk made me uninstall
it. I simply do not trust him after hearing his opinions. I do not support
centralization and other ideals he's now pushing (including the use of a phone
number as Signal's primary ID).

The talk was mirrored on few channels on YT [2] and you can still see it.

[1] [https://www.youtube.com/watch?v=DdM-
XTRyC9c](https://www.youtube.com/watch?v=DdM-XTRyC9c) (it's a private video
now)

[2]
[https://www.youtube.com/watch?v=Nj3YFprqAr8](https://www.youtube.com/watch?v=Nj3YFprqAr8)
(working link, who knows for how long so mirror it).

~~~
giancarlostoro
Wire seemed like a decent alternative where you're not required a number, I
think only an email. Also you can delete your account.

~~~
tptacek
It's fine, but you should know that pretty much everything Moxie and Signal
talk about contrast sharply with Wire. For instance: last I checked, Wire
stores your entire social graph on their servers in a database --- effectively
forever, Wire stores a plaintext log of everyone you've communicated with.

~~~
xorcist
To be fair, since there is no remote attestation possible for the Signal
servers, and you realistically can't run one yourself, you only have their
word that they don't store any of that information.

This is similar guarantees that a lot of other chat and VPN companies offer.
Personally I would consider any information given out to a company non-secret,
especially to those operating outside my jurisdiction.

~~~
tptacek
The difference is that Signal's competitors are designed in such a way that
they _have_ to keep this information, and Signal has delayed key features,
like user profiles, until they've managed to create designs that don't have
these restrictions.

So the logic you're using here is essentially: "since we have to take Signal's
word for some part of this, we might as well use services that promise the
exact opposite". I don't find that argument persuasive, but you do you.

~~~
xorcist
There's no reason to caricature anyone's arguments here. Why the antagonism?

~~~
tptacek
Help me understand where I've lapsed into caricature?

------
viro
Is no one going to talk about how much more complex matrix is than signal?

~~~
Arathorn
overall it's more complex thanks to the decentralisation.

------
badrabbit
First off, I have to say this about matrix: they have by far the best foss
community I have seen. Excellent work on managing the community, others should
take note.

Second, both signal and matrix collect too much metadata. signal means you're
completely screwed by their dependency on phone numbers. I expect little
metadata privacy from signal because to me, it is practically the same as
using my SSN or fingerprint as my user name,same for all my contacts, this key
field is used by everyone and their mother to track everything we do like 1984
was target practice. For matrix, it's the defaults and how easy it is for
others to fingerprint you using your specific device (equivalent of a user-
agent seen by everyone iirc?) and other profile details ,but none of this is
easy to correlate and answer questions like "which social network demographic
micro-group does this user belong to so we can perform targeted infiltration
of their device?" or "Hey, let's use this phone number to look perform the
equivalent of a background check on this person who is sending us a message
because we now have their phone number". Oh and the best part is, you can't
just get a burner to use for registration, and to link a signal desktop,you
need the mobile app. Matrix has none of these issues.

Third, consider your threat models carefully. As an individual, is it better
if you have infrasructure diversity and protocol interoperability or is it
better to put all your eggs in signal's basket. I never liked their use of
google infra at the begining for example because I consider google more of a
threat to me than most other parties. I can see the argument both ways. I
personally consider the set of parties that have the most to benefit from
targeting me as an individual plus those who have the most to benefit from
dragnet surveillance where I reside. To me, matrix is more flexible to adopt
to various threat models by for example self hosting compared to using a
popular matrix server. Signal is better than the competition, if your fear is
being exposed to unpatched vulnerabilities and/or if you are worried about
metadata snooping (but you trust signal's infra provider, still google??) Then
Signal makes more sense. For dragnet, I think matrix is better for me because
implementation vulns only apply to a few users,making reliable dragnet attacks
less likely. For anyone that might target me, my mobile phone is completely
defenseless, so my concern is someone identifying _my_ specific device for
targeted attacks, with matrix they need to compromise the matrix server and
even then they might need to do a lot more work to correlate which matrix user
is me (real life "target worthy" identity). Where as with signal,they can
easily micro target a group ,find out everyone's phone numbers (e.g.: hk
protesters) and target their device for further exploitation via signal or any
other pwnable app that is known to present on a device associated with that
phone number.Practically, I am more worried about how each app fits in with
everything else I do and matrix wins the security round for me.

Last but not least, I use signal for 98% of my comms because the phone number
usage by Signal means I can easily connect to and invite people who don't have
signal. If there is a Matrix client app that can be used as an sms client and
can discover contacts' matrix account/server over sms without communicating or
collecting phone number/name details of the contact, I think i might jump
ship. The way I envision this to work is: the matrix client would have an
invite button for non-matrix contacts and it will have an option to initiate
discovery of contacts. Both options would do a challenge-response with each
contact and instead of associating with a phone number they would ask to
create a new martrix only contact.

------
maqp
Matthew outlined much of the Matrix problems but not in the context of the
latter part of his idealistic thoughts.

Just going to point out that if agreeing on spec is six time slower, that's
just the first car of traffic jam slowing down. The next car has to slow down
more: The feature needs to move into SDKs. Then the next car, the client
vendors need to actually implement and test their implementation of the
feature and write documentation. That's even more slow.

"HOWEVER: all of this completely ignores one critical thing - the value of
freedom."

I really value freedom. To me freedom means a non-technical dissident doesn't
have to sit in jail when their messages weren't E2EE. It doesn't mean I can
choose a value from a list of servers and have faceless entity #1, #2 or #3,
or worse, Mike - the creepy IT guy from my peers - observe my metadata with
everybody, and content with Karen who refuses to switch to Matrix client that
supports E2EE.

"Freedom to run your own server (perhaps invisibly in your app, in a P2P
world)."

Now this is something I can get behind. Which is why I've spent the last eight
years working on P2P messaging system. Perhaps Matrix should move their
efforts into being the change they want to see in the world instead of
defending a bad solution of decentralization by saying they're thinking about
implementing a better solution of P2P.

"Freedom to pick which country your server runs in"

Which you can't do if you're running P2P server on your device. I think every
faceless service provider from Signal to any XMPP server has the same
guarantee of privacy in practice. The only difference is Signal has to abide
by the GDPR, independent users hosting servers don't. Before anyone screams
about PRISM, I will point out that coercing insertion of a backdoor is the
same as compelled speech, which would violate the constitution.

"Freedom to select how much metadata and history to keep."

We have precedence of Signal keeping none of that. With Matrix servers the
server has access to all metadata by default, the server program doesn't
attempt to hide anything, there's no sealed sender etc. Your only hope is to
run your own server, somehow convince your peers you're the one they should
trust with their metadata (there's a third party on every decentralized server
with more than two users), and hope you don't grow enough to get hacked by
nation state actors or criminals.

"Freedom to choose which apps to use - while still having the freedom to talk
to anyone you like. Freedom to connect your own functionality - bots, bridges,
integrations etc"

A nice idea, but everyone needs to have same features for it to work, so what
you get is differences in UI, implementation language, and platform support.
What matters most here is the programming language: Matrix client written in
Rust is more secure that one written in C. But unless everyone uses the Rust
version, the group chat is as secure as the weakest link. Same goes with
bridges. You'll never have security because of this guy who likes to re-live
their youth through irssi: [https://xkcd.com/1782/](https://xkcd.com/1782/)

Also, what happens when Facebook implements their own Matrix client that
steals your metadata from the endpoint, and what happens when they start
bundling their app on every Samsung smartphone? Perhaps it's not your
idealistic Riot client that's the problem, perhaps it's the bundled spyware on
every peers' device used by people who just, don't care. I'm not saying Signal
fixes the problem of user laziness, I'm saying it's better to know what's on
the receiving end.

"Freedom to select which identifiers (if any) to use to register your
account."

Which is kind of pointless considering the IP-address still leaks to the
server by default. And the UUID means all your metadata can be tied together.
The social graph is revealed to the server so unless everyone keeps rolling
their IDs and exchanging them over some other channel, it's pretty much
impossible to hide metadata from a malicious server running statistical
analysis. Even if you're not malicious, there's no way to know if your server
has been compromised. Or, if you somehow can harden your server against the
NSAs of this world, please, go work for the Freedom of The Press Foundation or
something.

"Freedom to extend the protocol."

When the protocol fails to mandate BASIC security features like E2EE, it's
kind of pointless to talk about the possibilities of extendability. There's
always going to be maintainers and theyneed to prioritize, so there's always
going to be someone who decides whether something will be implemented by them.
Signal doesn't forbid pull-requests if you want something done. The nice thing
is, it's at least six times faster to do it for Signal.

"Freedom to write your own client, or build whole new as-yet-unimagined
systems on top."

So it's the freedom of the developer we're talking about. Reminds me of BSD vs
GPL (BSD says developer has freedom to fuck over users with proprietary fork,
GPL says user has right to not be abused like that, and that developers have
the obligation to not do that). It's the rights of the users that matter. That
is, human rights. You can merge as-yet-unimagined systems to Signal. You might
face initial criticism because it needs to be secure by default. But it's not
like Moxie will show you the finger for proposing something before it's
discovered or announced. I have first hand experience with this:
[https://github.com/signalapp/Signal-
Android/issues/4171](https://github.com/signalapp/Signal-Android/issues/4171)

"It’s true that if you’re writing a messaging app optimized for privacy at any
cost, Moxie’s approach is one way to do it."

If you consider privacy is a human right, developer freedom isn't, it's easier
to see who has their priorities in order.

"you end up thoroughly putting all your eggs in one basket, trusting past,
present & future Signal to retain its values, stay up and somehow dodge
compromise & censorship… despite probably being the single highest value
attack target on the ‘net."

So which one is easier to subvert, community of experts constantly under
scrutiny by peer experts trying desperately to make a name for themselves, or
open work group on protocol that still isn't secure by default, and that is
much more susceptible to stagnation via bike-shedding and mission hijacking.
OpenPGP work group still hasn't agreed on v5 fingerprint, the SHAppening
happened five years ago. I'm going to have to disagree and say I don't have
faith in unnecessarily large organizations.

I'm just going to say this FUD is worth being pointed out, but that it's not
worthy of dissection.

"We owe the entire success of the Internet (let alone the Web) to openness,
interoperability and decentralization."

A thought that was denounced in the 36c3 talk whether you watched the stream
or not.

"To declare that openness, interoperability and decentralization is ‘too hard’
and not worth the effort when building a messaging solution is to throw away
all the potential of the vibrancy, creativity and innovation that comes from
an open network"

The worth was not addressed by this writing in any way, and the practical
problems that far outweigh the idealistic goals were discussed by Moxie
because what matters is the human rights to privacy of the users of the tool,
not whether the infrastructure is based on idealistic ideas that don't offer
tangible security benefits in practice.

Like Moxie said, prove that decentralization works by doing the bare
necessities of implementing E2EE, then it's worth discussing whether the
idealism part matters, and if decentralization has something useful to offer.

"Sure, you may end up with a super-private messaging app - but one that starts
to smell alarmingly like a walled garden like Facebook’s Internet.org
initiative, or an AOL keyword, or Google’s AMP. "

The negative connotations of these companies are about lack of respecting
privacy. It's really weird to essentially say "you end up with super private
app that shares other commonalities with privacy invading companies". Walled
garden isn't ideal, but for now, it's more secure and that's what matters more
to users.

"So, we continue to gladly take up Moxie’s challenge to prove him wrong - to
show that it’s both possible and imperative to create an open decentralized
messaging platform which (if you use reputable apps and servers) can be as
secure and metadata-protecting as Signal…"

That's the attitude we need. Now go out there and use your preferred methods
to make the idealistic protocol secure by default! Just don't expect me or
anyone else to recommend its use before that happens.

"and indeed more so, given you can run your server off the grid, and don’t
need to register with a phone number"

Will you be getting rid of IP-address leak to servers too? Quick jabs in
closing notes that aren't thought out too well are not very nice.

"and in future may not even need a server at all."

Also maybe reconsider ending your refutal of criticism towards decentralized
architecture by hinting that users should look towards upcoming P2P
architecture.

~~~
Dddd50000
Signal could be more tolerable if they did not threaten and harass those who
develop third-party clients, citing their unreasoned claims that they somehow
"burden" them (1). They cannot demand pull requests if they treat the
community like that. Depending on the locale, even frivolous lawsuits can be a
real nuisance.

1)
[https://github.com/LibreSignal/LibreSignal/issues/37#issueco...](https://github.com/LibreSignal/LibreSignal/issues/37#issuecomment-217211165)

Encryption is also not the only thing that matters. Amateurish functionality
omissions are really annoying. For example, in 2015, Signal developers removed
the option to create, join or leave groups in the desktop client (2), and they
apparently haven't still fixed it. They don't want, nor does anyone else.
Maybe a less hostile approach towards community would yield better results.

2) [https://github.com/signalapp/Signal-
Desktop/issues/530](https://github.com/signalapp/Signal-Desktop/issues/530)

While I agree with you that this Matrix e2ee thing has took way, way too long,
let's not pretend that everything happens at time in those walled garden
systems...

------
d33
> Moxie didn’t want the 36C3 talk recorded

Curious why. Anyway it's there:
[https://peertube.co.uk/videos/watch/12be5396-2a25-4ec8-a92a-...](https://peertube.co.uk/videos/watch/12be5396-2a25-4ec8-a92a-674b1cb6b270)

~~~
arusahni
Here's his reasoning:
[https://twitter.com/moxie/status/1211443530335281153](https://twitter.com/moxie/status/1211443530335281153)

~~~
daenney
> I just prefer to present something as part of a conversation that's
> happening in a place, rather than a webinar that I'm broadcasting forever to
> the world.

To me it sounds an awful lot like not wanting to be scrutinized or held
accountable for what he says.

I also find this rather disappointing as it excludes anyone who is unable, for
whatever reason, to be at his talks from hearing what he has to say. Given how
influential he's been in this domain, this sadness me quite a bit.

> I have less faith in the internet as a place where a conversation can happen

This feels a bit ironic, given he's built an enterprise on enabling
conversations to happen on the internet, though arguably only with a limited
set of people.

> , and the timelessness of it decontextualizes.

Not quite sure what that's supposed to mean. Perhaps it's a language barrier
thing, but I can't parse that into something sensible.

~~~
tptacek
In addition to writing on the Signal blog and on Twitter, he's on HN regularly
addressing questions about what he's doing; you've had plenty of opportunities
to engage with him directly. This seems like a swipe you're making for its own
sake.

------
ddevault
Moxie has always gaslit users with legitimate concerns because addressing them
would mean giving up power. Signal is a self serving design and driven by self
serving decisions. I've written about this in depth before:

[https://drewdevault.com/2018/08/08/Signal.html](https://drewdevault.com/2018/08/08/Signal.html)

I still stand by everything I said here, and lots more that goes unsaid in
this article. Every single weird decision Signal makes is not because they've
reasonably decided to come down on some side of the fence that others haven't
- it's because their decisions serve moxie's wants above anyone else.

~~~
dang
No personal attacks on HN, please, regardless of how right you are or feel, or
how wrong someone is or you feel they are. Maybe you don't owe that person
better, but you owe this community better if you're posting here.

[https://news.ycombinator.com/newsguidelines.html](https://news.ycombinator.com/newsguidelines.html)

~~~
ddevault
Sorry, you're right. I've edited it to be about the behavior instead of the
person.

~~~
tptacek
From the comment I see right now and the logic you're using here, "have you
stopped beating your wife" wouldn't qualify as a personal attack.

~~~
ddevault
And if we extrapolate your logic, we can never comment on anyone's bad
behavior at all. My complaints are on topic for the article in question, I'm
not just swinging at Moxie at random here.

~~~
tptacek
The "beating your wife" bit comes with words like "gaslight", "self-serving",
and "moxie's wants above all else". I'm trying to imagine what the comment
originally said, because the one you've edited is obviously a personal attack.

Not to mention the fact that you appear to have just conceded my point. "But
we were talking about Bob!" doesn't make it OK to ask Bob whether he's stopped
beating his wife.

