This whole thing is especially painful/annoying since they neither support backing up the database nor syncing/importing old messages from the phone. So if this happens there's no known/reliable way to recover (even though the data is still on the phone).
(In theory it should be possible to recover from this and I can still access my sqlcipher database manually but Electron and the stateful Signal protocol make it extremely difficult so I gave up. Multiple backups of the whole ~/.config/Signal directory didn't help either.)
Yes and this has been my biggest complaint for literally years but whenever I say "Signal needs a top tier backup system asap" I get moaned at with responses like "Signal is a messaging app not email, if you want to backup a message just do that one message." or "Why would you want a whole conversation backup?!" as if I am some weirdo for wanting to have a backup.
Does my fucking head in. Yes Signal is about security but that doesn't mean it can't have a functional backup feature! Honestly it needs to be priority number one imho.
This bug shows just how important backups and importing conversations are. Whenever I setup Signal on a new system I hate when I see the message "For your security, conversation history isn't transferred to new linked devices."
Signal doesn't (or at least shouldn't) get to decide what happens here. If I am having to re-register because of a Signal failure my security is not effected by importing the conversation history as it was there two minutes ago before they corrupted the database. At the very least they should make it an option even if it is disabled by default.
Apologies for the ranty nature of this comment but I am fed up with this absolutely pathetic denial that backups are important because it is "just a messaging app". AHHH!
Oh my gosh, you and me both. I'm so tired of the lame excuse that it's a "secure messaging platform". If the mindset were truly that having a copy of the message was insecure, why wouldn't they just set every chat to expire? Because it turns out people want a balance between security and functionality.
IOS has had filesystem access for going on 2 years now, there's literally no excuse beyond laziness for not letting us backup and restore the signal messages. I don't even care if it gets dumped into an insecure format if that's the only way it works. I'm far more concerned with someone intercepting my messages in-flight than any other vector. If someone has a backdoor on the phone itself, one signal backup is the least of my worries. Ignoring the fact that backup would be optional.
Incorporate SMS (with a red background or something obvious that the chat is insecure), incorporate backup, and just fully embrace being a messaging app. If they do that they'll make the world universally more secure because it will increase adoption 100 fold. I'll have a lot easier time convincing my dad to use signal if I don't have to try to walk him through "well when you're texting grandma, use this app, and when you're texting me, use this app".
> Incorporate SMS (with a red background or something obvious that the chat is insecure), incorporate backup, and just fully embrace being a messaging app. If they do that they'll make the world universally more secure because it will increase adoption 100 fold. I'll have a lot easier time convincing my dad to use signal if I don't have to try to walk him through "well when you're texting grandma, use this app, and when you're texting me, use this app".
You can already use SMS from within the Signal app on mobile. On desktop it makes sense that there is no SMS feature, unless you want to use the desktop client to send SMS from your phone (like Android messaging), or you want Signal to operate an SMS gateway?
Signal already does SMS on Android but on iOS thats forbidden so you can't replace SMS app. Quite convenient for Apple because same SMS app by default supports their imessages :))
Unfortunately you can't send SMS from Signal in the iOS version of the app. And yes, I also want to be able to send an SMS from my desktop through my phone (like android messaging or imessage).
Not allowing backup as you should be using email for things that are important is really a circular argument. If you can't even choose to backup / analyse with your own tools then you won't ever use chat for anything important. Ever since losing chat history moving phones with Signal I've been less inclined to use it overall.
+1. Switched from iPhone to Android, lost my message history. There were important content there stretching years that I wanted to preserve. Now, it is all lost.
Really I just want Signal to play my messaging history off to just regular files.
I can plug those into Syncthing and have them head off to my server or whatever. Just document the format so I can decrypt them with some tool to recover them later.
Yeah I honestly don't care how they do it. I just want to export an encrypted blob with a passphrase and import it when needed. Store it on my device so I have to manually move it or store it on iCloud or some other cloud service. I don't care I just want the option to backup and restore!
Not sure about iOS, but on Android it's in settings > chats > chat backup and it creates a backup periodically if enabled. When reinstalling signal one can point it at the backup and enter the code to restore messages.
Signal (just iOS strangely; Android has had exporting for years) has been completely anti-backup basically since it's inception. That's their prerogative, but I think it's something that needs to be made clear, front and center, before anyone starts using Signal (or asking anyone else to use Signal). Signal is the type of messaging that needs to be treated as a black hole.
NOTE: last year, Signal introduced functionality for transferring messages to a new device, but that won't help you from data corruption or losing your device since backups and export are still not supported: https://signal.org/blog/ios-device-transfer/
I totally agree. That's the only big drawback I currently see with signal.
I would even be satisfied if i can regularly backup messages to plaintext.
I like to keep my messages and be able to look up stuff later. If I don't want to keep the log i switch on self deleting messages, which is quite cool.
Is it maybe possible that different people have different attack vectors they need to consider and backups are usually a weak-point for some of those people?
I understand it's frustrating when a (open source, forkable) application doesn't work the way you want it to, but you have to be able to see it from the other side as well.
Signal is signalling that chats are ephemeral and treating them as something else introduces security and privacy issues _in the way they are thinking about it_. It's very possible that's not an issue for you, but that doesn't make Signal wrong, is just make the two of you misaligned on why Signal exists. Signal is not for everyone and I think the team themselves make that pretty clear. Signal is for private and secure communications, and make no compromises that would lower either the privacy or the security, they rather compromise on other ends.
These kind of comments show the entitled parts of the internet, where open source software HAS to work a particular way otherwise ITS BROKEN AND HORRIBLE.
There are tradeoffs to everything. In this case, Signal made tradeoffs that you feel are wrong. You have a couple of choices, none of them include screaming that Signal should change their priorities based on your opionion: 1) continue using it anyways, start treating chats as ephemeral, 2) try to fork Signal and show us you can do it better or 3) dump Signal for a messenger that works the way you want it to.
In the end, there are multiple chat apps, use the right app for the right use case. Signal is definitely not a app for one-size-fits-them-all and it's pretty clear they are not trying to either.
> Is it maybe possible that different people have different attack vectors they need to consider and backups are usually a weak-point for some of those people?
If backups are a weak point/risk don't enable the backups then? How is denying it for all a good solution?
> Signal is not for everyone and I think the team themselves make that pretty clear.
If Signal don't want to be a WhatsApp competitor they need to stop acting like one and jumping on every opportunity to point out how they are not Facebook/are better than WhatsApp.
All I have seen from Signal on social media for the past month is how they are the perfect alternative to WhatsApp.
Signal has disappearing messages so if a sender doesn't want their messages captured in a backup they can easily get that. Of course that doesn't stop the recipient exporting that one message or even just taking a screenshot so it isn't perfect but better than nothing.
> These kind of comments show the entitled parts of the internet
Comments like this piss me off. It is not "entitled" to want to protect my data. I have been telling people to protect their data for the twenty years I have worked in IT. But now for chat conversations apparently backups are pointless and we shouldn't be doing them??? Come on. This flies in the face of literally two plus decades of the tech community pushing for "normal people" to do backups!
> If backups are a weak point/risk don't enable the backups then? How is denying it for all a good solution?
Why enable something that could introduce additional security risks when it's both cheaper and safer not to develop that feature in the first place?
> All I have seen from Signal on social media for the past month is how they are the perfect alternative to WhatsApp.
Huh, I've not gotten that vibe at all after speaking with some of the people at Signal. They know that their product is not for absolutely everyone and quick glance at their Twitter doesn't seem to paint the picture you're seeing either. You have any specific examples you could point me to?
> It is not "entitled" to want to protect my data
Of course not and that was also not my point... The entitlement comes from you declaring that Signal is wrong here while not actually understanding the other perspective that they are operating from (which is different from yours, obviously).
> But now for chat conversations apparently backups are pointless and we shouldn't be doing them???
Again, if you are subscribing to the same worldview as the team of Signal is subscribed to, then yes, you shouldn't backup your ephemeral chat conversations. If you're instead interested in persisting your conversations, Telegram/Whatsapp/whatever probably fits your use case better and you feel free to use those instead.
Either you use a chat application that makes absolutely zero compromises on security and privacy but might have worse UX, or you chose a chat application that does compromise on those things but have a better UI. Your entitlement is that you think you can change Signals whole mission because you actually should be using a different chat application.
> Huh, I've not gotten that vibe at all after speaking with some of the people at Signal. They know that their product is not for absolutely everyone and quick glance at their Twitter doesn't seem to paint the picture you're seeing either. You have any specific examples you could point me to?
Sorry but if you are unable to see that Signal are clearly trying to position themselves as a WhatsApp alternative there is no point in continuing this conversation.
If Signal want maximum security / privacy, why not just make all messages auto-delete after a week (rather than their current stance that you lose them when you decide to use Android when you're currently using iPhone or if you lose your phone)?
4/5 of their last few tweets all seem to be pitching themselves as an alternative to WhatsApp / Facebook / targeted advertising? Realistically though their current position is you have to choose privacy or backups.
"We believe in targeted admirizing, not targeted advertising. Happy Valentine's Day from all of us at Signal."
"We've discovered that @tecnomobile devices (some of the most popular phones in Africa) enable notifications for @Facebook apps like @WhatsApp, but block Signal notifications by default. Privacy should be the default."
"Facebook, Instagram, and WhatsApp trying to collect your data when you're on Signal" (confused guy gif)
"If you see the shadow of looming advertisements in your current messaging app, make an early Spring to something better."
"January just ended, but if one of your New Year's Resolutions was to break up with Facebook there is still plenty of time."
Realistically none of these are very good options. Starting a competitive messenger application is likely to be impossible - Signal got to where it is thanks in large part to 50mn USD from Whatsapp's founder. The fact that it's very difficult means that there aren't a huge number of competitive choices, and none that are "Signal but you can access your data". So even though complaining is not a great option, it might be the most likely way to get what is wanted, whether by someone from Signal seeing the request and agreeing, or someone else seeing there is a market for this.
If you have a choice between Whatsapp (metadata not private, but has backup) versus Signal (metadata private but no backup), if you need backup (or anyone you communicate with does), you lose privacy because you're forced to use Whatsapp. Arguably because of Signal's refusal to "compromise" on privacy by allowing backups you have lost privacy anyway.
>they neither support backing up the database nor syncing/importing old messages from the phone
Why Signal doesn't support this is beyond me. I can basically only use it for scenarios where I don't want any chat history, which just isn't that common.
When you say you can't import/sync data from your phone - Couldn't you just decommission Signal Desktop from your phone, nuke the desktop installation, and reinstall from scratch?
Not to dismiss the annoyance involved. I'm just trying to understand what this bug is really about.
Report suggest there's some beta/stable mismatching going on.
While Signal's greatest strength is its privacy features I think that at some point they are going to have to meet their customers/prospects/users' other needs.
The biggest one being the availability of chat history anywhere, anytime at their own risk if needed.
We won't educate people to use messaging app in the way we want them to (for privacy sensible conversations only) because the vast majority don't use messaging app like that.
It's either give up on that idea or heavily advertise that Signal is not a Whatsapp/Telegram/Viber/Messenger/Whatever replacement: it's a tool to use when you want to have private conversations.
Maybe it'd be better to leave the Signal messaging app lives its life and allows a third party chat history viewer to emerge. You can already export your encrypted backup to a readable CSV file. https://github.com/xeals/signal-back edit: which obviously doesn't work with a corrupted database :p. Signal backup as a service startup ?
Point in case: mom complained the other day that Signal Desktop took some time to launch because it was “syncing things”. I told here that this syncing from her phone to the computer is the proof her messages only exist in the application. Desktop or smartphone, that's why it needs to sync, facebook and others don't work like that (I grossly simplified).
note: Thread with comments like is how I remember HN is now a site with a huge audience.
Well, the messages are not syncing from phone to desktop. They're syncing from the server to desktop. Need proof? Turn your phone off any access signal desktop.
The messages exist in separate "mailboxes" on the server, one per linked device, and deliver independently. The timeout is 60 days if I recall correctly, for messages to be deleted from the server if they were not delivered to the client.
Can't find the better source I know exists at this moment, see here for now: https://news.ycombinator.com/item?id=15596980
It seems weird to me that device-to-device message sync isn't implemented, since that can be done trivially and securely. When I link a new device, give me an option to say "push my message history to this device" and let that work P2P.
I don't really need my messages persisted across devices in the cloud or when buying a new phone. Search on Facebook messenger for instance is broken so it's not like I can find anything ("what was the code to the gate?"), and I've never felt the need to scroll more than a few days back for other stuff.
What I need is just to persist the groups, really. So I easily can continue chatting there and not hope someone else sends a message first.
Their design causes it to be incredibly slow, to miss messages, to have them arrive out of order - and that's not even acknowledging the usability downfalls.
They really need to do better. I hope they can figure out some way to shift more resources to it, a good desktop client is essential to modern messengers.
Well, nobody cares enough. And that's probably why they find Electron attractive. No need to care, no expectations that you'll ship something good. Hey, look at Slack!
This reminds of the following quote from Skin in the Game:
> To figure out why ethics, moral obligations, and skills cannot be easily separable in real life, consider the following. When you tell someone in a position of responsibility, say your bookkeeper, "I trust you," do you mean that 1) you trust his ethics (he will not divert money to Panama), 2) you trust his accounting precision, or 3) both? The entire point of the book is that in the real world it is hard to disentangle ethics on one hand from knowledge and competence on the other.
So far moxie appears to be ethical, but his and his team's work has been rather sloppy. Meanwhile, many are still questioning the integrity of telegram, but durov's team is definitely the most competent one.
Unfortunately the overall code quality doesn't seem to good - I looked at the Android code and the network layer / retry logic seems to be quite chaotic with weird exception handling. The UI layer would also need a refresh, a lot of logic is placed in the Fragments directly, no MVVM (e.g. Architecture Components ViewModel) or any other pattern. The sync issues keep coming back. For example you use the Signal desktop app and then at the end of the day you pick up the phone, open Signal and a stream of notifications will start flowing in (even though you read everything on desktop). Also the PC desktop app doesn't sync with iPhone, you need to download an old version, pair the phone and then update to latest to fix it - https://community.signalusers.org/t/my-messages-in-desktop-a....
I also too a look at the code and wasn't impressed. Signal used to have a feature that allows you to import SMS.
It had a few problems but it mostly did the job. But lately, they disabled it with the latest onboarding update, without mentioning anything in the change log. I had to look at the git history to see that, I also found a "won't fix" ticket about the problem.
I think they are ignoring an very important feature but anyways, make a decision. Either you officially disable the feature, write it in the changelog and remove the dead code. Or you keep it and hopefully fix it. The way they are doing it is sloppy.
I didn't look too much into it but dead code is definitely a code smell and your experience seems to match mine. It is not terrible, but a bit underwhelming considered it is a highly regarded, security sensitive app.
That's unfortunate. I wonder why Signal suffers from these issues, but I hope it's something we can fix. I think Signal has such great potential. Society needs a successful privacy respecting open source chat app like Signal.
A few years ago I gave up on my own XMPP server and moved to Telegram because Signal wasn't ready.
Recently I have moved to Signal because, after the WhatsApp opportunity, I had to move my non-tech savvy family members to something better, and I suspect Telegram isn't it (I can't understand how it is funded, it is too "magic").
But it is rough, specially compared to Telegram.
For example: there's no way I'll share my phone number to chat with strangers, whilst on Telegram I have an anonymous username I can use.
But even forgetting about that, it is the small things, like it can't record and send a video (you can record it out of the app, and then send it from Signal; at least on Android), or the atrocious desktop app.
I'm happy it exists and I'll stick with it because they're supposed to be "the good guys", but I'm hopping it improves before I have to admit it was a mistake and I should have trusted Telegram.
Exporting message history, easily selecting multiple messages to forward, allowing for group chat history to be maintained and transferred between devices, synchronizing video rotation in video calls, scheduled messages. Some of these features might be harder to implement than others, but I am constantly reminded of their absence whenever I use signal. I used to only use telegram, and it just works that much better as long as you don't care about privacy. It'd be easier for me to continue using Signal if it was more grandmother friendly. Even my partner is having issues with this, and they are usually capable of using tech.
These are sensible suggestions. What do you mean by "synchronizing video rotation in video calls" and how do you note the presence / absence of this feature in practice?
Do you have any idea how we could practically make Signal a better app in the future?
As brash as this might sound, reworking the user interface to more match the likes of the competition would go a long way to make the app more usable. My partner has trouble finding functionality that is there.
The video call issue is that if I rotate my phone from portrait to landscape, the recipient will still receive a portrait video stream from me. I'd expect the recipient to receive a landscape aspect ratio stream instead.
I must add that I am incredibly thankful for the effort you guys have put into Signal. If users like me come across as a bit sour, at least in my case, I am that way because there seem to be a lot of low hanging fruit that users willing to use the app seem to hit on the head. I'd love for signal to be more successful.
I thought sqlite was very resilient and have a hard time understanding how an sqlite file can be corrupted. Are they manipulating the sqlite file outside of sqlite APIs? Are they mixing up file descriptors and writing garbage into an sqlite handle?
Not sure how reliable and resilient SQLCipher is but that might (significantly?) increase the risk for a bug/corruption to occur. And the encryption certainly makes the analysis more difficult (while, at least on GNU/Linux, I don't see any advantage as the encryption key is stored unencrypted in ~/.config/Signal/config.json - not sure if other Desktop platforms support secure keystores like on Android and iOS). I briefly tried to analyze my corrupted DB but quickly gave up as I'm not familiar with SQLCipher and basically only got a generic "Error: file is not a database" error message when trying to decrypt it (and there's no plaintext header IIRC so it looks just like random data).
I also had multiple backups of the SQLCipher DB that I could successfully access manually but I was unable to use them for Signal-Desktop (not sure if this was due to some other Electron DBs/state, the stateful Signal protocol, or something else - IIRC the only hint was the "Database startup error: Error: SQLITE_NOTADB: file is not a database" message that didn't really help much).
the SQLite documentation is incredible. the dev team is so thoughtful and reflective, and shares not only the code/application, but their understanding.
SQLite should not be corruptible by power loss unless PRAGMA synchronous is OFF, or OS/fs/storage media don’t honor fsync. https://www.sqlite.org/howtocorrupt.html
But the thread says SQLCipher is used, so not sure.
Looks like this is the bug that made me stop using Signal at some point last year. It just kept "migrating" the database every time I started and never managed to load. I even tried to reinstall it from scratch but when that didn't fix it I just gave up and went back to Hangouts/WhatsApp.
Is there a citation for this claim? I tried searching on Twitter for tweets regarding Signal errors, and I didn't see anything except for retweets of the link to this HN post.
It's also just the local database, so the phone that their desktop app is linked to will still have their chat history, thus these alleged journalists would not have lost their sources.
I didn't link it on GitHub for purpose. Somehow it turned out not to be related to that issue (so after few days it's just unlinked but contacts/history thankfully still there)
I've been using the iOS version on my M1 MacBook Air... it seems to use less memory, which is a benefit on my 8GB (base) model. I haven't done any tests though!
This is odd, I literally just now got a corrupted database on Android and had to restore from a backup (it's still restoring). Are two platforms impacted?
Signal's inability to sync its history to somewhere else (e.g. their server, encrypted) and its rather inaccessible backup processes[1] are a pain. It makes me use something else for anything serious sometimes.
What kind of a question is that? Are you a developer?
Do you think developers willingly write bugs into their applications, then simply release them hoping they can mess up somebody's day for the fun of it?
"Allowed to roll out into production" as if there's a manager looking at the list of newly created bugs, grinning and going "This bug... I like this bug! Roll it out!"
“Why wasn't this bug caught in the first place” - this isn’t an attack on whichever developer introduced the bug.
It’s a (totally fair) attack on Signal’s lack of QA/testing in their development + release cycle.
Do they implement peer reviews on PR? Multiple reviews on changes touching mission critical code (ie. data migrations)? Do their test suites provide adequate test coverage? Do they have a manual Q/A process that involves real people testing new releases?
Considering Signal’s funding, I would hope the answer to all of those questions is yes.
But if it’s possible to release code that completely corrupts the app with no known fix, I suspect their test coverage and Q/A processes aren’t as robust as they need to be.
Maybe all of those things. Given this issue isn't widespread AFAIS, it could have went through a bunch of tests and QA people, none of which caught the unique combination of factors that might be rare but not rare enough to not cause problems on a lot of devices regardless. They should totally improve their testing methodology after such a bug, but I can see how a perfectly competent dev team could let such a bug slip. I haven't followed Signal's track record though, so I couldn't say if this is a one-off or a pattern.
What are you talking about? They clearly didn't test this hard enough otherwise this would be caught early.
Was there any tests for this sort of thing? surely if you are storing secure chat history to a database this should be tested to death.
Had they tested more of this functionality this serious bug would have been caught, and now that I recommended this to people, I pretty much now regret doing so for secure messaging.
Well I guess that bursts the Signal hype brigade that Elon Musk, et al, and the media have started and you're required to sign up with a phone number which it then goes through your contacts list which already outrageous. Also, it turns out that you can't even sync your chat history, nor can you back them up easily on another device. So if you change your SIM, have your device lost or stolen, its all gone.
This right here was the final serious nail in the coffin that your chat history is corrupted due to this bug in production.
$60M in funding and they still can't fix these issues or handle these many users. I liked the Signal name and its friendliness to the end user, but I think the true hard-hitting reality is, it is just not ready yet for serious use. What a shame.
I feel like Signal missed the opportunity they had after the WhatsApp fiasco.
Every person I've tried to convert to Signal opt out after a day or two due to lack of usability. Most of them either went back to WhatsApp or moved to Telegram.
While the tech is great and the privacy is good, if they won't invest in usability and UI they will not win the masses.
EDIT - if you downvote, please explain why. If you disagree it's not a reason to downvote.
I certainly defer to HN's expertise on community, but I always took an upvote with no comment as a "yes I agree with the facts or feeling as they were stated."
I usually took a downvote with no comment as an information dead end. There are many reasons one would downvote, maybe factual error, in which case the correct answer is greatly appreciated.
On the HN guidelines page the word "down" is not mentioned. Just curious, do you all feel that up and downvotes are not different beasts? Or is that page just for users who cannot downvote?
My personal anecdote is the opposite of yours: it was easy for me to convert people to Signal.
Concerning your edit: I thought it was a pretty established part of the etiquette on HN that a downvote is used also for simple disagreement. It means "I do not agree", not "you are wrong and should be shamed".
And the mods have consistently upheld that since then (although quite a few people don't like it, or think that it is against the rules - but such a rule exists on reddit, not here)
I've always thought downvote on HN was for comments that are inappropriate, incompetent/harmful, or not following rules. In other words a vote that a comment holds no value on here. Anything else is just a discussion.
I’m surprised downvoting isn’t even mentioned in the guidelines. Assuming they didn’t want to mention downvoting unless you have enough karma, they could just display the clause for those with downvoting capability.
I may be wrong, but comments are meant for that. Ideally when there's a disagreement, people can openly discuss it. I thought downvoting is to flag unproductive comments.
I had that impression too, but I just read the guidelines and can't find anything to that effect. They do say that we shouldn't be commenting about the voting though ;).
Maybe on Reddit, but on HN downvoting is supposed to be a moderation tool. That’s why you need a certain amount of karma to access it. It should be used to flag content that breaks the rules or is unproductive in some way. Please don’t use it like you do on Reddit.
When substantive comments get unfairly downvoted, it's good to give them a corrective upvote. People mostly tend to do that and that mostly fixes the problem. Not entirely—but close enough that there's no globally better solution that we're aware of.
You are making a couple too many assumptions. For starters, I do not use reddit. I wrote my message above with the caveat that I am unsure ("I thought"), but you are presenting a front of certainty without backing it up with evidence (and evidence rarely exists when talking about common culture).
They poured a ton of investment into it right after they saw the uptrend, but their mission was to drive steady adoption of secure messaging; other features were nice-to-haves that weren't core to their initial function. The massive run-up in users relocating from WhatsApp reprioritized their PI plan (I'm guessing), but up until that moment, they had no good reason to prioritize those things since 1) they're a non-profit with steady funding thanks to Brian Acton, and 2) they have a core mission.
Iterative development is a thing for a reason.
Also, in regards to your edit:
> EDIT - if you downvote, please explain why. If you disagree it's not a reason to downvote.
Hm, some of the bug reports report unencrypted databases, some report encrypted databases. That suggests something is going very wrong with their sqlcipher+encryption handling/encryption parameter handling/key handling.
Those are pretty terrifying bugs, the fail-open can be disastrous in the wrong situation, and the others easily result in catastrophic data loss. Because that's what encryption is supposed to do in some situations.
I wish we had a great app with an open protocol so that you could use whatever UI you wanted and not have to deal with network effects every few years. It’s too bad there’s no app right now with that openness and also sufficient usability to get everyone switched over.
I’ve heard it doesn’t have any clients with sufficient usability for the masses, which is the other critical part. But yeah that’s what I was alluding to.
Honestly, Signal's UI/usability used to be a valid critique, but now it's pretty much up to par with WhatsApp/Telegram. The only minor quip I've heard from friends transitioning to it is the lack of bold/italics/etc, which Signal announced they're working on by implementing markdown.
I found it's frequently because they let perfect be the enemy of good.
Because something has potential caveats, problematic corner cases, or philosophical nits, open source projects will often end up sticking with a worse solution out of pure bullheadedness.
All the FB alternatives had crazy spin-up problems for a few days. Prominent cancels on the right and the WhatsApp fiasco freaked out some on the left at about the same time.
Signal did as well as anybody. They bounced back after about 48 hours, and usability seems as good as FB Messenger. Not nearly the roller coaster of Parler.
Didn't downvote, but I disagree with your "If you disagree it's not a reason to downvote." Downvote is my liberty, I can downvote for whatever reason I see fit.
> Why are you all pushing for this Signal crap when Matrix is objectively better...
At what exactly? Elaborate and enlighten us a bit.
> and doesn't require phone numbers?
That's true, but you know it's still not enough for John and Jane Doe to use it. Elaborate us on more reasons otherwise John and Jane Doe will use 'this Signal crap' instead or even will go back to WhatsApp. (Again)
Because it's not "objectively better", and certainly hasn't been historically (and I say that as someone who has more conversations on Matrix than on Signal, and thinks Signal made the wrong tradeoffs in some places)
for tech savvy people maybe but try explaining to your mother that you have to pick a server to register with, you need a username, it can't be your email address, then you can add your email and phone later to make it possible for others to discover you. I like it a lot it's just not nearly as straightforward
> Both Element/Matrix and Signal don't come close to WhatsApp, sadly.
That is the unfortunate reality-hitting hard truth right there. Element and Signal are just not ready yet for serious widespread general use to compete with WhatsApp.
Signal is still immature and lacks tons of functionality compared to WhatsApp. Element suffers from usability and onboarding issues which frustrate the user. The fact we have to keep mentioning the protocol 'Matrix' next to the client name 'Element' creates further confusion to the user; leaving them to ignore it altogether. That's before they get confused and lost in the settings page.
Telegram on the other hand has a better chance to compete against WhatsApp.
I'm interested: aside from the phone number/backup issues well documented on every HN thread about Signal, which features do you think that Signal lacks?
"Streams" for example. You cannot create a group of contacts that only receive messages from you, but they cannot send into the group. Replies of stream-members only come to the creator of the stream. Moreover, members of "streams" do not see other members. Basically is a BCC functionality for messages. I am a signal user since ages and constantly try to "convert" people. I miss this.
I think it's only in Telegram. Mostly used by businesses.
It's important to realize that Signal is aiming to be iMessage replacement Whatsapp/Telegram/Discord are more like "chatservers" with rooms. Signal right now focuses on simple 1to1 messaging with sending pictures/media etc. That's what they do really well.
Btw iMessage also have super basic desktop client. It works even worse than Signal desktop (random logouts and messages sent as different account with only "email"). It might not be so easy going from 1v1 fully encrypted chat to manytomany fully encrypted chatroom megaserver. Apple seems to also struggle with it.
I mean, if a genuine journalist loses sources, we could lose evidence of corruption / abuse / fraud / government overreach / any # of evils in the world. I think journalists losing sources is a pretty serious problem.
As much as I want to move to Signal, I cannot. Their apps feel like a hobby project from the iOS 5 era. Especially the desktop app has a terrible UI. It feels, looks and behaves very bad.
And then I am looking at telegram - everything is polished, many smart and useful functionality is included. The design is outstanding, the updates seem to add useful stuff.
Can someone explain to me why Signal is so very bad compared to telegram?
My guess is that the priorization is different - signal implements everything with a privacy first approach in mind, whereas telegram is not even encrypted by default (even Whatsapp does that AFAIK).
That's technically not true - it's not end-to-end-encrypted by default.
But yes, it is a design choice - telegram puts usability first - see all their innovations with large groups, stickers etc -, even at the expense of some privacy (i.e. no e2e-chats). But that's why you can have Telegram open on every device you own and probably why they are the second largest chat app by now.
Signal, on the other hand, values privacy first, everything else second. This is why this bug is open for 6 months - they see your chat log as a convenience feature and mostly a burden. In addition, Signal is a smaller team with less funding, so that their UI is not as polished is partially also due to lacking manpower, but its simply not a priority for them.
Signal requires a telephone number. This makes the privacy bit is a complete joke, even if your chats are E2EE. Your Signal account is bound to a KYC identity.
Privacy and anonymity are distinct concepts. Signals provides very high privacy and low anonymity - which is totally acceptable for many people's threat model.
Other apps may provide higher anonymity, but none provide privacy guarantees higher than (or even close to) Signal.
Privacy and anonymity are distinct, but strongly correlated. Without anonymity, there will always be enough metadata to hang you with. Using Signal as a surveillance-evasion-tool will get you into trouble in a lot of the more unsavoury corners of this planet.
So, being "best" at privacy is meaningless unless you are in the very lucky position that your local jurisdiction fits Signal's threat model. There aren't many in the west even...
Meaningless? I value private communication with my friends and family. I don't exactly need anonymity there. In fact I want the opposite. In the absence of phone numbers I would be adding very explicit metadata on my device to distinguish between my friends.
Signal has taken measures to limit its ability to know who I'm sending and receiving messages from. Though it's still possible by mapping my IP address to me. So yes there is still a centralized metadata problem, but I'm not letting perfect stand in the way of better.
>Without anonymity, there will always be enough metadata to hang you with.
Not in most cases, for most people, most of the time. Everyone knows you communicate with your family, friends and business associates. Very few people communicate out of those groups and even if they do they rarely have to worry about anyone finding out about it.
Umm... in fact "most people" communicate outside of those groups, as that's how dating works, and it is a big reason why Snapchat dominates "private communication": people don't want to give their "real phone number" to someone until they trust them. Signal needs to realize its big competition is not WhatsApp, but is Snapchat (particularly given that WhatsApp is pretty damned secure, and so should be seen as an ally versus all of the actually-insecure messaging apps of the world).
Idk how giving someone your Snapchat/Instagram is less risky than giving them your number. You can block people from calling/texting you. In fact iOS recently came out with a feature that blocks all incoming calls/texts from unknown numbers. So even if you give somebody your number and they are evil enough to sign you up for a robocall list it would still be fine
I feel like that’s a handwavey academic answer. In real life situations you always need both privacy and anonymity. Do you think a gay rights activist in the Middle East wants all of their contacts to know their phone number and therefore their personal identity?
This is designed to make Signal more popular while solving some fake account issues:
- Using phone numbers means that Signal can constantly check against your contacts to let you know if any of your contacts are now using Signal. As such, using phone numbers encourages use of Signal.
- The usage of phone numbers instead of email or usernames also helps combat temporary/fake account creation abuse, as phone numbers are KYC if you ban VoIP numbers
That said, in the end it is a compromise on privacy and anonymity to increase the popularity and stability of the app.
That's not it. That is, choosing whether conversations are encrypted by default or not has very little to do with whether the client application has polished UI.
To me Telegram is better even from a privacy point. Sure, if someone breaks into the Telegram servers can read you messages, but to me that isn't the first privacy concern.
I'm more concerned about every day privacy, and Telegram is far better on them. Do you realized that you sent by mistake some data to the wrong people? In Telegram you can delete or edit every messages you want whenever you want.
Don't you want to share your phone number in a group? In Telegram your phone number is hidden by default, meaning that other group members doesn't see you number unless you share it with them.
Also Signal is open source but not really open. In Telegram you can use whatever client you want, in Signal you are forbidden to use anything else than the official client. And the official client is open source, but it depends on proprietary services, like the Google Play services on Android, so you really can't use it on a 100% open source system. You can't even find online the Signal apk by their choice, so the only official way is to install it from the Google Play Store (and how do you verify that the apk that Google provided to you doesn't contain a backdoor?)
> To me Telegram is better even from a privacy point. Sure, if someone breaks into the Telegram servers can read you messages, but to me that isn't the first privacy concern.
For a lot of people, that's exactly the concern.
> Also Signal is open source but not really open. In Telegram you can use whatever client you want, in Signal you are forbidden to use anything else than the official client.
There's nothing in open source that requires people running services to allow anyone to connect to it however they like. You still have the freedom to inspect, modify, run and distribute both the server and client, so it's to see what part of that in "not really open".
> And the official client is open source, but it depends on proprietary services, like the Google Play services on Android, so you really can't use it on a 100% open source system.
I agree, this is annoying. But it depends on your threat model and it seems that most people don't see Google as the threat to protect against.
> You can't even find online the Signal apk by their choice, so the only official way is to install it from the Google Play Store
>In Telegram you can delete or edit every messages you want whenever you want...
I'm always gobsmacked when people cite this as a positive. I'm a [mostly] happy user of Telegram. But this is the single stupidest 'feature' of the app. The only person who should be able to decide to delete data off my devices is me. No-one else. Full stop.
Remember the furore when Amazon were caught deleting books off people's Kindles? Everyone was rightly outraged by that. Yet so many people think it's a great idea that Telegram allows other people to arbitrarily delete content from your devices.
Telegram hires excellent developers and was started by someone that had successfully run a company before. The clients for the different platforms in the case of telegram were developed by very small teams (1-2) of exceptional programmers.
> Can't say I'd be happy if it started adding a bunch of features I didn't ask for.
What features do you mean here? The GitHub issue is a bug report and not a feature request. However, there are two features that could help: Backups (export and import functionality) and syncing older messages from the phone during the initial setup. Both of these features can be fully optional and shouldn't require much code.
No, it's not that simple at all. The Signal desktop app is bad in ways that have nothing to do with Electron at all.
Most importantly, it's bad at protecting my privacy. You can't show any message to anyone on your screen or have someone look over your shoulder unless you want them to see who you recently communicated with in what order as well as the start of the most recent messages.
> unless you want them to see who you recently communicated with in what order as well as the start of the most recent messages.
Thanks for mentioning that. I always wondered why there's no option to at least hide the most recent messages and dates (or temporarily hide the whole sidebar). I guess most people are either fine with it or use their phone instead (and using Signal-Desktop in public / when someone's looking is probably uncommon). It seems like at least Telegram-Desktop has this issue as well (not sure if there's an option for it).
Anyway, a slight modification to the UI to hide/minimize the sidebar would be something I'd appreciate for those rare situations.
In addition, there’s a libpurple plugin should one want to use Telegram with Pidgin, as well as several other clients including one that’s TUI based.
The choice of client is a massive boon. It’s unfortunate that one can’t use a alternative Signal clients, because they’d likely solve many of the gripes people have with Signal.
I've used signal for so many years with ubuntu, android and macos. I've never gotten a corrupt database error. I'll repeat-- I used it with LINUX without a hitch for MANY YEARS. Most other desktop applications, however, have not performed as well.
This is not the slam dunk comment you appear to think it is. I've lived for many years without a single death, but this fact wouldn't serve to nullify the fact I died when it does happen.
(In theory it should be possible to recover from this and I can still access my sqlcipher database manually but Electron and the stateful Signal protocol make it extremely difficult so I gave up. Multiple backups of the whole ~/.config/Signal directory didn't help either.)
(See: https://github.com/signalapp/Signal-Desktop/issues/4513#issu... )