Hacker News new | past | comments | ask | show | jobs | submit login
The Ecosystem Is Moving [video] (ccc.de)
104 points by olivernyc on Dec 29, 2019 | hide | past | favorite | 90 comments

Every time I see Moxie talking about decentralization, I can't help to think that this is all a big disguised agenda used to promote his own business for selling the Signal technology to any messaging vendors (WhatsApp, Facebook, Google, etc.)

He keeps bringing data privacy and data encryption as the sole motive for decentralization but that's not really the point. The main point is data ownership and freedom of usage.

WhatsApp and Signal are good messaging services indeed but:

- We are tied to their official clients.

- Which means that we are tied to the platforms they support

- We are also required to have Google Play services installed on our Android phones

- We are tied to phone numbers

- And if (for whatever reason) we trip on their abuse detection services, we might get banned and completely prevented of using their own service (mistakes on their side can happen as we have been seeing with Google)

The point of decentralization is to avoid all these annoying constraints. Encryption and privacy are a bonus, not the selling point.

Also, all of his points about centralization are completely refuted by the efforts of the Matrix project.

There are trade-offs in user experience between a centrally controlled effort and something like Matrix.

If you've listened to him talk many times before, it seems almost disingenuous that you'd believe he hasn't made this choice because mass-adoption and user experience are the first priority of his design constraints.

It doesn't mean your criticisms aren't valid wants in a messenger but there is a logical and publicly explained motivation to why Signal is the way it is. One piece of good news is that being tied to phone numbers is a problem Signal appears to be solving in the near future. [1]

[1] https://signal.org/blog/secure-value-recovery/

It seems to me that these design constraints are more to their benefit than to the benefit of the users because it simplifies a lot the maintenance of their infrastructure:

- By relying purely on phone numbers for user accounts, they remove a good chunk of infrastructure for having to deal with problems with logging in or missing passwords or stealing accounts.

- And by relying on Google Play Services, they avoid having to maintain a push notification infrastructure.

And I'm okay with this! It's smart and effective but I just wish he would be open and honest about it and not spread FUD about decentralization and other alternatives as an attempt to justify Signal's design decisions and make it look like "the only true way of messaging securely".

When he was asked by the public during his talk about the phone numbers, he went a long way to give an answer that didn't really answer the question. It was almost like a politician trying to justify an ulterior decision.

He is a salesman, a very good salesman. A good part of his presentation was not even about the "ecosystem", he just was wandering off-topic walking the public through his point of view. You could see this when he started to sneakily dismiss decentralization with saying "I host my own email" basically saying "So I am an authority on everything about decentralization".

> - And by relying on Google Play Services, they avoid having to maintain a push notification infrastructure.

It was mentioned in a sibling comment to GP, but Play Services are no longer required. If you don't have them installed, Signal will use its own push notification infrastructure.

Indeed, this was not always possible, because they had to implement and maintain it first, in a way that would provide a good user experience for users. (And even then, the non-Play Services version is still somewhat detrimental to the user in the sense that their battery depletes more quickly, so it's a trade-off they'll have to make themselves now.)

> ... mass-adoption and user experience are the first priority of his design constraints.

But then you force users into a risk model where third parties (such as Google or Apple) may know everything, and users must trust them.

My point is not that you must agree with Moxie's design choices. Just that there are inherently complex trade-offs involved and Moxie makes choices focused around mass adoption and not for selling the protocol to big companies.

Also, i'm not sure what you mean by third parties knowing "everything" since Signal provides E2E encryption of content and pretty good social graph protection. For existing users of Android and IOS (target market) I'm not sure what extra trust or knowledge Signal users must give to Apple/Google other then the fact that the user does use Signal.

Users typically don't have root on Android or iOS. How do we know that Google/Android (or maybe telco) aren't obtaining plaintext before encryption?

I'm not arguing that they're doing that. Just that the risk model depends on trusting them not to do it.

And if there is compelling evidence that they can't do it, I'd love some cites.

Also, Signal accounts are tied to telephone numbers. And it's well known that phones by default accurately know their locations. So any app with adequate permissions knows the device's location. And location privacy depends entirely on software settings.

> - We are also required to have Google Play services installed on our Android phones

FYI: You can download the Signal apk from their homepage.

Also, every Signal user is likely geolocated at at least meter accuracy.

Can one still side load Signal via adb install?

> Can one still side load Signal via adb install?

Yes, you can download the APK from the Signal website (https://signal.org/android/apk/) and install it with adb. If you have trust issues then you should think about compiling the source code yourself—it's very easy in Android Studio—and installing with adb.

So in the beginning of the presentation Moxie brings up some valid cases where it's good that centralized services can rapidly iterate and improve such as WhatsApp being able to roll out end-to-end encryption with a single update, while email is still not encrypted despite the tools existing to do so for years. Basically centralized services can roll out changes quickly and decentralized ones are more or less set in stone.

However, I feel that maybe he isn't considering the downsides of being able to change quickly. Sure WhatsApp was able to add end-to-end encryption with a single update, but they can just as easily remove encryption with another update. Additionally, while I will admit that it sucks that email is not encrypted, knowing how many people and businesses rely on email every day, it should be incredibly difficult to make changes to it. I don't want a single person or company to be able too suddenly decide to change how email works.

One area where I am sympathetic towards Moxie and Signal is requiring phone numbers (mentioned at the end in the Q&A). Personally, I don't see it as being all that big of a deal and it does bring several advantages with it:

* Users get to store/control their own social network in their phones address book

* Users can switch easily between WhatsApp/Signal/etc.

Although I agree that requiring phone numbers does reduce the privacy of Signal users, I think it is a worthwhile trade off for making the app usable by the public.

Also, it seems like usernames might be supported in the future: https://signal.org/blog/secure-value-recovery/

This idea of phone numbers being easy to use is baffling to me. Phone numbers come with so much red tape it's unbelievable.

I'm still paying for a phone service in a country where I previously lived (5 years after leaving) because I can't move all the stuff that's linked to that phone number. I even had to send them a government issued photo ID recently so I could keep the number.

And to use the number without switching SIM cards I have a separate phone that I'm booting up just for that purpose. I actually bought a third phone to manage all my SIM cards. This time I was smart. I bought an Android phone with dual SIM slots in spite of being an iPhone user.

After listening to Moxie's talk, I realise that many of his arguments sound entirely plausible from a US centric point of view but make far less sense if you live elsewhere.

Building on top of phone numbers also assumes that end-to-end encrypted messaging will always be permitted in the mobile app stores. It's a reasonable assumption as far as the US app stores are concerned. I wouldn't bet on it here in the UK though, and even less so in many other countries.

Phone numbers are useful for exactly the reasons you find them frustrating: stability -- as you said, everyone and everything you associate with can and will store and contact you via your phone number indefinitely -- and portability -- everyone accepts and understands phone numbers, modulo international dialing.

Sure, something could and maybe should replace phone numbers, as the system is definitely messy wrt international dialing and countries changing numbering plans.. But the thing that replaces phone numbers in their usefulness will bring the same frustrations you express.

Email has mostly the same characteristics, especially for non-computer-people. My parents were paying $10/mo for dialup up to ten years after switching to DSL and Gmail, just to keep their old email address. I bring that up not to point out the extortion -- email could theoretically have had address providers decoupled from hosting provider through DNS, if it had been made user-friendly -- but to point out the value in the stable identifier. I know this is an anecdote, but the story of AOL email is similar, that 2.5 million people [1] were still paying $20/mo for their dialup and bundled email when "some of whom" (sorry there's no better information on this) had since switched to a different ISP, but kept paying AOL to keep the email.

> I even had to send them a government issued photo ID recently so I could keep the number.

Governments will always want to link users to their stable identifiers. It's in their policing interest, for better or worse. Switching away from phone numbers will just shift the problem.

[1] https://consumerist.com/2013/08/08/believe-it-or-not-2-58-mi...

>Phone numbers are useful for exactly the reasons you find them frustrating: stability -- as you said, everyone and everything you associate with can and will store and contact you via your phone number indefinitely

No, not at all. Most of my contacts don't have my current actively used phone number or the old one I'm forced to keep. I have a whole box full of SIM cards I once used for one reason or other. Most of them no longer work (I think).

It's the same thing in the other direction. I have tons of phone numbers of some people and I have absolutely no idea which ones actually work.

You're right that email is the same mess, at least for people who don't have their own domain (which is most people).

But Signal is a centralised service. So why not use usernames?

The reason is not stability, because phone numbers can hardly be more stable on Signal than Signal's own usernames.

I believe the reason is that Signal was hoping to get faster traction by showing people who else in their phone book has Signal installed.

I find that creepy to say the least. And it's a very bad reason force the whole usability disaster that is phone numbers, SIM cards and phone companies onto all Signal users.

Why not use something like an email address instead of a phone number though. A phone number can be used to track you in the real world, it’s worse than having someone’s IP in some cases.

In fact some countries (Russia, at least) require you to give over Government issued ID when you get a new phone number. So it’s directly tied to your real persona, this is not just one country doing that either. I believe it is also a requirement in the UK now too. (They’re combating “burner” phones)

Because of contact discovery and migration. The success of those apps is directly related to the fact you can instantly see all your contacts with it when it first start. Email wouldn't have the same effect because poeple don't have them saved in the contact list.

I think university should have a mandatory course where IT student go and interact with real users and have a budget to manage according to the success of their exhange. It would make those questions much less likely.

Not sure I agree. Although I’m not 100% certain of all smartphone implementations. But I definitely have emails for everyone in my addressbook/contacts list.

It’s the only thing that exists which can be anonymised properly and is static through many centralised providers.

Otherwise it’s back to usernames and the bazaar that is: does this person /actually/ have their names on telegram/skype/whatever

See second part of my comment. You are in the HN bubble.

I don't think this is true at all, maybe you are in a USA bubble? People in other parts of the world do not seem have a problem adding each other on LINE or Facebook for example without using a phone number at all. Meanwhile one friend of mine has lived in France, the UK and Germany in the last few years and I have no idea what his current phone number(s) are or what country they are from. Many acquaintances who I have not spoken to for some time have most likely moved abroad at some point and I doubt any of the phone numbers I have for them are still correct.

In my experience, for reasons like this, people do not generally bother swapping phone numbers any more.

Meanwhile, in Southeast Asia recently, I was unable to sign up for Discord because they required verification with a phone number. My local phone number was rejected because it was prepay, not a contract. I wonder how many people in that part of the world have a phone contract? Does Signal also enforce that requirement? Should access to secure comminications really be linked to one's credit history in that way?

The lack of automatic contact discovery never stopped people of looking up each other on Facebook. I don't see why messaging would be different.

Of course it did: facebook actually started by using the university contacts to propagate using a spammer strategy.

Now that it can't, it invasive use your personal information to suggest contacts.

> "Although I agree that requiring phone numbers does reduce the privacy of Signal users, I think it is a worthwhile trade off for making the app usable by the public."

My phone service is data-only. Requiring I have a legacy communication service like a phone number makes the service unusable by me and I'm sure I'm not the only one.

There is no good reason to require a phone number when you realise the downsides of it. Since everyone has an email anyway I dont see how requiring a phone number is an advantage. You can lose access to a phone but losing access to an email that is available across devices is a lot more difficult.

Using phone numbers is such a deal breaker. Never. Ever

The benefits are many orders of magnitude trivial compared to the scam-factor and abuse risk.

Such a shame.

Had it been optional it would have been an entirety different story.

Ditto. This is the reason I've never even installed it.

> requiring phone numbers does reduce the privacy of Signal users

Reduce? I'd say eliminate. Unless it's an ~anonymous number. Which is entirely nontrivial.

Now maybe one can say that most people don't care about privacy. But it's only fair to be straight about it.

Privacy and anonymity are not the same thing.

This talk is basically an elaboration of Moxie's blog post from 2016 with the same name [1]. See also a response to this blog post by Daniel Gultsch, developer of the popular Android XMPP app Conversations [2].



Its funny how he mentions domain fronting as a technique to counteract censorship, and even uses Google as an example, while in fact Google (and also AWS) banned them from doing domain fronting a long time ago...


Still works with other CDN's. No point in putting those companies on the spotlight.

domain fronting is also something that you can do with any service, it does not require centralization. You can still use it on top of the censorship advantages decentralization gives you.

Great talk. It could be an Urbit ad since most if not all of the mentioned problems (and many more) are exact reasons it was designed the way it is.

Stagnation of development is caused by fragmentation of platforms. For every app we need to develop the same app over and over and over, and then keep them in sync. That's why we need a precise, unified, and well designed OS/VM layer. Only then we can run and update the same app on many systems with ease.

The reason why it takes so many engineers is the byzantine stack of layers we've developed over the years and platform fragmentation. Which compounds with the fact that every decentralized app has to develop the same set of things over and over. If only the OS/VM layer had it ... built in - like in Urbit.

Censorship resistance problem described in the talk is not an issue if the ID is decoupled from the infrastructure. Something that I still don't understand why federated protocols don't get (I'm looking at you Mastodon). If you make them scarce and transferable it will additionally help fight the abuse.

The list would go on, but it has all been described many times.

> That's why we need a precise, unified, and well designed OS/VM layer. Only then we can run and update the same app on many systems with ease.

Is this not exactly why the web has become a platform for apps? And wouldn’t all of the issues inherent in the web also then apply to this OS you describe?

Web is built for client-server architecture. And that's what we've got - bunch of big companies, storing all the data, and our thin clients downloading only the part we look at.

Urbit is built for p2p architecture.

In this video, Moxie Marlinspike--the developer of Signal, someone who has been consistently extremely negative on not just the idea of federated and decentralized systems but of open protocols and alternative clients for centralized systems (to the point where it shocks me he still does any development as open source, given how hard he pushes on the idea that people who fork his clients are actively doing something that harms the world by leaching resources from his organization for their own client, which I feel like misses the entire point of why people are doing those forks in the first place)--makes the argument that, because decentralization doesn't automatically and inherently solve hard problems merely due to the technology being decentralized, we should not waste time working on decentralized systems and instead work on and support centralized ones (one would imagine, particularly his).

While he clearly understands it not only was but still is a very difficult problem to make a centralized service private (as he points out how much work has gone into making some basic aspects of Signal seem usably private), he doesn't want to admit the idea that someone could or should spend commensurate time also working on researching or improving decentralized systems :/. In the process, he ignores attempts to work on what I'd consider the primary problem (something someone thankfully poked him about during the Q&A, though I'd say not hard enough)--transport obfuscation--and thereby goes so far as to claim that decentralized systems are fundamentally less private (using an example involving peer-to-peer video/audio calls on Signal that they decided to instead route through their centralized servers) based on that assumption of non-private transports (as clearly we should all trust Moxie Marlinspike and the handful of people who work at Signal with our metadata over anyone else we might want to be able to choose to trust).

As part of this, he spends a lot of time trying to argue that people don't actually have any useful control in a decentralized system anyway, which is, of course, extremely convenient given how he doesn't really acknowledge that the entire point of his thesis is that he and his centralized organization not only should but in fact must maintain all the control so that he can follow the moving ecosystem :/. Meanwhile, he cites federated systems of the past as clear and unmitigated failures, including specifically IP, a layer upon which he somehow manages to build Signal on top of despite being supposedly fundamentally and horribly flawed due to being a decentralized protocol frozen in time and nearly impossible to change (which isn't even true! IPv6 was insane for actively going out of its way to break transition paths, but as many people have pointed out it didn't have to be that way; and even within IPv4 we have seen a lot of manipulation and progress in the form of protocol extensions. many of his other examples are also clearly flawed if you know anything at all about the protocols involved).

"Finally"--a word I use here both in terms of it being the most repetitively frustrating things about this talk (and so I list it last) but also as it came up again at the very end (thereby closing the video) due to a question from the audience poking him hard on this point (to great applause)--he continues his apologetic rhetoric for the idea that phone numbers are somehow better as an identifier than any other possible alternative--something that is so wrong on the face of it that we can point at ludicrously popular chat systems, such as Kik, that were largely popular because they did not use phone numbers at all, in addition to the vast majority of popular social networks that merely use phone numbers for account password recovery (and while many of them now require phone numbers to sign up, that is entirely unrelated to the service and how you use it, and was usually not the case when the service first came into existence: it was way more common to require an e-mail address than a phone number)--to the point of seriously claiming multiple times that ceding control of identity to the telecom infrastructure (something we know is horribly insecure even if you trusted all of the players, which I don't think anyone does) is one of the things that makes chat fundamentally better than e-mail (?!?).

Really, the best line from the video came from someone in the audience asking a question, leading with: "thanks for the thought provoking talk... you said so many things I disagree with, it is tough to pick a question" :/. For me, that feeling goes well past just this talk and his positions on chat systems: his love for Intel SGX--a technology that has been broken multiple times and whose key feature, Remote Attestation, is just "DRM" by another name--puts him on what I would argue is "the wrong side" of the war over general purpose computing, wanting to rely on user-hostile hardware to protect decentralized cryptocurrencies (such as his MobileCoin) from attack by anyone... other than Intel, obviously, as they can be trusted?... or any governments that can lean on Intel, as maybe we like those governments?... or of course, anyone with a zero-day hardware side channel attack, as we can pretend all of those have been found? :/... essentially, in the end, most of his positions just seem like a way to shill for centralized government control over everything, with metadata being protected only by the security of the memory of his servers (something which was pointed out by yet another question from the audience, and for which he didn't really have a good answer) wherein the best case scenario is that laws like the DMCA end up being what protect us from attackers as opposed to actual math :/.

> because decentralization doesn't _automatically and inherently_ solve hard problems _merely due to the technology being decentralized_, we should not waste time working on decentralized systems and instead work on and support centralized ones (one would imagine, particularly his)

That is an extraordinary mischaracterization of his talk. What he actually says is that decentralization makes many desirable characteristics -- enumerated at some length in this video -- more difficult. The implicit argument, then, is since we're struggling to achieve certain desirable characteristics even in centralized systems, we should focus our efforts there first.

One point I've made in alignment with this is to ask why decentralized systems are inherently more private.

Most decentralized systems seem to have more surface area for surveillance, not less. Why couldn't surveillance agencies and data-grabbing corporations just launch a bunch of "Sybil" nodes to surveil everyone? These would be virtually undetectable as they would be otherwise well behaved nodes and could be put behind ordinary looking cloud or ISP connections. Most shared data stores can be trivially scanned and data mined, decentralized networks like DHTs can be crawled, decentralized apps can be MITMed with Sybils and honey pots, and so on.

I predict that if any decentralized or federated system really becomes popular enough to merit attention from data-grabbers we will see the launch of an industry of companies and consulting services dedicated to mining and surveilling it. Security is hard, and security across a heterogenous decentralized network run by users and volunteers is many times harder.

I suppose you can see something analogous in the cryptocurrency space. I've argued for a while that Bitcoin and similar CC systems were in fact rapidly compromised, but not by attacking their cryptography or protocols. They were compromised via social engineering and financial game playing that transformed them from currencies of the sort they were intended to be into decentralized Ponzi schemes and money laundering vehicles. They were taken over and repurposed, not taken down or hacked in the conventional sense. The same thing would probably happen to e.g. Matrix or Mastodon if it got popular enough. Companies and governments would just assimilate and repurpose these things into surveillance and spam-delivery vehicles. With superior resources and economic forcing functions this would be quite easy.

A centralized system has a single point of failure, but that also limits attack surface. I assume centralized systems to be surveilled by their own operators and their host countries, but it's a lot harder for other actors to do so.

The talk can be taken in two ways.

1) It's a reasonable comparison of centralised and decentralised systems.

2) It's a way to discredit decentralised systems so people move to Signal because Moxie is a corporate / government shill or want to be the personal Jesus or something.

Which explanation looks more likely to someone, is mostly based on how they personally trust Moxie. And a lot of people in the community don't consider Moxie trustworthy.

In my personal opinion, this talk made a lot of people angry, precisely because Moxie went to Anarchist club (CCC) and had a talk that can be summarised (again, in my personal opinion) as "give up on decentralisation, give all power to ME ME ME and I'll take care of you, pinky swear." Of course Anarchists don't want to hear that.

But to someone who trusts Moxie or centralised power in general, this might seem like a crazy interpretation.

3) Sharing his belief that centralized trumps decentralized for a bunch of practical reasons and of course Signal is going to be a centralized system based on this belief.

(I don't necessarily agree with Moxie but I saw his talk as neither of your 2 points.)

> And a lot of people in the community don't consider Moxie trustworthy.

What gives you that impression? I've heard many cryptographers say a good first step is to "just trust moxie and install his stuff". He's certainly better regarded than Pavel Durov (Telegram).

He definitely states for each of his points that the people working on decentralized systems are misguided because decentralization doesn't automatically solve these hard problems; and while his thesis is what you state--that solving these problems is easier as a centralized system because you are more agile--other than a few awkward straw positions (many of which I addressed, and which aren't even really arguments but just anthropic assertions based on misstatements of history) he doesn't really have much to say on the idea that decentralization makes the problem harder. Hell: I'll admit he could have... I have myself given talks about issues with federated systems (vs. "truly distributed systems", which I think are very different than federated systems) and the pain of trying to deal with things like metadata privacy (something the people behind Matrix actually admit in some of their internal talks), but all of his positions here (with again, exceptions where he just ignores transport privacy or goes down rabbit holes of false tangents about phone numbers) really came down to a repetitive phrasing like "decentralized systems are not inherently encrypted, in fact most decentralized systems are not inherently encrypted by default; there's nothing about decentralization that makes things encrypted, you know?" (exact quote) that are later followed with a couple unrelated points and then a restatement of the (incorrectly argued) thesis that decentralized systems can't change and centralized systems are the only way to get new technology. It is like claiming "decentralized currencies don't automatically cause privacy or anonymity, and in fact the vast majority of cryptocurrencies provide more public records than your existing bank" while just flat out ignoring that things like Zcash not only could exist but in fact already exist.

> (something the people behind Matrix actually admit in some of their internal talks)

Actually, we've been quite clear publicly that Matrix's initial incarnation didn't try to deal with metadata privacy, e.g. this presentation taken from a 2015 talk at the Jardin Entropique cryptography conference in Rennes: https://matrix.org/~matthew/2016-12-22%20Matrix%20Balancing%...

The fun thing is these days we've got to the point of building out metadata-preserving federation transports in Matrix (I just spent the Christmas break working on the stuff outlined in https://fosdem.org/2020/schedule/event/dip_p2p_matrix/).

It feels like we (as Matrix) should do a formal response to moxie's "ecosystem is moving" stuff at some point, not least because the original blog post was written in response to me mailing him to consider linking Signal into Matrix :/

> It feels like we (as Matrix) should do a formal response to moxie's "ecosystem is moving" stuff at some point, not least because the original blog post was written in response to me mailing him to consider linking Signal into Matrix :/

Moxie doesn't want to share, does he?

> It feels like we (as Matrix) should do a formal response

please do!

History has shown that user experience is the most powerful force in computing, at least at the consumer level and increasingly in other areas too. People will trade privacy, security, cost, freedom, openness, and virtually any other quality for ease of use.

I hypothesize that the reason for this is time poverty, not lack of expertise or desire to learn. People are more time-poor today than even 20 years ago. Even people who know computers well and could figure out how to use more DIY systems do not have time to do so.

I have a rule of thumb when designing systems: each step required to install or use something halves the number of people who will try it. If 1000 people discover something with a 10-step install, only 1-2 of them will actually try it. Remove a few steps and that number doubles a few times. Most successful "viral" apps have three or fewer steps.

Decentralized, federated, and generally more open systems have been consistently unable to deliver anything close to the ease of use of vertically integrated systems.

> essentially, in the end, most of his positions just seem like a way to shill for centralized government control over everything,

No one ever asks who is funding him, Signal development and their running costs.

A while back Brian Acton (WhatsApp guy) gave about $50m to the Signal Foundation, so I assume they a running off of that and smaller donations from individuals.

Yes they are quite successful in getting timely injections of large amounts of money.

While I am not a fan of centralized systems either and did initially perceive it as him justifying Signal's decisions I got a slightly more positive impression towards the end.

My takeaway is that he highlights that centralization makes moving fast easy (he's not wrong) and prods those who want to develop decentralized systems to be aware of the downsides. He holds up bitcoin OSS as a "fork to evolve" model as something that sortof works but isn't great either. We need something better. Perhaps a stack that solves the fundamentals in a reusable manner (discovery, e2e encryption, hiding metadata, group management, ...) so that people don't have to sink man-years into every new project.

That said, there are also flaws in his arguments such as the "server goes down, everyone has to change identity" example seeming too simplistic since identity does not necessarily have to be tied to a single instance in a distributed environment.

> ludicrously popular chat systems, such as Kik, that were largely popular because they did not use phone numbers at all

Wait? When was Kik ludicrously popular? Usernames clearly wasn't a feature that kept users coming back as the service almost shutdown in October before being sold off.

There are certainly some people that would prefer a username or other identifier, but avoiding yet another invitation fest by using your existing address book seems like a better onboarding experience to me, and seems to work ok for enough people. Also, who wants to fight for usernames again?

Usernames were used by Skype (I don't remember if it requires a phone number now) and are used by email. Email is probably still the most ubiquitous messaging platform.

I don't agree that phone numbers are good for onboarding: sending the first message to somebody on whatsapp requires asking for the phone number. Sending the first email requires asking for the email. Sending the first Skype message requires asking for the username. Not much different.

Whatsapp gives the extra bonus of being able to phone call and send sms to the contact and have the information required to add it to other networks. Maybe this is a power I wouldn't grant to all of my whatsapp contacts but I'm forced to of I want to use it.

Finally, it's much easier to change a username and reset my personal social network for a single messaging service than changing my phone number and lose most of them.

> I don't agree that phone numbers are good for onboarding: sending the first message to somebody on whatsapp requires asking for the phone number. Sending the first email requires asking for the email. Sending the first Skype message requires asking for the username. Not much different.

The argument for phone numbers is that you probably already have the phone numbers for your contacts, and not their Skype username if you've never contacted them on Skype before. It allows easy transition of contacts from the unencrypted phone network to encrypted messaging.

But it's still not clear what the issue is with at least having the option to use an email address instead of a phone number, which you also might already have in your contacts before the first time you communicate with them using a new messaging app.

> Wait? When was Kik ludicrously popular?

Kik was ludicrously popular among 16-24 year olds (and, both sadly and notably, I believe people even quite a bit younger); one of the main reasons cited is because your parents couldn't find you easily using your phone number (as they could on WhatsApp) or your real name (as they could on Facebook), etc. FWIW, I'm way too old to have used it myself (and was just as shocked at how popular it was as you seem to be when I learned of its existence at age 36).

> Usernames clearly wasn't a feature that kept users coming back as the service almost shutdown in October before being sold off.

I mean, the story is that Kik had a hard time figuring out how to monetize its user community, particularly given how many kids were using it, and so they decided to try launching a cryptocurrency at the height of the crypto bubble in 2017, which led to a $100 million dollar fine from the SEC due to irregularities in their offering... they got to the point of being so screwed that they decided to try crowdfunding their legal defense against the SEC, and so shut down Kik and fire most of their staff to conserve cash (where they were still in the "lose money on massive growth" phase of "maybe one day we will figure out how to sell ads or get bought by Facebook" trajectory).

However, that's the story; when I started looking into it (as I cared a lot about their SEC issues, as someone else who was working on a cryptocurrency project) I noticed they were also under some serious investigation for what was looking like child trafficking on their largely anonymous network of kids, and so one might want to consider the idea that this whole SEC SNAFU served as a good excuse for shutting down a business arm that was actually about to land them in much hotter water with the FBI than their offering was landing them with the SEC without actively coming out and saying "we looked into it and uhh... it was bad". Either way, AFAIK they didn't shut Kik down because it wasn't popular.

> Also, who wants to fight for usernames again?

Usernames aren't the only way to deal with identity. I'm not advocating for usernames (and in fact have some serious issues with them: I have on many occasions--all of in talks, on panels, and in comment threads--argued that the usage of permanent and unique chosen identifiers is actually immoral for a number of reasons I won't delve into again here), but the idea that phone numbers are somehow fundamentally better--particularly this argument comparing them to e-mail addresses--makes no sense given that essentially no other popular social network bootstrapped off of your identity being a phone number; the closest you could argue is that they supported mass address book contact matching, but that was always optional and somehow those services succeeded.

(Really, I think the argument Moxie was making was just fundamentally flawed as it was a broken analogy: he was trying to compare it to e-mail addresses as if e-mail were the competitor, but most people treat e-mail as the backdrop reality of identity not a viable competitor to their real time chat app, whether or not you want to argue they "should" see those as competitors. He then just fails to really tie the argument together with how any of these other social network services bootstrapped, and comes to this conclusion that the phone number is somehow the perfect identity. Like, if you compare phone numbers to e-mail addresses from the perspective of a service that is neither a phone company nor an e-mail service I think you get a very different answer than if you compare Signal trying to rely on third-party phone numbers to e-mail services relying on first-party e-mail usernames.)

The decentralized pockets of internet we used to know and love are rapidly disappearing. The new ones that get created are selling out or shutting down. There's no society wide impetus for that diversification anymore. We are all going to be locutus of borg whether we like it or not because the money is in building institutions now.

The monetization of the web went from services fees to advertising supported to subscription. Those closed off subscription pay walls are going to merge into each other and we're going to end up subscribed to one big cable-like service that becomes an institution upon itself. The web will become an institution like the old library, university and newspaper. Only when everybody is ID'd and institutionalized like Brooks in the Shawshank Redemption will the true value of a decentralized web be realized. People will be aching to get out, to play in the fields again outside the FAANG cage. Have non-polite conversations in secret or hold competitive advantages outside the borg.

Signal is the definition of a honeypot from the old days, the thinking around privacy has disappeared people just accept being a database entry on facebook's servers.

I agree with you and it is sad. The most depressing thing is that people, by and large, don't really care. They don't want to pay even $1 a month and would rather sell their privacy if it makes it free. VC funded companies are selling out to FAANG because it is too hard to build a revenue model. SMS is free today, few people will pay for private SMS. The same holds for email.

Does Signal have any advantages over Riot? Riot is a popular client, though not the only one. Competition is good.


> Does Signal have any advantages over Riot?

I think you meant to write Matrix?

Aren't Signal and Riot both chat clients?

Signal is also the protocol, and there is only one official Signal client for each platform (and Moxie has been incredibly aggressive towards any alternative clients -- threatening trademark lawsuits in some cases, or just blocking the clients from their network). Matrix, on the other hand, is an open protocol which has many clients (of which Riot is the most popular).

This would be like calling all of email "GMail" or "Outlook". Sure, some people do say that -- but it's still inaccurate.

The protocol is or at least was called axolotl and wire.com also uses it, they do not require phone, had and have many more features like video chat, desktop client ... How does wire compare to matrix?

The protocol is now called "The Signal Protocol".

> How does wire compare to matrix?

Matrix has most of the same features, but also supports groups much better than Signal-based protocols (a group-wide key is used an regenerated frequently, which amortises the cost of all the peer-to-peer messages required for Axolotl). It's also federated -- which means you can also self-host your own homeserver (very similar to email, but even easier). And Matrix has native support for bridges to other chat systems, allowing you to reduce siloing between chat platforms (you can talk to Slack, IRC, and Matrix users in a single Matrix room completely seamlessly). As far as I know, Wire doesn't do any of those things.

I also think the newest features Matrix has for key exchange (both the emoji-based verification and the new device cross-signing features) are objectively the most intuitive and easy-to-use when compared to any other E2EE chat system. Yes, even better than Signal's UX for key exchange.

> Signal is also the protocol

Yes but I was referring to the clients.

Sure, but you can't communicate with someone using just a client. As I said, it would be like referring to email as "Outlook" or "GMail". To compare Signal and Matrix, you'd be comparing the entire ecosystem (both the clients and protocols).

It's usable and you can put your mom on it

I put non technical users on Riot and so far working well, too.

I do feel he knows a bit about encryption, but he doesn't know what he is doing plainly.

He is kind of a weirdo

Great post. I totally agree.

I totally don't get the phone number obsession.

All you need is a seed phrase that generates a key.

The irony of a talk that speaks out against decentralized systems being only available on decentralized backups of the centralized original…

The link gives me an error

Link is dead now. 404

The irony of having to rely on a federated system to watch this video because the centralized one removed access to it is not lost on me.

Does anyone know why it was removed? It was removed from Youtube too.

Yeah I'm also wondering what happened... I was going to share the CCC page with friends, but the talk is missing from the 363C list (https://media.ccc.de/c/36c3). Feels weird sending around backup mirrors...

the ecosystem is moving!

Why is he saying that email is not encrypted? Isn't it actually encrypted when traveling from server to client? Who uses ports without SSL or TSL anymore?

And why does it matter if WhatsApp offers encrypted chat, if they can just update their client tomorrow and make it so that their servers snoop on everything (if that's not already the case)? A lot of the arguments of this guy seem to also be useful against himself. I won't go into more detail.

He is referencing end to end encryption. Google can see Your to/from/subject/metadata headers even if you bother to use gpg

Then that's a problem with us using a centralized system (Google) for emails, right? So email is not really decentralized.

Replace "Google" with "your email provider". Even if there were many diverse email providers with significant adoption, the problem would remain.

Unless you're using PGP (and -- critically -- the other people know how to use it as well), then your email is stored as plaintext on your email provider's email server (and the email provider of anyone you send the email to, as well as any forwarding agents that passed the email along).

PGP alone is no longer sufficient to talk about encryption in emails. The real step up is autocrypt (https://autocrypt.org/) that encrypts almost everything. Unfortunately the way email works it is still possible to know who is talking to who.

You could encrypt subject, from field and most metadata (some mail servers don't accept garbled from fields though). To field can not be encrypted, but that's the same on Signal (the server needs to know where to deliver the message to).

Nothing prevents you from not using Gmail.

If any of the people you are communicating with are using an email provider that they don't personally host, then the problem is exactly the same. In fact, arguably a better comparison to E2EE is that they have to host an email server on each of their devices (which precisely zero people do).

Not at all. As long as your keys to decrypt messages are on your device only, the body of the message will be gibberish for your email host. You could argue that metadata is in jeopardy since the email recipient is not obfuscated but that is the same thing with Signal where you rely on a central server with phone numbers connecting people to each other's.

> As long as your keys to decrypt messages are on your device only, the body of the message will be gibberish for your email host.

The original comment didn't imply usage of PGP. They asked whether messages being encrypted between mail hosts counted as E2EE -- and remember that the number of email users who also use PGP is close to 0%.

But with PGP, sure -- though PGP has many other problems which make it a questionable choice unless you are forced to use email for some other reason:

* Most email clients don't know how to use it and will often allow you to accidentally reply to an encrypted email with clear-text. This comes back to "every single one of the recipients of your email needs to actively know how to use it correctly".

* PGP doesn't have perfect forward secrecy (instead depending on long-lived keys) which means your entire conversation history is threatened if your keys ever become compromised.

* Most PGP implementations are not using properly-authenticated cryptography (yeah, there's the MDC but Efail showed that there were serious bugs in its design -- and backwards compatibility made it bypassable). OpenPGP still hasn't standardised AEAD.

Applications are open for YC Winter 2022

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact