> we've structured the project as a non-profit entity, so it can never be bought, has no investors, and isn't "owned" by anyone
Never is a long time. Non-profits can become for-profits. Non-profits can also spin off of their profitable components as for-profits -- just like the Mozilla Corporation is a for-profit owned by the non-profit Mozilla Foundation. Non-profits can sell ads and sell your data.
And, of course, non-profits can get money hungry just like any other organization. Look at how ICANN has found ways to vacuum up billions of dollars from the internet.
They also may not technically have any investors, but they have a de facto investor in the form a $100m loan from WhatsApp founder Brian Acton who is also on the board. He could have made it a gift, but did not -- which implies he wants the money back at some point. Signal will need a lot of donations to pay that money back -- or they could decide to sell ads or data.
All that said, I'm happy Signal is doing well, and applaud their efforts. I hope they succeed.
I'm a bit worried that the CEO is so vehemently against federation [0]:
> It is unlikely that we will ever federate with any servers outside of our control again, it makes changes really difficult.
I think as long as there is no federation there will always be the "benevolent dictator" situation, which often doesn't end up well in the long run.
At the same time, I'm sure that I couldn't convince my non-tech friends to switch over to a federated protocol like Matrix. The clients have been getting better, but they still lack a lot of mainstream UX. So, while Signal is better than WhatsApp for now, I think the only sensible solution is a federated protocol.
One reason which I chose Matrix over Signal, other than being forced fo tie my identify to a phone number and depend on a smartphone for receiving mesaages.
Aside from network effects, UI/UX is really king when it comes to getting people to switch messengers. It's why Telegram has managed to stake as large of a following as it has, despite its glaring flaws when compared to Signal, Matrix, etc.
I understand wanting to focus on security and privacy at the cost of all else, but if the goal is to get as many people on a reasonably safe messenger app as possible, UI/UX is unavoidably going to be a focal point — it can't just be made an afterthought, or as is the case with many FOSS projects disregarded almost entirely.
Honest question, I'm not a distributed person. Why can't someone turn Signal federated? Wouldn't the centralized server just be a different server? Sure, you'd need to roll a custom app but plenty of people do that. I constantly see people here complaining about it not being federated, but the server is open sourced, so what's the issue?
Side note: isn't it good to be centralized while the app is quickly rolling out new features? Then a switch to federation would be better when all the features are enabled?
All, Signal is a 501c3 nonprofit. Your company probably matches donations. If they don't, they are eligible to be added to your company's portal. I encourage you to throw some of your wealth their way and take the extra step to get matching. This is important.
Great call to action. With other nonprofits I would immediately agree, matching is important. Is Signal in more need than other nonprofits, though? I imagine they’re still sitting on some of the $40 million the Signal Foundation got from Brian Acton, former WhatApp CEO.
> That is, why is the user forced to update in order to use the application, even if no critical security issues arose?
Because they’re adding new features, both security improvements and user‐facing sugar.
Moxie’s thoughts on this are well‐known: he believes he can build a better and more secure messenger by keeping deployed clients as closely aligned as possible. Even if you disagree (and plenty of people disagree, as we see in almost every Signal comment thread), it’s at least a valid opinion to hold. https://signal.org/blog/the-ecosystem-is-moving/
After installing the phone version, I just tried the Desktop version on Debian. It doesn't work: fails to connect because none of the machines I have (even the Windows one!) is able to trust the digital certificate from https://textsecure-service.whispersystems.org/v1/config . I mean, I could try to add the certificate to the exception list, but when it comes to stuff like Signal I feel I shouldn't be doing any of this at all. And their website has no mention about adding certificates to my chain.
I wanna try to move away from Whatsapp too, but when your "Secure" app fails to work because no one trusts your digital certificate, I inevitably start questioning your claims of both quality and security... Everybody will stick to the old product if the new one isn't polished....
The Signal Desktop app you are trying to install must be somehow outdated, the desktop apps I use are working perfectly (both GNU/Linux and macOS) and I never encountered this issue. Maybe try to get some help from the community? https://community.signalusers.org/
Is it documented (and provable) what happens when the Signal app is given access to Contacts and then verifies which of them is a Signal user?
It seems that some information would be revealed in that process that could be mined to eventually de-anonymize people based on relationship networks (assuming nothing easier is possible).
Does anyone here know if there's any reason not feel that is a serious vulnerability?
As the post says, their non‐SGX method requires you to trust the server: “This has meant that if you trust the Signal service to be running the published server source code, then the Signal service has no durable knowledge of a user’s social graph if it is hacked or subpoenaed.”
To eliminate that requirement, they developed an SGX‐based method: “Since the enclave attests to the software that’s running remotely, and since the remote server and OS have no visibility into the enclave, the service learns nothing about the contents of the client request. It’s almost as if the client is executing the query locally on the client device.”
Of course, there are plenty of attacks on SGX (I’m not enough of a cryptographer to know how practical they are to apply to Signal’s methods or not); but at some level you are going to have to trust servers you don’t control, whether your system is federated or centralized. I’m mostly willing to give Moxie the benefit of the doubt here.
They say now they are working on letting people sign up without having to use a phone number.
I've hated this about Signal since first beginning to use it. Forcing everyone to use a phone number makes it so much harder to have a partially anonymous way to communicate.
I can't help but feel this was intentional to prevent use by those wishing to remain anonymous. I don't believe they'll ever actually do this.
If they could have they would have done so already imo. Perhaps they are fighting whatever restrictions force them to do this. We can only hope.
My belief is that various governments prevent Signal from allowing anonymous registrations and will continue to prevent them from allowing it.
I expect that what they will allow is something like "you can now register with a gmail account". That is the same restriction since you need a phone number to register for a gmail account these days.
I switched to Signal way before. And then Elon Musk recommended Signal to all and sundry on Twitter.
And then that got retweeted by Jack Dorsey. Now..I am a little worried. Do I want anything that has Jack’s paw prints on it. Since he and Zuckerberg turned up like creepy ideological twins at the senate hearings, I can’t tell them apart.
The first question on the Reddit AMA resonates. WhatsApp was great before FB bought that out. Who is to say it won’t repeat with Signal and someone else?
Signal is well documented and the client is open source. They've done an excellent job making e2e chat accessible to everyone. But, that's always an inherent risk.
I believe signal to be one of the best options right now. However, I'm also running a matrix server and working to convert my friends to that.
These challenges are never going to stop, but federated messaging is a big step forward.
One of the points of Signal is that the app is owned by a non profit and not a company. I highly do pressume that it means that it can't be sold to the highest bidder.
Did WhatsApp release their protocol openly with an open source reference client/server? Or did I miss that part?
Having an exit plan makes me less concerned about a centralized service - if FB/TWT/etc buy Signal many parties are strongly incentivized to fork the code and provide migration paths.
[+] [-] nostromo|5 years ago|reply
Never is a long time. Non-profits can become for-profits. Non-profits can also spin off of their profitable components as for-profits -- just like the Mozilla Corporation is a for-profit owned by the non-profit Mozilla Foundation. Non-profits can sell ads and sell your data.
And, of course, non-profits can get money hungry just like any other organization. Look at how ICANN has found ways to vacuum up billions of dollars from the internet.
They also may not technically have any investors, but they have a de facto investor in the form a $100m loan from WhatsApp founder Brian Acton who is also on the board. He could have made it a gift, but did not -- which implies he wants the money back at some point. Signal will need a lot of donations to pay that money back -- or they could decide to sell ads or data.
All that said, I'm happy Signal is doing well, and applaud their efforts. I hope they succeed.
[+] [-] leoplct|5 years ago|reply
They have invested years giving it for free, now the ask the price (data) and users go away.
[+] [-] unknown|5 years ago|reply
[deleted]
[+] [-] shafyy|5 years ago|reply
> It is unlikely that we will ever federate with any servers outside of our control again, it makes changes really difficult.
I think as long as there is no federation there will always be the "benevolent dictator" situation, which often doesn't end up well in the long run.
At the same time, I'm sure that I couldn't convince my non-tech friends to switch over to a federated protocol like Matrix. The clients have been getting better, but they still lack a lot of mainstream UX. So, while Signal is better than WhatsApp for now, I think the only sensible solution is a federated protocol.
0: https://github.com/LibreSignal/LibreSignal/issues/37#issueco...
[+] [-] m-p-3|5 years ago|reply
[+] [-] kitsunesoba|5 years ago|reply
I understand wanting to focus on security and privacy at the cost of all else, but if the goal is to get as many people on a reasonably safe messenger app as possible, UI/UX is unavoidably going to be a focal point — it can't just be made an afterthought, or as is the case with many FOSS projects disregarded almost entirely.
[+] [-] godelski|5 years ago|reply
Side note: isn't it good to be centralized while the app is quickly rolling out new features? Then a switch to federation would be better when all the features are enabled?
[+] [-] meowster|5 years ago|reply
https://old.reddit.com/r/technology/comments/kt91qk/signal_p...
[+] [-] luxpir|5 years ago|reply
https://teddit.net/r/technology/comments/kt91qk/signal_priva...
[+] [-] efwfwef|5 years ago|reply
[+] [-] Daniel_sk|5 years ago|reply
[+] [-] TheSpiceIsLife|5 years ago|reply
[+] [-] ljlolel|5 years ago|reply
[+] [-] soupson|5 years ago|reply
[+] [-] christefano|5 years ago|reply
[+] [-] adammenges|5 years ago|reply
[+] [-] bluefox|5 years ago|reply
That is, why is the user forced to update in order to use the application, even if no critical security issues arose?
