However, these "enrichment features" from Signal over the last 2 years are less than what competitors like Telegram put out in 2 months.
Really basic things remain undone. Like being able to carry your contacts/message-history forward across planned device-upgrades on iOS – https://github.com/signalapp/Signal-iOS/issues/2542 – 4.5 years after it was "on the roadmap".
Many of Signal's novel cryptographic innovations, while cool, depend on trusting Intel SGX: both as a technology & in Intel's stewardship of the master keys/attestation-chains. Many cryptographers don't believe SGX will be technologically reliable anytime soon, and much of the world will probably see US-based Intel Corp similar to how the US sees China-based Huawei.
That's maybe true for privacy enthusiasts. You severely underestimate the need for these cutesy features when targeting mass market though. I claim stickers are much more important for that than data exporting.
Personally, I don't care much for features supporting cyber-grooming. What's the point of using cutesy features to attract users who don't care about security, just so someone else can _securely_ cyber-groom them?
Stickers aren't targeting young audiences in any sense. It's very weird to draw such conclusions just if you're not using them yourself (if that's the case).
So user-controlled portability doesn't seems fatal to the "point" of having a secure chat app, there.
My workaround, last time I upgraded my iOS device, was to screenshot all the old conversations I wanted to retain. Pictures come over just fine! Did Signal forcing me to do that make me more secure?
I think they just hate iCloud. (Perhaps while they trust Intel, they distrust Apple? It'd be great to know why.)
Well, I don't trust iCloud with my device backups, either. There are other things, in other apps on my phone, more sensitive than my Signal logs.
But it seems Signal is holding my chat histories hostage because they don't trust me. And it seems their ultimate plan for this will require me to use some Signal-run, Intel-SGX-mediated 'trustable cloud' for my contacts & messages. No, thanks!
Sorry but I don't understand this sentence. Why?
Like, I get that it's challenging from a technical standpoint, but I absolutely don't see why it would be pointless?
Riot/Matrix does it: it's far from mature/polished—plenty of room for improvement—but it uses double-ratchet, and it functions.
Secure messages shouldn’t persist and if they do they aren’t secure. Being able to export, upload, and restore an entire conversation history is the opposite of secure.
There is no point in using a secure messaging system if your entire conversation history can be downloaded the minute a single person in your group loses physical security on their device. Just use FB Messenger.
This is a nice, but ultimately utopic, non-sensical, impossible security requirement. I take your point that anything persistent is insecure, but anything received is potentially persistent.
There's no such thing as perfect security, there are only levels. Even a system with some hypothetical form of perfect plausible deniability designed into the receiving end could be compromised via transit metadata.
Saying persistence makes secure messaging pointless is pure hyperbole. Encryption protects against a broad range of threat vectors, some simple, others extremely challenging. There's value in every measure.
This is not likely to be the case.
Sure, but that could be up to every sender to decide whether they want their messages to be view once/view for 24hrs/store forever.
It should be noted that most of these were released at breakneck speed in the past couple of months. It feels like they spent most of the past two years hiring and training new people, probably stabilising the code bases a bit, and that that's now starting to pay off.
E.g. for online backups, SGX will only handle rate limiting. If you're using sufficiently secure password (+80 bits), Argon2 will provide robust enough security for your login and not even a backdoor in SGX matters.
> Session is an open-source, public-key-based secure messaging application which uses a set of decentralized storage servers and an onion routing protocol to send end-to-end encrypted messages with minimal exposure of user metadata. It does this while also providing common features of mainstream messaging applications
... they also cite this as a bottleneck for adding non-phone identifiers. It seems like they are putting the infrastructure in place to fix a lot of the remaining usability issues that people have with them.
Why do they need me to trust Intel, or novel crypto/software that might be deployed in... when exactly? Why can't they let me just trust the same secure backups that all my other sensitive data/communications are in?
I really don't know why they're focusing on things like this. It does nothing to increase evidence-based trust, so it's no better than saying "we added a rate limiter, and delete keys after X attempts" (which I'd be totally fine with, and they could probably put in place in practically no time). Either way you're still relying on them doing what they said they're doing.
Meanwhile there are lots of other promising Matrix clients emerging which are aiming for person-to-person comms - e.g. http://dittochat.org, https://pattle.im, https://fluffy.chat etc.
I even fall victim to this myself: Signal not having a search history or losing message history when activating a new device is often too much of a show stopper.
I really hope Signal will be able to pull this off somehow, but seeing how much these type of apps rely on a network effect, I am skeptical.
Transferring to a new device, on the other hand, does get somewhat more complicated. For ease of use, the data needs to be placed somewhere intermediate. That being said, I can understand Signal's hesitation to embrace Google's cloud storage options for such a feature.
Seriously, Signal is probably the app that’s focusing least (and also slowly) on being more appealing to the mainstream and to large groups of people (protesters and activists) who might benefit from it, because:
1. It relies on a phone number for signing up. Worse, it exposes your phone number to everyone who has your number in their contacts list, thus allowing enumeration attacks (like what was done with Telegram in Hong Kong, where Telegram quickly pushed a fix).
2. It’s 2020, and it has no chat backups on iOS. Change your device and you lose not only all your old chats, but also group memberships (you have to figure out how to rejoin groups and then face issues like not seeing other members).
Overall, the “breakneck speed” of development that the article speaks of doesn’t actually exist. If they want to see real breakneck speed in adding features, they have to look at Telegram for comparison and then decide what words to use.
If you want better accessible alternatives and E2E and cross device sync and backups, take a look at Wire. Support wise you don’t get much from it, since the company is focused on paying clients. For the free tier users, it already provides more than Signal can in 2020.
The issue about phone number is real.
I will appreciate the “backup” feature. You don’t have to use it but users are better off to have such an option after understanding the risks.
There is an open github issue, where the maintainers don't really respond:
They statically link a openssl library for their forked version of sqlcipher, which makes it impossible to build signal on anything other than ubuntu.
Static linking against an old openssl library is also not that good for security reasons, which imho is a bad sign if you say your chat programm stands for security and privacy.
Link wrong, now corrected
I just hand edit the signal package.json each time I need an update, but I just don't understand why they won't update their dependency.
I've never had a problem on Arch or Manjaro
Because the repo on arch patches the issue with the statically linked openssl library:
So if you just install signal from the aur, then you use the patched version.
The AUR has a working patch so it clearly isn't impossible. You can probably follow the same procedure. So I just wouldn't say that it is impossible to install it on non-Ubuntu distros, just not trivial. But this seriously doesn't look complex.
Also, wasn't Signal pushed into the main repos recently?
My point was that as long as the maintainers don't give us the reason for the static link or the custom dependency, we can assume we can replace it, but we don't know.
Could be that it works, but it uses an insecure cipher, could be that there is a silent corruption.
Nothing is impossible, just means you have to reedit and patch each time and know you running untested things for a secure application.
Am I really the only person who prefers to type on a full-sized keyboard, and see my multiple conversations on 27" screen, as opposed to one and a half inches of no-feedback glass surface? :-/
I went to Signal site, downloaded the Windows app, and once installed, it asks me to link my phone. No option for any other signup. NOwhere in the download process or on main site does it warn me that this is a phone-only app. The desktop app itself simply starts to a "Connect your phone" screen with no explanation why I have to do it, whether there are or aren't alternatives, etc. Nothing about this is remotely user friendly.
I have half a dozen laptops, two phones, few tables at home alone; the notion that I must be crippled to only communicate via the smallest, least practical communication device I own; and then be horribly crippled in attaching one-at-a-time additional device but with crippling dependency on said phone... I guess I'm a negative focus group and completely out of touch with the realities of the world, but I cannot imagine or understand who wants to live like that :-/
If you look at Signal as a response to SMS, WhatsApp, and iMessage --- the messaging platforms most people use --- its most controversial decisions make a whole lot more sense. Doing that requires people to accept that Signal wasn't necessarily designed for them, and that in order to decisively solve the problems it has set out to solve, it's had to make tradeoffs that cut against what other people want. That's unusual for a startup! Startups usually try to make everyone happy! But then, Signal isn't a startup.
Meanwhile: you're ultimately going to get the Signal that you want. A desktop-based, phone-untethered Signal seems inevitable; in fact, it seems like we might get it not that long from now. But we're certainly not going to get it on the timescale that message board people want to get it on.
Pity; even though all of my family use whatsapp and are unlikely to move, there's a fascinating look on their face when they first ponder the idea they could've picked up their conversation on their big tablet when at home. It just doesn't occur to them to expect / demand more :-/
It sounds like they may want to do this eventually, but it requires some significant re-engineering of how users are identified on the network. This is mentioned near the end of the article:
>That feature might someday even allow Signal to ditch its current system of identifying users based on their phone numbers—a feature that many privacy advocates have criticized, since it forces anyone who wants to be contacted via Signal to hand out a cell phone number, often to strangers. Instead, it could store persistent identities for users securely on its servers. "I’ll just say, this is something we’re thinking about," says Marlinspike. Secure value recovery, he says, "would be the first step in resolving that."
You're closest hope for a skype replacement that runs equally on all platforms is tox, which requires managing your key.
In what way is that practical for a user? Once i've chosen an ID and password for a service I can easily type that in using literally anything that can connect to the service and spew out some characters.
An id linked to a SIM/# is is a real pain in the ass when you need to change your SIM/#, hence why i've got a bunch of old contact numbers for people stored on my phone alongside new ones so I can talk to them on whatsapp or signal and have it show me their name still after they change numbers.
I've also got a bunch of whatsapp contacts that aren't even people I know any more because their numbers no longer belong to them. People who's pictures and updates I can see who I don't recognize or know.
SIM/#'s are ephemeral in a lot of places, I know people that change them fairly regularly, having that linked as some kind of identifier is not good for users.
This is just me making an assertion, so take it for what you will, but the typical user cares a lot more about contact discovery than everything you mentioned, so an authentication system that makes that work more goodly is quite practical for them.
In both situations I have to have a contact's information already to find them. For a ID/password, you need your contact's ID to find them, for a SIM/# system, you need their phone number, every person I talk to on whatsapp or signal have given me their phone number, or vice versa, so we can communicate through those platforms.
I had some friends that used Kik before, they had to give me their username. These two scenarios are exactly the same, in both cases I still need info from my contact before finding them. Only, an ID is more secure, because it can be used only with one service if you so choose, with a SIM/# you have to give your contact your phone number, allowing them to contact you through any other service you use that number with, whether you like it or not.
I cannot see any benefits of that system for the user that you don't get from a ID/password and some cons that personally, I find unacceptable, such as the afore mentioned, seeing stranger's pictures and info just because they have a number my friend used to have, that's downright creepy and makes me wonder how many people who've saved my number can watch me on whatsapp and see when I'm online or check my profile out.
Even people I do know, I don't necessarily want to see on there, employers, numbers i've saved for looking at places to rent, my ex landlord, clients i've had for work i've done. I don't need or want to have all these people automatically added to every chat program I install they also happen to have.
My argument isn't that you are wrong about your wants and needs, it's that you aren't a typical user.
>seeing stranger's pictures and info just because they have a number my friend used to have, that's downright creepy and makes me wonder how many people who've saved my number can watch me on whatsapp and see when I'm online or check my profile out.
>Even people I do know, I don't necessarily want to see on there, employers, numbers i've saved for looking at places to rent, my ex landlord, clients i've had for work i've done. I don't need or want to have all these people automatically added to every chat program I install they also happen to have.
I have, it inspired them to clean up their contact list.
I think you might be wrong on that, based some of the code changes made to Signal over the last few months. They are internally moving to have users be identified by a UUID and phone number. I suspect they will eliminate the requirement for phone number identifiers when they introduce other identifier options.
(I have my thoughts on THAT as well, you'll be surprised, when it comes to security... we're nerding out about obtuse and obscure end-to-end encryption, meanwhile, majority of those 2bil users don't have a lock on their phone, and now they also have no protection on their messaging :-/ )
They still have in-transit protection due to end-to-end encryption, so no protection isn't necessarily true.
I know it doesn't check all the boxes for you, but hopefully it can improve your quality of life while talking to your family :)
You can ONLY sign up / register / add one device.
Not "at a time", even. At all.
You use your tablet, your phone disconnects.
You use your computer, your laptop disconnects.
You switch from laptop to desktop a few times, and now it's suspicious and gives you additional difficulties or bans you outright (that may or may not still be the case, but was when I tried this nightmare of an app a year ago or so).
You can only have ONE mobile and ONE computer device, at best, if you're lucky, and stars align, and it's second Tuesday of the month and the moon is full and you sing praises to Garmunklee the demon of impractical communication methods. Trying to access it on work and personal laptop; work and personal phone; or on phone and tablet; all is completely outside the supported use case and is for all intents and purposes impossible.
Compare to old-school ICQ, AIM, any XMPP, or Hangouts or indeed email etc, where you can seamlessly transition communication from device to device - and even check your messages on trusted public or 3rd party device such as friend's computer - and it's like waking up in a twilight zone.
It is pretty much the most architecturally user-hostile system I've encountered in my life, but again - I'm clearly in 2,000,000,000 vs 1 minority here :D
You're not supposed to be switching between devices like that. You're supposed to be proxying your messages through your primary device (i.e. cell phone) using the web interface.
Like the UX is bad for people with two phones and the mobile experience of WhatsApp web is nonexistent so that kinda sucks but "having one phone, and sometimes a tablet/laptop with the web interface" covers a lot of people.
E2E is hard when you have to route messages to multiple devices, aren't storing messages in a central server, and those devices can be unavailable for indeterminate amounts of time and no guarantee that a subset of devices having the complete chat history will ever be on at the same time to sync.
OpenPGP has been dealing with multiple recipients since forever with no back channel even.
> ...aren't storing messages in a central server,...
Who cares if we are doing E2E?
> ...and those devices can be unavailable for indeterminate amounts of time and no guarantee that a subset of devices having the complete chat history will ever be on at the same time to sync.
You only have to store the encrypted messages for each individual client until they connect again. If you are doing perfect forward secrecy then the client has to keep the decryption key around until the next connection so the server stored messages can be decoded. Then the key is destroyed.
That's the Apple "You're not supposed to use our device that way" approach, and again, while it works for a huge swath of users and I am completely cognizant I'm in a tiny contrarian minority, it still and nevertheless feels like a hostile user experience.
Note that "Switching devices like that" is ever so tiny a misnomer; I am "Using multiple devices" (not replacing my phones permanently etc, which I get is a more difficult scenario... and one that Whatsapp historically deals with in the most insecure fashion imaginable; until recently their FAQ held explanations that you may get somebody else's messages if you get their phone number; or that if you switch your own phone number you need to email support and wait; it really feels they focused on the E2E encryption, important to tiny proportion of their userbase, over any other security consideration; but again... I get I'm alone in this perception :)
It's not that far fetched to make every conversation a implicit group conversation with n devices on both sides.
None of those are problems affecting Signal.
See the right side here: https://signal.org/download/
> "This is not just for hyperparanoid security researchers, but for the masses," says Acton. "This is something for everyone in the world."
If you want encryption for the masses, delivering 90% solutions and dismissing unconventional use-cases is going to put a ceiling on adoption. It's not just technical users who balk at phone numbers. I'm dealing with elderly users, I'm dealing with kids.
"It's not designed for you" is a reasonable response if you're building a niche product for a niche audience. But it's important to note, that is explicitly not Signal's goal. Signal is advertising itself here as an encryption platform for everyone. A ubiquitous chat problem has higher requirements -- even if 99% of my family has a smartphone, that's not good enough, because we're talking about shared group chats. The solution has to work for 100% of my contacts.
I don't think Matrix is mature enough to trust for super-sensitive communication, I think it's a lot less unpolished than Signal, I think it's a lot more annoying and a lot more buggy. I'm irritated that I'm using it this early in development. But I don't see what the alternative is, because it works for 100% of my contacts, and that's what encryption for the masses requires: 100%.
Heck, I can even bridge Matrix (albeit, poorly) to other clients, a feature that Signal has specifically rejected. Which is a fine decision for a niche product. It's not fine if you want a chat application that everyone can use. I need to be able to talk to users who aren't on Signal.
The "minority" argument is bullcrap given Signal's stated goals in this very article. Sure, Moxie is talking about eventually getting rid of phone number requirements as a highly-theoretical, future event after contact integration, and key retrieval, and whatever. But I'm not going to wait literally years to have a secure E2E conversation with my nieces.
> “It’s not designed for you” is a reasonable response to you’re building a niche product for a niche audience. But it’s important to note, that is explicitly not Signal’s goal. Signal is advertising itself as an encryption platform for everyone.
Aren’t people with no phone increasingly niche?
I’m not trying to be combative but I would argue attempting to build your app for every single use case is literally a million niches which would require so many concessions and that is the opposite of Signal’s approach. Signal has no interest in building for odd and strange use cases and instead choose the most likely use case and build specifically and securely for that use case.
> "I’d like for Signal to reach billions of users. I know what it takes to do that. I did that," says Acton. "I’d love to have it happen in the next five years or less."
When you look at a platform like Slack, it's fine for the devs to say that they don't care about certain users, because Slack is not a universal chat app. Slack has a very specific market: business users. Other users are nice, but not really required, and it's fine for them to go use something else. Signal on the other hand doesn't really have a specific market; they've always described their target market as just 'everyone'.
This is extra-tricky for a chat app because network effects come into play. An app that I can use by myself without relying on anyone else doesn't need to be particularly inclusive: 90% support (or even lower) is probably good enough. But if Signal decides that it's not for 10% (or even 1%) of the people in my social group, then there's a very real chance we might all abandon it. Supporting 99% is excluding not just 1% of your users, but also everyone directly connected to those 1% of users.
And honestly, I would push back on the idea that smartphones are going to reach even 99% saturation any time soon. There's an very consistent demographic of people who don't have phones: kids who are given hand-me-down tablets or laptops. I know a nontrivial number of parents who are waiting longer to give their kids phone numbers, but they still want their kids to be able to message friends and family members. I don't think in 5 years we'll be at the point where every single 5-10 year old has a smartphone.
This is exactly the situation I'm in, where I'm trying to figure out how to allow younger family members to communicate with me, with their parents, with their friends. Even if I set them up with phone numbers, I'm asking them to break contact with anyone else in their social network that doesn't have a phone.
And as the OP states, it isn't just the people who avoid mobile phones who won't switch to tethered protocols, but people who want to message the people who avoid mobile phones. And a high proportion of us have elderly relatives, and we email or Skype or Facebook them.
Note that the polish concerns I have aren't just for Android though -- some of my contacts are only on desktop, and Riot's desktop app also has issues with contrast, resource usage, notifications/updates, searching in encrypted rooms, key synchronization. Even on the backend, setting up closed communities is just really confusing and buggy. I had to abandon a community and recreate it half way through because it bugged out trying to remove an empty E2E room and then couldn't add/remove/edit any rooms after that point -- and this was on the main, public Matrix homeserver.
It's getting better. A year ago, I don't think I could have used Matrix/Riot to the extent I'm using it now. I don't want to be too critical, because it's improving at a genuinely impressive rate. I'm still betting on Matrix being the future-proof choice for me to make for the majority of my chat/community infrastructure.
It just feels like it's still early in development, clients like RiotX are still in beta -- which makes it tricky when I'm trying to roll it out in "production" to very young and very nontechnical users.
On E2E, search is now implemented, as is totally revamped verification and cross signing and fixed key sync, as per https://fosdem.org/2020/schedule/event/matrix/
Communities are a trainwreck but next up to get fixed in the coming months.
Thanks for sticking with it; we’re catching up as fast as we can...
And I just installed RiotX and it shows reactions correctly!
Hopefully comments like this aren't too exhausting. There's two sides of it, one of which is all the stuff to complain about. But the other side is that stuff like Pantaliamon is really cool -- it means if I want to build a custom chat client with weird features, I can have decent encryption for free without having to worry that I'm doing something horribly insecure. The bridges are still getting polished, but similarly, they're also amazing because bridges allow me to make very forward-facing, future-proof decisions about where I want to host communities and I know that I won't have to abandon existing members that are on platforms like Discord.
The core project is just really exciting, it addresses all of these problems that I've had in the back of my head for a long time. There's this wonderful feeling where you're constantly annoyed about something and feel like there's nothing you can do about it, and then one day you find out that not only does someone else feel the same way, but they're actually fixing it. And even more than that, just finding out that it is actually possible for those problems to be fixed; that there's going to be a point in my future where that happens.
So there's admittedly a lot of impatience there, but it's coming from a very hopeful place, and I hope it isn't discouraging.
Is this to work around the Android background task auto-killing?
Note that you can hide the notification by long-pressing it.
> That's unusual for a startup! Startups usually try to make everyone happy!
I don't know about that. Most startups - and especially the successful ones - have few qualms with ignoring "edge case users" and focusing on what they perceive to be their target market.
That one might be called "jabber".
The point is that Signal is designed around your real life identity. That's a real use case, it helps discoverability immensely, and that's generally why people use it. Should you wish to communicate pseudonymously there are plenty of options already available.
(The XMPP suggestion was only partly in jest. Any modern client, such as Conversations, is pretty solid. But there is no shortage of options for chat.)
X stands for extendable in XMPP. Read about OMEMO.
So, one of the problems to bring your use case to life is that you'd need to remember your friends' phone numbers AND you'd need to know that they're on Signal.
Signal, as an app gives your phone the ability to completely replace your sms system seamlessly. If a particular friend doesn't have Signal then it goes via sms.
So, the use case you're mentioning is definitely relevant, but having yama (yet- another- messaging- app) is going head to head with WhatsApp, jabber & co, and not currently what signal seems to be aiming for: secure messaging for the masses.
Maybe in the future it'll add usernames as an address recipient, but it may turn out to be a mess like Skype if so (Am I phoning someone, or skyping? Do i have credits, etc). Currently, Signal clearly delineates in the app ui what's going to happen when you press send (or call).
Maybe using a hash, (like Tox does) is a way to individualize recipients, and meta data: phone, email, etc are then tied to that (eg like keybase does it). This way friends lists can be harvested from the phone (something I'm always wary of) for the masses, whereas privacy conscious ppl can maintain it by giving out a throwaway email address. It means you could set up Signal on multiple phones and not once leak your phone number by using the same hash account. It probably wouldn't even need a password (again, like Tox).
I do regret asking as I wasn't looking for the negativity I received.
Searching for validation for my question found an interesting thread on Thomas and his role here:
"tptacek is using an appeal to authority given his standing as a security expert on this forum. That's the only reason his comment containing no justification is being taken seriously."
Because they work. Not ideally, but reliably.
I can pick up my phone, and actually message my friends, and I don't have to debug why my open source Linux client isn't compatible with their open source Windows client, or their XMPP server doesn't want to talk to my XMPP server, or figure out which identifier they're using today.
Signal takes away choice, and delivers a product that works. Which beats a product that is theoretically "better" (multi-device support, desktop support, ...) but in practice cumbersome or just not up to the task (e.g. because my friends aren't using that messenger, or OMEMO messages are not decryptable because someone mismanaged their key, ...)
Moxie made all the right choices, even and especially where unpopular: Aggressive action against alternative clients to keep their existence marginal and ensure a consistently good user experience, phone numbers as identifiers to overcome the network effect, etc.
In order to be useful, a messenger has to support mobile - I will want to talk to my friends when I'm on my way to meet them. So for a desktop messenger it's either flawless multi-device support or failure, and the former just doesn't seem to be achievable yet. A desktop-only messenger is useless because it doesn't meet my needs when I most need it; a mobile-only messenger is a bit annoying, but works 100% of the time, even when I'm using a desktop, because my phone is also nearby.
I'd be satisfied if they could do some form of eg bluetooth connection between a desktop app and your phone to give a limited desktop experience, however. I don't think that'd be impossible, similar to how whatsapp web really just proxies to your phone (well, best I can tell that's how it works)
I've tried Telegram, WhatsApp, Hangouts, Facebook Messenger, iMessage. Signal has been the only one so far that I have been satisfied with because it:
* Supports end-to-end encryption (and "disappearing" messages)
* Has desktop and mobile apps that can be used independently (after registration at least; WhatsApp appears to require your phone to be on and near the desktop for the desktop app to work)
* Distributes messages to all Signal clients (Telegram was nearly unusable due to this problem - I had to mentally remember where the conversation was when switching between desktop and mobile)
* Doesn't have some sort of highly constrained user experience that requires using a social media platform or requires using a specific web browser (this has been a real problem with Hangouts and Facebook Messenger since they stopped supporting XMPP - RIP Adium)
* Supports mainstream desktop and mobile operating systems (iMessage fails at this, despite Apple's promises in the last decade)
* Has feature parity with other major chat services (this is the only weakness of Signal, but these days I can't think of a feature on WhatsApp or Telegram that isn't on Signal)
I agree that I wish they would steamline the registration so that you don't have to go through a somewhat convoluted process to get started, but it really is not a phone-only app. Desktop is a full first-class citizen after the initial fixed cost. I think that's the price they may pay by being a non-profit - maybe the marketing isn't exactly what Facebook/Google/Apple/<pick your own DataVortexCorp> can afford.
EDIT: Oh, I guess I should have mentioned Skype, but no thanks. Sorry, Microsoft, just no.
Aren't these basically just DRM? A really ineffective one as signal is foss.
As a result "please delete this message" won't get actioned but exploding messages can be very effective.
Disappearing messages do help with your friend who doesn't have a sanitized device.
and other apps on your phone that behave the same way.
Now I try to get as many as possible to get away from at least Google and Facebook services.
2. But, I feel quite the opposite is the case here.
I fully comprehend that somebody may want to use phone as their primary communication device (my wife, for one:). More power to them and I would never get in their way. I will use it myself when on the move. On the other hand, so many people seem to get a "deer in headlights" look when trying to imagine my use case of using laptop to communicate.
App like Google Hangouts supports phone and laptop as equal first-class citizens. It makes EVERYbody happy. It's a great superset of all use-cases. You can share your pictures on the phone and type your long messages or parallelize conversations on a laptop. Everybody happy! :)
Signal and Whatsapp, I will counter, do not solve the problems or userss case that we on HN think it does. NOBODY I know using Whatsapp has a clue that it uses end-to-end encryption, nor do they care. I would venture that's the case for majority of the 2bil userbase. All they know is they never had to create an account or password, which makes it simple to use. It is actually the "lack" of security that's the biggest selling feature (though of course, at this point, the network effect is the single biggest selling feature over anything else; my family uses Whatsapp because everybody they know uses Whatsapp - QED).
Yes, the desktop client functions independently from the phone client once linked (so not like whatsapp that proxies everything through your phone).
> Can I create an account from desktop?
Technically yes, but you either need to compile the desktop client yourself and miss some features or use something like signal-cli to act as the main client. So it's not supported (yet?).
> Is my account independent of any specific device?
The first client that registers acts as the main client, so no. But it might get easier to restore access on a different device without using backups with the secure value recovery stuff they are working on.
> Can I use Signal on multiple computers at the same time with correct credentials?
It's possible to link and use several desktop clients at the same time.
It's crazy to me that with all of Signal's emphasis on security (being designed by one of the top security researchers in the world, no less), they chose to make tying your account to a phone number a requirement.
I go very far out of my way to make sure that nothing important to me is tied to my phone number.
So long as you keep entering the correct PIN periodically, Signal won't let anybody register with your phone number without knowing the PIN you've shown you remember.
If you quit using Signal, after a while there haven't been any correct PIN entries for too long and anyone can claim that phone number again (and if they want, set a new PIN).
"Hello? No, this isn't Dave, he got a different number. No I don't know what it is. No this isn't a prank, please stop calling"
As a result I would imagine that unless the network is absolutely clean out of numbers (which they try hard to avoid) it will just never reuse numbers in such a short period. The only way somebody else has the number while the PIN is valid is that they're attacking you, which a PIN blocks.
So my guess would be that this ends up not being a problem in reality, it worried me right up until I read the expiry mechanism and then I went oh, that makes sense.
I've seen first hand how numbers can be reused fairly quickly (months). (This was in the Caribbean).
A 7 day pin expiry? I need to look at more details here because I can definitely go 7 days without using my phone. Or, I've travelled abroad and used a local SIM while my "home sim" was never in use for the duration of the stay. (But I kept the ID number on whatsapp/signal/telegram).
It isn't crazy. There's a tradeoff between convenience and security. Signal appears to trying to create the most secure system that's still usable by most people, and are advancing the state of the art in many areas to make that happen.
It's important to keep in mind that the best security in the world is of no use if you don't bother to use it.
In any case, Signal gives you optional actions you can take to solve some of the problems your concerned with.
It also makes it dead simple for most users, even nontechnical ones, to use and understand. They don't even have to do anything special, their Signal contact list is already bootstrapped when they install the app.
I still do.
The AIMs and MSNs and Skypes came and went. Now it's the WhatsApps and Discords. Every one of them trying to reinvent the wheel the should have just been fixed 20 years ago.
But why has nobody sat down and said, "Here's a better IRC, here's a reference client, here's the source code, knock yourself out."
It's still not too late you know. In fact, there has never been a better time (and need) to revamp those classic platforms for the modern era. With services like GitHub and AWS, it should be easier than ever to collaborate on building ever better clients and hosting servers etc.
Here's my wishlist for improvements over what I can remember of IRC:
• Mandatory encryption for client-to-server and direct peer-to-peer.
• Server-side chat history, spam filtering and DOS resistance.
• Ability to send binary data like images, audio, video and arbitrary files in public channels and private chats.
• Message deletion and temporary messages.
Basically a decentralized Discord (which is a centralized IRC to begin with.)
For the same reason SMTP hasn’t meaningfully improved in the last 25 or so years. It’s an ossified protocol because of all the competing implementations. Moxie is right about that bit.
HTTP and HTML are slightly different because of the huge dollars backing implementers, but there are still significant features not in one or more if the major browsers, and adoption of HTML5 was actually pretty slow.
Basically, open standards sound awesome, but they quickly get frozen in time due to compatibility constraints.
Is being worked on now:
I'm dreaming of a messaging system with end-points that consume a Plan9 style file-system. Each device mounts the file-system, et voila you can send and receive messages from any device that has the FS mounted.
Generally I want to hack the Android kernel so that it uses the Plan9 style FS so that I can not worry about the how-where-why of syncing docs-photos-music-etc between sundry devices.
I say "Plan9 style FS" because the Plan9 FS requires some host server, some single end-point for file storage. I'm dreaming of a FS that negotiates storage (perhaps using an LRU policy) between a network of devices (ie, my phone, my laptop, maybe a DO droplet or something on AWS).
Sharing could be encrypted blocks (to obscure discrete binaries), perhaps using the bit torrent protocol?
I know there are software packages that do what I'm talking about, but it isn't easy. I can't just scan a QR code (and then do the two-factor authentication) and have access to my files.
They don't do the messaging threw the file system, but I would argue that's an implementation detail.
One of the reasons you don't want a real chat app to be implemented like this is that KBFS has to be pretty conservative about conflict resolution. If you and I both edit `foo.txt` at the same time, then we're going to wind up with something like `foo.txt` and `foo.txt_CONFLICTING_COPY_2020_02_14`. (Basically the same as what Dropbox does.) But of course, that's not what we want to happen if you and I send a message to each other at the same time. There, we want the server to just tell us which one came first, and that's fine. There's no real conflict. (For larger gaps, where my phone has observed your message before I send mine, Keybase will indeed sign over that observed history, and the server won't be able to reorder the messages.)
If I send you a message for the first time, your FS (nodes connected together) gets a request/ invitation to mount a new FS/folder containing files where each is a message. Want to add someone? Invite to mount the collective FS. Instantly the new member can see the chat history and begin writing new files/messages to the FS.
There are some talks in the project to add a way to only download files when actually accessed and there's no real-time communication, but I imagine it would not be insanely hard to add. It already somewhat offers the adding-process you describe.
Anyway, I gave up trying to get it to work because sending myself emails or using GDrive has less friction.
I've been fascinated by usability for a long time. It seems that many high-brow projects (see plan9 and others) aren't very interested in usability by the general population. Not you and me, but Joe(lene)-Schmoe who doesn't have a clue about the innards of their phone. They just want their stuff here (on there phone) and there (on their computer).
I want that too. I guess I want to make neat and useful tech approachable to many.
I even have an idea to monetize the above FS: a single page application that automatically spins up VMs that provide encrypted nodes for your personal network. A byproduct of that is a web access point to your stuff that doesn't (shouldn't) go down. This is important because, if you're like me, all your nodes are wireless and run on battery and therefore could leave the network at any time.
I want nothing to do with tech I can only use on my phone.
I love being able to send and receive messages from my PC and phone, seamlessly. And, probably the best part of all? All of my messages are searchable using Google's excellent search in my gmail inbox. I've been able to find specific messages I remember sending years ago. No other messaging platform does this (at least, not well).
I really don't understand where Google is going with its chat thing, as I find it just about perfect for what I need.
During enrollment Signal uses SMS to close the loop on a claimed phone number. The OPs real phone doesn't run Android but it can receive SMS messages so it gets that SMS. The next screen in the emulated app says if the SMS code wasn't filled out automatically then please type it in, and that's what you do.
Tada, now your Signal account is linked to your quite real phone number for a dumb phone.
It's because Signal chose to make the phone number their main identifier, not some random username or email.
(I can't immediately find their rationale for that decision, but I think it had to do with making the service available to those millions that have a cell phone but no email, and usernames make it hard to auto-populate contacts whereas phone numbers can be cross-referenced with your contact list)
Signal uses phone numbers because Signal users already have contact lists outside of Signal. By piggybacking on phone contacts, Signal can avoid storing metadata about who's sending encrypted messages to whom.
Compare that with Wire, which is a fine system, but which also effectively stores a log of every pair of users that have spoken to each other on the platform, in a database, constantly available.
Not having that database is the win for phone number identifiers.
Meanwhile, while the loss from that decision is painfully felt by people who communicate on platforms like HN, it's hardly felt at all by ordinary users, who already communicate primarily on platforms that use phone numbers as identifiers. WhatsApp, the most popular messenger in the world, was created as a pin-compatible replacement for SMS.
Signal's decision here is not the decision I would have made, because I loathe phone numbers (and, for that matter, messaging people on my phone). But it was a smart, principled decision, and almost certainly the right one; I'd decide otherwise because protecting the most people in the most effective way might be my stated preference, but it wouldn't be the preference my own actions would reveal.
I get that using the contact-lists, and the constant re-uploading of contact-lists, is great for Signal's bootstrapping. Anchoring IDs to phone numbers might also work as an abuse throttle.
But I don't see how it minimizes metadata. Can you clarify?
But Signal could still be keeping a database log of everyone who's actually ever sent a message to anyone else. (To the extent anyone's using 'sealed sender', it'd be harder – but apps like Wire could do something equivalent to 'sealed sender', too.) And that database is way more valuable to many attackers if it's keyed by the phone-numbers Signal has, compared to the aliases other systems have.
And to the extent the Signal client wants to keep re-uploading my entire contact-list, even a one-time, temporary compromise of their SGX-based system would reveal all my phone contacts.
Presumably that is because it is the only device with the requisite cryptographic keys?
This is really confusing they have two official desktop clients for MacOs.
Also, Telegram still
* Has no E2EE by default
* Has no E2EE for desktop clients
* Has no E2EE for groups.
When security is an afterthought, no convenience feature matters.
What bothers me the most is when I have to resend a photo or file to a friend of mine on WhatsApp because he changed his phone and didn't want to install the WhatsApp backup from cloud. Or you simply had to delete things to free up space on your phone. Or I've lost something because I didn't want to have my phone's storage full of cat memes or something.
The way WhatsApp makes "backups" is totally dysfunctional. Instead of using a database with support for indexes and full-text search, it simply creates a kind of zip file with a proprietary protocol that forces you to download the entire backup again to search for a single file or message.
I hate having to use WhatsApp and I try to bring people to Telegram as much as I can.
It is as if we have gone back in time and gone back to MSN Messenger, only worse.
Matrix/riot is the solution. Works wonderfully across platforms. https://riot.im/
How long have people been watching and discussing Matrix on HN? It feels like a long time. It's 2020 now. It has never been possible to send an unencrypted message on Signal.
People should use Matrix if they like Matrix. But they should not be suggesting to random strangers that Matrix is as safe as Signal.
Ironically, we turned on E2EE by default on the develop branches of Riot (the main client) 12 days ago at FOSDEM: https://fosdem.org/2020/schedule/event/matrix/. It will go live across the whole network in the next release, complete with cross-signing for key verification.
And in the last two weeks, two more independent E2E-capable client implementations popped up - one in Dart (https://gitlab.com/famedly/famedlysdk/) and one in Rust (https://github.com/poljar/nio-rust). Video of the Dart/Flutter one in action is pretty cool https://youtu.be/nm36pt2rHcI :)
So yes, we're not as monomaniacal about privacy at any cost as Signal, but we're catching up.
Irrelevant nitpick, but hold down on the send button and select "Insecure SMS"
It isn't persistent. Signal always defaults to secure messaging, which caused me regular headaches when I used it. More than a few people I knew installed Signal, used it briefly (or not at all), and went back to sms. Signal would always default to sending securely, and I'd always send these people a message that they'd never see, because they were no longer using Signal.
After some time I'd realize they didn't get it and would have to resend as an insecure sms. Missed more than a few time-critical communications because of that.
I really, really wish they'd made it a per-contact default I could have set.
Presumably (I don't have one) iPhones lack this feature as Signal can't replace Apple's messaging app inside the Walled Garden.
Your iPhone doesn't let anybody do that, just like it doesn't let Mozilla provide a different web browser and so on. This has upsides and downsides for security which I'm sure you've already thought about, for me it's a good reason not to own an iPhone, but the rationale for the opposite decision is sound.
There's a Flutter-based app in the works for the specific purpose of messaging for families: https://github.com/nileshtrivedi/family
I do not appear to have the persuasive skills, clout, or sheer dominance over my family members that some of the more Matrix-successful fellow geeks here do :-D
I'm eying Matrix, together with Fluffychat. I guess that when reactions will be there (for feature parity between clients, I don't want to miss some important information someone sent as a reaction like "I arrive at 8 tomorrow, can you pick me up at the train station" -> thumbs up) plus a few nitpicks, I'll be able to consider it ready.
What happens next? I am not sure. I would like to onboard them on a different homeserver, but I might tinker a bit too much with my personal server for this, plus it would be unavailable when moving around, etc. So I guess I should set up a cloud-hosted homeserver, but I am afraid of the costs, especially if they start joining busy rooms.
The best answer would be to use decentralized identities on my HS for now, and migrate them over to a backup one in case of an outage, but we're not there yet. That's the main reason I keep an eye on p2p Matrix work with Dendrite (then, because it's more generally awesome).
Not only that, but you have e.g. iMessage and Hangouts (especially on Google Fi, where the desktop client can send and receive SMS directly), which blurs the line even further.
It isn't a phone-only app. I think it wants a phone in the flow above to authorize your desktop install. They use the phone, and its E.164 address as the root of trust. But the app works just fine on Windows.
And oddly enough the "your phone" app on windows 10, which is frankly, quite good.
I pay for pushbullet just so I can use my keyboard when I'm sitting at my desk at home and have for 2ish years.
Though, as you mention in your other replay, Pushbullet can do a lot of other stuff (including working with 3rd party SMS programs).
edit: Whopsie; unsurprisingly, no iOS app (background: iPhone is forced upon us by work; reason #2138 I don't like messaging / using the phone :P ). Might still be useful for my personal devices though...
Add to that things like universal copy/paste or the ability to quickly resume some activity from your phone, like opening the active web page, or the usually seamless mirroring of your screen via Airplay, etc.
It does lock you into Apple's ecosystem but the experience is much better than Pushbullet, or anything else.
Yes I did use Pushbullet when I was an Android user. I was one of their first users. I don't miss it.
I stopped using Pushbullet even before I moved to iPhone b/c it's a potential privacy leak and security problem. It's bad enough that we have to trust the phone maker, with something like Pushbullet you give all control of your phone to a third party. Yes they claim the ability to do e2e encryption, but talk is cheap and I've never heard of an independent audit.
Aside from using it for SMS via my Chromebox (or less frequently my Win10 lapto, Chromebox is my daily driver) at my desk I also:
- use it to quickly send someone a photo from reddit/imgur just by saving it and attaching it instead of firing off the link (so I know they actually look at it)
- Use it to send YouTube videos and pages from my phone to my browser at home and it just opens it in a new tab there. I actually use this several times a week for when it's something I want to give my attention to but am out and about doing something.
- To mirror phone notifications in my Chromebox/laptop browser. You can select individual apps to do this. I mostly just use this to quickly scan messages if I'm watching something on YouTube or in a Reddit thread.
It also works fine with Grammarly on my Chromebox (Dunno about the Win10 machine) which isn't a big deal but I like getting anything I type on that machine counted in my weekly Grammarly stats because I'm a nerd.
My only complaint is sometimes SMS will just hang sending from your browser, if you unlock your phone they then send. I imagine I could fix this by changing the appropriate power saving features in Android but it's not a big deal, just a half second finger swipe on my phone.
It can be insignificantly buggy sometimes, it'll be blank in Chrome but maybe 90% of the time if I just click out of it and then click back into it, voila. The other 10% of the time switching tabs corrects it. That could just be my Chromebox though, I've never see it do it in Win10.
Every time I've started investigating I've gotten mired in researching the various options and given up without trying anything.
Presumably it is because synchronizing conversations across devices while using end to end encryption is really difficult. You could give up end to end encryption but I'm pretty sure you wouldn't like that either.
WhatsApp sends messages through the phone. Signal Desktop does not.
On a PC you could even have multiple accounts on the same device, which is not good value for advertisers either (one device per person makes it easier to correlate various data sources and track you).
No idea why Signal doesn't enable us to use their tool without a smartphone. It makes it look a bit dodgy from a software freedom perspective.
for like, an entire decade
you just use a single thumb to type by playing connect the dots between the letters, and the device does provide physical feedback
regarding being out of touch, have you tried this? iOS only recently added native swipe
and that's also why i use telegram.
But the normies aren't.
And there's an awful lot of them.
Why should we assume that? In my estimation, 99% of people in the world are never going to own a FOSS phone. 99% of people probably don't know what FOSS even means.
This is despite me contacting support and sending the crash logs to them when it happened.
As much as I'd love to support Signal and switch everything from WhatsApp - it doesn't seem like a wise choice if this kind of thing is a possibility.