I realised I was more than happy to pay WhatsApp's yearly charge back in the pre-Facebook days (think it was 70p or so?).
Figured I could give Signal a few quid every now and then, maybe keep a server up for a few seconds :)
Donation link should anyone be interested:
They do https://hexus.net/tech/news/software/125747-14-open-source-p...
It looks more like they are giving funds to projects who apply for them. IMO, they should state 3 clear goals and sponsor specific projects which reach those goals. To give some example how those could look like:
- create a decentralized, federated instant messaging platform, that is build on public standards
- create an e-learning platform that is usable with already established devices
- establish a market for the created software with partners
Naturally, all result would have to be open-source products and the goals would need some details/numbers to measure them. They could even invest into already established projects, but please, with easy to understand goals.
It's also quite ineffective at giving money to the projects that are meaningful.
Large companies and large university projects rake in plenty.
NLnet does 'funding as a service'. If you want to fund a particular area of FOSS, we (I work there) can administer that. We provide low overhead funding to FOSS projects and pay particular attention to how the ecosystem benefits from projects.
So 'boring' projects that improve adherence to standards, increase deployments of standards compliant software, test standards compliance are very welcome. Redecentralizing the web requires this work, but few people think that this work is fundable. It is and in our opinion is has a high ROI for society.
In each and every framework so far, the EU is touting 'reduced administrative overhead', 'simplification of participation' and 'focus on SME's', but has in practice done exactly the opposite.
Especially since Horizon 2020, there has been a 'coup' by the large enterprise and large academic research groups. You can see the same trends in national programs as well.
It hurts me to watch systems full of broken incentives emerge and have money thrown into them repeatedly - there's "tech startups" (which would be laughed out of the valley due to their head-count and lack of any product market fit) receiving large ongoing subsidies to their payrolls while they slowly pretend to iterate on a product, all because they have "created" an agreed number of jobs, and need to keep those chairs full.
Europe on the whole doesn't have a culture of taking the same level of risks with capital, and there's a real push to fund things that are "safe" and help cover up weaknesses in the market - funding a company to hire people into basic tech roles at below-market pay helps to reduce graduate unemployment, which covers up the fact their education isn't giving them the right skills. That's pleasing to government.
On the other hand, giving 1m EUR to a small company with low head-count but a great idea could be a game-changer, and lead to far greater longer-term gains, but any government funding like this would be accompanied by so much red tape that you'd spend half of the 1m EUR on satisfying the monitoring requirements of the grant, attending monthly external progress review meetings, defending your progress to agreed (and inflexible) milestones etc.
That last point is perhaps the killer for innovation - most of the innovation funding schemes I've seen require detailed project plans before receive a cent of funding, and then hold you rigorously to that plan. Need to pivot? Welcome to the multi-page "change request form", which must be approved by a panel of non-technical bureaucrats before you can dare to change direction. They'll get back to you within 3 months, until which time you should continue with your original plan, as you will still be judged by your previous milestone payment plan. Your idea not working? That's not an acceptable outcome - you simply must deliver what you said! Failure is not welcome, you must deliver exactly what you said, else they will complain you are causing them to under-spend by the end of the financial year (as they now won't pay you!)...
That's why, in my view, the bigger companies and universities do well - they have a scale that helps them to deliver these kinds of outputs. As a small company, the "spend-and-claim-back" approach to most research funding can be a real issue, especially if the claims are delayed due to bureaucratic "checks and balances". These are necessary to prevent blatant outright fraud (i.e. people not doing the work they say they did, and pocketing the cash), but they tend to be applied across the board, rather than in a targeted way proprortional to the level of risk, and size of the organisation. The end result is smaller players spend more time (proportionately) handling bureaucracy if they do win funding.
RE selecting meaningful projects, this is arguably because EU research funding looks further ahead, at lower technology readiness levels. An open source project used by everyone is "high TRL" and therefore hard to fund. If they have an entity (as you point out, many don't, which makes them harder to fund),
If you don't have a company to pay yourself through an official payroll system, I believe there are rules in place which effectively define that you work a maximum of 8 hours per day, 5 days per week, and that you can't possibly earn more than 25 EUR per hour, which is of course completely out of line with the sector, and makes it really hard to work without creating a company. At which point you then become subject to state aid rules, and need to keep a handle on that.
And beyond the research programmes, any kind of "innovation funding" then drags you into the state aid system of partial funding, which is very difficult for a small company - getting 60% of full payroll costs funded sounds nice, but it requires you have the cashflow/capital in place to run payments through payroll, in order to claim back a percentage. Not ideal for the kinds of non-commercial "critical internet infrastructure" that need this kind of funding the most.
Just give them money and trust them that they'll do whatever it is they've done so far that many people recognised and started relying on their solution to the problem.
Without looking them up, there's exactly three pieces of software in the list above your comment that I don't recognize: FLUX TL, WSO2, midPoint. I'm happy to see all the other names on it, and I'm pretty sure I'll feel the same way about these three after I look them up.
I find it heartbreaking, that we still depend on WhatsApp and Zoom. Neither service owner is particular trustworthy. Communication is definitely critical infrastructure and yet, the open-source alternatives are very limited (in quality, not in quantity). So investing in this kind of functionality is key.
Signal, on the other hand, probably comes close to the WhatsApp features (I use neither one) and while I encourage everyone to to switch, I am missing the federation aspect. IMO, communication should be federated by law (which would also solve the network effect problem). Imagine a world where you could not call someone who has a phone number from a different provider? The current state of instant messaging is exactly this.
XMPP solved these problems decades ago and just because the standard didn't catch up with the speed of the mobile revolution, we don't have to reinvent everything from scratch. Properly implemented modern clients work very well (including reliability and battery consumption), the big issue though is that many traditional clients don't support all features and all companies in the business try, to build walled gardens as those tend to driver stock prices.
Cynical, profit driven and well funded operations have enough capital to weather these downpours, indeed they’re actually planning for them.
I hope Signal sorts their capacity quickly, I’m terrified that my circles switch back to WhatsApp. And then I’m fucked, I either surrender myself to Facebook or cut off from society
Governments don’t fund things, taxpayers do.
Alas, this is what happens when tech policy is written by people without tech experience, I suspect.
I feel public money should only be donated to them once people are able to setup their own signal instances, like Matrix.
France for example uses Matrix for their internal communications. They don't use the public homeserver, rather, they use their own.
Why would the newly-funded software be the useful kind instead of the useless kind?
They should employ teams of investors to decide where EU money is best invested.
They should use their governmentness to investigate companies after a few years and where they find someone got rich, yet the company failed, put some people in prison. Being the EU they can say "using legal loopholes to suck the company dry is in itself illegal".
You go donate an hours wage a week instead; that’s virtuous.
My fellow man sometimes wishes me to fund expensive wars too.
Wishing for how your taxes are spent is an aspect of democracy.
No one hinders you from donating to Signal if you wish, but if I am a Matrix user, do you want to use the violent force of the state to force me to fund Signal? It’s a moral absurdity.
This is how public schools are funded in my country and I like that we fund them like this instead of private schools with fees that would exclude some families.
This model of funding works for a lot of public infrastructure and I doubt individual donations would make up for that.
I think it is critical for this public funding to be under democratic control. Otherwise it is definitely unjust.
In the end I think public funding / taxes is a way to bypass the tragedy of the commons (not sure if that is the right term here).
That's why, in a democracy, you vote to elect your representative who will, hopefully, make sure your taxes contribute to causes you deem worthy. Be it open source, health services, education, ...
Certainly far from “love thy neighbour”.
Donate yourself, you can be a hundred times more efficient than EU bureaucracy, no exaggeration
When CEOs and owners make the same as cashiers, donating by yourself makes sense.
In short, federation makes a lot of things more difficult, and Signal opted not to do that to get a polished product quickly. Still, it's not either-or. As I remember it, Moxie welcomes the Matrix developers to try their approach and would be glad if they can get it right, he was just worried that it'd basically never lift off.
I think it's not bad to donate to either project, it's a good thing that we have both.
Still, it does seem something infrastructure/utility-ish like Signal would be a good candidate for at least some support.
I also installed a browser extension to automatically bring me to smile.amazon when buying anything on Amazon - so far it has had no weird glitchiness when not buying something and works exactly as advertised. Highly recommend looking into this option if you're forgetful like me - so far it has helped me donate 4 times that I would have otherwise forgotten.
I don’t use the add on and just type “smi” to autocomplete the domain.
All my friends are in Signal. One of my favorite group chats is in Signal. My mom is using Signal, I just sent her a message I might need to leave WhatsApp, so she immediately installed Signal all by herself. Now we have video chats that have been working really well.
I mean, this is the first time the mobile app gives trouble. I'd wish the desktop app would be better, like it's been the biggest problem between me and Signal. Otherwise it's an amazing tool and I'm happy to donate for it to be even better.
All you need to store server-side is "this user has the badge until date X".
Sure, but espionage and surveillance are rarely about proving anything, they're about making good educated guesses. Besides, the receiver will very likely be among your friends and acquaintances, so the NSA would only have to look at your social circle to find them.
Store no payment info.
One of my friends who just jumped ship to Signal this week said in his first Signal message to me that he wished he’d “bought some shares” in Signal when I first told him about it...
The first challenge is getting people to join the platform.
The second challenge is educating them on how it’s actually funded... (ie NOT by pimping out your personal data for shareholder benefit).
"...The initial $50M in funding was a loan, not a donation, from Brian Acton to the new nonprofit Signal Technology Foundation. By the end of 2018, the loan had increased to $105,000,400, which is due to be repaid on February 28, 2068. The loan is unsecured and at 0% interest..." 
What happens when they add 50M or 100M more users?
Startup funding that looks more like debt than stockholding isn’t all that weird, and has various implications for exit scenarios.
If you wanted to create something similar to a nonprofit, this is a way you could do it while protecting it from vultures.
I dont understand it much, but its to make Signals life easier during tax time since its such a large gift.
And a donation would bring him deductions which he probably doesn’t want..
And there is a gift tax but since it’s a non profit, it gets different treatment. But having said that IRS scrutiny increases with such large donations.
Chances high for an IRS audit. Etc.
So many reasons why the loan aspect is a better idea.
> There could be conflict of interest if it’s a gift considering Acton was involved with WhatsApp before Signal was formed.
Why is this conflict of interest less significant by structuring as a loan?
> And a donation would bring him deductions which he probably doesn’t want..
Why wouldn't he want them?
Is he time-shifting them or forgoing them?
> And there is a gift tax but since it’s a non profit, it gets different treatment.
A charitable donation isn't subject to gift tax.
> But having said that IRS scrutiny increases with such large donations.
> Chances high for an IRS audit. Etc.
Acton is a billionaire, his returns will receive scrutiny every year.
What's the etc? How is it better with a loan and why?
I think there is a limit to the amount of gift in cash or other assets you can make without triggering a federal gift tax of around 40%. For an individual there is a limit of life time gift tax exemption around 11.5 million and 23 million if the gift is made as a couple.
1. A loan is a business transaction here. There is an expectation that it will be repaid. It can also be forgiven. A donation to a non profit can be ‘rewarded’ by way of tax deductions.
So Acton will profit from a similar tech he has already sold to Facebook as WhatsApp. His wealth likely came from WhatsApp sale to Facebook. It can be argued as conflict of interest.
Loan deals are very clean. Cut and dried. Any implied contract between the parties ends when the loan is repaid and the relationship is terminated.
2. I can’t speak for Acton. Or in any legal capacity, but if it were me, tax deductions to a non profit can be rife with complications because if he ever gets involved with signal as a board member or employee, it might rise questions.
3. Signal foundation is not a charity.
4. Even a billionaire ..and especially one..would prefer to keep books less complicated for IRS. Donations are often scrutinized for money laundering or tax evasion.
5. A gift invites taxes, iirc. Like..if I gifted you above 15k(and you are not my family or part of a trust/insurance beneficiary etc), you will have to pay taxes on the realized value of the gift.
6. This might have been an ideological instinct for Acton as there seems to have been some disagreement between Acton and FB on how they intended to take WhatsApp. Maybe this isn’t about money at all. Who knows. Hence the ‘Etc’.
Also I don’t know exactly what kind of non profit Signal is...
AFAIK, this does not apply when giving to a charity.
> I can’t speak for Acton. Or in any legal capacity, but if it were me, tax deductions to a non profit can be rife with complications because if he ever gets involved with signal as a board member or employee, it might rise questions.
And the loan won't raise similar questions? Why?
> Signal foundation is not a charity.
> A gift invites taxes, iirc. Like..if I gifted you above 15k(and you are not my family or part of a trust/insurance beneficiary etc), you will have to pay taxes on the realized value of the gift.
> Also I don’t know exactly what kind of non profit Signal is...
It's a 501(c)(3) https://signalfoundation.org/
Brian Acton is listed as Principal Officer/President
You can’t donate to your own company and then claim it for a tax deduction.
That being said, this basic point seems like it might explain the whole thing. I can believe that he cannot be the sole (or nearly sole) donor and have the company be a 501(c)(3) rather than a private foundation or similar.
Generally speaking, noncompete agreements prevent you from taking equity / ownership or active role in competitors
They say nothing about loans. Thats from the many agreements i have come across between businesses and partners/employees
This is one of the most frictionless donation buttons ever. I love it.
Patreon, Paypal, SEPA transfer, all those are a hassle, comparatively.
This donation thing used by Signal works exactly as it should be. Enter numbers, hit enter, done. No "please cookie us", no 20 times transfer to other domains, no account creation, and they also don't require stuff like MasterCard 3D secure (which IMNSHO really is useless for donations).
Zero hassle, 100% great, and with a nice UX.
Remember: regular donations are better because they help with long term planning.
But your link now leads to a “The charity you're looking for isn't available right now” page?
Try searching for Signal Tech Foundation here
Non-American users can access the Signal PayPal page at Paypal’s US site: https://www.paypal.com/us/fundraiser/charity/3675786
Not sure what the logistics of sending money to the USA PayPal Giving Fund are for non-Americans.
Why am I saying this? Users don't give a damn, they expect free things, and they expect things which work. They have been taught to use appstores on their phones where tapping on a button installs an app and everything just works with zero effort on their end, while completely ignoring the work that someone put into creating the very app they depend on. Majority will never, ever, even think about it, let alone click on the developers website to find out who created the miracle they use.
This practice needs to end. I believe that it is time to stop making free products. Developers should unite in this and finally start to value their hard work.
here is another one (with an insane amount of likes/retweets for something so wrong):
"Signal is owned by Twitter and monitored. While open source it is not as secure as they say. Use telegram." -- https://twitter.com/RebelOutlaw1990/status/13471653380777000...
> Telegram is owned by Google if not mistaken!?
> Telegram uses custom cryptography.
> Signal uses encryption protocols sponsored by Broadcasting Board of Governors, a sister federal agency to the State Department. In plain words, data easily accessible by CIA, NASA and FBI.
I wonder what NASA will do with my Signal messages, maybe use them for a giggle in between transmissions from Mars.
Also, recent blog post about Telegram and its crypto:
They batch them up and send them to deep space through SETI. The aliens are the real ones behind surveillance operations which they use to create a reality TV show. And with this NASA prevents the world from being destroyed from said aliens.
A better comparison would be how people gladly pay ten bucks a month for spotify/netflix but would probably never pay that for messaging and IMHO that's where the industry should be going.
People in the past also thought music and movies should be free and pirated the shit out of them, but by making it simple and accessible, for ten bucks a month, most people with a job just won't bother with piracy anymore, even though they gladly pay for something they'll never actually own.
So, the billion dollar question is, how do we transfer that model to messaging?
I keep dreaming about a Pied Piper like decentralized internet.
With messaging it’s different. Transferring messages is relatively simple topic to do as a software. But the cost of running and maintaining it is hard and that’s what users don’t care.
Where they'd be told to get lost if they misbehaved.
With GitHub, the branding of products is lost and most credit goes to GitHub. If a user isn't satisfied, he does the proverbial left-swipe and goes to the next project in a second.
If you tell a user to get lost, you violate the tenets of the new corporate sponsored cultural revolution: Newcomers are always right.
The last 10 years have been a coordinated attack on OSS to make developers obedient and silent cogs. It works, because at present they are showered with money in return.
Will it continue to work in 5 or 10 years?
There was a time in the 90s/00s where you bought software in a big box, and it came with all sorts of manuals and such. The tangible assets (manual, floppy, box, whatever) along with the licensing agreement made that software much more valuable than the software we use today.
Free iPhones not so much.
For that reason alone I think it's important for the service to be free. Though I would perhaps support some reasonable free usage limits if needed to prevent abuse.
This all makes me assume that Signal’s security is meant to shield phone owners against advertisers and ordinary criminals, not the state.
There’s a known problem where the majority of Chinese Android users use a third-party IME to enter text. This is vulnerable to eavesdropping and easy for Signal to detect and warn the user about. Chinese people have been asking them to do this for over a year, telling them that they know of people who have been detained by the government after using Signal, thinking it was secure. Signal have constantly ignored and dodged this. Just lately, their attitude seems to be that somebody needs to prove it is being actively exploited before they will look into it.
Until I saw their behaviour on this, I was recommending Signal to people. Now I can’t help but feel it’s security cosplay. They pride themselves on strong encryption, but won’t lift a finger when people unwittingly use Signal in an insecure context and are being extraordinarily evasive about it.
More info: https://community.signalusers.org/t/signal-should-warn-users...
I can also acknowledge that it's a universally good thing that they are moving in a positive direction here, and I do not hold it against them for being unable to solve all problems for all people at the same time.
NSLs are a problem generally, but I have a lot less concern in Signal's case because they have no data, and they'd have to be forced to make significant software modifications to enable targeted interception of messages. This is something I expect they would be motivated to fight, more so than any for-profit company might.
Let's acknowledge and appreciate progress where it is being made.
They haven't seriously considered that for long. I don't think it's even been a year when they announced this switch for the first time.
Please don't spread this kind of false information. Signal gets enough of that already.
You realise that this is something completely different than what you wanted to imply are you? Up until they introduced the PIN, they've been defending the phone number. Just because someone had a issue on github, doesn't mean they've been working on it...
You think I’m knocking the app. I’m not, I think it is the best option available. I just feel that as long as the phone number was required, they could have been clearer to ordinary users about the threats that Signal aimed to protect users from: advertisers and ordinary criminals, sure, but not necessarily the state authorities, and so it might not be suitable for dissidents for the time being.
One is some guy posting someone in the issue tracker where 1000s of other ideas are. The other is "them working on it".
Moxie is one of the best security researchers in the business, he was definitely aware of this before anyone ever brought it up on GitHub. Was it really so hard for the Signal devs to acknowledge this downside on the blog?
The world would be better if the world were better, but until it is, would you mind helping out a bit?
Is there any indication that applying capital to the problems we're seeing will fix them?
I want to help, but only in a way that will be effective in improving the situation. If they already have enough money, giving them more will not. If they don't have enough money following a $100mm USD donation, it's possible that giving them more will not.
The problem is, this is not a sustainable model (Wikipedia is a whole other universe and can not be compared) and it bugs me so much to see developers pour their souls into projects which end up dying.
At the same time, I agree that there is practically criminal negligence of the education of people about what makes those techno-social institutions which "just work", work:
* Commercial interests and the role and nature of large corporations in tech and elsewhere;
* The massive amount of hard work, expertise, and good will invested by people in public-benefit work (which could be writing FOSS or volunteering in retiree caregiving etc.)
* What the machinery of government - and its myriad branches and institutions - does, beyond the political horse race shown on the evening news;
and through that, the realization that free lunches get made by someone, and its very important who and how they get made.
> Majority will never, ever, even think about it
It is a challenge for us to educate people around us about this fact.
> I believe that it is time to stop making free products.
Software is free by its very nature. It is only state coercion via threats of incarceration and violence that we are deterred from copying software.
Oh and, you're not getting enough recognition and praise from your customers? Maybe you should make something which would really justify it? I'd recommend a FREE APP which helps poor people! Jesus, you run a page which rips off content other people provided you for FREE...unbelievable...
A better world for whom?
It's always someone else's job to change the world, eh?
You can't stop someone trying to make a free to use product
Donate to them so they can buy more servers https://signal.org/donate/
* If you work in the US, many corporations will match your donation. Easy double of your donation
* Set https://smile.amazon.com to Signal, so your purchases on Amazon go to Signal
* Use services like Paypal to donate, that sends 100% of the money to the foundation
I've tried to donate, but none of my 3 cards worked, I got "card rejected error" without any info why and none of banking apps notified me about new transactions.
They aren't on liberapay as far as I can see.
I use the Privacy app and generated a merchant specific credit card for Signal. This is the best way I have found to do online transactions. You don't even need to use your actual name or address when making a payment to a merchant since Privacy acts as a proxy for you. https://privacy.com
Right now is the time for us to invest in Signal to help see it through this groundswell of adoption.
edit : which presumably drives licensing income from Microsoft to The Signal Foundation, which I am presuming is better than nothing and if like me you can start using Signal protocol for calling your family elders via Skype without friction, and I simultaneously create widespread adoption of the Signal protocol, I can't see any downside myself anyhow.
Let's do some math: In signal's case, since they use Donorbox, there is a 2.9% + 30¢ fee for credit card transactions going via Stripe (in addition to another percentage that goes to donor box). If you were to donate $24 once per year, Signal would end up with just over $23 after processing fees had been deducted. If you donated $2 per month, they would end up with $19.7 per year, an additional $3 being spent on fees!
Edit: unless they have some special lower cost stripe rate of course, in which case you can ignore my comment altogether ;)
I've been using Signal for a couple years now. Finally deleted WhatsApp this week. This is the first outage of Signal that I noticed. It's a shame, but growing pains do happen.
I'd have ticked "recurring annually" if the option had existed.
Everyone around me starts switching suddenly and I want to keep them on Signal.
If you talk about Brian Acton, he sold WhatsApp to Facebook and btw made a big gift to the FreeBSD foundation and is the founder of the Signal Foundation.
Learn to inform yourself, this is not a place for fake information.
I’d prefer to pay yearly than to feel the spectre of guilt for using a “free” app.
So they’re 4mil in the hole? How is it possible that they’re still running?
I have no idea why anyone would donate $20 when they're sipping on $100m ...
Signal is using AWS & GCP ( for cloud fronting ), they could be approaching that spend level.
That is 100% their problem, though. I trust that they will develop a sustainable business model when it becomes necessary. Otherwise, look at their tax info shared above. Sporadic donations won't even make a small dent.
I mean, shoot, they won't even give us a hint at how much to donate to cover our own costs. That would be a start.
TBF they havent had to think about this too much before the last 5 days, so give them some time to come up with a plan.
In the mean throw them whatever you are comfortable with.