The passage of time is not a good excuse for a mandatory update.
[+] [-] anjbe|5 years ago|reply
Because they’re adding new features, both security improvements and user‐facing sugar.
Moxie’s thoughts on this are well‐known: he believes he can build a better and more secure messenger by keeping deployed clients as closely aligned as possible. Even if you disagree (and plenty of people disagree, as we see in almost every Signal comment thread), it’s at least a valid opinion to hold. https://signal.org/blog/the-ecosystem-is-moving/
[+] [-] fsflover|5 years ago|reply
[+] [-] tethys|5 years ago|reply
https://www.reddit.com/r/technology/comments/kt91qk/signal_p...
[+] [-] eznzt|5 years ago|reply
[+] [-] efwfwef|5 years ago|reply
[+] [-] rriepe|5 years ago|reply
[+] [-] qznc|5 years ago|reply
[+] [-] christefano|5 years ago|reply
[+] [-] dirtylowprofile|5 years ago|reply
[+] [-] brobinson|5 years ago|reply
https://old.reddit.com/r/technology/comments/kt91qk/signal_p...
It's a lot faster for me and also more information-dense.
[+] [-] unknown|5 years ago|reply
[deleted]
[+] [-] dyingkneepad|5 years ago|reply
I wanna try to move away from Whatsapp too, but when your "Secure" app fails to work because no one trusts your digital certificate, I inevitably start questioning your claims of both quality and security... Everybody will stick to the old product if the new one isn't polished....
[+] [-] m_b|5 years ago|reply
[+] [-] TheChaplain|5 years ago|reply
[+] [-] akvadrako|5 years ago|reply
Maybe your version of Signal is too old?
[+] [-] searchableguy|5 years ago|reply
I installed signal desktop app just now. It's 1.139.4 - Do you have the same?
[+] [-] abdullahkhalids|5 years ago|reply
I use it on Debian. Works fine.
[+] [-] raylad|5 years ago|reply
It seems that some information would be revealed in that process that could be mined to eventually de-anonymize people based on relationship networks (assuming nothing easier is possible).
Does anyone here know if there's any reason not feel that is a serious vulnerability?
[+] [-] anjbe|5 years ago|reply
Yes, it’s documented: https://signal.org/blog/private-contact-discovery/
>(and provable)
As the post says, their non‐SGX method requires you to trust the server: “This has meant that if you trust the Signal service to be running the published server source code, then the Signal service has no durable knowledge of a user’s social graph if it is hacked or subpoenaed.”
To eliminate that requirement, they developed an SGX‐based method: “Since the enclave attests to the software that’s running remotely, and since the remote server and OS have no visibility into the enclave, the service learns nothing about the contents of the client request. It’s almost as if the client is executing the query locally on the client device.”
Of course, there are plenty of attacks on SGX (I’m not enough of a cryptographer to know how practical they are to apply to Signal’s methods or not); but at some level you are going to have to trust servers you don’t control, whether your system is federated or centralized. I’m mostly willing to give Moxie the benefit of the doubt here.
[+] [-] almost_usual|5 years ago|reply
[+] [-] rriepe|5 years ago|reply
[+] [-] permille42|5 years ago|reply
I've hated this about Signal since first beginning to use it. Forcing everyone to use a phone number makes it so much harder to have a partially anonymous way to communicate.
I can't help but feel this was intentional to prevent use by those wishing to remain anonymous. I don't believe they'll ever actually do this.
If they could have they would have done so already imo. Perhaps they are fighting whatever restrictions force them to do this. We can only hope.
My belief is that various governments prevent Signal from allowing anonymous registrations and will continue to prevent them from allowing it.
I expect that what they will allow is something like "you can now register with a gmail account". That is the same restriction since you need a phone number to register for a gmail account these days.
[+] [-] jelliclesfarm|5 years ago|reply
And then that got retweeted by Jack Dorsey. Now..I am a little worried. Do I want anything that has Jack’s paw prints on it. Since he and Zuckerberg turned up like creepy ideological twins at the senate hearings, I can’t tell them apart.
The first question on the Reddit AMA resonates. WhatsApp was great before FB bought that out. Who is to say it won’t repeat with Signal and someone else?
[+] [-] metaxis78|5 years ago|reply
I believe signal to be one of the best options right now. However, I'm also running a matrix server and working to convert my friends to that.
These challenges are never going to stop, but federated messaging is a big step forward.
[+] [-] jbj|5 years ago|reply
[+] [-] kubanczyk|5 years ago|reply
We need a protocol with competing federated servers. It's old news: Matrix, XMPP, IRC, e-mail.
[+] [-] r00fus|5 years ago|reply
Having an exit plan makes me less concerned about a centralized service - if FB/TWT/etc buy Signal many parties are strongly incentivized to fork the code and provide migration paths.
[+] [-] unknown|5 years ago|reply
[deleted]