Hacker News new | past | comments | ask | show | jobs | submit login
Problems with Signal Messenger App (ravidwivedi.in)
38 points by zaik on March 3, 2022 | hide | past | favorite | 22 comments



> Centralised services are difficult/impossible to leave, because of the network effect.

Without the network effects, nobody uses them in the first place, and then you're either

1. stuck chatting with your friends and family on Facebook Messenger or iMessage

2. or you try to convince them to use a decentralized service, which almost certainly doesn't have the usability or polish of an app built by a company.

If you don't like Signal, just don't use it. But it's the absolute best "least bad" option out there by a long shot. My mom is legally blind and uses Signal to talk to me and my dad in a group chat. And if it gets bad, we'll change services. Simple as that.


> Without the network effects, nobody uses them in the first place, and then you're either

not true, see [matrix]. You hardly say nobody uses it

Still, the reason why it (and Signal) is not used that much in the first place, is the network effect working much better for WhatsApp and iMessage.

> 2. or you try to convince them to use a decentralized service, which almost certainly doesn't have the usability or polish of an app built by a company.

App built by company and decentralized aren't mutually exclusive.

> And if it gets bad, we'll change services. Simple as that.

tell that the people still stuck with WhatsApp


1. I actually don't know a single person who uses matrix. Half of my friends use Signal. Just one data point, but I've literally never had a reason to use or install it.

2. They are, though. Decentralized software necessarily moves slower because everyone needs to upgrade to add new features. Nobody is going to tell their mom to use an app where attachments only works a quarter of time (see: IRC).

3. Nobody is stuck with Whatsapp. My family stopped using it about a year ago. Most of my friends stopped using it a bit after.


> They are, though.

Simply a false claim. Prime example: the internet

> Decentralized software necessarily moves slower because everyone needs to upgrade to add new features.

so...?

> Nobody is going to tell their mom to use an app where attachments only works a quarter of time (see: IRC).

and IRC is the same as "decentralized services"?

> 3. Nobody is stuck with Whatsapp. My family stopped using it about a year ago. Most of my friends stopped using it a bit after.

> Just one data point


> Prime example: the internet

Email has been around forever. And yet sending an attachment larger than about 50MB is essentially impossible. There will never be an update to email that fixes this.


I think it's worth remembering that Signal started out as the completely decentralised TextSecure, doing opertunistic encryption of SMS messages if the person on the other end was also using it as their SMS client, and not getting in the way if they weren't.

It worked very well and it was extremely easy to onboard people without anyone getting siloed. A lot of us early adopters remember being dragged into this reliance on centralisation and data, and remember buggy mess it was when that first started.

I'm still quite annoyed and bitter about how signal evolved into signal and lost value for what it was, for the sake of trying to become another WhatsApp.


They moved to the current Signal model because this was leaving metadata unencrypted (even if the content of the messages was encrypted, the two ISPs would known X messaged Z with an encrypted message).

Opportunistic encryption is also considered bad UX-- too easy to mess up.

(edit: typo)


That would never work on iOS though, as it cannot use alternative SMS clients.


Encrypted instant messaging is such a train wreck. Nothing works with anything. Hardly anyone knows how to verify identities properly (or at all). The article expresses a fear that Signal messenger might become some sort of standard. The list of reasons presented in the same article effectively prevent that.

XMPP is in fact one reasonable approach to standardization. Unfortunately, the Matrix project has caused an effective standard split. Bridging between the two systems still breaks encryption. Identities are not portable between the two systems either.


As far as I know, neither Signal nor Matrix currently work with standards organizations like the IETF or the W3C, so they're really products and not standards.


If signal is too "centralized" then why not use matrix or irc?


Related talk by Moxie on decentralization: https://www.youtube.com/watch?v=Nj3YFprqAr8


Official link with english subtitles:

The Ecosystem is Moving (2019) https://www.youtube.com/watch?v=DdM-XTRyC9c


There are numerous responses to this talk, an outstanding one is the response of Daniel Gultsch: https://gultsch.de/objection.html


But in none of the responses is any large scale sustainable solution. In an ideal world, yes, everyone will use federated solutions. But articles like these are not helpful unless a mass market solution is done or proven.

Even jitsi cannot federate with bigbluebutton.

Though I like email, mailing lists and matrix(element) etc but world is pragmatic: workplace use of slack to whatsapp to signal or google docs.

It has become a habit to post in hn

1. DIY mailserver 2. Photos hosting 3. K8S

but people need to know Infamous Dropbox comment: https://news.ycombinator.com/item?id=9224


Jitsi can connect with most SIP servers, there are even videos on YouTube of people doing this.

The ecosystem is moving, but Signal is falling behind as said ecosystem moves. Way more resources are flowing into making Matrix good than are funding Signal and XMPP, to their detriment.


Ideally please bookmark your comment. Lets wait for a couple of years.


> The communications of the whole world get dependent on a single service provider, which is Signal Foundation

Which is good as long as they're not the only ones able to confirm that they're just shuffling encrypted blobs around that become data only to the person who can decrypt it.


I don't get this:

>> The communications of the whole world get dependent on a single service provider, which is Signal Foundation.

So, even though you can setup the Signal server (https://github.com/aqnouch/Signal-Setup-Guide) on your own infrastructure, in the end it still connects to... Signal own main server (whatever)?


You can't really run your own Signal server. The app doesn't support connecting to unofficial endpoints, and the server setup guide you link to is an unofficial third-party thing.

If you have a custom app compile, it's no longer really "Signal".


// The app doesn't support connecting to unofficial endpoints.

The app means the official Signal binary?

// If you have a custom app compile, it's no longer really "Signal".

Why? I thought one could compile an app from the GPL Signal codebase and use it to connect to own server.

They don't want others to connect to them so as to have a high level of security, which includes rapid deployment of state-of-the-art security features across their whole fleet. But any individual or group is free to deploy Signal's code on their own servers and apps.


The server wasn't even open source for a full year recently while they integrated MobileCoin :/.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: