Hacker News new | past | comments | ask | show | jobs | submit login
Signal Adds Cryptocurrency Support (schneier.com)
414 points by moks 11 days ago | hide | past | favorite | 249 comments

Discussion from yesterday - https://news.ycombinator.com/item?id=26713827

Consensus - WTF?

This obsession with crypto killed Keybase for many of it's users and honestly this could be a bad news for Signal.

I love keybase still, and the feature of sending money so quickly, easily and cheaply between my friends is fantastic.

For my friendship groups, the worst thing by far about keybase is that it was acquired by Zoom.

The problem with Keybase is that its UI should be a lot more polished. Other than that, how does using cryptocurrencies interfere with chat?

The blog post touches on it,

> It’s that adding a cryptocurrency to an end-to-end encrypted app muddies the morality of the product, and invites all sorts of government investigative and regulatory meddling: by the IRS, the SEC, FinCEN, and probably the FBI.

Personally I'd be most worried with the last part of that.

Being a purely communications application, governments (and their organisations) who want to interfere with it, regulate it, and track usage are clearly trying to interfere with/track speech.

They can block it, they can regulate it, but it's clear that it's about speech. There's still the issues around "Terrorists/Pedos might be using it", but so far that hasn't been hugely successful, at least to date.

With Signal adding cryptocurrency, well, now there's territory that governments can clearly stand on and say "No no, we're not trying to monitor/track/regulate speech... we just want to know that it's not being used to fund terrorists".

Australia, like the US and other countries, requires notification on large value transactions, or transactions that add up to a certain amount.

The Australian Tax Office treats cryptocurrency differently than cash[1], so you need to report your transactions and information on who the other party was.

Those are all things where Signal can be required to start reporting these things, and where Governments can start to impose regulation.

Sure, maybe Signal gives the Australian and US Governments a middle finger and says "We don't know, and we're not going to add capability to track it".

Non compliance will then result in Signal's application being removed from the appstore/google play store, and now your userbase drops to folks who can install an APK or like rooting iPhones. Effectively killing the utility of the network.

This is right on the back of Signal actually starting to gain popularity and having a chance of actually being able to use it to contact folks I know who I didn't directly tell to go install it.

[1] https://www.ato.gov.au/general/gen/tax-treatment-of-crypto-c...

Keybase was a passion project that always had very limited development time. They churned out a lot of proof-of-concept grade features, but never really polished any of them. And then some of the features only would be really useful if they either were backed by a proper commitment or had a selfhostable plan B.

The wallet is just one of many parts of keybases focus thrashing.

I just remembered that Keybase sent me random Lumens a while ago that I never touched, and when I just checked back right now, they're actually worth a significant amount? I am sort of shocked. How do I spend this?

1) Convert to USDC or another token and spend using https://stellarterm.com or lobstr wallet and send to your bank account

2) Convert to BTC and spend

3) Buy a gift card directly with the xlm

4) Send to someone's bank account in Brazil, Nigeria, Europe, Argentina. Normally using stellarterm or lobstr or solar wallet.

5) Setup AchorUSD wallet, convert to USD and get 10% interest

I personally didn't get much ("much"), but have heard several people say how they can pretty much buy a high-end phone now.

You could get an account on an exchange, send the XLM there and then withdraw it to your bank account.

I'm a big cryptocurrency skeptic, but if they had used a more reputable coin instead of a pre-mined coin distributed in such a fashion as to enrich the founders, they could have avoided most of this backlash. People who aren't enthusiasts already understand that the raison d'etre of the cryptocurrency landscape is to get rich quick, but these guys got so greedy they've even pissed off the enthusiast community. Unfortunately for Signal, the thrust of its popularity is among those users who have a pet peeve for the term "crypto" used as a shorthand for "cryptocurrency" instead of "cryptography". It'll be interesting to see Signal's public statement in regard to this PR disaster.

Agreed. Monero or ZCash would have gotten the job done, but it wouldn’t have enriched the founders.

Pre-mined altcoin scams have been around so long that everyone in the crypto world knows to avoid them. Building up a dedicated following of people using an encrypted messenger app was a genius way of submarining a pre-mined crypto scam into an unsuspecting userbase.

I suspect a lot of us are going back to all of the people we recommended Signal to and revising our recommendations to avoid the cryptocurrency portion of the app.

> Monero or ZCash would have gotten the job done,

These take minutes to send (very stressful!) preventing a nice venmo-like experience. They also pollute the planet

They take minutes to send and pollute the planet as a byproduct of their security and decentralization. Anyways, Monero does not contribute much to pollution at all. I guarantee you that you do far more things that pollute the planet in your daily life than a Monero transaction.

MobileCoin is a farcical alternative to Monero, where a few “trusted” corporate nodes are run and 80% of the coin is premined.

100% of it is premined.

and by send I mean network confirmations + generating zkSNARKs on the client. IMO for a payment network to work, my mom needs to be able to use it and not be frustrated. Venmo barely clears that bar

On most clients spending and receiving is instant.

What takes a maximum of 2 minutes on monero is waiting for your received balance to become available.

I honestly don’t see the issue. They picked a crypto coin with a much faster transaction settling time than the alternatives you mentioned, and they’re explicitly discouraging people from using it to store wealth.

Do you have a link to where they're discouraging people to use it to store wealth?

> Monero or ZCash would have gotten the job done,

Those cryptocurrencies have a large energy consumption. I assume that part of the reason to go with MobileCoin is because it's less power hungry.

Transacting the coin itself rarely has any energy footprint. It's the security of the network that requires the mining and that is very separate to signal using it.

Unless the idea is that by using another coin, they don't add to the security requirements. That's a dubious line of thinking.

You only increase the energy consumption of a crypto if you put many transactions on it (via increasing demand on the coin, and hence the price), so it doesn't really matter whether you use an existing PoW coin or a new one.

> it doesn't really matter whether you use an existing PoW coin or a new one.

MobileCoin isn't a PoW coin.

I'm actually going to go out on a limb and defend their choice of MobileCoin.

Signal has always been a decent privacy/convenience tradeoff and MobileCoin is no different. Features like phone numbers and contact uploading were always a user friendly tradeoff. They also seem to trust SGX.

Monero's isn't slow by any means but isn't fast either. UI changes can alleviate the issue but being unable to spend your entire balance until the next block is a step back in UX.

ZCash's lack of privacy by default doesn't fit with Signal's E2E by default ethos.

Using most privacy coins on a mobile device with limited storage is a privacy tradeoff no matter how you cut it.

The reality is that integrating a cryptocurrency for payments into Signal was probably the actual misstep rather than their selection of which token to use.

They could've created a federated SGX-based model on top of any of the existing cryptocurrencies. The only reason for them to invent a new one is making $$$.

How so? When I consider how to build it on top of an existing smart contact platform you'd have to have a whole extra, nonstandard layer for key rotation and you'd miss out on privacy guarentees. If we assume their goal of privacy and sub 10s finality I can't see how they could have done it on an existing cryptocurrency.

