- cross-posted to:
- technology@beehaw.org
- cross-posted to:
- technology@beehaw.org
Step 1. Make it federative Step 2. Stop fucking hosting your shit on Amazon servers. Step 3. Profit
Even if they federated (which I doubt they will do), someone would have to foot the bill for those servers. Same thing on lemmy, someone’s eating the server costs here even if it isn’t a major corporation.
Crazy how decentralization improves both, but they are vehemently against that. I trust them in terms of privacy, but their insistence on centralization, blocking third party apps, removing SMS, and refusal to support fdroid, I’m not a fan of the direction they’ve gone recently.
- Signal wants to be as secure as possible
- F droid has security issues
- It makes perfect sense to me
Fr. Fuck signal for removing SMS support
Was split off, called ‘Silence’.
There were two SMS mistakes by Signal:
I haven’t been able to trust them since the get go, to be honest. Their whole stance against federation is… FUDdy to stay polite: https://gultsch.de/objection.html
A more accurate title could be “Privacy is Priceless, but Centralization is Expensive”: with the era of cheap money coming to an end, grows a lot of uncertainty regarding the future of some large internet services. Signal is no exception and this emphasises the importance of federated alternatives (XMPP, fediverse, …) for the good health of the future internet.
Decentralisation would just spread the costs over more individuals. Those individuals would have to collect contributions from their respective communities. The total amount people who would have to chip in to make the system sustainable won’t change dramatically. Decentralisation isn’t some magic wand that makes infrastructure and labor costs disappear into thin air.
Decentralisation would just spread the costs
…the costs and the risks: let’s jump forward a few years into financing issues, at what point does Signal become a liability and start operating against their stated mission, if the alternative is that they cannot survive? We are witnessing enough contemporary examples of enshittification to know that it’s a real possibility, and that all centralized providers, but in particular the ones not charging for service, are at risk.
Some would even argue that this has already started in the case of Signal with their crypto payments and blocking of 3rd party clients which are clearly user-hostile.
Those individuals would have to collect contributions from their respective communities.
Perhaps, or perhaps not. Running costs get exponential with scale. You can host 1000 users on a shoebox computer/raspberry pi, but delivering a service for millions requires datacenter-level infrastructure and tons of engineering know-how.
Most people into self hosting or having a NAS at home can already accommodate their families, friends and more, which means millions of potential users, without the problem of trust from a single organization
E.g. SMS isn’t secure, but it is free as it uses downtime in overhead cell channels.
Except it is not free. My carrier does not include them in the main plans (because they’re not as commonplace anymore), and you either buy an additional package or pay per each SMS.
Have any suggestions for “normies” on iPhone and Android that aren’t Signal?
matrix comes to mind, get element on iOS and Android (Fdroid or play store)
SimpleX or any XMPP with OMEMO
If those “normies” aren’t turned away by the creation of an account (and if they can use Amazon, I doubt it’s an issue), they can certainly use XMPP :)
Here to pick a provider:
https://providers.xmpp.net/Here for the software:
https://xmpp.org/software/?platform=android
The cost of these registration services for verifying phone numbers when people first install Signal, or when they re-register on a new device, currently averages around $6 million dollars per year.
That’s pretty crazy. Wonder which third party providers they are using. Maybe the identity verification methods we have today is due for some significant changes?
Yeah, I wasn’t expecting that to be the bulk of their spending. Maybe they should remove the need for phone numbers now they removed SMS.
They are working on that! :)
No, I think they are merely working on user ids no longer mandating to be your phone number (so that it can be pseudonymous, e.g. tja@signal instead of +xx0123456@signal), I don’t believe they hope to drop SMS verification at this point because of the spam issue getting worse otherwise
SMS is dead, so they will need to move on eventually. Most carriers are moving towards high data plans now. I mainly use it for verification, although I’d rather use more secure methods.
Well, if SMS is dead then RCS is what we get instead, and there’s no difference to us (and probably higher costs for Signal & al.)
And there are wayyyy too many things that depend on SMS for it to be dead any time soon, too :)
Also Signal cannot add RCS support, because Google Jibe servers won’t allow other app than Google Messages… And you must use them because native RCS support for Android is halted for years… And you cannot install some module with RCS support yourself because of anti-Unix monolitic Android userspace architecture…
Man, there are so many things done wrong.
Without SMS verification, spam would be so much worse that they’ve been kind of obliged to keep it, even though it defeats/undoes most of the privacy features they like to advertise about
identity verification is trash anyways, we don’t need it
The article says it’s to limit spam. I don’t feel platforms like Lemmy (or the other platform) are particularly spammy though. On the other hand I get a lot more spam on Whatsapp, even though it’s phone number bound.
Signal is pretty good in terms of limited spam, but I’m curious about the impact if they A/B test the removal and see how much spam would arise. Obviously that could only be implemented after they remove the need to add contact via phone number.
Make the server open source maybe?
Did i confuse something?
Well, thanks!
But you won’t be able to talk to someone on the official servers
Molly does?
Unless something changed here is Blogpost why they don’t federate https://signal.org/blog/the-ecosystem-is-moving/
Signal isn’t a federated protocol, so even if they were incentivized to release all the server bits and pieces, it would not help. You could run your own, but wouldn’t be able to reach-out to your friends running theirs.
pUt iT oN tHe BlOcKcHaiN bRo!
I would never have guessed that an app like signal would spend almost 20 million in salaries. I wonder what is the salary of the executives.
I wonder what is the salary of the executives.
Wonder no more, they have it in their 2022 tax filing:
Compensation
Key Employees and Officers Base Related Other
Jim O’leary (Vp, Engineering) $666,909 $0 $33,343
Ehren Kret (Chief Technology Officer) $665,909 $0 $8,557
Aruna Harder (Chief Operating Officer) $444,606 $0 $20,500
Graeme Connell (Software Developer) $444,606 $0 $35,208
Greyson Parrelli (Software Developer) $422,972 $0 $35,668
Jonathan Chambers (Software Developer) $420,595 $0 $28,346
Meredith Whittaker (Director / Pres Of Signal Messenger) $191,229 $0 $6,032
Moxie Marlinspike (Dir / Ceo Of Sig Msgr Through 2/2022) $80,567 $0 $1,104
Brian Acton (Pres/Sec/Tr/Ceo Sig Msgr As Of 2/2022) $0 $0 $0
from https://projects.propublica.org/nonprofits/organizations/824506840
It’s not only salaries:
about half of Signal’s overall operating budget goes towards recruiting, compensating, and retaining the people who build and care for Signal. When benefits, HR services, taxes, recruiting, and salaries are included, this translates to around $19 million dollars per year.
It’s an absolutely surprising amount, because Matrix spends less than that if you just count the people working on the open source offerings.
And that project has significantly more features, is federated, and has a much larger scope.
Use Session instead. Open source, E2E encrypted, onion routed, no phone numbers. https://getsession.org/
Audited too. https://blog.quarkslab.com/resources/2021-05-04_audit-of-session-secure-messaging-application/20-08-Oxen-REP-v1.4.pdf
So, what would be the appeal compared to XMPP?
I will preface this with, I may be wrong, but as I understand it xmpp is just a protocol. One that, unless it’s been revised, imparts no encryption at all. Signal, and Session, are full architectures that enable all of the afrementioned features from my initial post including server and client.
Everything you might use relies on a protocol down the stack. XMPP happens to be the only one to date that is an internet standard (IETF), is extensible by design (past/present and future use-cases can be build into it, what makes it still relevant 25 years later), is federated (but not P2P, a good trade-off for mobile usage), has a diverse/multi-partite ecosystem of client and server implementers (sustainable and resilient), and is deployed successfully at scale (on billion of devices).
unless it’s been revised, imparts no encryption
Today’s XMPP uses the same E2EE as Signal/WhatsApp/Matrix/… XMPP had end-to-end encryption 10 years before Signal was invented
Sure, now which pre-existing piece of xmpp based software checks all the feature boxes as noted by both Signal adherents and myself regarding Session? Are you implying the lay user code their own? If that exists you could have just linked to it rather than engage in whatever this is.
Sure, now which pre-existing piece of xmpp based software checks all the feature boxes as noted by both Signal adherents and myself regarding Session?
All of those. Essentially you would have to go out of your way looking specifically for incompatible clients.
And “incompatible clients” is simply the natural state of any technology that’s been around long-enough. The only way Signal fends itself from this is by mandating its own client and version (and banning anything else, technically or from its ToS) which is terrible for a bunch of reasons (you must agree with Signal’s direction and whatever features they might decide to add and remove for your own good, you cannot use Signal on devices/platforms that Signal has no resources/interest to support, etc). If Session is in any way open, and assuming it ever becomes successful, it will face the same challenge (just like Matrix does).
Ended my donations to Signal after discovering they choose Google Hosting Services over open source and privacy respecting alternatives.
Yeah man fuck Signal, they stabbed by dog the other day
20M USD for 50 employees? ~400+k per employee is nuts!
There are European engineers working at private companies for less 20% (1/5th) of that - if even that! They aren’t worse than their American counterparts. Signal could increase their team sizes by at least 30%, maybe even 50% if they hired engineers and other employees from Europe.
If signal paid 100k for European engineers to work on opensource software, mate, they’d have absolute no problems retaining them. I personally don’t know a single engineer earning 100k on the European mainland. Not one.
Edit: seriously, wtf. I’m all for paying employees well and it’s great that Signal has a dedicated workforce, but 400k? I’m fine canceling my donation. My jaw is still on the floor.
It’s not only salaries:
about half of Signal’s overall operating budget goes towards recruiting, compensating, and retaining the people who build and care for Signal. When benefits, HR services, taxes, recruiting, and salaries are included, this translates to around $19 million dollars per year.
True. Even so, 300k or 250k per employee is at least 3 times the salary of a European engineer.
deleted by creator
waaahh centralizing millions of slightly-privacy-aware people’s metadata on Amazon’s servers costs a lot of money, waaah
Which metadata? Please elaborate
Which metadata? Please elaborate
- When you are online
- Where you are online from
- When you receive messages (and their size)
- When you send messages (and their size)
- Who you are communicating with (including individuals, and what groups you’re in).
Those last two are supposedly hidden by their “sealed sender” feature, but, that is a farce because you’re connecting to their servers from the same IP address to send and receive and you need to identify yourself (with your phone number) to receive your messages. So, the metadata-hiding property that “sealed sender” purports to provide cryptographically is actually relying on their (Amazon’s) network infrastructure not to correlate the information available to it.
Signal says that they don’t retain any of this metadata, and I think it is likely that Signal employees are sincere when they say that.
But if someone with the right access at Signal’s ISP (Amazon) wants the Signal metadata, they can get it, and if they can, then anybody who can coerce, compel, or otherwise compromise those people (or their computers) can get it too.
One can say that the adversaries they’re trying to protect against don’t have that kind of capability, but I think it isn’t reasonable to say that Signal’s no-logging policy (much less their “sealed sender” cryptographic feature) is protecting metadata without adding the caveat that routing all the traffic through Amazon does make the metadata of the protocol’s entire userbase available in a convenient single place for the kind of adversaries that do.
And if you’re completely confident that the adversaries you want to protect against are unable to compromise the server infrastructure, why would you need e2e encryption at all?
note to lemmy regulars, if this comment sounds familiar...
i copypasta’d bits of the second half of it from an earlier comment that I made on someone else’s now-deleted post
Motherfucker actually elaborated. Kudos