That's not really a reasonable argument. Signal makes a profound UX tradeoff to protect metadata by not requiring servers to store it in the first place: it drafts off people's phone contact lists, and thus everyone who uses it needs to be identified by a phone number.
Matrix doesn't have any special way of avoiding that tradeoff. It just takes the other end of the trade: Matrix servers are exposed to valuable metadata, so that people can use whatever identifier they want.
And, of course, the flip side of Matrix's "freedom and liberty" federalized design is that it is May 7, 2020, and the project is just now announcing E2E by default for private conversations. This is exactly why, years ago, Moxie Marlinspike wrote his post arguing about the downsides of federalization. It sure looks like his predictions were borne out!
I think both of these projects are valid and important, and that they have different goals and audiences, and we do people a disservice when we pretend like they're in any kind of serious competition. Matrix is what you'd replace an IRC server with. Signal is what you'd tell an immigration lawyer to use for messaging.
> And, of course, the flip side of Matrix's "freedom and liberty" federalized design is that it is May 7, 2020, and the project is just now announcing E2E by default for private conversations. This is exactly why, years ago, Moxie Marlinspike wrote his post arguing about the downsides of federalization. It sure looks like his predictions were borne out!
I'm skeptical that much of this particular delay has to do with federation, as opposed to things like differing priorities and general project velocity.
Why? Because Matrix is not yet as successful or as diverse as XMPP, the example Moxie gave in his blog post. My impression is that Matrix has one main server implementation (Synapse) that everyone uses, and one main client implementation (Riot) that E2E encryption was added to. And the company developing Synapse and Riot is also developing the spec, so it's completely coordinated. Alternate clients and servers exist, but they're very much "alternate"; I don't think anyone was waiting for them to implement anything before making this announcement.
I could be wrong. I'm not involved in Matrix development, or even a Matrix user. But that's my impression from some quick Googling.
If I'm right, the only real cost of decentralization at this point was having to (a) design the protocol itself to support federation and (b) document the protocol as part of the Matrix spec. That's not nothing, but it's small potatoes compared to the kind of massive ecosystem fragmentation Moxie was talking about.
Yes, Matrix’s development would go way faster (6-10x is my estimate) if it wasn’t decentralised. Huge amounts of effort goes into designing a system where you have multiple servers (or peers in p2p) which can’t be trusted, and where the behaviour needs to be formally specified in a neutral public spec that can be independently implemented. You have to layer the spec into abstractions which ensure the lower layers are stable and relatively frozen such that folks can build on them confidently, but the higher layers can evolve and experiment as rapidly as possible.
However, we think this is an acceptable cost in exchange for building an open network / protocol / ecosystem like Matrix. Freedom is important.
As comex points out, we’ve tried to mitigate slowness by developing the core of Matrix (protocol and reference server and reference clients) by the same logical team rather than by vying factions - which has certainly helped, but only as an incremental factor.
The fact it took us 3 years to exit beta for E2EE and turn it on by default reflects more that we chose a large scope (interactive verif, cross-signing, encrypted key backups, etc all break new ground, afaik), had to make it decentralised, and also reflects prioritisation (encryption is not our only focus).
So yes, it takes longer to build Matrix than a centralised e2ee messenger. Or longer to build bitcoin than paypal. Or the Web than AOL. But we think it’s worth it.
I like Matrix and think Signal makes some serious mistakes for no apparent reason, but yeah, the repeated "Matrix is just as good and more free we swear!" is...maybe not the right thing to say, yet.
Phone numbers are the most identifying piece of information. They are precise identifiers not pseudo-anonymous. A non-burner phone can easily be converted to a complete background check on the person for under $50 ,for a higher price it can be converted to current realtime physical address.
Could you link to a reputable resource for this? I've always imagined that phone number background checks were mostly scams with a bit of public information sprinkled on top.
I'd be very surprised to learn that I could purchase a burner phone, give you the phone number, and have you be able to tell me my address and criminal history.
> I'd be very surprised to learn that I could purchase a burner phone, give you the phone number, and have you be able to tell me my address and criminal history.
OK, so even if you pay cash, there's video surveillance in the store, and surveillance (license tag, video, etc) on the route. And that's linked to the number. Then there's the number that you call from to activate the burner phone account, which may have some identity information. Plus geolocation data for that, and for the burner phone.
When I was living in Brazil to buy any kind of SIM card you had to give your CPF or whatever it was called number from your residency card. I believe many countries have this rule as coiner terrorism measure or whatever. Of course for bad guys it’s trivial to go around those restrictions.
And that's a near best case scenario in the US, UK, etc. In most of Europe and many other countries, you have to officially register a SIM card with an ID/residence document to use it.
Right, I meant that the scenario described is a near-best case in a global context as many (most?) countries unlike the US/UK/etc. require ID verification.
I don't believe this is true. It's very trivial to find a prepaid SIM in the US that one can just purchase, activate, and top-up with reload cards (which in turn can also be purchased with cash). Postpaid plans do often require ID verification because of the credit that is being extended, which I think is more than reasonable.
For non-burner phones, just Google the phone number---you'll probably get a sketchy "look this person up for $XX.YY" telephone directory page that will contain their full name and age, if not their address.
So, I just Googled my phone number, and the phone numbers of several friends.
In each case I got dozens of the same flavour of site, which I've seen many times before, it has a paginated list of every possible phone number that could exist, and an advertisement. These sites are pretty cheap to build and presumably over their lifetime they bring in enough advertising revenue to justify renewal costs, hosting and so on.
But they don't offer (and couldn't deliver) personal information about any of us, since that isn't publicly available.
At any rate all of this misses the point; Signal doesn't use phone numbers because phone numbers are an especially good identifier, but as a UX tradeoff to keep metadata off their servers.
I have good reason to believe this UX "tradeoff" is being actively abused. Several vectors,but the main one has to do with contacts of a compromised target,or when a target adds you as contact.
In practice,it's worse than having to use your SSN. You don't need SSN to sign up with all the major apps and sites (including free email),but you do need a phone#.
I think it boils down to the fact that in Signal the server can't see which conversation messages belong to - and if sealed sender (aka secret sender) is enabled, the server can't see who they're from. (As far as I know, the server still tracks the phone number of accounts and thus the recipients though - looking at https://github.com/signalapp/Signal-Server/blob/2b987e6e9301...)
Unsure how this relates to contact lists though (other than that secret sender is apparently only available for messages from people in your contact list?)
Matrix on the other hand isn't a message-passing system like Signal (or IRC or XMPP or SMTP) - instead it's a way of securely storing your conversations (more like NNTP or IMAP). This means that when you log into a new Matrix client you can get at your conversation history, and it means that even if you lose all your clients you don't lose your history.
The compromise is that Matrix ends up storing the metadata of who spoke to when in the conversation history which is stored on the server.
However, we're working on mitigating this with P2P Matrix (where you run the server clientside, unless you explicitly want to pin that conversation to a serverside server), as per https://fosdem.org/2020/schedule/event/dip_p2p_matrix/ - and it even works :)
Did you pay? At least in the U.S., states release ridiculous amounts of information on people. It's "publicly available", but in practice states charge a high fee for the databases, which means most of this data exists behind paywalls. The data on sites like spokeo.com and intelius.com isn't great--not at all comparable to the breadth and quality of data LexisNexis offers with their 5- and 6-figure subscriptions--but it's amazing how many phone numbers, names, and addresses you can still match up.
Then there's all the "private" data about you that is commercially available. That's what credit agencies and similar companies do--buy your data from any company willing to sell it. Such databases are so deep and comprehensive that these companies have become extensions of intelligence organizations for all the business they do with government. In fact, just a year or two ago there was the "scandal" where it turned out cellphone companies were selling location data, which some savvy police departments started using to avoid dealing with warrants.
Signal's servers store no contact lists at all. It's not that phone numbers are some especially good anonymizing identifier; obviously, they are if anything the opposite. It's that everyone who uses Signal already has a local contact list keyed on phone numbers, which Signal's client applications can access, which means the server doesn't have to know about contact lists in the first place.
> It's that everyone who uses Signal already has a local contact list keyed on phone numbers ...
Well, that's precisely why I don't use Signal. In that I don't use smartphones. I could probably run Signal in an Android VM. But I have no way to get a phone number that's both adequately anonymous and adequately secure. Or at least, I don't yet know how to do that. Burner phones are too readily located, and hosted SIMs are too insecure.
Android x86 VMs now have functional virtual WiFi interfaces. But I'm not aware of a virtual cellular network implementation, which could theoretically (I imagine) allow virtual SIMs. That would be very cool. Or maybe it's doable with VoIP?
But this ostensible "Signal's servers store no contact lists at all" policy also incurs several serious risks:
* The Signal client regularly re-sends your complete local contact phone numbers to the Intel SGX contact-intersection code on Signal servers. So, potential flaws in that process would mean Signal servers continually receive, & could possibly log, far more metadata than competing systems that upload all your contacts' phone numbers.
* Signal leaks that your phone number has enrolled with the Signal service to anyone who chooses to query it.
You are comparing the possibility that something could go wrong and expose contact graphs to systems in which exposure of the contact graph is a foregone conclusion, because the servers store them, durably, online, in plaintext. The point of the Signal design is not having to do that thing, and, indeed, it doesn't, unlike other secure messengers that do.
No, I'm comparing Signal to desirable properties of a secure messenger for many important uses.
It's great that Signal has devised a system that, ostensibly, obviates the need for them to keep persistent lists of everyone's correspondents. But as that same system requires the constant, repeated uploading of phone-number-identifiers, and complete trust in Intel SGX™, it misses the primary thing most want from an end-to-end, open-source solution: no reliance on remote personnel or systems.
Signal's created a fancy 'Maginot Line' that ultimately reduces to the same core flaw as much-simpler architectures: if a small number of hard-to-monitor key people or servers are compromised, even temporarily, the metadata is also compromised.
You tout that "Signal's servers store no contact lists at all". But can you prove that? Signal's servers are still sent all the same data that would be required to do that.
Meanwhile, other secure messengers manage to:
* avoid ever knowing a users' phone number, or revealing a users' phone number to their correspondents
* avoid broadcasting the fact of a user's participation to anyone who cares to query
It's important to remember these caveats & tradeoffs when alleging Signal stores no contact lists at all.
Again: your argument is that, because someone at Signal could misbehave and log metadata, Signal is equivalent to systems that log metadata all the time, durably, by design. Given the choice, I'll take the system that can at least plausibly protect my metadata over the one literally premised on not doing that.
I'm not alleging 'equivalence', I'm emphasizing assumptions & tradeoffs.
I want readers to know that your headline claim, "Signal's servers store no contact lists at all", should be coupled with the important caveat that believing that claim still requires trust in Signal and Intel personnel/servers.
And even if someone, like yourself, assumes such trust in Signal & Intel, the metadata protection Signal does offer still requires other metadata tradeoffs. That's not 'equivalent' to other options, it's different in notable ways. For some users, like say an anonymous whistleblower without a 'burner' phone number, Signal's metadata handling is arguably worse than other extant options.
You find Signal a preferable, perhaps even dominant choice; I think they're a mixed-bag once aware of all the tradeoffs.
Matrix doesn't have any special way of avoiding that tradeoff. It just takes the other end of the trade: Matrix servers are exposed to valuable metadata, so that people can use whatever identifier they want.
And, of course, the flip side of Matrix's "freedom and liberty" federalized design is that it is May 7, 2020, and the project is just now announcing E2E by default for private conversations. This is exactly why, years ago, Moxie Marlinspike wrote his post arguing about the downsides of federalization. It sure looks like his predictions were borne out!
I think both of these projects are valid and important, and that they have different goals and audiences, and we do people a disservice when we pretend like they're in any kind of serious competition. Matrix is what you'd replace an IRC server with. Signal is what you'd tell an immigration lawyer to use for messaging.