What they've done is essentially take Monero as a base, remove mining and use Stellar Consensus then solve any new privacy issues that arise.

After convincing all my friends to move from WhatsApp to Signal I am really annoyed about this move. This really damaged the trust I have for Signal. I hope they realize their mistake quickly and drop this idea.

I think it won't be problematic as if someone doesn't want to create wallet they dont have to. So this payment option will be for only those who wants to enable it.

It feels scammy and annoying though, making people less likely to accept it, exactly like Keybase and Stellar. First time I got a Stellar email from Keybase I thought it was a literal scam.

I understand that point - it's the "optics". ...but for users that ignore the crypto feature, I don't see the issue - there is no real negative impact for them.

More code, more possible bugs, more updates needed.

All that things are not necessary, they could create a separate app "Signal Pay" and everybody who wants it can use that.

It made no sense to implement everything in one app.

> It made no sense to implement everything in one app.

WeChat would disagree [1].

There is definitely a place for payments in a social app. Combine that with potential for increased user adoption because of that ("please download signal so I can pay you easily") and I don't see this as inherently bad. But they should have used a reputable coin instead of some scammy pyramid token.


> There is definitely a place for payments in a social app.

Not in a country that has free, (de facto) instant bank transfers (Faster Payments).

If the problem there is that you need someone's bank details and not just their phone number, there's Barclays' Pingit.

The fact that there is a separate service providing instant payments does nothing to disprove my point - being that payments within a chat app is useful, if not preferred, by millions in China and elsewhere.

What exactly is the rationale that makes payments within a chat app 'inferior' or 'unneeded' just because there are separate services available (e.g. Barclays' Pingit)?

Maybe not from a security perspective, but WeChat has been extremely successful by virtue of implementing everything in one app.

WeChat has been extremely successful by virtue of being the only app the government allows you to use in a country of a billion people.

It's not in line with what people want in the app though. It's like using a text editor that all of the sudden implements a wiki on gardening preinstalled in the app. It's not relevant to the features you want in a chat app and there's no reason it couldn't be a separate app.

They won't care until someone creates a competitive fork that differentiates on this point.

But is it worth it if users can simply not use the crypto feature?


lol. why would this damage your trust in them?

if anything this is a progressive move that fits perfectly with their mission.

Having said that they should have used bitcoin or monero

I see no good way out of this, if someone forks it and removes all that extra attack surface I guess Moxie will fight it, as he doesn't want many compatible clients.

And if the crypto features stays in there it will become another avenue for pump-and-dump schemes, so I can no longer recommend it to people without looking like a crypto hustler.

Fight it? How?

Moxie has a history of being an asshole to anyone trying to make a third-party client. They're prohibited from using the OWS servers, which do not federate (so they couldn't talk to Signal users), and Moxie has attacked third-party software over trademark issues, too. Any Signal fork is likely to be DoA, thanks to Moxie's deliberate actions.

Not everyone agrees that protecting a brand and controlling who connects to and uses a service you run and pay for is "being an asshole".

Lots of people pretty readily made the choice to move from WhatsApp to Signal when the benefits became clear. There's nothing stopping anyone from forking the client/server and running their own network - if there are meaningful benefits to end users of the fork, there should be no problem picking up traction.

If you don't want people to be able to fork your product, make it proprietary. Don't pretend to be open source and then attack people for exercising the rights that development model affords them.


Come on Drew, you can't do this here. We ban accounts that do. I don't want to ban you. You're smart and do valuable work and I can feel that your heart is in the right place (edit: at least I hope it is—https://news.ycombinator.com/item?id=26723629 is pretty mean), but your comments that break the HN guidelines set an incredibly shitty example. You may not be coming from a mean place but plenty of other commenters will take this kind of thing as a free pass into forum hell.


> "Protecting the brand and controlling who connects to your service" is what put Moxie in a position of power from which cryptocurrency garbage could be introduced to scam money from its users. That's all there is to it. I call that being an asshole.

I feel sad that you're apparently so angry about a piece of software.

> Nothing stops you from forking the network, except for the fact that none of the users come along. Signal holds its users hostage. I call that being an asshole.

The users have the choice to use it or not. If you build an alternative and noone uses it, it's not better. Like I said, more than a few people happily wandered over to signal from WhatsApp. Weren't those users "held hostage" by Facebook in the same way?

> Calling it open source and saying "anyone can fork it!", then suing anyone who dares mention the word Signal in their documentation? I call that being an asshole.

Who did he sue?

"Don't feed egregious comments by replying; flag them instead."


I think there are 3 attitudes towards Signal:

1. Anger from purists who care about the fact it's not decentralised, and that Moxie runs the show, and that it uses phone numbers etc etc...

2. Indifference from those who have never heard of it

3. Joy from those who are extremely happy a decent, private, alternative to Facebook/Whatsapp exists

My worry is that group 1) try and ruin it for the rest of us.

Signal is literally the only product I can get my family to use which provides E2E messaging and prevents mass surveillance. But Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

> there are 3 attitudes towards Signal

I am in group 4. I didn’t care that Moxie calls the shots and requires a phone number. And I was thrilled to have a secure communication app, from when Signal was TextSecure. I hate this to the point that I’m dropping Signal.

The only reason to choose MobileCoin is Moxie’s personal affiliation to it. Meanwhile, this integration massively increases Signal’s regulatory cross section.

Most Americans strongly support free speech. That support doesn’t exist for dark money transactions. If the CFTC or New York DFS wanted to open a money laundering investigation into Signal, using the full AML/ATF toolkit in the process, there isn’t a great argument anymore for why they can’t or shouldn’t. Same for the Secret Service or FBI. Moxie just sold out Signal’s First Amendment credentials.

"Moxie just sold out Signal’s First Amendment credentials."

Id argue he just created a new front:

freedom of association.

I still think you are right with your concerns.

You say he sold out credentials. I would say he bravely staked out a new claim.

> he bravely staked out a new claim

Culturally, sure. Legally, Signal becomes open season for law enforcement the moment this feature is implemented. And there will be zero law protecting them or any data they may have retained, properly or improperly, on their users. Given the MobileCoin's venality, I doubt they'll get public sympathy.

That may be the intent.

Maybe it's the American in me, but I have almost no use for a payment mechanism in my messenger, I have too many. Venmo, Cash, Apple's thing, Google Wallet, whatever -- these all provide everything I need when I need to send money to people. Frankly the idea that I suddenly might have to have another goddamn thing is a bit irritating but I've resigned myself to it.

I think the other thing is that it's just a complete misread of how normal people even think about crypto. Literally every "normie" I know who has interest in cryptocurrency, even if they tow the line and say that "crypto is the future of money" or whatever, treat it entirely as a speculative asset when it comes down to it and that's what their usage of it revolves around. It's a thing they put $5 and that $5 becomes $10 later on and now they have $10. Sending it to other people is literally the last thing they want to do. As far as they're concerned, it's the exact same way the stock market works, only faster. None of them care about deflation or border politics or monetary privacy or whatever; it's practically just a way of flipping a bullshit asset into fiat cash, which is what matters. If they want to give people or their drug dealer money in a way that isn't on the record, they don't pull out their instant messenger and say "Let's use a blockchain to preserve our privacy during this transaction", they "pull cash from an ATM and do it in the bathroom of a bar" or whatever. They arrange this over SMS, probably, or maybe Signal already if you're lucky.

Finally there's people like me, people who neither care that Signal is non-federated and don't care that it uses phone numbers, but who just think the cure is worse than the disease here. I'm not even talking about the politics of money exchange or privacy or anything; I just literally mean cryptocurrency invites fraudsters and scammers and all kinds of bullshit along with it, that ends up causing external harm to people. I don't want Signal to expend resources on this stuff because even if it aligns with their goals on paper or is something their competitors might do, I literally think it's turf they shouldn't be on because fundamentally the people who play that game have other goals in mind.

> Maybe it's the American in me, but I have almost no use for a payment mechanism in my messenger, I have too many. Venmo, Cash, Apple's thing, Google Wallet, whatever -- these all provide everything I need when I need to send money to people.

All of those require doxxing yourself to the vendor, submitting to financial (suspicionless) mass surveillance systems, and can be trivially censored without any burden of proof or even probable cause to suspect wrongdoing by the entire machinery of the state. We saw this when Visa and Mastercard and PayPal willingly shut down donations to Wikileaks simply because the state asked - no legal compulsion was even necessary.

I hold US citizenship and don't use any of the aforementioned services for those reasons. I don't like providing identity information to services where I don't have to, because I value my privacy: same reason I use Signal, same reason I pay in cash.

Cryptocurrencies are censorship resistant and are open to use by everyone with an internet connection, just like Signal.

There is a huge benefit to the service provider not having your identity or being able to see the contents of your messages: to the user, to the service provider, and to society.

I don't think you should be getting downvoted. You clearly hold strongly to your values. There's nothing wrong with that. And you're adding to the discussion by providing your perspective, not being rude or attacking anyone.

There’s a set of people on HN that downvote and flag anything that they disagree with. I don’t really understand the mindset, but have noticed they usually agree with whatever the US government, FAANG or other authority is pushing for. (Maybe they’re authoritarian, and that’s why they think anything outside approved narratives needs a downvote? That’s my best guess.)

Anyway, it’s best to treat them like trolls: just ignore them. Upvote anything that renders in gray and isn’t violating site guidelines. I’ve found my best comments tend to wildly oscillate around zero for a while, then end up slightly positive. :-)

My assumption is that sneak is not being downvoted for his views, which for the most part seem reasonable and informative, but for his rhetoric.

> Cryptocurrencies are censorship resistant

Rubber hoses are a thing.

> Maybe it's the American in me, but I have almost no use for a payment mechanism in my messenger, I have too many. Venmo, Cash, Apple's thing, Google Wallet, whatever -- these all provide everything I need when I need to send money to people.

Don't forget Zelle, which is similar to Venmo but is already built into the apps and websites of a large number of US banks. It's owned indirectly by Bank of America, BB&T, Capital One, JPMorgan Chase, PNC Bank, U.S. Bank, and Wells Fargo. Other major banks, including Chase and Citi, also include it.

That means that a very large number of Americans can do quick and easy US to US payments by phone number of email just using their normal banking apps and sites.

I find Zelle super frustrating. I needed to transfer money from a local credit union to Citizen's bank because there isn't a Citizen's near me. Both support Zelle, except that you can only have one account set up in Zelle. So I literally couldn't even transfer money to my other account through Zelle. Instead, I have to mobile deposit a check to myself.

I think this is a strawman argument. Can't it be the users from group#3 who's sad to see Signal turn into WeChat? After all the lessons learned from Keybase are open for all to see.

WhatsApp doesn't include payment mechanism in many markets, why is Signal trying to waste developer resources on unwanted features?

Yep, I'm a group 3 user who has been defending Signal on HN for years. I probably won't be leaving the platform since it took so much effort to get friends/family to use it. But this whole scenario is inexcusable.

We've seen the failure of Telegram's ICO. The rise of spam accounts with Keybase's Stellar "space drops". FB's failed attempts at digital currency.

But what irks me the most is that the Github repo for their server was outdated for an entire year. They pushed up their commits around the time of this press release, likely to keep the integration of this cryptocoin a secret.


Edit: Yep, went through the commit history, and the very next commit on April 22nd, 2020 is when Signal first began working on crypto payments.


In other words, they new it was a bad idea that would draw backlash, but they did it anyway

WhatsApp payments isn't available yet in all markets, but you can be sure it's coming.

WhatsApps payment feature is only available in India where they implemented the feature in alignment with the Indian UPI initiative.

Src.: https://faq.whatsapp.com/general/payments/learn-more-about-p...

Therefore I'd argue that this specific feature can hardly be seen as waiting for a global rollout.

Payments was also launched in Brasil, and Facebook are on record as saying they want to expand it to more countries.

> you can be sure it's coming.

It's standing on the shoulders of UPI in India. Do they also plan to bring India's UPI to rest of the world?

I offer that if you think e2e encrypted messaging plus a simple cryptocurrency payment system is "turn[ing] into WeChat" that perhaps you are making a massive overgeneralization, or perhaps are unfamiliar with the scope and extent of WeChat.

>My worry is that group 1) try and ruin it for the rest of us.

Maybe you should be worried Moxie is ruining it for the rest of us? After spending the better part of the last decade telling us how all you care about is giving end-users easy to consume privacy - adding a payment option that will make you and your buddy rich isn't a great look. Hard to take the rest of what you say seriously when you sell out in this fashion.

Exactly. Especially after tooting his "we're a non-profit, we can never sell out" crap all over the place.

There are other decent private alternatives to Facebook and Whatsapp beyond Signal,so your argument smells as someone that is trying to rationalize away a horrible decision that they made.

In any case, rest assured that as a "purist" who argues against Signal's centralization, you shouldn't worry about us in the group 1. We are not going to ruin anything "for the rest of you". Signal will do it themselves.

We are vocal and "angry" because history has shown time and time again that systems that centralize power end up corrupt and self-destruct. The "purists" are only warning you about it. Blaming "us" about it feels a little bit too much like Stockholm's Syndrome.

> Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

This is thrown around a lot but I have difficulties to see how a wallet for an obscure alt coin might be in any way comparable to your standard payment app for the currency used in your region.

It's not that I can use it to pay in a shop (like I can with Google Pay) or on a website (like with PayPal). ... I can't even repay my friends for paying the round in a bar because it would mean their money is suddenly entangled in this obscure and completely novel network. The money wouldn't end up in their bank account and they could even suffer unpredictable losses.

I therefore think this argument is flawed. There's no upside next to the four payment apps I already have installed and none of my friends would prefer a messenger because it merged with a payment app for an almost unheard cryptocurrency. I would bet my social circle isn't a grave exception in this regard.

Don’t forget that any time you send or receive payments in this cryptocurrency, you would have to track either the basis (when receiving) or capital gain/loss (when sending) assuming this ever comes to the US. It’s a mess.

That seems wrong, is like if Mozilla forces crypto in Firefox. there will be many Firefox users that will not like it, it is not only the haters or Chrome users that will complain, hopefully maybe you can see the missing 4th perspective.

I don't believe the main competitors to Firefox (Chrome, Edge, Safari) offer a payment mechanism? So this wouldn't be required for core feature parity.

However the two main competitors to Signal (Telegram and Whatsapp imo) do have a payment mechanism.

I had no idea WhatsApp and Telegram have cryptocurrency support, I only use WhatsApp because I need it for soem school parents group though... but even if Chrome would add Gopogle Coin support I still will not like if Firefox forces it and not make it an optional plugin (people still complain that Firefox added DRM support for media so this is not theoretical)

Neither Telegram nor Whatsapp have crypto support. Both of them have very limited payments support, that doesn't use crypto at all.

Do Telegram have that now? I actively use Telegram but can't remember having seen it - nor an announcement that it is available.

Telegram has bot payments API (had it for some time now).

As a user (regular or a business owner for example) you can use solutions like https://ecommpay.com/products/telegram-payments/ to receive payments

Chrome has the Payments API and the most recent betas have the Digital Goods API which allows Play Store billing.

Keeping up with the Joneses is rarely a good motivation

>But Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

A payment mechanism just isn't a core chat application feature.

This is like saying "a phone should just make phone calls!"

It was true in the past, but is no longer true today.

No. Not every app needs to become an operating system for life. We can have multiple apps on a device with little to no inconvenience. Carrying multiple devices is much more cumbersome.

Ideally they don’t, but they have - go live in Asia or South America for a bit and you’ll find spots where this is the model, and Signal can’t easily (or at all) reach those users without competing.

Are you saying people in those regions only able to use one app on their device / phone?

You'd be suprised, WeChat for example is almost a platform of its own.

You know I'm not saying that. ;P

That's just how it winds up working there.

It's not. First of all, a phone is physical hardware, Signal is an application.

Does Signal also need a music streaming integration? Restaurant listings? A torrent client?

> But Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

What it needs is not reaching feature-parity (although that will appeal to the mass, can't blame the), but to keep privacy as the central feature of the platform, and always move toward improving that feature.

And yes, the fact that Signal uses a phone number as the main identifier is a problem regarding privacy. And they did update their Signal-Server repo, but it took a while before it was and that's likely because they were trying to finalize that cryptocurrency feature before announcing it, but an apparent lack of transparency can lower the user-base's trust toward the platform.

What the world needs, though, is a decent, private alternative to Snapchat--which a lot of very normal non-technical people use specifically with the goal of "privacy" as they don't want to give their phone number to random people they meet at parties or while doing online dating or on services such as TikTok--not WhatsApp, which is already end-to-end encrypted (with the same protocol!). Signal needs to remain a viable alternative to WhatsApp to "keep them honest", but doesn't need to fight them and should move on to their next challenge (as the goal shouldn't be "get everyone to use Signal", but instead should be "get everyone to use an end-to-end secure messaging app"). This all happens to firmly fall into the first camp, which you incorrectly label as "purists" :(. Even the people I talk to who want to organize protests and the such are harmed by everyone pushing Signal as their main threat is a cop getting a list of all of the phone numbers in a chat off of someone's phone, something Signal doesn't solve... but, ironically, Snapchat and Telegram do, for all of their other faults: we need an end-to-end encrypted Snapchat/Telegram _stat_.

> and prevents mass surveillance

A chain is only as strong as its weakest link. What if you somehow got malware on your device? That's all your Signal privacy out the window. Some phones are stuck on older versions and can't update to mitigate against so called 'zero click' attacks or attacks that require user action like clicking on a link sent via SMS which then spawns a malicious payload that's executed in the default browser. Malware on phones is rampant. It's not just 'spouseware' being installed behind your back or high-profile people being targeted. Millions of devices (billions even?) en masse are getting compromised with malware.

>But Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

If anybody tried to onboard me on the basis of a 'payment mechanism' feature -- the answer will be a flat out no, as most of the payment flow in my professional and personal life does not involve a messaging platform, in order to achieve that objective.

I have Coinbase/Binance for crypto. Revolut/Transferwise to cover micropayments, foreign transactions, currency exchange etc., same with PayPal albeit a higher threshold. Monzo for cloudnative/FinTech banking. I have personal accounts with two out of four traditional banks, and a business account with another. I use Google Pay and Apple Pay, interchangeably.

So... Looks like the people on group #1 were right all the time. And you are posting this as an answer to somebody telling you that his pet idea will kill the platform and bring law enforcement all over the world into its users.

(What in my impression is the best case scenario, because when I've read about it I could only think about it bringing fraud and extortion into the users.)

Why does the payment mechanism have to be a dodgy cryptocurrency?

> But Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

It's still not possible to italicize text using any of their clients. The desktop app feels rough compared to Telegram's -- try reducing the size of the messages preview column. Which group of users was actively requesting MobileCoin support?

There's no need to implement a payment mechanism via cryptocurrency. Signal can just create a "pro" version and sell that.

You seem to be confusing paying for Signal (there is no way to pay for it, but you can donate to the foundation) and exchanging money with your friends.

As Schneier says, that could be implemented in a separate application, not the core Signal product.

Signal just added a bunch of crowbars to the people who want to crack it open. Money laundering and tax evasion are seen seriously and there's generally more people doing it than, for example, planning terrorism.

AFAIK crypto is the only way to get private and secure payments. Any other payment mechanism wouldn't fit the ethos of Signal.

And why exactly does Signal need to be a kitchen sink app? What's next, CandyCrush inside Signal?

What I meant was that Signal can solicit payments as part of their mission. Either through donations, or by selling access to more features. There's no need to involve financing through the use of the product itself, any proceeds of which will not go to Signal anyway.

Signal doesn't sell paid features, Signal is adding a payment platform. So future apps and/or users can exchange money/crypto.

Yes, and I would argue, with Schneier, that that's a bad idea, for all manner of reasons, not least that it will widen the legal attack surface by a lot.

The question is more whether it needs to support private and secure payments in the first place. That is, legally and ethically, a whole different beast than private communication.

> Anger from purists who care about the fact it's not decentralised

You can call me a purist if you like, but every single project starts failing when it becomes too big, unless it's decentralized. You simply cannot afford to serve millions of users without a profit. Telegram now has to include ads.

They're not doing that just yet: https://t.me/durov/155

They have found investors and have enough cash on hand for quite a while.

Fully agree, group 1 should just focus on pushing Element.io and perhaps try to make it as easy (by default at least) as Signal. Signal is a drop-in replacement for Whatsapp (except for that nagging for a pin that really nobody of my normy friends/family understands and I help them turn it off, none of them expect continuity from phone to phone anyway) and that is it's strength.

I think there are 3 attitudes towards Matrix:

1. Anger from purists who care about the fact it's fragmented, and that a lot of users will use matrix.org anyway, and that they think Signal has better UX

2. Indifference from those who have never heard of it

3. Joy from those who are extremely happy a decent, private, alternative to Facebook/Discord exists

My worry is that group 1) try and ruin it for the rest of us.


Come on. The article you linked just shows that if the FBI can unlock an iPhone, they can read Signal messages. This is not exactly a surprising revelation.

Gov agencies can hack devices to read the contents - this is not specific to Signal or any weakness of Signal.

However Signal does provide secure e2e encryption which prevents mass surveillance.

I don't like crypto, but I especially don't like random shitcoins that I've never heard of because they generally are only used for pump-and-dump schemes.

Anyways, my trust in Signal seems to be monotonically decreasing over time. Such is how it works, unfortunately.

Signal is really just another in a long line of siloed messengers. Eventually the people running the system do something obnoxious. Such things do not have a future.

Any system that has not reached the point that the bits and pieces are controlled by different entities should be considered just a technology demonstration. Signal has never even been close to "the best app we have out there".

I am suffering from messaging app fatigue, using WhatsApp, Signal, Telegram and iMessage on Android and/or iOS. No sooner than witnessing a significant portion of my contact list migrating to Signal from WhatsApp, after the ToC/privacy debacle, now there is another spanner in the works.

Telegram failed with the TON project, trying to mix oil with water, in their attempt at cryptofying their platform. Signal should focus on solidifying their lead, and provide core messaging features with robust privacy, instead of a scattergun approach. Elsewhere, WhatsApp is already attempting to make a come-back with new cross-platform/multi device features, to eat away at all the gains.


Remember 20 years ago when everyone was fatigued from running ICQ, MSN Messenger, AOL Instant Messesnger, and Yahoo! Messenger? At least we had Trillian which let us pretend they were all one app.

...and we need to get back to open standards.

Imagine having 5 different email providers, GMail, Hotmail, etc... that didn't talk to each other.

This current situations is dumb.

I find this line of criticism more palatable than that of the other front page link[0].

Criticizing the trash(?)coin - and then criticing signal by association - muddies the discussion just like implementing payments in a (seemingly?) private communication tool muddies the mission of signal.

Personally I think of transfer of value as important as transfer of speech/information so, it makes sense for signal (or other messengers) to want to include it. But associating themselves with a new project that has had little scrutiny seems to be a mistake because: - people question if this new product won't negatively degrade the privacy assurances that signal has had so far - people will associate plenty of previous cryptoscams to this new effort

[0] https://www.stephendiehl.com/blog/signal.html

Why oh why was it not the first priority to move from phone numbers to random user IDs (like Threema) for identification? And instead come up with a crypto currency integration?

This whole crypto coin focus, the BS about the server code and the total inability to address criticism or be transparent about development made me lose hope in the project.

Because they want to get rich!

It should be obvious by now that signal is aiming for a different balance of user friendliness and privacy. At this point it seems unlikely that they'd change their minds on phone numbers.

Payments in chat is inevitable. I think that eventually all chat will have convenient payments or people will stop using it. Of course that doesn't necessarily mean cryptocurrencies, but until the large financial companies get involved (and they are notoriously risk averse), cryptocurrencies are a natural way to do this.

As well as secure chat already needing much of the same key management infrastructure that cryptocurrencies need, it also hooks you into social networks - so you could have key recovery schemes where you trust a number of friends to hold portions of your backup keys (somewhat like what you probably do with your real life house keys).

Trust, money and communication are all network phenomena, and using the same fabric for them all makes a lot of sense.

>I see no good reason to do this. Secure communications and secure transactions can be separate apps,

The reason is pretty clear. Transactions require two parties to both be using the app. If you spin out a separate app, then most people won't have it installed nor be able to use it, and therefore won't be able to transact with it. This leads to a chicken and egg problem: if no one is using the app, then there's no point downloading and becoming familiar with it. By integrating with an existing, popular app in an adjacent space (messaging apps traditionally enable payments as well), they avoid this bootstrapping problem.

That said, it seems quite dumb to pick a premined currency to enable all this. That will inevitably raise questions about who stands to gain from the success of the system. Someone should come up with a way to make cryptocurrencies that are worthless for speculators, and only good for paying for things. Then, any new crypto project would have an easy way to avoid accusations of being a pump-and-dump.

I imagine signal+mob will have an honest foundation-style grant system which will give tons of money to groups that did not get included in the first crypto wave.

I just went to Donorbox to cancel my $10 monthly donation. Clearly, they don't need such humble support anymore. What's after cryptocurrency, ads?

I'd be much happier about (properly implemented) ads, than about this move.

Yes. I'd be happy to pay a buck or two per month instead of ads or gimmicks. An old fashioned model but I think they could still make a fortune on that small of a fee alone.

A whole new industry: CRYPTO ADS!

I find this incredibly offensive. Has there been any deliberation in the Signal community on whether or not this is something that Signal should have?

What "Signal community"?

Good point. My main point is perhaps that this shouldn't be up to one dude that loves crypto assets – that there should be a signal community making decisions.

Being a centrally-guided product over a community project has been an intentional core characteristic of how Signal is run from the start though, so that's pretty much against the principle for it. (outside of the level that companies listen to user community feedback)

It's already a Free Software.

Huge fork in 10... 9... 8...

I look forward to replacing Signal with Noise.

Trevor Perin created both protocols. Noise isn’t an asynchronous messaging protocol. So it won’t replace Signal. WhatsApp use Noise and Signal together.

I shall wait for Ratio

Mirroring the sibling comment here, moxie has been very open that this is his project, top down. He moves as fast as he wants and he steers wherever he thinks is appropriate. This is one of the main reasons Signal doesn't federate - he thought it'd bring iteration speed to a halt.

(And let's be honest, if XMPP and the A3-sized spreadsheet you need for to pick a client based on XEP support is anything to go by, this is not undue concern.)

I need a secure way to control my smart home, please integrate everything that is needed!

Oh and i need a secure key for my car.

If you had time, i need password manager within my messenger too.

A secure todo list would be great.

Not everything you can include into ONE app should be included.

Won't be complete until it can send mail though.

The chat app is already end to end encrypted, might as well make it implement GPG and send/receive email to truly complete the Signal project.

I convinced quite a lot of my friends to switch to Threema. No phone number required, and really open source (https://threema.ch/en/faq/source_code)

> really open source

Yeah, except that pesky server, right.

To be fair, Signal hadn't released source code for their server for over a year before today ;P.

True, which is why you should have switched to Matrix.

Let's stop making the same mistake over and over again. It is centralized, not federated, and therefore Threema is likely to suffer the same fate.

DeltaChat, it's encrypted email that present itself as a chat. You can use your own smtp, or use a existing one. It only needs to be able to create a folder locally and use GPG. ( the smtp, the client app has passed the mom test of installation )

Experience is below signal, but decent.

I would like to do the same, but most of my friends aren't even on Signal. There is no chance in hell that they buy a messenger.

Except the server it seems? I only see the various clients on github.

Like signal, their server code on github is not what they are running.

With signal, there is at least the occosional server code dump. The threema server is closed source.

And no E2EE!

That is absolutely false: https://threema.ch/en/

Among people I know, most individuals send money to each other via Venmo. This presents two problems: how to be sure you're sending money to the right person, and, the transaction is data-mined by Paypal. So, having payments inside of Signal actually would solve both those problems (if both people are using Signal).

It could also be, that Signal is trying to turn their app into a platform, like WeChat.

I go to a restaurant with some friends. The bill comes and it’s in USD because of course it’s in USD. One guy puts down his card because he plays cc miles games and anyway the waitress doesn’t want to deal with multiple cards. He gets home, logs on to Venmo and requests my share from me—-in USD. I click accept, the money comes out of my bank account, which is in USD because of course it is, and goes into his Venmo account. That’s the last I ever have to think about it. There’s no 1099B coming.

Crypto makes this story much, much worse for very little gain.

1. Do most people actually care enough about PayPal knowing about their Venmo transactions to sacrifice ease-of-use and use a cryptocurrency instead? Is it worth having to endure volatility and have to deal with exchanges just to hide that split restaurant bill?

2. How does using a Cryptocurrency connected to Signal ensure greater confidence that you are transacting with the correct person than using Venmo connected to PayPal?

1. I care enough to pay cash when possible, even if it means rounding up my share for something like a split restaurant bill.

I would hope Signal's implementation makes it so you don't have to worry about volatility or exchanges.

2. This assumes you and your friend are both communicating with each other via Signal.

Could somebody elaborate the animosity towards being able to pay in Signal, or and perhaps also the animosity towards Signal itself?

I use it, seems like an e2ee and uncluttered messaging app that just works.

With regards to the first, you see, it's an

> uncluttered messaging app that just works.

Cryptocurrency turns it into a cluttered messaging app, one that gives hackers extra financial incentives to compromise it.

Perhaps there will be a tab for your wallet, and an extra button to pay. Apart from that - you don't need to use the cryptocurrency parts.

I don't need to use any cluttered features, yet they are still clutter.

Because instead of supporting the coins that exist (Bitcoin, Bitcoin Cash, Ethererum, Monero etc.), some better than others, they did their own coin and the creators of that coin own most of it.

They could also have just have added a payment API and let anyone develop against that.

Well it doesn't 'just work' on all platforms or contexts. That's why it's a bit annoying for them to spend dev time on stuff like this, especially when they could have used whatever pre-existing/established coin.

It's good that you added WTF to the title so I can know in advance how to feel about the news.

Without it I would have actually needed to actually read the article before forming my opinion, but now I can go into it with the right mindset, or even better skip straight to the comment section already enraged. Thanks!


Please note that I am complaining about the headline baiting. While I believe that crypto is the future I agree with the sentiment that the way Signal went and did it was poorly handled at best and shady at worst.

If Signal really cared, they would've chosen a better cryptocurrency.

MobileCoin is not a "real", decentralized cryptocurrency like Bitcoin. All of the initial supply is owned by the MobileCoin foundation and all TX fees go to them. Without this partnership nobody would've cared besides a few speculators.

With the demands for KYC and the legislation for intermediaries handling money this will not end well unless they use a public ledger with private (and not anonymous) chain of signatures that can be audited.

If you are looking for alternatives to Signal, check out Threema.

Threema does not have federation, therefore it suffers from the same fundamental design flaw which allows Signal to abuse its position like this.

Does it have encryption yet?

When did it not have encryption?


I mean, I think has at least had strong end-to-end encryption since I first heard about it three years ago. What is new as of maybe six months ago is that it is finally open source, but it was always highly secure.

Are you maybe confusing Threema and Telegram?

I think they could have spent their time better on some much more needed features/improvements, instead of adding a payment system (with imho bad cryptocurrency).

Let's fork Signal.

Yesterday I learned that the 'main' fork of Signal, Session, _already_ had a coin mainlined... FFS...

That's sad...

Still, I cannot believe the lack of vision of the founder of Signal Marlinspike. Now Signal will be soon banned. Already democracies were looking for "legit" ways to ban e2ee, but hey they did not even foresee that their best allies would be the app developpers themselves. They don't need anymore to search, they will just have to ban Signal for whatever tax evasion, criminal payments, human exploitation rings, etc. that occur through its blockchain.

Sounds interesting. Signal already has the roster and all. I'm happy this won't be another app, that no one will use.

I might be able to put off installing the paypal app forever.

Isn't April Fools on the 1st?

PGP doesn't have this problem

Ugh, I hate PGP so much. It's keeping people from interacting securely for over two decades The UI is bad, integration is hard, the chain of trust (it never was a web) is broken, the CLI tools are annoying... but hey let's do crypto parties with other nerds and exchange passports.

What do you mean the UI is bad? Which one? https://www.openpgp.org/software/

Sounds to me like you used a specific piece of PGP software you didn't like or understand.

How can you folks care so much about your privacy, but absolutely refuse to understand the tools you are provided that ensure your privacy? You're never going to get it if you demand it be provided in a blackbox app you don't have to think about.

ProtonMail uses the PGP standard. Its UI is simple and easy. There's still one issue: You're trusting someone else to do your encryption for you.

I started with PGP in the Nineties, under DOS. Back then it made sense. Though, it certainly was not for everybody. And despite all the crypto parties and what not, it's still not mainstream.

And yes it's great that some tools manage to hide PGP, it's not easy to do.

The problem, maybe it's not us, maybe it's PGP?

PGP has its own problems. It's time for it to die.


In particular PGP running on email or XMPP doesn't have this problem. The advantage comes from the base federated messaging system.

Don't get me wrong. PGP is great as a simple standardized cryptography protocol intended for messaging. It should be used just for the standardization. The cryptography of encrypted messaging is an easy problem and has been well solved. We need to move on to the problem of how to explain it to the rest of the world well enough so they can use it.

Do you regularly send email with PGP with a circle of friends? How did you get this established? Are you satisfied with the entire procedure?

I do communicate with non technical friends thought encrytped email. I made them install DeltaChat. It's a encrypted chat relying on mail

title is currently: "Signal Adds Cryptocurrency Support"

Money is speech.

bullish for mobilecoin

I'm ready to jump over to Element (/matrix). Anybody else?

We were considering moving from Keybase to Element for a group I’m part of, but the iOS client is bad. Lots of UI bugs that make it borderline unusable. The Android client seemed fine, but iOS is the lion’s share of our membership so the state of the iOS client makes Element a hard pass.

Already there, feels awesome. Just add bridges to all your apps and now you need only Element.

I'm already on matrix. It's decent.


Attacking another user like this will get you banned here. Please review https://news.ycombinator.com/newsguidelines.html and stick to the rules.

Hounding someone with quotes from a previous thread is particularly not ok. As the site guidelines say: Have curious conversation; don't cross-examine. Those sets are disjoint.

Please don't do the "shame on you" thing either—it's against both the letter and spirit of the guidelines. We're trying to avoid the online callout/shaming culture here: https://hn.algolia.com/?sort=byDate&type=comment&dateRange=a...

Fair enough, I'll act differently next time.


Shame upon me?


Because I like matrix?

I scarcely used it in the past year. And I haven't really used Element at all. ...what's wrong with considering doing so?

I can't convince my family to switch over when the UI is so shit.

fluffychat and nio both have good apps similar to whatsapp/telegram

Does Moxie want to just make it really easy to buy cocaine on a night out?

Sending payments across the world is going to get as simple as sending a text message with or without signal. While I don't agree on the details, Signal is heading in the right direction.

This is the best. We need private payments

Great. Download a private payment app then.


I am very enthusiastic about blockchain tech and its potential for economic healing in the world.

But this... this is a horrible idea.

> It’s that adding a cryptocurrency to an end-to-end encrypted app muddies the morality of the product

As digital currencies are just digital speech, seems that Schneier has muddied communication vs communication. Although I would have chosen a different cryptocurrency, I don't think they're doing any harm to themselves here.

99% of the opposition to Signal integrating cryptocurrency payment seems to be from people who generally disagree with the idea of cryptocurrencies (the article has this position). These arguments of course are veiled as keeping the Signal app "pure" and focused on encrypted messaging. I've rarely seen people kick up this kind of fuss with other messaging features so it just reeks of being disingenuous.

At least be honest and just say that you disagree with cryptocurrencies, instead of dancing around it with other strange arguments / conspiracies about government attention.

You can both think cryptocurrencies are a stupid idea and believe that introducing payments into Signal is a bad idea for other reasons. Your assumption that one belief is simply a fig-leaf for the other is not justified.

Based on my personal experience, people who are serious about cryptography from a public-policy perspective are likely to have both of those opinions.

My point is completely justified when you read the article attached (and much of the comments here).

I'm sure you think that; would you be prepared to explain why? I have read the article.

It's not just opposition to cryptocurrencies per se, the choice of Mobilecoin is also problematic[0]. On top of that you have to trust Intel.

[0] https://news.ycombinator.com/item?id=26715348

> It's not just opposition to cryptocurrencies per se, the choice of Mobilecoin is also problematic[0]. On top of that you have to trust Intel.

> [0] https://news.ycombinator.com/item?id=26715348

No you don't - no-one's forcing you to use it.

At the end of the day, you have to trust someone, whether it's a tech vendor, a software project lead, or even the person you're conversing with. What's important is that you get to continue to consciously exercise that choice.

I choose to use signal, and have no interest in this random crypto nonsense thingie, so I'll choose to not use that bit.

> No you don't - no-one's forcing you to use it.

I was phrasing that unclear, I meant that you have to trust Intel if you use Mobilecoin.

> What's important is that you get to continue to consciously exercise that choice.

Why wouldn't you be able to exercise that choice?

> I was phrasing that unclear, I meant that you have to trust Intel if you use Mobilecoin.

Ah, fair. I think you could also argue that you have to trust Intel if you use Signal anyway.

> Why wouldn't you be able to exercise that choice?

I'm not saying you can't (unlike some), but I think it's worth underlining the point that "trusting nobody" is rarely, if ever an option. So in a world where you end up having to trust someone, being able to continuously exercise that is important.

> Ah, fair. I think you could also argue that you have to trust Intel if you use Signal anyway.

Agreed :)

> So in a world where you end up having to trust someone, being able to continuously exercise that is important.

Also agree here. I would prefer if you could minimize the number of actors you have to trust though.

> 99% of the opposition to Signal integrating cryptocurrency payment seems to be from people who generally disagree with the idea of cryptocurrencies

Most crypto projects are a scam, but some are great. I do hold bitcoin since I started doing research on cryptocurrencies for my bachelor thesis on that topic back in 2013.

Adding cryptocurrency capabilities to Signal is a very bad idea for many reasons.

It has almost no practical value for users of Signal. Those who want to use a wallet for the currency of their choice can always download one and probably already did so. That's the superior solution because it's not just coin-agnostic, but promotes choice: if it's not a good wallet they can change the app without suffering though network effects, something they can't do with their messenger.

The regulatory environment for messaging is drastically different from the regulatory environment for cryptocurrencies. The latter is less consistent, less clear and still faces high regulatory risks in some markets. The first one has clear advocates and strong theoretical backing in all democracies while the second is still on very shaky grounds with varying degrees of good will in society. I have yet to read an argument why stretching one product to fit both environments might be a great idea, or even just a prudent choice of risk management.

It is hurting Signals reputation, which is Signals main selling point. For several reasons:

That direction surprised many people as Signal is far from a feature complete messenger. Almost everyone agrees that there is real work to do regarding, for example, multi-device support, history portability or the decoupling of phone number and identity. A wallet for an almost unheard cryptocurrency might feel random to many, given the many features users are still waiting for.

Another reason for why this feature is hurting Signals reputation is that cryptocurrencies, just as you said in your comment, are controversial for many. Some projects are more, others are less controversial and MobileCoin - for now - seems to be in the more suspicious camp.

It's generally, in branding, not a winning strategy to tie your good brands to your bad brands. You would want to keep them neatly separated until they are both successful just so that you can drop your less successful brands without putting your winners at risk. ... and you would do that despite believing in the success of all your projects.

> It’s that adding a cryptocurrency to an end-to-end encrypted app muddies the morality of the product, and invites all sorts of government investigative and regulatory meddling: by the IRS, the SEC, FinCEN, and probably the FBI.

We need to fight against the idea that private payments are any less moral than private conversations.

We also need to actively reject the status quo in the USA of a complete and total lack of financial privacy. OF COURSE something that brings real privacy to payments is going to be a target for busybody financial regulators, just as the first widespread e2e-encrypted messenger was (iMessage, now backdoored for the FBI).

Cryptocurrencies at their core are speech, not property, so it makes perfect sense to enable use of them via a private communications tool.

Cryptocurrency != speech; it is not at its core some vehicle for transmission of information, or at least, no more so than conventional currency is. Currency, crypto or not, is no more than a marker of value established by a popular consensus. If any sort of currency supports the transmission of information, it’s a secondary effect where the act of transmitting that information is riding on the coat tails of the monetary/asset exchange.

The act of "sending" a cryptocurrency payment is actually the publication of a cryptographic signature.

And the act of 'sending' a conventional fiat payment today is actually the publication of a transaction record in one or more databases. That doesn't mean it's 'speech'.

Sure, but law and regulation doesn't work that way. It's about the intent, not the technicality. That's e.g. the difference between gross negligence, manslaughter and murder, even if someone died in all these situations.

The (IMHO bogus) argument Schneier was making was that it muddles the morality of the situation, not whether or not it is or isn't, or should or should not be illegal: just that it would invite "meddling" (his word).

> it muddles the morality of the situation

For most people, it does. I hold political free speech protections as sacrosanct. I do not have the same view towards dark money.

Putting my views and morality aside, the law treats commercial and non-commercial speech differently. Integrating payments lets the government subpoena records (and more) under AML/ATF law. Those laws are powerful and broadly supported.

Totally separately, if we take the position that money is speech, then fine. Why the hell not make a one-click “send wallet address” option for a variety of coins?

I think Signal is already very widely used today to transmit cryptocurrency payment addresses privately.

"private payment" ≠ "payment using an ID that can be trivially linked to your phone number on an indelible public record"

There is no indication whatsoever that the messaging service will see any of the end-user cryptocurrency addresses.

What makes you make that assumption? They have a perfectly good e2e messaging channel to use; the only party seeing the payment address would be the one paying.

That’s not how mobilecoin work

Allegedly, if you trust Intel.

You can use it without signal? Why didn't they just integrate with Etherium then?

Because Moxie is involved in mobilecoin and needs to pump it before he can dump it.

Isn’t cryptocurrency inherently public?

The transactions are but the identities of participants are not.

In an ideal world, maybe/hopefully. But Signal is already awful at hiding your identity¹, tying a public key to your already leaky Signal account isn't going to improve anything.

¹: https://technology.inquirer.net/108901/mark-zuckerberg-uses-...

Theoretically, yes, but practically? Countries like Germany already legally require you to provide your ID to buy cryptocoins at non shady businesses.

So in reality for most people crypto remains perfectly tracable for all time to their identities. But then again, no one uses crypto as a peer to peer currency anyways...

Money is not speech.

Words are not taxed.

> We need to fight against the idea that private payments are any less moral than private conversations

Disagree, but upvoting because clearly articulated.

If money is private and money is speech, then taxes aren’t tenable. Would you agree?

iMessage is backdoored? Evidence please?

Without the source code, you should provide evidence that it's not backdoored. Given how large Apple is, how big its userbase, I am sure all agencies do everything possible to get the precious data.

iCloud Backup backs up plaintext of all iMessages from the device to Apple, with Apple keys (non-e2e). It also includes all SMS.

This is documented plainly on Apple's iCloud security overview page. The list of things that are end-to-end encrypted is listed. iCloud Backup is not in it. It's on by default on all iOS devices.

Apple was to fix this by end to end encrypting iCloud device backups, and (I understand) even had an implementation, but stopped its deployment on request of the FBI to preserve access to phone contents (including iMessage/SMS history).


iCloud Backup being insecure does NOT mean iMessage is "backdoored": if you don't use iCloud Backup--and there is no reason to do so, as Apple (notably unlike anything Android) has a really good local way to do highly-secure backups using iTunes--my (rather firm) understanding is that, even if you turn on the iCloud iMessage sync (which is also optional: I do not have it on, for example), iMessage actually is pretty damned secure (with no key escrow).

I appreciate that a lot of people--maybe most or even "almost all" people!--use iCloud Backup, but semantics matter as you present it as if iMessage is insecure, when not only the "real" but the only issue is iCloud Backups (which we should be making sure people don't use, with targeted education campaigns, as it isn't like using Signal could ever solve this issue for all of the other personal data the user had).

If you want to make this kind of argument, you need to be doing it from a place of being more informed; like, you could be trying to poke at how the protocol had a weakness--found by pod2g's team--with respect to Apple's ability to inject new keys for existing chat participants, an issue I am not sure they fixed (or even could fix, as it is arguably a UI security problem... but maybe they did, as I don't always follow the blow-by-blow); but this indirect argument you make is FUD.

> iCloud Backup being insecure does NOT mean iMessage is "backdoored"

Technically not, but in practice it is for the most users.

So turn off iCloud backups?

Then your conversation plaintext gets escrowed to Apple via just Bob instead of both Alice and Bob.

(Conversations are backed up twice: once by each party.)

You'd need everyone you talk to to also disable iCloud Backup. This is pretty unlikely.

Easier to just use Signal, where the chat history isn't included in the device backups at all.

Signal doesn't--and can't--somehow magically prevent people from backing up their messages insecurely. That they don't support being backed up by normal backup methods on iOS--including highly-secure ones--is a missing feature (and a devastating one at that: people expect to have access to their old messages) more than a security measure. Consider this: the existence of a popular tool that helps people back up their Signal messages wouldn't somehow cause it to be accurate to claim there is a "backdoor" in Signal.

If that tool shipped as part of iOS, were on by default, and silently sent the full message history plaintext to Apple (such as if Apple iCloud Backup stopped respecting the storage class of apps and just backed up EVERY FILE), I think it would be fair to call that a backdoor (in iOS).

What if iCloud Backup started including in the backup a snapshot of device RAM? I think we are splitting hairs here.

The desire of users for message history in backups is entirely orthogonal to whether or not iCloud Backup is a cryptographic backdoor, in the traditional "plaintext escrow" sense. Indeed, the FBI would not have torpedoed Apple's e2e encrypted device backup system if not.

Really it boils down to the fact that it's on by default and the users were never asked to consent to their full chat history being transmitted to Apple effectively in the clear. I imagine most users are unaware of the fact that the FBI has warrantless access to every iMessage they have ever sent or received.

Call a spade a spade: if iCloud Backup is insecure (and it is), then say iCloud Backup is insecure, not iMessage. Your stance on this is FUD because you don't respect the semantic boundaries of the systems you are discussing, and so anyone who decides to truly listen to you and internalize the things you say leaves with a broken mental model rather than an educated stance :/. Every single person who reads what you say "iMessage, now backdoored for the FBI" who decides to stop using iMessage (which wasn't even insecure to begin with) and does NOT decide to stop using iCloud Backup (which will be insecure even if the user is using Signal, along with Signal's iOS product flaw that attempts to circular file your messages, as messaging is but one of myriad things a user does on their phone) is someone you have failed by teaching them the wrong lesson.

I think that iMessage is simply a feature of iOS, same as iCloud Backup. They can't be installed or used separately, they are a single atom. A single atom with message plaintext escrow enabled by default: a backdoor.

By your reasoning, would "iOS is insecure" be an accurate statement?

> We need to fight against the idea that private payments are any less moral than private conversations ... Cryptocurrencies at their core are speech, not property

That's an interesting take. Assuming you're American, maybe you could challenge this in court? Maybe Congress will have an epiphany - all this time they've been regulating inter-state commerce, but it's been inter-state speech the whole time. To resolve this contradiction in the Constitution, they'll likely just disband the Federal Government, ushering in a libertarian utopia.

Go for it! We're rooting for you!

That's a very American idea. Nowhere else would people think that money is speech, especially in the sense of free speech. I guess it joins "corporations are people" in that category of ideas.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact