Hacker News new | comments | show | ask | jobs | submit login
Wire – Modern Communications Network (wire.com)
498 points by jkaljundi 872 days ago | hide | past | web | 402 comments | favorite



So in the age of Edward Snowden this is all they say about encryption...

"Are Messages And Calls Encrypted? Yes. Wire uses industry-standard encryption on all of your Wire messages and calls."

"WHAT SECURITY MEASURES DO WE TAKE TO SAFEGUARD YOUR PERSONAL INFORMATION?

We are concerned about safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. In addition, we restrict access to personal information to Company employees who need to know this information in order to develop, operate and maintain the Service."

Come on guys...how can anything this vague be trusted?

And by European they mean Swiss, so not specifically EU.

One of the typical evasive phrases...

From the Guardian Article:

"Locating its head office in Switzerland was Wire’s first decision taken on security grounds. “If someone is interested in accessing our user data, there’s a formal and well-regulated process in Switzerland for that. They’re very mindful of privacy, and the same is true in Germany."

Swiss naturally implies safety for many people (which is deceptive...real, verifiable, audited, end to end encryption is safety), for anyone unsure about the reality of "Swiss" cooperation with NSA since the 70s, read about Crypto AG

http://mediafilter.org/caq/cryptogate/

For those wondering about "Swiss privacy laws," if you are a foreign national you are effectively fair game

http://en.wikipedia.org/wiki/Onyx_%28interception_system%29

http://www.iclg.co.uk/practice-areas/telecoms-media-and-inte...


Unfortunately, even if they DID specifically list out all the security measures that they used, someone would still complain because it isn't completely open source. The previous company I worked for not only had legitimate encryption for anything private we received from the user (e.g.: email passwords) so that nobody at the company could ever read them, but also had some (if I remember correctly) good documentation on the site listing out exactly what we were doing. The founder of the company even commented with the specific technical details when our product was linked to on HN, and people still weren't happy.

While I sympathize with what you're saying, nothing is going to make people who actually care happy with whatever security a company puts in place. Unless that company releases their source code for everyone to see. Which I would hope most people would be reasonable enough to realize why that's usually impractical. (see the previous HN post about the guy who shut down his business and was debating open sourcing his entire codebase, and all the problems he would have had to tackle to do so)


No, much larger than the issue of open-source is that we already have dozens of major communication protocols that are not based on open standards or that do federation (one implies the another).

XMPP does OTR for example. And you know, the cool thing about an open standard is that it can have many clients. Throw federation in the mix and then many people will actually find it desirable.

Otherwise it's just a matter of being new and shiny. Because other than that, I don't understand how this new messenger competes with Hangouts, Skype, FB's Messenger, WhatsApp, Viber, iMessages, FaceTime, Snapchat, Y! Messenger, Lync, HipChat, Slack, IRC in general, or plain old calls and SMS messages, which are pretty cheap lately in Europe (at least in my country). Note that I enumerated about a dozen of popular alternatives.

I expect new entries to brag about something more than UI. Because my phone has the best UI ever - I just call somebody and that somebody responds because everybody has a phone number. I want to see open standards, federation and encryption, because otherwise new entries are useless for me.

So another proprietary walled garden that promises to keep my conversations secure, cross their hearts? No thanks.


XMPP and OTR are not workable for mobile devices. The protocol structure assumes a consistent background connection that doesn't get killed, something that is relatively cheap to do on the laptops and desktops it was designed for, but is expensive battery wise for mobile devices.

Go download an OTR client for iOS, like cryptocat and notice how it pings you after 10 minutes that you have to re-open the app to keep on receiving messages! It's because iOS does not allow you to keep an app running in the background indefinately for battery reasons. This is required for the XMPP / OTR model to work.

You need a protocol of some sort that would work properly with mobile, and I think textsecure is it.


OTR kind of sucks, partly because of what you mentioned.

I'm trying to introduce the Axolotl ratchet (behind TextSecure's security) into XMPP:

https://github.com/rakoo/goax

The Axolotl ratchet provides true asynchronicity so you don't need to keep the link open forever. You don't even need the other party to be up; the message can be stored on either server and forwarded when the recipient connects, and the recipient will only decrypt the message at this moment. This is what we need.


You can develop an xmpp client for IOS that does not ping you every 10 minutes (or ever). You have to register the socket used for XMPP for VOIP purposes and IOS will happily comply with that. Been there, done that


This still isn't power-efficient. On phones you should be using push notifications instead of holding a socket open.


There are already FOSS replacements for Skype, such as Tox. The fact is that if every line of code can't be inspected then the software can't be considered secure, and we're forced to put blind faith in a faceless corporation, which is understandably not acceptable for many people. I don't really care if you think this is "practical" or not. That's simply the reality of the situation. Proprietary == insecure.

If a company is unable to profit off of making FOSS software then they can go ahead and keep it closed source, but they should not be claiming that their software is secure when their claims cannot be verified. That's simply dishonest, and only proves the critics right about their trustworthiness.


I would argue that, theoretically, proprietary can be secure. A code base can be made secure by highly experienced engineers who are paid to make the code secure. You might never be able to see the code, but it could still be secure. The problem is that you can never actual verify how secure the proprietary solution is. So whether or not it is secure, you don't trust it. (there are even some interesting arguments to be made about the security of any solution that deals with some kind of user input. my previous boss stipulated that the only way to have a truly secure email client is to have some third-party, verified library that takes all the input, and spits out encrypted data to whatever program deals with email servers, without the program dealing with email servers ever seeing that input in plain text form because who knows what it might do with it)

On the other hand as well, open source most certainly does not mean secure. I don't even have to argue to make this point, I merely have to point out Heartbleed or Shellshock.


Yes, proprietary can be secure. But my question to you is why bother?

As a business model open-source arrangements such as Red Hat or the countless Hadoop services show that you don't really need to lock down the source code to create a successful business around it.

With communications software, the costs a closed-sourced software with magical trust-us crypto getting fully compromised is incredibly high. If people can't trust their basic tools to be private, nor be able to verify it, than they can't assume any conversation they have is private. That's a scary world IMO.

This is particularly true for broken encryption more than the presence of memory exploitation such as Heartbleed or Shellshock.


I don't even have to argue to make this point, I merely have to point out Heartbleed or Shellshock.

The reason both were found and had the absurd propaganda campaigns behind them as they did that are the only reason you can even name them to begin with, is precisely because the underlying software was free.

On the other hand, let's name drop another vulnerability and its exploit: SMBRelay. Took 7 years after it was made public to introduce an incomplete and partial fix. Still exploitable to this day, 13 years later.


So what it boils down to, is that both open source and closed source software can have bugs lingering in them for years that go unnoticed and/or unfixed.


While you can argue that some piece of open source software can be more insecure than a proprietary alternative, auditing a piece of software requires access to the source code and that is mandatory. And with open source everybody can audit with no restrictions. Yes, OpenSSH is a piece of shit, but how do you think it was discovered, from 2 independent parties no less.

Then there's another effect that I like - after the initial patch was released, the story went public, we got notified immediately, then we could discuss about what caused it and see the actual commits and who did it. Such a catastrophe can sink a company, therefore you never see such post mortems for proprietary stuff. And yes, even I as a developer cannot audit software for security, but the point is that I could hire somebody else to do that for me, like the Finnish company that discovered Heartbleed.

So yeah, there is no concrete proof that proprietary stuff is less or more secure than open source, but the point is that we'll never know, because nobody can know how secure something is without looking at the source code.


OpenSSH or OpenSSL? I thought OpenSSH was pretty solid, forgetting the fact that configuring it isn't as straightforeward as one would hope.


Sorry, I meant OpenSSL. It was a typo.


Yes, in theory it is possible. However even 100% secure proprietary software must be assumed to be insecure, because we're still running on blind faith, which is patently stupid for anyone who requires security.


You run OpenBSD, don't you? (To be fair, their approach since the 90s seems a lot more reasonable now)


No, my views are not based on my own needs or paranoia. As a security-oriented software developer I recognize that software that claims to be secure needs to deliver, because people like Snowden, Assange et al. may be relying on it some day.


I don't think it's as black and white as all that. This reads like the equivalent claim the NSA makes along the lines of, "if you have nothing to hide, why can't we record every facet of every communication and store it forever?" Business relationships run on trust. Claiming your software is secure when it is to the best of your knowledge is not dishonest.


That's a false dichotomy. Not wanting personal conversations recorded is called discretion, a form of wisdom. Not wanting technical details of a product published is primarily a way to gain a competitive advantage, either against other businesses or against potential threats.


You're making the baseless (and some might say naive) assumption that it is secure to the best of their knowledge. If they really wanted to build trust then they would prove it and leave no doubt in people's minds.


"Dear citizen, you're asking us to make the baseless assumption that you're innocent until proven guilty, if you really want to build trust you'll let us monitor you 24/7 and leave no doubt in our mind."

You're making an assumption of guilt. The fact that something isn't open source doesn't inherently make it insecure.


It doesn't make it trustworthy either. When speaking of encryption algorithms, not publishing a new algorithm for peer reviewing is unthinkable. This is also not about judgment - I do consider people to be innocent until proven guilty, but do you trust people you don't know with issues that could harm you? Besides companies are not people, we are taking about a commercial entity here that wants to sell something. And people get to vote with their wallet and opinions, depending on their needs and I see nothing wrong with that.


"And people get to vote with their wallet and opinions, depending on their needs and I see nothing wrong with that."

I was thinking the same thing! But you seem to be assuming guilt and I am not. Honestly, I can see it both ways. It just seemed spurious to me to state that if we don't know it's good, it must be bad.


I'm not making any assumptions as to their motives; I have not accused them of any wrong doing. As far as I'm concerned, they might be working in good faith or they might not be. That's not good enough when it comes to security. You're incorrect with that last sentence as I and others have pointed out already.


Tox is not a Skype replacement. For example:

- Skype is "everywhere" (Windows, Windows RT, Windows Phone, OS X, iOS, Android, Linux, FreeBSD, Blackberry, XBox One) and opposed to a handful of places (Windows, Linux, OS X, Android, iOS, FreeBSD, OpenIndiana). Plus Outlook.com's Skype implementation supports most platforms with a HTML5 browser.

- Landline/cellular phone calling. Text message sending.

- Caller ID, Voicemail, etc.

- Skype Numbers (i.e. buy a landline phone number people can call your Skype via, which is insanely useful for SMBs and individuals alike).

- Tox's feature list is largely a myth. Most clients are missing major Skype features and none support all of them, see this: https://wiki.tox.im/Clients#Features

People who think Tox is a Skype replacement aren't Skype's core demographic. The landline/cellular/etc functionality is heavily used by many and nothing that claims to be a replacement can be taken seriously if it lacks that.


tox.im website is not working. Am I looking in the wrong place?


There is another option - matrix.org is a new open standard for real-time communication (with encryption) in an open, federated ecosystem.

That means you can run your own server and encrypt your own data, and the encrypted data can still be sent to other servers in the federation.

To your point about open source, if something like this can take off it needs to be fully open and transparent, without fees or central data ownership - which is why matrix.org is a non-profit organisation and the standard open source.

(disclaimer: I'm involved with matrix.org)


From the homepage: > Send and receive extensible messages with optional end-to-end encryption

Why would encryption ever be "optional"?


Because we don't want client implementers to be forced to have to jump through end-to-end crypto hoops if they don't want to. The simplest way to send a message in matrix is:

curl -XPOST -d '{"msgtype":"m.text", "body":"hello world"}' "https://matrix.wherever.com/_matrix/client/api/v1/rooms/$roo...

...and we'd like to keep it that way. But you can always insist on only ever communicating with folks who are on E2E crypto clients if you so desire.


Is that the same way I can always insist on only ever receiving PGP-encrypted e-mail?


Not quite - as PGP is a pita to use, and not a formal part of the SMTP spec. So refusing to read non-PGP would be suicide. But if it was considered table stakes to implement the crypto option of the spec, and all the decent Matrix clients out there did so and sent end-to-end encrypted by default, then it'd naturally become the default. In other words, if you gracefully upgrade chats between capable clients to be end-to-end by default, everybody wins.


If you really believe that, then I feel sorry for your users. Privacy is a public health issue: https://www.theguardian.com/technology/2013/may/21/privacy-p...

In the absence of some forcing function, the trend is for it to get worse, not better.


Back in the day it was often optional due to the additional processing that it required.


That was indeed a thing in the days before AES-NI or simply having 1.4 billion transistors on a chip.

But in my day we've been spending years fighting this sort of short-sightedness: https://www.ietf.org/mail-archive/web/rtcweb/current/msg0274...


>> the previous HN post about the guy who shut down his business and was debating open sourcing his entire codebase, and all the problems he would have had to tackle to do so

link please?


I think the poster may be referencing this submission: https://news.ycombinator.com/item?id=8641867

Specifically, the replies of the submitter in the comments


That's the one, thanks! Sorry, should have linked that in the first place.


Guardian article has a bit more details regarding the privacy and encryption. http://www.theguardian.com/technology/2014/dec/03/wire-commu...


Agree - I wonder if Adobe's block mode 3DES was 'industry standard'.

Saying "we use encryption" isn't any good; this isn't 1996. People need to have the details available if they want them (a little "More Information" link going to a page showing their actual security model, list of ciphers and modes of operation, etc. would do).


Does it really matter whether they have encryption a or b? If it is poorly implemented it is unsafe.

So either you trust them to do a good job or you don't. Whether someone in marketing knows the name of your favorite encryption doesn't really change that.


One hint of whether that they've poorly implemented it is that they didn't care to choose a preexisting algorithm, or they chose a preexisting algorithm with known weaknesses, or that they chose an algorithm with fiddly parameters without addressing that.

I'm much more likely to trust if various indicators suggest they're being sane, reasonable and knowledgeable.


Well, they can quote the most advanced encryption algorithm, but you still can't be sure if they have really used it unless they share their code.

Bottomline: You either trust them or you don't.

One reason for them not sharing the details could be that they want the potential hackers to keep guessing rather than making their life easier (No encrytion is foolproof)


"Bottomline: You either trust them or you don't."

That's not true at all. Trust isn't blind faith. Their choice of algorithm, and other factors they can disclose tells a lot about their understanding.

"One reason for them not sharing the details could be that they want the potential hackers to keep guessing rather than making their life easier (No encrytion is foolproof)"

This is security by obscurity, an example of a poor choice. Overall, your statement says more about your lack of understanding of software security than anything else; as their statements can about theirs.


Security by obscurity is a perfectly valid security mechanism - to be used in conjunction with other security mechanisms.

There is no security silver bullet - a properly secured system is security by many strategies. One of those strategies may indeed be obscurity.


Trust isn't binary.

You could perfectly well trust that they're earnest without trusting that they're competent. If that's your position, which is resonable, given enough information you can alleviate some of the competency concerns.

That said, given the landscape they're working in, it's hard to trust any commercial entity is genuinely willing and able to keep your communications secure.


>Trust isn't binary.

Exactly.

Transparency in how you secure your shit is basic diligence, then the user trusts that that is accurate and properly implemented. I'd never use a service that didn't do that; just as I have a firefox addon (CipherFox) that shows what cipher a site is on, so if I see, for example, RC4, I know it's secure in name only.


Kerckhoff, 1883: "[T]he security of a system should depend on its key, not on its design remaining obscure."


Security by obscurity isn't sufficient by a long shot -- and you can't rely on it -- but that doesn't mean it's without value.

Obscurity may only buy you time while you fix your security problems (before someone stumbles across the mistake you've made), but if you can manage to correct flaws before they are exploited, well, that's a good thing.

That said, Wire would do better to share enough details to show that they are putting real work into security and encryption. Compare Wire's security detail with something like Crypho's: http://www.crypho.com/features.html

They're still omitting plenty of details in their implementation, but it's obvious they have a strong focus on security. Wire doesn't really say anything (yet).


Why do you say they didn't care to use a preexisting algorithm? They claim to be using industry standard encryption, that means they are using existing algorithms that have been vetted and proven to be safe (if properly implemented).


Again, see Adobe. They might have theoretically bullshitted 3DES as being 'industry standard', even if a very old standard.


Choosing a standard protocol indicates that you aren't completely inept when it comes to encryption.


Disagree, depending on how strong you mean the word "indicate" to be.


Agreed, open source, audited etc is obviously better but the least they could do is tell us a little more.


Exactly. Complying with "all messages encrypted" is equivalent to simply using HTTPS (and equivalent for voice). But this doesn't make it safe against MITM attacks, side-channel attacks and government subpoenas!


Judging from their FAQ, it seems that they encrypt voice end-to-end, but messages only between the client and the server: https://support.wire.com/hc/en-us/articles/203122500-Are-mes...

They have features like syncing the read status of messages, so I assume their server knows about all messages and conversations (although maybe not the contents if encrypted properly).


You should consider that most other messengers offer no such promises, even vague ones.


That doesn't make it any better. Moreover, a false sense of security does even more harm to the users.

I'd prefer a honest "We are no security experts, don't use this for critical conversations!"


What? Skype offers the exact same vague promises, and they are even technically true.


Telegram seems to put their money where their mouth is.


There are serious concerns with Telegram encryption/privacy. See discussion: https://news.ycombinator.com/item?id=8686868 for example


I'm not sure.

They offer these 'challenges', but other than that? For me, this comment of yours would we something I'd agree with if

- Telegram would start out with a protocol that works/is 'accepted' (OTR, TextSecure)

- Would make chats encrypted by default/all the time

That'd be awesome. Given that they seem to know a bit about cross-platform development and design the result might be extremely interesting. Right now? I'm not convinced.


I think Telegram is the best messaging app out there.


I think once Open Whisper Systems merge their products into Signal, that is going to be the best out there...Hopefully they will get the uptake they deserve.


My standard gripe with OpenText (or WhatsApp etc) is the identifier. A phone number sucks.

a) I hate the discoverability. Just because I install an app doesn't mean that my ex from ten years go should see that I'm online. Heck, my mom or aunt don't need to see me showing up in the address book either.

b) Desktop clients. Tablets with wifi only.


Did they also mention their business model anywhere ? Also how the European laws protects us about anything ?


Quoting http://www.theguardian.com/technology/2014/dec/03/wire-commu...

"It’s in our terms of use: we’re not going to look at your data and cultivate it for advertising," said Christensen. "We’re not going to put advertising in the client. My head of design would kill me! It’s more about finding the right kind of opportunities that are additive to the user experience, and that they’re motivated to pay for. We’ve found what we think are a couple of good ones."


> Also how the European laws protects us about anything ?

Probably more than US laws anyway.


The problem with abiding by European privacy laws is that if you're not European, you don't count. So if you're not European, there may as well be no privacy at all. You're more or less on your own - just the same as with American privacy laws.

If they can prove one end of the conversation is not American or not in the U.S. you're recorded... but because it's so hard to do that on the fly, you're recorded anyway and they'll figure out the legal repercussions later... by hiding it, diverting the question or flat out lying about it.

It's a shame, this looks on the surface like a great product. But I agree with the point made earlier: In the age of Snowden, statements as vague as "Wire interactions are secure and we comply with European privacy laws and regulations." aren't enough for anyone to stake their security on.

The fact is, when it comes to communication security, the Government has proven themselves untrustworthy too many times for us to believe them anymore. Once could be written off as a mistake, twice, perhaps oversight wasn't good enough. But three, four, five times... the fact is, Governments have torpedoed any reasonable person's ability to trust them when it comes to looking after their privacy. So saying that you "comply with privacy laws and regulations" is no comfort. In today's political climate, if you want the trust of the people, you need to go above and beyond in the name of the people.


I assume this is a joke? The US doesn't have mandatory data retention laws.


It will be trusted completely by their target market, which thinks Snowden is like, a real hero, but that PGP is not something they'd want to catch.


Also, their main site doesn't work without JavaScript. Come on ... having to execute custom code in the browser just to display a "Download" button?

I hope they applied more (security-related) common sense in their apps than in their website.


Processing foreign data is just as dangerous as processing foreign code. Don't lull yourself into complacency just because you have NoScript when your JPEG library is probably less sandboxed and audited than your JavaScript virtual machine. The whole idea of the Von Neumann architecture is that code is data and data is code. It is advantageous when you trust everyone, but now that you can trust noöne? What to do?


I'm not complaining about the security implications of running JS code.

I'm complaining about security implications by introducing unnecessary complexity.


noöne? really? when did 'no one' become insufficiently clear?


It indicates a new syllable. Very rarely seen this days, but it used to be used a lot. So the answer to your "when" is "a very long time ago, then people changed their minds"


Probably a typo. ‘Ö’ and ‘O’ a very close on a German keyboard.


Based on past comments I'd expect the author to have the en_US layout (or something entirely different) and probably - now taking a guess here - even without umlauts.

I'm German and use en_US here, so for ö I'd need to compose a character manually. Which is probably what was mocked (whether that is right or wrong I do not know - I certainly cannot judge the style of writing of someone in his native language, as a foreigner myself).


I appreciate the great deal of thought you put into this. I feel like a mini-Internet celebrity of the minute.

You are entirely correct about needing compose to type the symbol, but I use it so rarely, that I just copy-pasted.

It's not an umlaut though, it's a different diacritic called diaeresis. It makes me feel like I'm speaking a more awesome language when I use it.


I'm glad you like the attention, but I have to admit that I didn't waste too much time on that post. Five minutes tops. :)

The 'not an umlaut' part doesn't seem to be relevant though, since we talk about the character composition. 'ö' is the same character both as o-umlaut and as o-diaeresis (I admit I checked if there's a different way to write the latter), so the argument is weird.

de_DE has a character 'ö' on the keyboard, if I use that as umlaut or not is a different problem.

Composing " and o (or whatever you use) produces what looks like o-umlaut to a German speaker - and my understanding was that you were 'attacked' (if you will) for going out of your way to write 'ö'. Whatever that character signifies here.

(I actually didn't know the name diaeresis, but the usage isn't uncommon here. I've driven my share of Citroën 2CVs in the past)


perhaps, but in it i detect a New Yorker magazine-style use of the dieresis to separate vowels into syllables that a reader might be inclined to pronouce together as a single sound, e.g.: reëlect for re-elect.


This is the correct interpretation. But it is actually slightly nuanced; I'm such a bad speller that, even as a native English speaking adult of 30 something, I had to look up no one. Wiktionary has noöne as an "alternative spelling" and I do like The New Yorker...


"What we need is another messaging app" said nobody, ever.

It looks pretty, but this is yet another app in the long list of "Skype killers" or "Voice/video/text" messaging. It seems like it's the default goto for anyone that can't think of something more interesting these days.


>"What we need is another messaging app" said nobody, ever.

The usual negative HN top post.

I have to disagree. We've moved from irc, to ICQ, to Microsoft Messenger, to ..., to Skype, to (what's hot now), so somehow all those people really DID want another messaging app and even adopted one.

>It looks pretty, but this is yet another app in the long list of "Skype killers" or "Voice/video/text" messaging.

Most of the Skype killers are either crap or crippled in other ways (e.g. Facetime being Apple only).

And we're ways before coming up with the "be all end all" messaging app, so there's plenty of room for innovation in the area.

In general this comment reminds me of the "640K should be enough for everybody" quote...


I've been in Brazil for the past five weeks. EVERYONE uses whatsapp, because SMS is expensive. And this all happened in the past couple of years or so, because that's when smartphones became widespread.

I have never been asked my phone number. I've only been asked my "whatsapp". Make a good enough messaging app, and you can win an entire country. Or the world.


I'm from Brazil. You see small local businesses, with hand painted signs, where the phone number is followed by the whatsapp logo. Not even the name "whatsapp", just the logo.

It's scary how they took over communications over here.


"Whatsapp: The Orkut Killer"


Yes. You are totally right. And the funny thing is that for many Brazilians who can't speak english WhatsApp became "ZapZap" (much easier for Portuguese speakers to say) or just "Zap".


I have never used Whatsapp in the US. The sole purpose I have it on my phone is for communicating with AirBnb hosts when traveling abroad.

It is amazing how Whatsapp rose everywhere but in the US.


I have never been asked my phone number. I've only been asked my "whatsapp".

But your "whatsapp" is your phone number.


You don't understand. People don't associate that number with a phonecall, but with Whatsapp.


Exactly, people don't associate the number with phones. And in my case, my "whatsapp" is a Canadian phone number. I don't even know the number on my Brazilian phone.


Not necessarily. My phone number when I go back home (if anyone wants to call me) is a different number from my whatsapp number (which is my UK number, where I live). When people want my Whatsapp number, I generally give them my UK number, but I don't expect an SMS or a phone call from them because I don't even use that SIM card back home. I have another local SIM card that I use, and I also give that out as my "phone number" in case, you know, somebody wants to call.


Did they ever fix the massive security hole(s?) in whatsapp?


Apparently they partnered with the TextSecure people https://whispersystems.org/blog/whatsapp/ to provide end-to-end encryption(Android non-group chat only for now). Apart from the fact that the client is still closed source and untrustable, they now seem to be in a better security situation than the other popular messaging apps.


What massive security holes?


For example, they store the message database on the shared mass storage partition (a.k.a. SD card), where it can be read by all installed applications.


That shouldn't happen in a properly sandboxed OS.


Wasn't it also true that the password for every account was a simple function of the phone number? Then they changed it, only to base in the IMEI instead.

I didn't look at it again so I don't know if they fixed it for real in the end.


> so somehow all those people really DID want another messaging app and even adopted one.

Very disingenuous. In terms of ICQ, they were just early to market, had a competent client and... a deeply flawed method of identification. Messenger? Rolled out with Windows, just like certain other software that caused a bit of a stink in courtrooms at one point. Leverage. AOL did the same thing, pretty much.

As for Skype... it did voice competently, and more importantly did so easily and at a crucial point in time. Just like ICQ once did.

> Most of the Skype killers are either crap or crippled in other ways (e.g. Facetime being Apple only).

Absolutely. But Skype, according to most people I speak to and voice my concerns (ie. people to whom I whine) regarding the latest problem with Skype definitely echo my sentiment. Skype isn't good... it's merely acceptable. But there is no realistic option.

For my little niche there's definitely an opening for a new voice comm package, but "they" will have to raise the bar a lot if they want wide adoption.


In my memory, ICQ had a terrible client. But the protocol could be used with better, less bloated clients (like trillian). And it had features at the time, like offline messages, that came surprisingly late or were missing in other, later clients.

By the same standards, I would of course say Skype has a terrible client now.


ICQ went down the same path most clients seem to go, ie. it got very bloated. At first it was very bare-bones, with some really pleasant file transfer capabilities.

Skype really is history repeating itself. The client is becoming less usable by the day, and for some reason I was selected for a beta test that introduced the "new" flat style, at a huge cost to layout efficiency. It's truly terrible.


I totally agree with you. I don't want to disdain Skype, which is a great tool for its intended audience (the noobs, the moms and paps, the grandmas, etc). Also, Skype technology was almost incredible when they first appeared, so .. lots of respect for their history and accomplishments.

But I also think there is a lot of room for "Skype Killers" in different niches. I think Skype UI is getting worse for the experienced/heavy user. What is your niche? Would love to hear more.


> We've moved from irc, to ICQ, to Microsoft Messenger, to ..., to Skype, to (what's hot now)

You forgot Hangouts, which works on Android, iOS, and the desktop. It supports text, voice, and video, just like Wire. Its only negative from my personal viewpoint is no Windows Phone support, but that OS is the punchline of many jokes these days.

There's also Slack for businesses, non-profits, and private groups (my local Ingress group uses it), and it offers a ton of extensions.

I don't see where Wire offers anything that we don't have now, though it's nice to see that there is at least an attempt at innovation in this space.


>You forgot Hangouts, which works on Android, iOS, and the desktop. It supports text, voice, and video, just like Wire. Its only negative from my personal viewpoint is no Windows Phone support, but that OS is the punchline of many jokes these days.

Have you ever tried to start a Hangout with a non-technical user? It's a nightmare.

I do remote tutoring. Skype is easy. Everyone has it, you add the username, and call.

Here's what happens when I try to do a hangout:

1. Log in to gmail. Student often takes a while to find gmail on computer and login, as they've been doing everything by phone. 2. Find the chat. Student often takes 2-3 minutes to look for chat. 3. Invite to chat. Your @domain address? No, my personal gmail. 4. Show in chat list. 5. "Send me a message". This takes them another 2-3 minutes to figure out. 6. Start a call. Another delay. 7. Often some kind of technical trouble where the call doesn't start, mic doesn't work, they must by mistake.

This is exacerbated because I'm giving instructions by text. Starting a hangout with a new user on a computer often takes 5-15 minutes. Every step has potential for failure.

If there's a better way than what I'm doing, the fact that I don't know about it is itself is a UI failure on Google's part.


> Have you ever tried to start a Hangout with a non-technical user?

Yes, my technophobe sister in law. She got a new Android phone and was texting me via plain old SMS, which are metered on her account. I texted her back "Look for an icon that is a green circle with a double quote mark in it. Open it, follow the prompts, and send me a message". Within a minute I had a Hangout message from her, and she's been using it since.

Purely anecdotal, but then so was your example. I'll agree it's not so simple doing it on a computer, but they still make it fairly simple; do a Google search for "hangouts", the top link takes you to a page that has a button that says "Available for your computer".


I can't edit the original post. I meant to write, but didn't "ever tried to start a Hangout on a computer with a non-technical user"

I agree the phone is easier.


If all your students have a Google account and an email address, it's rather easy:

1. Open https://plus.google.com/hangouts/_ to create a new Hangout

2. Copy the permanent link that is shown in the dialog, or enter mail addresses to invite.

3. Students open the link. A login is required to join the Hangout, this could be improved...


There is also an extension for Chrome - https://chrome.google.com/webstore/detail/hangouts/nckgahada...


Thanks! That's far simpler. Though it should be more obvious that option exists.


Bingo. My 80-year-old grandmother who is terrified of computers and doesn't speak english recently started having video skype sessions with me. As far as I'm concerned, that's a design and ease-of-use litmus test.


Hangouts is getting worse as far as I'm concerned.

Google Talk had only chat, but I could trust it to work as intended and deliver my messages. With Hangouts:

- synchronization between devices is not as good. I will often not see everything I typed on my mobile when I open it on my desktop.

- Messages do not arrive in order !!! Sorry for the triple exclamation marks, but this is implemented in the most stupid way I have ever seen in an IM application. Say we are using Hangouts on my mobile. You send the messages

    A
    B
    C
Occasionally, I will receive C first, then A, then B. Fine. I receive C and read it.

    C
    <--- I've read until this point and will ignore anything above
Then I receive A and B. And this happens :

    A
    B
    C
    <--- I've read until this point and will ignore anything above
Messages A and B, having been sent before, will appear above the last message I have read and I will probably miss them.


I preferred Google Talk as well, especially since it was built upon an open platform and was easily implemented on unsupported OSes (Windows Phone via IM+ for example). Personally I haven't seen the out-of-order issue in one on one conversations, but it's prevalent in the group chats I'm in. When it happens to my messages, it's almost always when I'm being handed off between towers on the go; it hasn't happened to me on WLAN yet. Since there are no message size limitations like SMS has, I rarely send multi part messages anyway.


>You forgot Hangouts, which works on Android, iOS, and the desktop. It supports text, voice, and video, just like Wire.

So that would be the "what's hot now".

I didn't mention it because few people I know use it. And I wouldn't touch it a Google + Google+ affilicated messaging solution with a 10-feet pole anyway...


I wouldn't say that it's "hot". It's recently become more popular since Google started forcing it on Android 4.4+ users as the only SMS option on their phones. Personally, I wouldn't use it at all if not for easy group communication with my Ingress mates (most Ingress communities use Hangouts, Slack, or both; ours uses both but mostly Hangouts).

I just felt that it was a glaring omission, especially considering its more popular and more reliable precursor, Google Talk.


> >"What we need is another messaging app" said nobody, ever. >The usual negative HN top post.

There's a truth to it. This one, like so many others, brings nothing new to the field. So why do we want it?

> Most of the Skype killers are either crap or crippled in other ways (e.g. Facetime being Apple only).

What's wrong with XMPP/Jabber?

We have a weekly post on new IM platforms, but all of seem to have features which are a subset of XMPP's. Including Skype.


> What's wrong with XMPP/Jabber?

Nothing, except it is a protocol, not an app. Go build an app based on it that's functionally equivalent to Skype and then we can talk.


Exactly. Right now, I have installed on my phone:

* Standard text messaging app, for almost everyone.

* Google Hangouts, which is a pain to remove and always logs in behind my back. I don't want to chat on my phone, it's just a nuisance. (I wish people would stop talking to me through Hangouts, honestly)

* Viber, with a single contact.

* LINE, with a single contact.

I don't have WhatsApp or Snapchat or whatever, but most people will likely have 3 or more messaging apps.

3 years ago, everything was fine. Google used XMPP. Facebook used XMPP. Companies used XMPP. I used XMPP. I may have needed multiple accounts, but I needed only a single app. Now look where we are.


It's a shame that XMPP didn't save us from this situation. My hunch is that the baseline featureset over federation was too low: no federated medsage history; MUCs are single point of failures.

We're trying to fix this with Matrix.org - folks frustrated with yet another communication silo might want to check it out and help us tear down the walls between these gardens. (obvious disclaimer: i help run matrix.org)


I was going to snarkily post the "Standards" xkcd - http://xkcd.com/927/ - but then I noticed that the sample chat on your homepage already has it.

Nicely played.


What's the 'federated message history' in this list?


The capability to get conversation history over several servers. In Matrix the conversation history is stored by all servers involved in the discussion, and thus it can be retrieved if your own server temporarily goes down. It will also be accessible from all your Matrix-compliant clients, whether they are web or mobile clients.

(edit: disclaimer: I'm also involved with matrix.org)


Hey. Thanks for the explanation. I ignore the 'will be accessible from all your clients' part - that should be the case for XMPP as well, or will be with MAM [1].

Storing the history on multiple servers? Not sure I understand the use case here (okay 'server goes down' I understand, but spreading my message history to multiple servers for that seems .. unexpected).

1: http://www.zash.se/mam.html


OK let me try to explain it better: let's say we have a conversation between 3 friends who are all running their own homeservers to connect to matrix. All three servers will keep a copy of the conversation, and if one server goes down and reconnects, the two other servers can update it with the messages that went on while it was down.

If friend 1 and 2 have a separate conversation in a different room, only their two servers will keep a copy of the conversation history. If friend 3 joins this room, his server will receive the current history from the other servers (there's a limit for efficiency but you can explicitly get all the history via pagination).


I have on my phone:

Standard text messaging

ConnectBot (to an irssi session for IRC)

The answer is just to say no when people ask you install $appoftheday to contact them. No hangouts, no skype, no whatsapp, no facebook polluting my phone with their intrusiveness and always-on-in-background tendencies. One person occasionally asks me to install Whatsapp, but each time I say no.

Hangouts is a pain to remove if it came in your ROM, but you can still freeze it with Titanium Backup.


Which is fine as long as you're happy to be "that guy". If I need to install RandomNewChatApp to talk to a client that's paying me $$$, I'm going to install it. Similarly, if a close friend or relative uses a new service, stubbornly saying "no, that's too awkward for me" is not the kind of person I want to be.

But I would prefer if I could just add them as an account to an app that I already have. And ideally an open-source, usable, attractive app.


I'm curious how many people in the real world actually use IRC. Find 10 people on the streets of New York and statistically zero use IRC and maybe, maybe 1 has even heard of it. Ask those same 10 people if they've heard of WhatsApp and likely 3 or 4 would have heard of it and probably 2 would have it on their device. If they're from outside the US, that number would go up to likely 7 would have it installed. Ask those same 10 people if they've ever heard of Skype and all 10 would say yes and likely 8 of them have used it.

Obviously this isn't scientific, but the point is that most people don't use IRC. I'm a software dev and I don't use IRC and I've never had a real-world non-dev even mention it. But Skype? I'm forced to use that every day. Text messages? With iMessage, it's great, but you also need to have the person's phone number -- or, you're like me and you're moving around a lot and change numbers fairly frequently, but Skype/iMessage/etc stays pretty consistent year after year.

Just my 2 cents. In terms of "always on intrusiveness" isn't SMS always on? Unless you're using a burner phone, you're being tracked, SMS is always logged, there's no illusion of security.

Besides, who the heck buys a phone is Hangouts imbedded in ROM? If you're interested in security, then I'd suggest getting something other than Android.


Sure, SMS is always on, but it doesn't have access to my camera or mic. I have Skype on my desktops (although I haven't used it in over a year) where I can tell when it's running and where it doesn't bind itself to autostart whenever someone breathes. The main problem with apps is what they request access to and, barring modding your phone with XPrivacy (I've done it, but not an option for the average user), there's no way to deny those permissions.

As for IRC, it isn't how many people use it, but who uses it; namely a huge proportion of technical communities and people I want to communicate with.

As for Hangouts, it's in the default OEM ROMs, obviously, but also in the gapps packaged for CyanogenMod unless you remove it before flashing (as I did).


I'm mostly with you, but I actually quite like whatsapp.

Don't need to pay extra to send an image Messages don't get lost in transit and if it did, it'd let you know. It's fast, simple and usable.

I find most everything faddish, but occasionaly things win out because they suck less than what we already have. Of course, those specific problems above might be UK specific.


I know this will probably cause dissent, but I think the time of Google (now Apache) Wave may have arrived :-) XMPP based (but hideously complicated) and can still do more than any other "chat" system out there that I've seen.

http://incubator.apache.org/wave/

https://github.com/apache/incubator-wave


I immediately thought "oh, this looks like wave". The problem is that still don't think that this (or Apache Wave) is a whole quanta better than the good enough solutions that are out there.


I have:

* Telegram, with all my contacts (including several rather large group chats) * SMS, for telling new contacts to get Telegram

I don't mourn XMPP, it wasn't very nice and especially not very mobile friendly.


Well, that doesn't work either - since it requires other people to switch, or me to use yet another messaging app.

Besides, I don't trust the Telegram guys with their faux security claims.


Not very mobile friendly .. in what way?

The limitations I know of are 'fixed' with decent/recent clients (Stream Management comes to mind). Care to elaborate?


Poor offline messaging support. As a consequence practically, poor battery life management.


That's not exactly specific, unfortunately.

What's poor about it? I'm genuinely interested - not to convince you that you're wrong but to check if I missed a gotcha in my setup here. So far .. I don't see an issue. I could complain about missing features/XEPs that I'd love to have and cannot right now, but .. chatting should work just fine.

That said, you DO want Stream Management.


Is that an inherent problem in XMPP, though? Something wrong with XEP-0013?


Yeah, totally agree, but looks that users always like to see the wheel being reinvented. It's kind of depressing, why fix what's not broken ?


You're assuming things are not broken.

Skype doesn't work for me. I regularly have video failing or voice failing or Skype refusing to log in on some random subset of combinations of devices on my end and the other end. It's gotten steadily worse over the last decade.


I don't think users really want the wheel to be reinvented. More like companies try to lock you in on their tech and make money with you. Fragmentation? CEO gives a shit.


Well, I rarely see users refuse to install an application even though it does the same thing as another one. That's part of the problem.


You can easily disable Hangouts: go to Settings - Apps - Hangouts and tap the button. It won't even show up in your launcher anymore.


Good tip. I tried this for several apps. Too bad it seems this doesn't work for the Play apps: Books, Films, Kiosk. But several apps are gone (Hangouts, search, Plus etc) and I hope they stay where they are.


I disagree. The current situation with voice and text is insane; telephone companies still try to own that space and charge for things like SMS/receiving calls, even though it's becoming increasingly obvious that it makes far more sense to send messaging over the internet rather than via custom infrastructure. No-one wants cell phone/telephone operators to be anything more than a dumb pipe apart from them.

Apps like this are the future, but nobody has quite hit the perfect spot yet in terms of features and adoption (adoption probably being most important, or some method of piggy-backing on existing services like email/SMS/mobile nos). I had a look at this and it looks pretty good but the first-run experience just isn't there yet. I don't trust some random company with my address book, certainly not on first-run, so I'm not in an empty app wondering what to do. That's far from ideal and will probably be their biggest problem.


Everyone thinks we don't need another one until they see one that does something they like but hadn't realised would be useful. WhatsApp with its free messages, Twitter with its enforced terseness, Snapchat with its take on ephemerality - they were all adopted by millions of users who, before seeing the app, would probably have declared they didn't need a new messaging app. Yet they installed it, tried it, and continued to use it.

People will always want to try new ways to message one another. Consequently we'll always get new messaging apps.


Twitter's success wasn't due to "enforced terseness", it was due to the fact that it supported posting to it from SMS messages back when the majority of the population still had dumbphones. Once smartphones became ubiquitous, Twitter kept riding that wave due to network effects. In fact, the entire reason for the 140-character limit was so that it could interoperate with SMS cleanly.

I do somewhat agree with your overall point though. And it's worth noting that sometimes that "new feature" can be things like "my parents don't use it yet", in the case of teenagers and the like.


I agree. But what's the feature here? I lament the audio quality of cell phone calls, but audio quality depends on bandwidth, and this requires an internet connection, which is going to be spotty depending on location and when transitioning from data to wifi. Every feature here seems a marginal improvement on what already exists (audio quality, UI, sync, security, battery use). No new concepts. Don't get me wrong, I'm happy to use it, but I don't see an impetus for mass adoption.


My understanding is that it has inline content like Whatsapp and desktop support & sync features like Skype (Skype took a lot to make the sync at least tolerable - but I guess they already know what they're doing). The supposedly high quality of the calls and inline 3rd party content support (soundcloud and youtube for now, I suppose) are the bonus features.


We didn't need yet another IRC clone, and yet Slack seems to be cleaning up.

The core value prop of the internet is easy communication. Don't be surprised when people continue to iterate on it.


To be fair, Slack is much more than simply an IRC clone


Well, it apparently is a poor man's IRC clone with awesome UI bolted on top. I think a properly made modern IRC client would blow it out of the water.


Right, because most IRC clones are free


Slack does support IRC and XMPP transports, though? So even if $management wants Slack, I can use a single client across several networks. AFAIK Slack doesn't do federation, but one out of two, is better than none out of two.


Slack was doing it for me until recently. I could paste code and it would format it correctly. It looked great although a bit sluggish at times.

Then I tried to share a Pages document...


So? Even if it turned out badly, that's one bug for a rather obscure use case that can be fixed anyway...


I really disagree. There's simply no good secure cross-platform messaging app available.

Telegram has fantastic clients on all the platforms, but isn't secure. TextSecure is secure, but has only a mediocre app on a single platform (Android). The other alternatives are even worse.

Tox is looking really promising though: https://wiki.tox.im/FAQ


WhatsApp is starting to implement TextSecure technology in it's cross-platform apps and has 600m users.

http://www.bbc.co.uk/news/technology-30114346


Yeah, but WhatsApp isn't actually cross platform. It's only on mobile devices.

And the article you linked points out several times that the encryption is only going to be enabled for WhatsApp's Android client for the time being.


It is still a closed source application that I do not trust.


I'm not sure I understand what you mean by "cross-platform app". Sounds like a contradiction in terms, to me.

We have XMPP and OTR, and with chatsecure on Android or various clients on Linux it's pretty pleasant. I believe there are a few OS X clients as well, not sure about iOS.


What about Threema? (https://threema.ch/en)


It's not cross-platform unfortunately, it's only on mobile devices.


tbh I trust on Threema the same way I trust on Whatsapp or any other client which promises encryption.

Threema is closed sourced and thus I don't know which/how encryption are they actually using.


Telegram isn't secure? Source please.


http://www.cryptofails.com/post/70546720222/telegrams-crypta...

Also, messages are not encrypted by default, and there is afaik no way to encrypt group chats. You have to create a special "secret" chat for the messages to be encrypted.


All messages are encrypted by default, but not client-client (in order to make cloud sync work): https://telegram.org/faq#q-why-not-just-make-all-chats-secre...


It is possible to create synced messages without depending on a server decrypting the messages. Here's how Tox is going to implement that: https://github.com/Quoturnix/ProjectTox-Core/wiki/Multiple-d...


True, but Tox requires a password for that. Telegram tries to be an alternative to WhatsApp so forcing people to sign up with an account isn't an option.


It's the other way around. Messaging apps need to demonstrate their own security by releasing the source code.

So far only TextSecure does this.


One doesn't demonstrate security by releasing the source.

One needs to have source released, audited and verified to match prebuilt binaries that are actually used by the unwashed gray masses. Without all three checked for each public build you have zero assurance that you are running a binary built from the released source and that the source doesn't have anything fishy in it.

The only app that checks all three, somewhat ironically, is TrueCrypt. PGPfone checked #1 and #3. TextSecure checks just #1 unless I am missing something, so objectively its "demonstrated security" is exactly the same as that of any another app that simply describes what it does in plain English and has a traffic to prove it.


The Truecrypt audit still hasn't been finished yet, has it?


Telegram's client code is also open source.




Agreed.

What we need is a protocol people can make clients for. With end to end encryption and PFS, of course.


That's what Tox is aiming for.

http://tox.im/


That's what XMPP is already doing.


I usually dislike introducing yet another standard, but Tox has some features that XMPP won't provide. VoIP support out of the box, without the need for an extension that may not be supported by the client. Also, afaik it's truly decentralized, without the need for a server for the actual communication.


> VoIP support out of the box

True, but do you think it's easier to deploy an extension that already exists and just lacks implementations, or to create a whole new protocol from scratch ?

If you look at other successful protocols, you'll also see that some features we rely on were bolted-on as extensions to protocols that were defined before, such as DNS, IMAP, HTTP... Not that it's an excuse to do the same, but it's expected.

> it's truly decentralized, without the need for a server for the actual communication

I don't think that's not something you actually want.

- How do you send a message to someone who's offline ? You don't, you have to wait for you and your contact to be online at the same time.

- How do you traverse NATs ? You have to craft all that messy code, and it's not even guaranteed that it works... you're going to need a "known anchor" for everyone to connect, just like what we see with WebRTC. If you're aiming for a one single protocol, there's no way around that. By the way XMPP can do signaling over XMPP and actual communications over direct, P2P links (such as SOCKS5: http://xmpp.org/extensions/xep-0260.html)

The sad state today is that many clients still haven't implemented Jingle, but at least there's something to start from.


Your points are well taken, but this is unfortunately a sacrifice that needs to be made in the name of security. While partial centralization would solve a few problems, it would also introduce weak points in its security model that three letter agencies would be quick to exploit.

Tox actually does NAT traversal quite well I've found, and it does support SOCKS5 connections out of the box, albeit through TCP relay nodes rather than direct P2P.


Does XMPP support video?

Edit: yes.

https://xkcd.com/927/ is the kind of situation we need to avoid.


Yes, XMPP supports video. It even has several incompatible ways of supporting video to choose from, most of them called Jingle.


XMPP/Jingle worked, although the quality wasn't very good. You could make video calls between Google Talk (also on Android) and Empathy, the standard GNOME XMPP Client.


XMPP is a rat's nest of extensions from which everyone picks a handful to implement creating a very incompatible ecosystem.


And SIP before that (XMPP being 'superior' because XML)


SIP always seems much nicer to me; meaning I can actually understand it in close to realtime if necessary.


SIP in XML would actually be a massive improvement, because you'd have sane parsing rules.


Is XMPP distributed like tox?


Distributed as in peer to peer? No. Distributed as in federated, everyone can run a server and talk/interact with people on other servers, transparently? Yes.


I think Layer (https://layer.com/) is what you're looking for. The Verge ran an article about Layer (http://www.theverge.com/2013/12/4/5173726/you-have-too-many-...), on how they're attempting to stop the fragmentation on mobile messaging. Last but not the least, it's being built by Jeremie Miller, who invented XMPP.


But Layer will host it for you: you give them your data. That's more what the open standard http://matrix.org is trying to do: basically learn on what is missing from XMPP to be a better fit to today's communication: no single point of control, synced history, groupd chat as first class citizen... It aims to be pragmatic, with a distributed architecture and end to end encryption. Anyone can build a client or server (and host it) or use the open APIs to connect to the Matrix ecosystem. SAme disclaimer as ara4n: I work with MAtrix, but we're non-profit and just trying to fix this mess...


Nice! Didn't know about this until now. Will definitely check the project out. Looks good at first glance.


Looks good. It actually sees the problem with XMPP at least.


Thanks, we've started with XMPP, like many others, but it was not fitting our purpose, like for others, so instead of building our proprietary protocol (like others did) we tried to build on what we learnt and provide something others would like to use. The beta is almost feature complete now and we need enlighten feedbacks to make it fit most purposes and something everyone would find useful!


Protocols usually come from successful clients, not the other way around, but you are free to try. When you do, you can be assured that:

"Yet another messaging protocol is what we need said nobody ever" will be the top comment.


I feel that sentiment. It's not that I mind people doing new apps in already crowded market segments - it's that messaging apps, like social networking sites, work on network effect. I don't want a new messaging app for the same reason I don't want a new Facebook - the existing one is awesome enough, new ones don't offer anything interesting, and I definitely don't feel like rebuilding my contact lists every other year.

In this way, a new app is a danger not only to the maker of an old app, it's a danger to the client as well.


I agree with you 100%. Right when I saw Wire I was like, "Oh great I have to download another messaging app and convince people to use it."

No thanks. I already use iMessage, Hangouts, Line, and Skype at work. There's too many messengers and they all do the same thing.

Wire is not a 10x improvement. Maybe like a 0.0015 improvement which won't even convince me to download it.

The call quality with Skype and other services is decent, making it slightly better with a cleaner UI won't do much.


For me, the ultimate Skype killer is Skype.

It's gone from a messaging app that I couldn't believe worked so well on a low-speed connection, to a messaging app that that I can't believe works so shitty on a high-speed connection. I literally tried for 20 minutes just to get a call to connect last Saturday before giving up and using FaceTime instead.


There is no properly working cross platform mobile video chat yet, because it's a hard problem. All innovation in this space is welcome. Wire started without video, but I'm pretty sure that it is in their long-term plans.


Am I such an outlier if I use Skype for business, not for leisure? I have clients on three continents and every single one used Skype to communicate about the project. Skype was generally running on every machine as a "watercooler chat"/IRC replacement. Just open groups, give them names and pin them to the sidebar. Done.

So I really expected this to be more secure, more portable and LESS designer-driven. Who is even narcissistic enough to use a sidebar that is a giant, high-res portrait of oneself?!

Maybe a Slack/HipChat/... killer for boutique agencies?


i like to joke there are two types of tech companies, mutually exclusive.

- profit driven

- investor money driven

skype is a profit company. wire is clearly investor money driven.

So while your example is valid, i don't think they want to displace the corporate consumer that creates the bulky of skype profit. It probably wants to go after the users that uses snapchat/wasup/etc for free, with little revenue besides what is necessary for a "revenue" round A/B/C/IPO deck, and get investor money/get acquired.

PS: while skype is a consumer product, its job is not to drive revenue, but to advertise the corporate solution: Lync. Lync gets microsoft 2bi/yr, while skype peak at 600m/yr in a good year. 600m sounds good, but not when you paid over 8bi for it.


And curiously, Microsoft is replacing "Lync" with "Skype for Business".... although I'm not sure if that is a simple renaming of the existing client.


aparently it is just a rename. i don't deal with any clients that use it anymore, but last i heard they are just adding lync support to skype, and decided to kill one of the brands. cleverly they killed lync.


They did say they would make the Lync client more like Skype. Which is insane, as Skype is one of the worst pieces of software I use on a day-to-day basis. Lync is a far cleaner, nicer, client.

Also, ffs, "Skype for Business".


Sadly, we mostly hear about those investor money driven companies.


They have money to hire staff to do PR. Bootstrapped companies are often cash strapped for a long time before they can afford PR people. Founders are told to do it, but reality of running a company gets in the way.


Single data point: I open Skype for one occasion: Monday night, gaming with friends that - for the lack of a better term - "don't know better" (I'd prefer TeamSpeak or Mumble for Gaming - or any other voice chat that doesn't require a G+ account really).

Skype is slow. Ugly. And worst of all: It shoves ads in my face on multiple levels (popups, banners etc). So far I keep it for this weekly use case, but I hope that I will leave it behind 'real soon now'™.


I've exclusively used Skype for video chat with family (who happened to be in a really infrastructure-poor part of the world) for months - it was by far the only thing that worked, pixelated low-res video notwithstanding. Most of the other clients, e.g. line, gave-up within 30 seconds with errors like "connection is unstable". Getting Skype to connect is a major pain but once it gets going, even though the video sucks, it isn't choppy and the connection doesn't keep dropping.

Also, I never faced any ads with Skype (not sure if that was due to $1.20 balance in my Skype Credit account). The aforementioned calls were over wifi on my side and 2G(?) connections on recipients side, so free.


Your Skype shows ads? I've never seen ads on Skype.


See my sibling. Yes it does.

There seem to be ways to make that go away (null listing hosts either directly in the hosts file or - on Windows - in the Internet Connection Settings). Maybe. Before I'd use that app for anything of value, outside of my Mondays .. I'd try these approaches.


I have never seen a single ad on Skype (Windows, Mac, iOS) when I use my old account, where I have regularly bought SkypeOut credits.

When I created a second account for work with a new client, suddenly ads popped up everywhere.


Not on Mac but it does on Windows.


That's not true at all. I have ads shoved in my face on my Mac continuously. It's bulky & ugly to use (UX-wise), so it's only used for business.

I make myself available on nth number of services because they people I want to talk to are spread across them; Skype is not one of them.


Mine does...


Nope, as a freelancer with a few remote clients here and there, I find almost every client uses Skype. Even the big corp I'm currently contracting for uses Skype for interviews and inter-company communications. So do most of our vendors.


Not in my experience - I've been to several companies using Skype as the primary in-office communication tool and I find it really annoying. Skype is resource-heavy, poor on features and keeps breaking on Linux (management uses Windows, so it doesn't care, but I'm a dev...). I personally refused to use Skype this time (after it kept repeatedly failing on my Ubuntu machine) and made everyone send an e-mail or write me on Facebook if they need something. Works well (though I feel I'm missing on some amount of in-office chat).


I find it more surprising that you'll allowed to use FB for work.


I work in a relatively small company, everyone here has a private Facebook account, and I see no way in which Facebook chat is in any way worse than Skype. Both are closed-source, privately-owned, centralized servivces. But only one of them I tend to have opened anyway, as I use it to communicate with most of the people I know, and I can use it through Emacs when I find myself too distracted by the vanilla version.


I came to say the same thing. With a twist.

Using FB at work is one thing, using FB to communicate with your coworkers another. FB is 'private' for me (as funny as that sounds - there's nothing really private on FB of course, but it's the social life outside of work that I refer to here). Not corporate.


Hey, I don't think you are an outlier. I use Skype for business and the many SMB I work with all use Skype as well. The Skype target audience is the consumer not the SMB. Lync is great, as Jabber is great, but they are all for the Big Fortune 500, not the SMB. I am still looking... and will welcome new "Skype Killer" initiatives.

Despite of that, I don't think Wire is it. I downloaded the app and it is quite awful to use. We need a "Skype Killer" with better usability for business, not only a pretty screen and a good marketing landing page.


We're builing that. Give it a month or so, will spam HN. Want to beta test? :-)


Yes


Yes.


I've never used Skype for anything personal, only for business communications and only when the other party required it.


this is clearly not b2b


No, the Skype killer has another name: WebRTC. And Wire seems like yet another closed-source GUI making use of the WebRTC stack. I honestly prefer FOSS solutions: Tox, oTalk, Jitsi, etc... oTalk looks really promising


I'm surprised nobody here mentioned Firefox Hello, which seems also to be using WebRTC.

Of course it's not fully cross-platform but afaik you can do connections between Firefox and other browsers using WebRTC.


What about matrix.org who's trying to fix the fragmentation by providing an open standardized signalling layer for WebRTC? Might interest you too! We've been working on integrating with Jitsi, although not finished yet


Nice project. Have you hear about OpenPeer? They're doing a similar thing... providing an open standardized signalling (P2P) layer for WebRTC...

http://openpeer.org/


Yes we're in touch with them. Matrix and Open Peer are complementary technologies - Matrix is focused entirely on the client/server use-case for messaging between always-on persistent federated messaging stores. Open Peer is obviously focused on adhoc p2p messaging without much persistent serverside history.


WebRTC is a monster to implement (and a moving standard at that). It will be quite some time before enough OSS software exists to really replace skype. Besides, it is really hard to displace social networks with new ones, particularly when the new banner is "freedom".


Have not heard mainstream users or kids or grannys using any of those? Are they popular?


IMO the ideal world is one where everyone can use their preferred app and still be able to chat and VoIP with everyone else... Like email basically...


Oh its everywhere! Except... Windows, Linux, BlackBerry, Windows Phone, Web...

iOS, OS X and Android is far from everywhere.


I can understand why they wouldn't support Linux/Blackberry/WP. As a Linux user I'm used to that. But not having windows support? Really?


For Windows probably will be the Browser extension/addon which according to other comments will be using WebRTC.


They are releasing a full Windows client soon.


I don't get why they decided an OS X app was more important to release than a browser app... A browser app reaches a way bigger market share than an OS X one.


The Mac app is also pretty awkward on non-Yosemite computers; a very broken UI.


And no love for Sailfish OS as usual :-(


On the other hand, if it’s any good, there’ll be an open Sailfish-only app for it soon?


I doubt it. The problems with apps in Sailfish is that their appstore doesn't seem to support any payment for apps, so all the apps need to be free. I think this is maybe not giving incentive for people to actively develop on that platform unfortunately.

But perhaps someone comes up with a free app, you never know...


#1 issue.


Skype has video chat. So far Wire only has audio. Skype can call a regular phone or receive calls from a regular phone. It seems like Wire can't, yet. Skype has all my contacts, Wire has none, yet.

Let's call it a Skype killer if it kills Skype. Not yet.


even my browser has video chat , basically a lot more than that (e.g. https://github.com/muaz-khan/WebRTC-Experiment)


Of course this is early. OTOH, when Skype launched, it had a sub-standard feature set, and even kept it's shitty UI around. Messenger was dominating, supported video/audio/etc. (As did NetMeeting). Yet MS fucked that one up and just let Skype and FB takeover. So it's not inconceivable that MS could repeat the same thing again.


+1 totally agreed


Something here I don't understand. First, the terms state that there are two kinds of governing laws: One for those using the service outside the US, and one for those from the US. This is the first time I see a supposedly non-US company applying two different laws. Also, if you go through the terms, you see that basically any legal aspect is governed by the County of San Francisco, California. Why not Switzerland where the company was supposedly formed and is located in?

Second, as of right now, there is no mentioning of a "Wire Swiss GmbH" in the Swiss commercial registry. That's quite severe because under Swiss law, you are not allowed to represent to the outside a juristic person as long as it is not in the official registry.

Here is the link to the registry:

http://zefix.ch/zfx-cgi/hrform.cgi/hraPage?alle_eintr=on&per...


The Mac App Store app [1] is submitted by "Zeta Project Swiss GmbH" which does exist in the registry [2].

[1] https://itunes.apple.com/app/wire/id931134707?mt=12

[2] http://www.hrazg.ch/webservices/inet/HRG/HRG.asmx/getHRGHTML...


Interesting. Judging from this LinkedIn page [1], Wire Swiss GmbH has been around since at least March 2014, and has between 50-200 employees [2]. My guess: they renamed Zeta Project to Wire, but didn't want to wait with the announcement until it's updated in the registry?

Still not sure what's up with the two governing laws.

[1] https://www.linkedin.com/pub/pierrine-auberson/5a/70a/537 [2] https://www.linkedin.com/company/4836762


Based on the address I would guess its only a mailbox anyway.


Yes, at this address is a "workplace provider" [1] where you can get a virtual office starting at 180 SFr/Month.

[1] http://www.en.regus.ch/


> Wire interactions are secure and we comply with European privacy laws and regulations.

Which basically means as soon as a warrant is sent from pretty much any European government they'll hand over all your conversations. The support article doesn't give any detail whatsoever on how they encrypt your conversations: https://support.wire.com/hc/en-us/articles/203122500-Are-mes...

It's a shame companies can't be held accountable for advertising their services as secure, for false advertising.


> Wire interactions are secure and we comply with European privacy laws and regulations.

Marketing double-speak.


Huh? Which company will not give records if subpoenaed?

PS: Of course companies can be held accountable for false advertising. You can take them to court yourself.


The company that does not have records to begin with, when the encryption is truly end-to-end.


Skype killer? Granted most Skype users are Windows PC users, how an application not available for Windows can threaten Skype?


While I agree that "Skype killer" is a hyperbole, I guess the idea is that the "Windows PC" people will switch to using their smart phone instead. Also, there is a "Browser - coming soon" button, indicating that they do target larger computers in a portable way.


"Skype-killers" without end-to-end encryption are useless.


This is really all I want as well. There's tons of pretty messaging apps. Style isn't enough to sway me anymore - I want privacy. How hard is it to make a messaging app that makes encryption its #1 priority?


I've been following Tox with some interest. It's fairly new but fully open source, decentralized, end-to-end encryption, no account needed (people added via their unique bytestring).

https://tox.im/


Tox has interested me more since it's inception, mainly because it's open source and completely relies on peer to peer connections. I've seen some other open source alternatives that aren't as light weight and still centralized to some degree. Wire, if it really wants to be a "Skype killer" in my opinion, should go open source and be more reassuring about how they are protecting our privacy.


I wish this one would market itself as a really good chat application first and privacy second. Privacy etc is of course important but it all feels far too tinfoil hat for myself and too technical I'd imagine for anyone else I know to bother with


Pretty hard, but it's coming. See http://labs.bittorrent.com/bleep


It's closed source.


He didn't ask for an open source application, but for one that focuses on encryption from the get-go.


My first thought as well, why change when nothing have changed.


If they're based on WebRTC then I believe end-to-end encryption is baked into the standard. Whether they use the standard completely is another question.


Articles (http://www.theverge.com/2014/12/3/7325083/wire-chat-service-...) suggest "end to end encryption for voice calls" and encryption to and from their servers for text, but I haven't seen anything about it being WebRTC (unless I missed that on the product's web site).

I'm not sure that them having my messages unencrypted on their servers makes that feature any more desirable than Skype, WhatsApp and the like. Encrypted voice call is good, but in the case they don't say how they do that encryption, it'll remain less-than-trustworthy.



Where does it say that they are based on WebRTC?


Source code. :P


The UI is beautiful. However, differentiating on UI for an app that's about communication can only take you so far. I think some users will be initially wowed by all the nice colors etc. but the app is about chatting, sending images, text and taking, and no amount of beautiful color is going to impact that.

I know how long it takes to make things pretty, I'm wondering if this was a right decision vs. investing their time on something else that is more core to their value (communication).

I think there is a lot of room to innovate around ease of communication, texting, chatting, etc. on the mobile space and we'll see more apps and probably another $Billon exit.

edit: typo


This was probably a big effort from the people who developed Wire.

I'm sure lots of development time has gone in to the product with many difficult problems to solve, so to all the developers of Wire: Good work!

It probably feels a bit defeating to spend all that time developing something only to have people slating it.

That said: I do not think this app is for me. I wish it had a more compact interface (like old Skype for OSX), before Skype became this large take-over-the-screen app, and reading that it might not have video chat kind of kills it for me.


Hmm, no Linux client ... and you 'have' to set a picture when you register? Really? I'm out.


No OSX Lion compatibility too. And they've put it on App Store as if it's the only way to distribute it. Looks like a BS.


Not many people seem to use Lion these days though. An app that I work on has less than 6% (of the 13,000 users who have opted in to providing system stats) on Lion.


>> Not many people seem to use Lion these days though. An app that I work on has less than 6% (of the 13,000 users who have opted in to providing system stats) on Lion.

Locking an app to a version of OS is still a bad practice, particularly for an app aiming to network effect. I have Viber and it works on my Lion! Btw, I think that Viber blows away the competition by having everything: VoIP, Pic,Video, Message all for free!


It doesn't run on GS/OS either. Unbelievable.


Anyone who is interested in OTR (off the record) and peer to peer encryption, Wire is not for you.

Please see https://otr.cypherpunks.ca/software.php for suggestions which might be reliable as of today.

Everyone else who feels good about keeping their messages safely stored for later inspection, use Wire or any other chat client that "looks beautiful", "is pure" and blends yt videos nicely into your feed.

EDIT: Do not take my comment as a critique or sarcasm against Wire. There are different audiences for messaging apps and it's important to understand if you are the one before being negative about privacy policy and encryption.



All the comments on here are very witty. This Wire app is only available for iOS and recent versions of Android (no joy for me on 4.1 on my obviously ANCIENT Xperia S that still functions fine), and only available for OSX. Great for me on OSX but not for my chums on Windows. Buying a Mac makes for an expensive application price, no?

But in all seriousness I recall having great IM with MSN Messenger about 15 years ago, and despite the incessant barrage of replacement apps, there is still no one leader. Sure, we now have Facetime so I can irritate my mum at all times of the day but that's no good for my brother on Windows. And I find Skype to be a massive battery hog on my laptop, and an advert-infested mess on Windows.

Is anyone else like me, and just sticking to SMS and emails? The other day on a BBC News article it mentioned "if you're a bit old fashioned and use email"... but I think email is great because you can archive it offline (I have useful emails from years ago) and it can also be used in court I think.

IM logs - are they evidence in court? All the old chat logs get tidied up from all the IM systems I come across, so there is no referring back to old messages, or a paper trail.

EDIT: I'm getting downvoted, not sure why? In all seriousness is email really broken that we need another IM system? Obviously the lack of video calling is a big problem....


It's not everywhere, it has no video chat, and nobody uses it. If it somehow manages to "kill" anything it definitely won't be Skype.


Privacy agreements just a word without cryptographic technology background as supporter.

Also "everwhere" not means "ios, osx, android". where is windows and linux desktop clients, even skype supports linux desktops today.


I'm most surprised to see a new application launch without a Windows client. Is this a conscious marketing decision to not target the Windows user market? Is the market share of iOS, Android and OSx enough for these guys to succeed without a Windows client? The website notes that a browser client is coming soon, but nothing for native Windows.


I'm pretty sure it just means that the developers at the company primarily use Macs.


And it's only iOS8. That also leaves out iPhone 4 and iPad 2. Skype works on both.


I'm running iOS8 on an old iPad 2 just fine


Agreed. Put 8.1.1 on iPad 2 last night. It's quite snappy. I'm not sure where this legend comes from?


> just fine

How did you overclock it?


Please explain how.


They won't use a standard protocol even if it makes lots of sense for the users. For them, they fear being commoditized as a result of using a standard. Same reason why Hangouts will stop being available through XMPP anytime soon. It's very sad that these companies are so short-sighted, and can only think of small profit for themselves.


"Wire is everywhere!"

- No windows phone client :P


Or Windows for that matter.


- or Blackberry client.


To contact everyone I know I need:

* Skype

* XMPP

* Hangouts

* AIM

* YIM

* SMS

* Facebook

* IRC

* Viber (which I don't use, because yet another client was too much when all these people had other clients anyway).

Another client is just a no go at this stage. I'm still annoyed at Skype blocking both multiple network IM clients I used (imo first, then when they dropped the whole "multiple network" part, IM+).


Wow, AIM's not dead? With the stuff happening at Yahoo, one would think they might just go ahead and move to XMPP (and enable server federation for good measure...).

BTW: If you have XMPP anyway, you can use that for chat.facebook.com. Shame with Hangouts. But everyone wants their golden silo, I guess.


A bunch of my US friends started using about 6-7 years ago because it would send them texts when there weren't actively signed in. They're still using it.


If Skype allowed that (without having to run the original client), they wouldn't make any money.

On a related note, is there any multi network app that supports video?


> On a related note, is there any multi network app that supports video?

Yes, both Pidgin and Empathy support voice and video calling via XMPP. I suspect you'd need to use a "standard" XMPP server though - it wouldn't work over gtalk or facebook chat for instance.


No WhatsApp? :)


Not big in my country, actually. (That said, neither is AIM, but generally people I know abroad don't ask about Whatsapp. Yet anyway.)


Sadly, it seems as proprietary and centralized as Skype is.


Amusing, given their past history with Skype, that this is not available for Windows Phone. Which is too bad as my SO carries a Lumia 1020 and if she can't use it I can't really use it either.


A `Skype killer` not available on Windows computer ?

That's not going to kill Skype.


Wondering why the Android app is 'incompatible' with my Nexus 6. Where can I get the APK?


Probably just their settings. I installed on a Nexus 5 with Lollipop just fine.


Weird that no one here is talking about voice quality, which was what stood out to me as most interesting about the product. I've wondered for a while why, if we can handle something as high-bandwidth as video chat, we can't do higher-fidelity audio chat over data.

But I just tried it and it sounded more or less the same as a normal cell voice call. Also the UI is pretty but slow-feeling on Android. I have a feeling it's smoother on iOS. Disappointing.


That may be because when you install it, you realize you don't have any one you know using the app. Your first action on any new social product, is to spam every action possible against one close friend to see what they all do.

I'd like to try voice calling since some of the Android reviews say the same thing about the quality, but I've yet the chance to do so..


Could the quality of the phone's microphone be the reason for the low-fi voice audio?


It's possible, but I doubt it. The person on the other end was using a Nexus 6. I don't know first-hand how its microphone is, but I know my (high-end Android) phone can record voice memos with much higher sound quality than I typically hear from a phone call.


Having some slight experience in the publishing and content industry, any title that contains the word "killer" is for me a big fat sign for "bulls#$t". I will still pick trusted recommendations[1] over advertising any day.

[1] https://www.eff.org/secure-messaging-scorecard


That domain name would have been one expensive purchase. I wonder if there's any significant correlation between buying an expensive domain upfront & success rate.

That aside, It has spent most of it's life being parked with ads. https://web.archive.org/web/*/wire.com


I often wonder about price when I see great domain names like this. Sometimes they seem to boost the product and many times it doesn't matter. I saw a post on reddit about examine.com. I think the guy said he paid like 40k for the domain and he believes it was a big part of why they were growing. He basically said that he had money from previous business selling and he figured even if the site didn't work out the domain name would get him back most of that money if not more if he had to resell it.


That's me!


oh hai. So was what I said correct? When I had money I used to scarf up domain names for any idea I had. Some of them were decent but I don't think I've ever sold a single one. Eventually just let them all expire after holding them for like 6 years.


Yup 100%. Worst case, I could have still turned it around and immediately sold it for 25k. If I was more patient, likely 35k.

To me, ignoring the opportunity cost of the cash itself, it was a ~10k risk. Worth it.


What Skype has and what any of the newcomer will struggle to get is my extended family. My mum and dad, lots of uncles and aunts, some of which over 80 year old all use Skype every day.

It is a big challenge to move any of these people to new technology, even if it would offer a real advantage for them, which no real newcomer does at the moment.


I'm glad. Skype for iOS has so many bugs it is incredible.


From my initial investigation they have some <bad> code behind, race conditions and I think I found a place where it's leaking the IP of the guy you're calling. I'll post my findings later. Messages are sent over SSL but not encrypted in any other way, so they can read them :)


Skype has kinda been the hot potato company that everyone wanted to buy but, once acquired, no-one could figure out how to actually make money from. Will Wire be any different?

One argument is that is doesn't matter. Messaging is such an attractive market that people just continue to invest in it. Telecos certainly didn't have any problems making money back in their hay-day, and there is the "get all the eyeballs and monetize later" argument that is still popular. Perhaps as consumers we're just doomed to switch platforms every 5-10 yrs as companies rise and then fizzle out. Perhaps churn is the price we pay for free messaging?

FWIW I did pay for Skype for a short while, as I needed some features, but then their billing structure changed and other free products became popular so I stopped.


Why no download for Linux? Why is this always still happening?

If you want to make this thing really everywhere, then imho priority numbero 1 should be to rely on libraries that work everywhere - not just the latest version of a select few OSes. It'll be easier to maintain in the future as well.


It's not year of Linux on the desktop yet, and never will be. Sorry.


I recently discovered SIP-based softphone software (ex. Ekiga). I works great, is easy to use and completely free of charge and registration is minimal (you just need a SIP account).

I really don't get why people would pay for Skype when there are better alternatives around.


While I welcome more competition since Skype really gone down hill after being bought by Microsoft, however this applications website doesn't give any useful information on the encryption used - it would be good to see if it supports OTR style encryption.


https://twitter.com/wire/status/540139385660772352

"Thank you for the good feedback on Wire. For Windows users — a full featured version will be available soon."


Is it just a coincidence that Skype changed their AUP last week, requesting a license to all content transmitted via Skype (point 5.7 of their legalese)? That ought to scare some people away. To Wire?


I don't see that Skype get a license to the content, only that you should have the rights to distribute it (http://www.skype.com/en/legal/tou-usa/#5), and that they have the right to "take it down" if they feel like it.


I'm a little curious. I use Skype semi regularly and it seems to work just fine for me.

But it seems everyone here hates it. Are there some "power user" features that don't work well or something?


- Impossible to grok as a network admin, as it aggressively tries to work on EVERY network (even when only port 80 is available etc.) - The transition from P2P to centralised means that we enjoy all the downsides of a centralised system (hello NSA) AND all the downsides of P2P (no reliable offline messages, esp. with multiple devices) - The iPhone version is 100% custom UI, looks and acts like a Windows Phone app, and has dropped several features (App Store reviews have not been very favourable) - Closed source, non-sandboxed and from a surveillance-friendly company - A resource hog

That said, Wire looks like a complete non-starter to me.


Two things of interest:

- They use Scala on Android[1]

- They plan on a full-browser version[2]; I assume it'll rely on WebRTC. The fact that they don't indicate plans on a specific browser makes me happy.

[1]: http://jobdb.softgarden.de/jobdb/public/jobdb/posting/126982...

[2]: https://www.wire.com/download/


Have anyone read more marketing speak than this website?

"It’s pure. With Wire you can easily move from messages and pictures to HD voice. Wire’s pristine audio quality makes it feel as if the people you are speaking to are right there with you."

I don't even know what this means? I mean, will quality still be "right there with you" if the latency on the network is large? or if you phone is loaded doing some task in the background?

So much of this kind of stuff is hard to guarantee because it is outside of your control.


When showing off a brand new app with no existing userbase, please show or tell what your app does before waxing poetic about its beauty. If it hadn't been for the HN headline, I wouldn't have stayed on this page long enough to see what the app did.

CORRECTION: I missed the intro animation when I opened the link in a background tab, and somehow got left with a masthead image with just three icons on a blank phone, not even the download link it showed after I refreshed.


More fragmentation, great. I cannot help but think how this time I will again convince my contacts to migrate to yet another messaging app. I should probably ask the contacts on WhatsApp first. Or rather Telegram? I think some people are still on Viber, too. My friends on Kik have just migrated from Whatsapp so I will approach them last.

The app who can actually solve _this_ problem will be the next big thing. And if doesn't work, we have yet another messaging app.


Skype is the most resource hungry app on my Mac. It deserves to die.

Unfortunately I am forced to resort using it whenever FaceTime fails. And that happens approx. every 15nth call.


Really? I use it on variety of Macs (2008 Mac Pro, 2011 27'' iMac, 2007 24'' iMac, 2008 Aluminum Macbook, 2011 17'' Macbook Pro) and it runs smoothly and doesn't use much CPU at all on any of them. During video calls it will use more CPU but that's somewhat expected (Factime video calls do too).


It beats Safari and Chrome by CPU time and packets sent by orders of magnitude. Of course Chrome and Safari processes are separated nowadays, but still they do have some central stuff.


Are they going to have some kind of API? I loved being able to programmatically send and read Skype messages on Android, until it stopped working.

Also, will it work with Linphone?


I sure hope so. No decent API is my biggest gripe about Skype. We found Skype to be a great team chat tool although it was frustrating not being able to connect external services.


Good luck but I'm not really sure how this product is differentiating from other bundled voip and messaging products other than better UX/UI.

Where is the revenue model and where are the open APIs into the service? Messaging is becoming really saturated now. User experience might get you some of the way there but interoperability with things outside your walled garden is also important for success IMHO.


Top video is broken on Firefox. This has been happening more and more these days; entire, diverse development teams and they're all on Chrome.


No Windows-version? No killer.


The most compelling feature of Skype was end-to-end encryption - that is before Microsoft centralized the service, subjected it to man-in-the-middle attacks, and partnered with the Chinese government to produce a back-doored version Tom-Skype.

The app page says "Wire interactions are secure and we comply with European privacy laws and regulations." That's just not enough.


Skype still has end-to-end encryption.

But Skype also has the private keys for every user which renders end-to-end encryption "less useful". Sadly they have always had the keys, from the beginning. Tom skype just made content more accessible to the "interested parties".


Strange decision to solely target Android 4.4 and above, that means it's only compatible with about 34% of Android devices.


I wonder which feature that they need that is only present in 4.4+


I like how Wire and Telegram are referencing old tech. I prediction the next Skype killer will be called Morse or Flip Phone.


Does anyone else feel like we're in the midst of another 1990's instant messaging war? Except now with smartphones!


Yeah and this implies that people by and large still aren't tech savvy (enough). This is very unfortunate as we have to use the software most people are wiling to tolerate. Ironically, in most of my use cases e-mail is the best solution for communication. It is based on widely accepted protocols [there is an abundance of e-mail clients you can choose from without fearing compatibility issues], delivery is (most of the time) almost instant and it is up to you which provider you use (or you can even host an e-mail server yourself). It's also good concerning encryption in that you can agree with each of your contacts whether or not you want to use some form of it. In contrast, messenger like Facebook don't give you a choice and OTR is not something everyone is willing to learn about.


Can anyone explain to me what "full democracy" means in this context? From the page:

"It’s on. Wire is perfect for staying connected with any group. Create a conversation, name it as you wish, and add people — your groups will be taking off whether they’re about work, family or fun. Oh, and Wire groups are full democracy."


Not surprised this is from ex-Skype people, no desktop. Quality isnt something I have attached to the skype brand.


Nice first impression. Some issues though: No video chat. That's the main thing i use skype for. Sound goes through my Macs default settings. I can change the microphone to my headset but not the output. If i change the output to headset it will also change this for my music which is annoying.


If they put "win client coming soon, sign up for updates" to get how many people even want it, that would be at least something. But this "only ios and android" philosophy, i just don't get it. What kind of smart business decision has to be to rule out 80-90% of users!?


I understand it's their business and all, but I don't see why we need one more not-opensource messenger app. As we don't have enough. Sure, somebody will use it, but it's all about marketing now and I only can hope they'll fail. Nothing interesting here.



Unless I'm missing something, this seems to be voice, IM, and multimedia only - no video chat.


I was going to say, I was expecting an app with a significantly better video chat experience, since that's what most people associate the word "Skype" with, not instant messaging.


I signed up and downloaded the app (android).

1. The App uses different non-standard patterns. It's really a pain to use and navigate. 2. The design is cool and I like it. 3. I should be able to find users by ID or similar.

Who wants to test this thing can add me (contact -at- omarabid.com )


4. You can't seem to actually call phones, which is why everyone uses Skype. Or did I miss something?

Notably, all videochat apps makes desktops super hot while their mobile equivalent works fine. My humble guess is because on iOS/Android they are using the hardware accelerated codecs (due to the lack of other options), while on desktop they just assume the CPU can do everything. I will be interested to see how Wire performs in that regard.

I am doing a lot telecommuting and have a frequently remote relationship, so I try a bunch of these apps. Here is the thing: I don't care about beautiful interfaces when it comes to full screen videochat.

So far the best experience I had was with oovoo, which was simultaneously the ugliest software at the time. Perhaps Wire will be successful for the same reason Slack is: it just works (I have yet to see).


sigh it seems I'll eventually have to update this:

http://the.taoofmac.com/space/blog/2014/11/13/0830#the-insta...


Documented open protocol or GTFO !



how is this a Skype killer? Not for nothing, but for $2.99 a month I can anywhere with Skype. There is no information on the site about pricing, coverage or restrictions.

Maybe I'm not the majority of Skype users, but I use Skype as a replacement for a second phone in my office. I'm not using it as a messager, picture/video uploader or whatever else this thing does, again, I'm using it as a low cost phone line.

From what I see on the website, I can see this competing with SnapChat, Instagram or whatever other messaging client, but not Skype.


The title of this article is hipster-bait. Someone claims something is a Skype-killer while not supporting 95% of Skype users (who are on PCs). Its ridiculous on the face of it.


Personally I'll wait for Hemlis (http://heml.is) to be released (even if it doesn't do everything Wire does).


We should all just get over our prejudices and download BBM which is the closest app to a Skype killer that I've used. Don't knock it until you've tried it.


I'd love to replace my company Skype with a client/service that has an API, that I can script bots for, and has great support for both mobile and desktop.


A skype killer... that doesn't run on windows or linux.


I read the blurb, liked the look and thought "why not?". I clicked download and don't see Linux, or even a browser option. It's not a skype killer - it's more prettier Whatsapp alternative without the market share.

Honestly, if whatsapp did a browser/desktop client I'd be on that before this even got a second look


This sentence on the App Store page needs fixing: "Wire works on iOS and OS X, it is inspired by and developed for the latest in hardware."


Marketing, marketing everywhere. Is the protocol open?


"This app is incompatible with all your devices"

Well, then.


I'll sure it'll be great... just like the original Skype - and then they'll sell it again and it will get worse.


Installed on Android. I went to invite a friend to try it out, there is no invite or share feature. Hope this helps!


Skype Killer... No Windows client.

Oh Hacker News, you do realize that very few people actually use Macs in the business world, right?


Horrible website


Yeah, I can't believe this crap has become de-facto web design.


I am also stunned by the horrible usability of the web site. Who really inspires those people to make many UX mistake on one simple page?


Why does Skype needs to be 'killed' by ex-Skype people again and how does that benefit consumers exactly?


So many colors....and so much text. Are there any pictures at all? Or is my Chinese internet just too slow?


The UI may look pretty, but its totally unusable for me. It took me ages to figure out how to make a call.


The first selling point is "it's beautiful?" That's not selling anything.


> The first selling point is "it's beautiful?" That's not selling anything.

Its selling aesthetics rather than function, which may not be important to you, but it may be important to the customer they think they want to target.


Doesn't require a mobile number to sign up, that's new.

Privacy policy is predictably gritty though.


..and please let there be decent keyboard shortcuts (I'm looking at you, Skype)


On Linux google hangouts voice call quality is much better than Skype's


Actually it is not that hard to create a better product than Skype. Skype sucks in so many ways that i wouldn't know where to beginn. Exchange developers, exchange the designer and the UI team. Hate it - but use it every single day.


Am I the only one who realised there is no videochat in Wire?


This site looks broken with EFF's HTTPS everywhere.


Anyone know why it won't run on a Nexus 7 tablet?


No video and no win32/64. Skype wins by default.


Could they not get any more Hipsters on that page?


I know right. I guess that's their target demo.


Good case of veneer design vs functional design.


Anyone know the stack they're running?


seems buggy to me when you can't even register to the platform :(


I will definitely try this


Where is the pricing?


It's free.


Talko? Blah blah.


Terrific.


iPad only? I am out.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: