I see some comments saying they are happy moxie is out. I for one am saddened.
I trusted signal in part due to his persona. And his in your face attitude towards that one company that provided software to law enforcement that claimed to hack signal.
The OP didn't mention Moxie leaving, so here's a link to the source [0] (toot?) for that:
> After over a decade spent creating Signal, Moxie has departed to focus on new efforts. As the founder of Signal, the work he did and the organization he built are the reason Signal exists. We are infinitely grateful. He remains a friend and a core part of the Signal legacy
Safe travels to Moxie. I look forward to seeing what he builds next.
I suspect it would be some approximation of “no longer his”. I can understand your frustration but this kind of message is likely only to exacerbate his.
Don't impute motives to strangers on the internet. I have no frustration.
I am requesting a statement from someone that has been very outspoken on many issues around secure, safe, private communication in the past and is in a better position than any of us to follow up on his advocacy.
He has had a very strong effect on the ecosystem including explicitly denigrating non-centralized efforts like the Matrix ecosystem (to the detriment of these non-US controlled systems supported by the French and Germans who had reason to be cautious in the wake of the Snowden revelations).
As someone who has had a significant impact in this area he owes us. Otherwise we can all draw our own conclusions.
One wonders if there was some kind of pressure exerted on him. That would explain the stepping down and the subsequent silence about his replacements. It looks like a classic bear hug.
I wouldn't go so far as to call Signal compromised - yet - but I will be keeping an eye out for increased mentions of Signal in DOJ indictment documents, just like I did for Dropbox after Condy Rice joined their board (after which there was indeed an increase in such mentions of Dropbox).
> By a truly unbelievable coincidence, I was recently out for a walk when I saw a small package fall off a truck ahead of me. As I got closer, the dull enterprise typeface slowly came into focus: Cellebrite.
I worry about what it means for the future of Signal in terms of their privacy features. I wouldn’t be surprised to see some compromises even despite good intentions. It’s good that effective alternatives exist for such use but it might frustrate people who bet on Signal in some way.
No I am happy. Yes, he was a puritan. And what else, a benevolent dictator, who did things without taking absolutely ZERO user feedback? Yes, that definitely was the case. Yes, we are yet to see how it pans out, but it’s pointless to have a Signal that is used by so few people that it barely matters. I hope that chages.
I mean Signal is worse than Mastodon in adoption as of today and it had so so many opportunities wasted on things that were never needed (in fact those efforts should have been categorically avoided) and a lot effort was also wasted on not doing things that should have been done. Hope that changes as well with his departure. Or I’ll rather see Signal put out of its misery in a kind and quick way.
One thing Id really like to see is cross OS transfer. I feel Im locked in to my OS because of Signal right now as Ill lose messages. There are some messages I dont want lost and sadly having them in signal is a bummer.
They have exactly that: you can set up a periodic encrypted backup under settings > chats. It'll occasionally ask you for your backup password so you don't forget it too
> They have exactly that: you can set up a periodic encrypted backup under settings > chats. It'll occasionally ask you for your backup password so you don't forget it too
Last I checked, that was Android only. And the password they periodically ask for is your PIN, which is unrelated to your backup password.
For most people (yes “most” people - who are again a minuscule fraction of IM app users) Signal is the “that other car” - not the car that they drive in the city on which “eco friendly” sticker is put, but the one which is marked eco friendly, yes, but mostly remains parked and is for rather the display of one’s principles. At least seeing the shape and form Signal is today.
So if we are being honest - it really doesn’t matter.
If you build a truly private e2ee communications system, it is a little bit silly not to include a payments feature, as it's just an e2ee messaging use case (like stickers, or reactions, or stories, etc).
There are lots of useful apps you can build atop e2ee messaging: location sharing, payments, group chats, secret sharing, etc.
This is just anti-cryptocurrency bias; other payment systems require identity by law, which renders them much less useful for many people (and unworkable for most service providers who must then be regulated and licensed as money transmitters).
This was the only method available of doing payments inside the app in a way that met their product requirements.
It's fine to not like cryptocurrency; it's intellectually dishonest to accuse every project of crime without evidence.
Crime is the perfectly sensible default assumption for cryptocurrency apps in 2023. Accusing people of anti-cryptocurrency bias is like saying someone has anti-forest-fire bias; there are certainly scenarios where such a bias could be unfair, but the burden of proof is on you, not the other guy.
I can recall specifically two kinds of crime with cryptocurrency: “pump and dump” pyramid schemes and money laundering, which is hiding particularly nasty crimes like human trafficking. I won’t deny these are terribly victimizing things (that would be truly advocating for the devil).
On the other hand, there are people who don’t enjoy the banking infrastructure that Americans have; people in nations without nearly the wealth of America. Now they have these open-source networks they can implement on their own terms. The people doing this research and making these offerings might be serving such customers, whether by practice or intention.
Crime is not “the perfectly sensible default assumption for cryptocurrency apps in 2023” unless the one making the assumption is naive to these perspectives. This is an (unconscious) anti-cryptocurrency bias by definition: https://en.m.wikipedia.org/wiki/Availability_heuristic.
All of those fall under "money laundering" and I wouldn't say any of those are worse than human trafficking, which I did mention (ransomware that doesn't care whether it's targeting hospitals and other critical infrastructure has a good case). Does it refute the argument that there are these other crimes which I didn't specify?
Glad to hear Moxie's out. As a reminder, Signal didn't publish the source for their server-side from 20 April 2020 to 6 April 2021 [0] while they secretly added a cryptocurrency payment system to which Moxie was a paid technical advisor [1], which Moxie denied they were doing in January 2021 [2].
I'm not "glad to hear Moxie's out" -signal wouldn't exist without his work.
I agree the crypto was stupid. But, it was a product of the times, and I believe it grew (from scant evidence) out of concern about independent funding longterm for the project. It didn't work: it rebounded badly.
I use signal every day. I'm glad it exists, I'm glad he did the work. I like Meredith, and I think the new board needs to be given time to bed in and for us to see how things eventuate.
I don't want Signal to have payments (or to axe SMS support). Those are both stupid things for Signal to do, which make it worse for me and worse in general. However, "what if [author's political opponents] used Signal?!" is a revolting hook to hang that hit piece on.
I agree, the fed connections aren't a great sign... it reminds me of when Condy Rice joined the Dropbox board.
But to be fair that's the person in charge of policy, so it's the kind of profile you'd expect. (Of course, you're free to argue that a messaging application has no good reason to hire for such a position in the first place.)
> I agree, the fed connections aren't a great sign... it reminds me of when Condy Rice joined the Dropbox board.
Let's be fair: there's a big difference between "this person has worked in or near the federal government" and "this person has literally committed war crimes".
If there are specific concerns about the people on Signal's board, I'd be interested in hearing it, but having Fed connections doesn't inherently mean a whole lot.
Let`s be truly fair: the USA "federal government" is historically and presently one of the biggest committers of war crimes in the world. If you work for it you work for evil. I am sure it keeps the kids in Montessori and enables travel to the last wildernesses on earth, but that doesn`t count for much for the millions of Vietnamese, Syrian, Iraqi, Afghan, East Timorese etc etc
This announcement shows clearly that Signal is at the end of its life and it is time to jump ship.
misread it sorry. He left as CEO over a year ago, but remained on the board. Today he leaves the board as well and basically has 0 influence in the co. anymore
I'm having a Mandela-moment - I could swear Moxie came-out as nonbinary or similar - but a quick duckduckgo search says otherwise, so apparently not. My mistake.
“They’re” works perfectly fine (albeit a little grammatically awkward) if you aren’t sure of someone’s gender anyway. Not sure why the above comment felt compelled to correct.
Does it matter if it is growing or shrinking? The users are getting usage, and the maintainers are providing a service. Is there a profit motive being unfulfilled?
In 2020-2021 it seemed like 20-30% of my contacts were using signal as their SMS/MMS app of choice. Then they forced SMS users off the platform, giving some reasoning that SMS users don't understand which messages get encrypted, or something. I lost track of signal's usage and uninstalled it after it lost SMS support. At this point I don't know anyone still using Signal regularly anymore.
I mean you have signal uninstalled so I’m not sure how you’d be across who is using it.
99% of my messages are sent on Signal with 100ish contacts including all bar two of my friends who I message regularly. But I would never think to suggest my anecdotal evidence is the norm.
They removed SMS support because Google doesn't provide an RCS API, causing received RCS messages to fall on the floor. All carriers in the U.S. will default to RCS when messaging between Android phones these days.
I never saw this anywhere until this comment. The letters "RCS" never appear anywhere in the blog post[0] where they announced they were removing SMS Signal support. Where did you hear this from? This would be a much more reasonable reason than the drivel the espoused in their blog post.
Thanks! Why did Signal not officially post any of that?! And why is it being posted by a seemingly random person? There isn't even a name at the end of the supposed message from Signal.
If this is the case, I wish Signal had provided this information somewhere in an official capacity, rather than some random persons HN post. Like a follow up blog post following the reaction that people had. This is extremely poor communication to what I would believe is a decent portion of their username: technically oriented persons. The reasons they give in their blog post are extremely flimsy.
> They removed SMS support because Google doesn't provide an RCS API, causing received RCS messages to fall on the floor. All carriers in the U.S. will default to RCS when messaging between Android phones these days.
That raises all sorts of interesting questions. Like how does some random person in some random part of the world using some random carrier know I'm using an Android phone today. Surely they don't.
Assuming they don't, how do they handle iOS not supporting RCS. iOS is over 50% of the phones in the USA. Dropping 50% of messages sent by Android phones is untenable. Whatever happens - that isn't it.
The next question is what happens if an RCS message arrives on a Android phone that doesn't have Google messages as it's registered SMS app. It would seem mightily unfriendly to just drop it on the floor if you have no one to pass it to. It seems far more likely it would just pop up in Google Messages.
But you can avoid all that if the sending carrier has some way of asking if the phone number they sending to supports receiving RCS or not. One way to do that is the RCS app registers with some central registry, and Google Messages only registers itself if it's the default messaging app, otherwise it doesn't. So you only get RCS messages if you are using Google Messages.
TL;DR: Google not publishing the RCS API is a red herring. It doesn't matter, just as Signal not publishing an API for sending messages using the Signal protocol doesn't matter.
If that is all true, then spokes people from Signal claiming RCS forces their hand was a best misleading. As it happens the other reasons they gave didn't look particularly convincing either. Which left me in the position of trusting them about as much as I trust Google. As Signal gave me no choice I now use Google Messages as my default SMS app. Everything is still seamlessly end-to-end encrypted if the other end supports RCS - in fact the feature sets of Messages and Signal are so similar it looks like they were copying from each other. But security wise it's a definite step backward from when Moxie was CEO.
Which brings to the final point - I can't see what any of this has to do with Moxie. It all happened when after he stepped down as CEO. Seems like this was some else's decision.
I trusted signal in part due to his persona. And his in your face attitude towards that one company that provided software to law enforcement that claimed to hack signal.