1/ In defense of #Signal. Yes, I'm a guy that just posted a roundup of distributed/mesh messengers https://changelog.complete.org/archives/10205-roundup-of-secure-messengers-with-off-the-grid-capabilities-distributed-mesh-messengers of which #Signal was obviously not part. I am really excited about the potential of those.
But to the general public, I still recommend Signal. Here's why.
2/ #Signal brings #encryption and #privacy to meet people where they're at, not the other way around. People don't have to choose a server, it can automatically recognize contacts that use Signal, it has emojis, attachments, secure voice and video calling, and they all just work (Musk aside). It feels, and is, a polished, modern experience with the bells and whistles they are used to.
3/ I am a huge fan of #Matrix/#Element and even run my own instance. It has huge promise. But it is Not. There. Yet. Some reasons:
#Synapse, the only currently viable Matrix server, is not ready. My Matrix instance hosts ONE person, me. Synapse uses many GB of RAM and 10+GB of disk space, with little tuning for either. It's caused OOMs more than once. And this is AFTER extensive tuning. It cannot be hosted on a Raspberry Pi or even one of the cheaper VPSs.
4/ Choosing a #Matrix instance. Well you could just tell a person to use matrix.org. But then it spent a good portion of last year unable to federate with other popular nodes due to Synapse limitations. Or you could pick a random node, but will it be up when someone needs to say "my car broke down?" Some are run from a dorm computer, some by a team in a datacenter, some by one person with EC2, and you can't really know. Will it be stable and long-lived? Hard to say.
5/ Voice and video calling is not there yet. Matrix has two incompatible video calling methods (Jitsi and built-in), neither work consistently well, both are hard to manage, and both have NAT challenges.
6/ #Matrix is so hard to set up on a server that there is matrix-docker-ansible-deploy https://matrix.org/docs/projects/other/matrix-docker-ansible-deploy/ . This makes it much better but it is STILL terribly hard to deploy, and very simple things like "how do I delete a user" or "let me shrink down this 30GB database" are barely there yet, if at all.
7/ Encryption is not mandatory in #Matrix. E2EE has been getting DRAMATICALLY better in the last few releases, but it is still optional, especially for what people would call "group chats" (rooms). Signal is ALWAYS encrypted. Always. (Unless, I guess, you set it as your SMS provider on Android). You've got to take the responsibility off the user to verify encryption status and make it the one and only way to use the ecosystem.
8/ Again, I LOVE #Matrix. I use it every day to interact with Matrix, IRC, Slack, and Discord channels. It has a TON of promise. But would I count on it to carry a "my car's broken down and I'm stranded" message? No.
9/ What about some of the other options out there? #Briar is fantastic and its offline options are novel and promising. But in common usage, it can't deliver a message unless both devices are online simultaneously, and doesn't run on iOS (though both are being worked on). It also can't send photos or do voice or video calling.
10/ Some of those same limitations apply to most of the alternatives also. Either that, or they are encryption-optional, or terribly hard to set up and use. Just today, I boosted a post about #Status, which shows a ton of promise also. But it's got no voice or video calling capabilities. How about #Scuttlebutt? Fantastic protocol, extremely difficult onboarding (lengthy process, error-prone finding a sub, multi-GB initial download, etc)
11/ So #Signal gives people: dead-simple setup, store-and-forward delivery, encrypted everything, encrypted voice/video calls, ability to send photos/video encrypted. If you are going to tell someone "it's so EASY to get your texts away from Facebook and AT&T", THIS IS THE THING you've got to point them to. It may not be in 2 years, but for now, it is. Do not let the perfect be the enemy of the good. It advances the status quo without harming usability, which nothing else does yet.
12/ I am aware of all of the very legitimate criticisms of #Signal. They are real and they are why I am excited that there are so many alternatives with promise, some of which I use actively. Let us technical people use, debug, contribute, and evangelize the alternatives.
And while we're doing that, tell Grandma to contact us on Signal.
/END
@jgoerzen great exposition, most comprehensive address to my objections. still: i don't want to give my phone number to people i don't trust (that is moxie and openwhisper and all who can grab it from the discovery process, like the police, the state, fascists, etc). i don't want them to have my kid's phone number either, nor my friends and comrades. 1/
@zeh
It may be worth reiterating at this point that although Signal uses your phone number as a user identifier, I'm not actually sure of they store it or just a hash of it, and they definitely don't transmit otjer numbers from your contacts for discovery:
https://support.signal.org/hc/en-us/articles/360007061452-Does-Signal-send-my-number-to-my-contacts-
They also announced they're trying to move away from using phone numbers at all (the recent intoduction of PINs is in preparation of that) -- but it may take some time
@jgoerzen
@Mr_Teatime @jgoerzen @zeh #OWS keeps a copy of your phone number on record for account recovery purposes. Of course, this also opens you up to various attacks and compromises.
Hm... yeah, makes sense. Would it be possible to do those things without storing the user ID?
@Mr_Teatime @zeh @jgoerzen It occurs to me that they could theoretically store a hash, and then ask for the ph# again at acct recovery time, then compare the hashes. But I don't give OWS the benefit of the doubt considering how they push users into Google Playstore & claim it's safer than the APK download which they hide. It's hard to trust OWS anytime trust is needed.
As far as I can tell, they are pretty good at minimizing the amount of stored data, including profile, contact data, metadata etc:
https://signal.org/bigbrother/
As far as i can tell, they don't have more than the phone number (hashed or not, not sure, haven't found the info yet)
Also, the code is open source, so it is testable whether it does what OWS says it does -- no need to speculate.
@Mr_Teatime @resist1984 @jgoerzen oh, look at that. not only is #signal hostile to federation and freedom, centralized and closed source (no new code published for a year), they also gone full cryptoscam now. who could have possibly imagined something like this.
Cryptoscam? Which news did I miss again? Do you have a link or something?
Also, they do have a reson for not federating -- I think there are more important counterarguments, but it's a valid one: Federating means the server will be operated by loads of different people, some of whom might not know what they're doing or be malevolent, and regular users can't (and shouldn't have to) make sure that their own and their contacts' providers do everything right.
@resist1984
oh wow... thanks for the hint!
I think I agree with Schneier on all points: Signal is currently (still ... so far) the best messenger "for the masses", and attaching a cryptocurrency to it is dangerous and smelly. Very smelly.
And it does reduce my esteem for Moxie Marlinspike, who has in the past walked away from large piles of money in favour of the common good.
Wonder if the recent success went to his head.
@Mr_Teatime @zeh @jgoerzen I've always considered #Signal trash (see https://github.com/privacytoolsIO/privacytools.io/issues/779). For #Schneier to endorse it for "grandma" neglects the fact that Signal is exclusive. It completely disservices grandmas who just want to reach everyone. Signal excludes those without mobile phones & those unwilling to share their number with OWS, which makes grandma exclusive.
@resist1984
»Without mobile phones«
So ... that grandma in your example has a PC/laptop but no smartphone, or has a smartphone but is unwilling to tell others her phone number?
I'd say there's a few orders of magnitude fewer people who fall into that category than the people who have nothing but a smartphone and don't know how to use it for anything but facebook and whatsapp.
*both* groups are important but for the second one, Signal is the best thing out there.
@Mr_Teatime @jgoerzen @zeh grandma may have 50+ people in the family. Do all 50+ family members have a both a mobile phone & the willingness to share their number with OWS? Both of my grandmas would be excluding me if they were to use Signal.
@zeh @jgoerzen @Mr_Teatime a lot of people are willing to use exclusive technologies, but grandmas, not so much. They tend to want to include everyone in their families.
@Mr_Teatime @jgoerzen @zeh So #Signal is /exclusive/, while #Wire is inclusive. Wire is therefore more suitable for the grandma use case.