Signal brought e2e encryption to the masses in a form that was and is usable. From signal having it came whatsapp asking the signal devs to "do that for whatsapp" and a billion more got it.
That is no small thing. Bitch all you want but make sure when you do you compare it to the success of literally ever other attempt to bring e2e to the masses and then if I'm gonna be snarky maybe compare it to your own achievements.
It would have been fantastic if signal also achieved other things on top of what they did. Maybe. Knocking what they did? Forget it. Signal is an outstanding achievement and nothing else comes close. I will cheer you so, so hard if you beat it.
> Criticizing a security-sensitive tool like Signal is tricky, as it might be misconstrued as a call to abandon it, and move to alternatives that might be in fact worse. But here, at a hacker conference and with little risk of causing confusion and diverting users towards less secure platforms, can we please have an honest conversation about Signal's problems? And how 5 years after that blogpost, moxie's centralization has not solved them?..
Apparently the good intent they assume in a hacker conference does not extend to a hacker forum.
Their main complaints are 1) Lack of good clients, driven by a mostly closed ecosystem 2) Lack of good federation which brings down the whole network occasionally.
These are hardly knocking anything related to the security that Signal provides, and definitely does not count as "Bitching", as these are real problems that are absolutely good things to fix on top of a fantastic product.
Bitch all you want. No really. Do it. If you don't like the word, fine, use criticise in its place. Criticise ALL you want. Do it. Nothing is above reasoned criticism. Including my criticism of critics of signal who deride the choices made without acknowledging that the person who led those choices and the team and ultimately took responsibility for those choices also succeeded where nobody else had on a scale that is ridiculously large.
"I believe signal could have been as resoundingly successful in bringing e2e encryption to the masses as it was if it had done X and Y differently and tweaked Z." Is quite different to the critics around here who filled a page with comments without anyone acknowledging that they did pretty good in this one dimension. (Did ok in some others too, imho, but this one dimension is off the damn charts and there can be zero argument about that. They did it when it hadn't been done). So yeah, go right ahead, bitch all you like about my bitching about the bitching going on about signal. Please do. Nobody is being abused or disrespected here except maybe Moxie. I reckon it's happening to Moxie. Often.
It appears to me "Bitch all you want but ... " [emphasis mine] has changed meanings between GGP and this comment.
From "You can grumble all you want in this article but those complaints pale in comparison to Signals contributions which are above your trivial reproach."
To "No product is above reproach, your complaints are entirely valid and I was saying this all along."
It's also possible I just missed the entire point of GGP entirely, for which I apologize if so.
> Signals contributions which are above your trivial reproach
There's the problem. I never said that or indeed anything like it. Quotes are really out of line there. Eg Never mentioned TFA. Never said complaints were invalid, never described all reproach as trivial in comparison.
> your complaints are entirely valid and I was saying this all along.
Nope not that either. Actually read it again maybe, just what it actually says?
When considering criticism of decisions that led to a billion people using e2e encryption and not mentioning that those decisions directly led to a billion people using e2e encryption then yeah, maybe think about whether that criticisim has been well thought out. At the time of writing there were about 50-100 comments all critical of signal policy and app functioning with nobody mentioning even once that maybe some aspects of that policy, yeah, they actually worked a little bit in a way that was pretty useful.
>It's also possible I just missed the entire point of GGP entirely, for which I apologize if so.
Fair. I'm sure that's general it should be and not directed to me.
> Apparently the good intent they assume in a hacker conference does not extend to a hacker forum.
That would be because this isn’t a hacker forum in the sense the OP was using. The OP was using hacker in the classic sense, security folks, the culture is different within that space compared to this one. (Not better or worse mind you just different with different values and understandings)
I think that is rather uncharitable, there is a pretty good mix of people here.
Yes, some are trying to sell themselves, which may be distasteful to you but people need to eat.
Others are activists, pushing their views.
Others here are just reading and occasionally commenting, like myself.
But there are also a lot of very passionate and smart people here who are pushing boundaries and limits with what they can do in terms of hardware and software.
and here we have the problem, defense. stop defending people “trying to eat”. we all are, and many of us are programmers. many of us are not here to have others buy our meal.
I'm here to read articles about hardware, software, and social hacking in the sense of "exploiting a system for fun, education, and only occasionally profit".
"However, the Jargon File reports that considerable overlap existed for the early phreaking at the beginning of the 1970s. An article from MIT's student paper The Tech used the term hacker in this context already in 1963 in its pejorative meaning for someone messing with the phone system."
> Their main complaints are 1) Lack of good clients, driven by a mostly closed ecosystem 2) Lack of good federation which brings down the whole network occasionally.
Those might be security adjacent, but i'm not sure i would call them core security concerns.
> Their main complaints are 1) Lack of good clients, driven by a mostly closed ecosystem 2) Lack of good federation which brings down the whole network occasionally.
Both of these are very conscious, deliberate choices on Signal's part though. You can't "fix" them without fundamentally changing what Signal is trying to be. Demanding "fixes" for things without thinking about, or acknowledging the reasons why the current state of the world is how it is is just self-entitled "bitching".
It is pretty easy to say it is good if you dismiss anyone saying it isn't as bitching. Signal was insisting everyone using a phone number as identifier. We now know there were zero-click iMessage exploits being used by oppressive governments to target politicians, journalists and activists. All they needed was your phone number. It is slightly more complex than that but still you do the math.
Its even easier to criticise it and completely ignore "...but make sure when you do you compare it to the success of literally ever other attempt to bring e2e to the masses."
Signal is a stunning success. If you or anyone does better I will cheer and yell about your success often.
>We now know there were zero-click iMessage exploits being used by oppressive governments to target politicians, journalists and activists.
Firstly citation needed please. Secondly, great, should they have been using email and pgp? Or google chat? Or are you saying the NSA should have just had all comms on their servers without going to any further and targeted effort.
Any software project can be criticised. And _should_ be. Just when you do it don't overlook its success which for signal was the first one that actuallyworked after decades of efforts. Now go do better.
That is what those criticizing it disagrees with, at least in that area. It is not a stunning success at letting you communicate with someone without disclosing a phone number.
> If you or anyone does better I will cheer and yell about your success often.
And that is what people are criticizing about the ecosystem when they say that it is hard to run your own client or infrastructure.
> Firstly citation needed please.
Search "zero-click iMessage exploit" and pick your favorite source.
> Secondly, great, should they have been using email and pgp? Or google chat?
Most already do because Signal doesn't really cater to other use cases. When people say they want federation or different clients it is often because they want to replace things like e-mail.
I didn't say it did. The post I replied to, which wasn't you, is arguing that Signal is successful. Therefor it is highly relevant whether it actually is. I don't know which goalpost you are talking about.
The measurement of success. First it was R2-D2 (I meant E2e, but I like the auto correct so I’m leaving it) encryption, then easily exploited vulnerabilities, now somehow phone numbers got drawn in the mix.
Basically you’re you’re shifting anytime you get pinned down and it shows.
No, the phone numbers are in the second sentence of my first comment. The exploits are in the sentence after as an explanation to why it was bad to use phone numbers. And that is only one example to make it a reasoned argument. Other such points can be found in the video.
I am happy to argue the points but don't make up some characterization. It wasn't "then", "now" or "shifting". I've made the same points all along.
The topic at hand was not phone numbers and vulnerabilities.
You bringing them into the argument doesn’t make it valid.
Basically hijacking a discussion with irrelevant points that vaguely support your case is not valid.
OP’s point, the article is incorrect because of the value brought by E2E encryption to the masses, then various debate on how that wasn’t such a big deal, or was done wrong.
Phone numbers and iPhone zero days have nothing to do with the impact of Signal’s e2e.
Nowhere have you indicated how you measure the success. Number of users is no indicator for quality, for one. Code quality would be a rough guestimate because it is not open. Pick your poison.
Is it bad to quote yourself twice in the same thread?
"... success of literally ever other attempt to bring e2e to the masses."
Attempt to bring e2e to the masses. How many actually using it is that metric.
Before open whisper & signal: how about number of people I knew with whom I could communicate securely with using pgp. 1. Total number of people in the world who could do it. A few thousand tops? You reckon it got to 10k, 100k. I can't imagine it got anywhere near a million...
Today: Number of people doing it everyday without thinking about it. Over a billion.
Sometimes metrics are so overwhelming that you have to tip your hat to it. This says nothing about any other dimensions of analysis other than "Number of people actually using e2e." It's a hell of a metric we can give credit to Moxie & co. for. That /one/ dimension is just wow. People tried before, for decades. It just didn't work out on that one metric. Something would have to be pretty bad to make that metric not dominate the discussion of overall success. But yeah, this is just the success of getting people using e2e and it's a massive achievement.
Most of those people aren't using Signal but the Signal Protocol. When people say they want different identities, infrastructure or clients what they are essentially saying is they want to use the Signal Protocol but they aren't Facebook. They can't spent millions on development and maintenance so instead they want to integrate with the existing ecosystem.
Signal being successful because it is implemented by different parties and therefor used by many people seems more a counterargument to the state of Signal because it would suggest that Signal would be better if more people could use it for more things.
No- for sure. But if that's the last argument someone can put forth about trusting Signal, that's pretty damn good. Most privacy/security investigations end by the second paragraph of a EULA where the service tells you that they farm and track every bit of information possible and sell it to third parties before the electrons/photons finish passing through their network cable.
And I'm fairly sure that's not what the poster above me actually meant, anyway. When you say "it's not open", do you really think they're saying that in the context of not knowing that the source code we can see is the code that's actually running on the server? If that's what they actually meant, then why would they say that at all, since literally no third-party service is "open" by that definition?
They clearly are under a misconception that Signal is closed source or that the protocol is secret or something. They're probably thinking of Telegram, which IIRC, is not open.
I love Signal, and I think you're spot on about what they did. But I've been having a difficult time with the direction Signal is currently going. It seems like they are just trying to create feature parity with WA and Telegram. Which, honestly they are pretty near that already and the differences aren't worthwhile. Worse, they'll always be playing catch-up, because those companies have 100-1000x the number of developers. Instead, I think Signal needs to do what it does best: protecting users. I don't think this needs decentralization, although I saw a user post a feature request that was about semi-decentralization/meshing and that seemed pretty useful.[0] If Signal can bring anonymity and censorship mitigation to the public that really gives us the full Monty. That's really what I want to see from Signal. It fits their mission and keeps their edge.
The best thing Signal has done is made everyone else adopt E2EE. Signal shouldn't be playing catch-up, they should be pushing others to follow suit. Companies like Meta say that they need data to protect users but Signal ,,demonstrates'' that this is not necessary. So continue in this direction. I know many want to just keep Signal as it is (Signal purists) but Moxie is right. The ecosystem is moving. Staying still will just get you killed.
>>It seems like they are just trying to create feature parity with WA and Telegram. Which, honestly they are pretty near that already and the differences aren't worthwhile.
Yeah, I don't know about that. I started using Signal about 6 years ago, I think. I remember back in the day there was a stable native Telegram desktop client that just worked (keeps working without single issue for years) and web WA client that just worked if the phone is online (mildly annoying, but very rarely a problem). Over time Signal developed an Electron-based client that annoyed me every time I use it. It requires relinking to the phone, it can't decrypt messages read from mobile, it can't send messages, it can send them, but the other party can't read them. I try it again every few months hoping that they fix these problems. Instead I get stickers and reactions =/
Yeah, I get it, multi-client encryption is hard, but WA seems to solve it using the same protocol. What I experience with Signal desktop client reminds me of Jabber OTP client compatibility issues 10 years ago. I almost stopped using Signal despite shiny E2EE. 90% of my texting is from desktop. I need it to work reliably. I don't care about stickers and reactions.
>>It seems like they are just trying to create feature parity with WA and Telegram.
> Yeah, I don't know about that. […] What I experience with Signal desktop client reminds me of Jabber OTP client compatibility issues 10 years ago.
Like for the sibling commentator, the desktop client has been working for me largely flawlessly. Sure, doing backups on the desktop (and restoring them) would be nice, and no longer needing a phone number or needing to link it to a phone would be even nicer.
Meanwhile, though, WhatsApp doesn't even have a desktop client to begin with and their web UI is still mediocre and unsafe.
And let's not even speak about E2E encryption (or the general state of security) in Telegram.
So yes, I would argue most of Signal's features are more than on par with WhatsApp and Telegram.
Whatsapp does have a desktop client, at least for Mac (also electron like Signal's) and you can use it on the web without even installing one. Much better than Signal which only has an electron client so you need to run a whole browser just for it.
If it's browser based just let me run it in a tab.
> Over time Signal developed an Electron-based client that annoyed me every time I use it. It requires relinking to the phone, it can't decrypt messages read from mobile, it can't send messages, it can send them, but the other party can't read them.
While I agree the app is a resource hog for what it is, I haven't ever had to relink my phone after the first time unless I reinstalled the app or got a new phone (duh). As for unreadable messages, I use Signal daily and have never had that issue once. I have had that issue multiple times using Whatsapp however.
It's taken a few years, and there may be a few bugs left that I don't know about (out of sight, out of mind), but Matrix uses the same double-ratchet encryption, and has solved multi-client encryption with cross-signing. Some clients may be imperfect, but this is the price we pay for being able to develop other clients - something Signal steadfastly refuses.
But in order to do 'bring privacy to masses', don't you think they need familiar features? Otherwise it's just 'oh that weird crypto privacy nerd chat app' that the masses don't want to use.
What "familiar features" is Signal missing? Honest question. It has reactions, groups, stickers (wish they linked signalstickers.org so you can get more from inside the app), replies, etc. I don't see anything that WA or iMessage has that Signal doesn't. I know WA has statuses, but every time I look at it none of my friends have posted one. Telegram has channels, but do we really need that?
I honestly don't know what these features are. The only thing I hear from normal people is stickers and "but none of my friends are there." This is a genuine question because I can't figure out what others have that Signal doesn't.
For starters, others don't lose all your messages if your phone breaks and allow you to actually send messages from desktop and tablet platforms without constantly breaking and losing data.
The "backup" system Signal has is a joke for everyone outside the paranoid community. Every messaging platform has a single chance of losing users data before they switch away. Signal does it constantly.
You should be setting a two-week auto-delete for all your messages anyway. Archive and backup features in other apps are a massive privacy hole. These chats are supposed to be ephemeral, if you want long lasting comms that you can search through later, use email.
The idea of any of my contacts logging every message I ever sent to them, and backing them up in clear text on whatever dumb cloud provider they're using this week, is a pretty scary one.
Please stop telling me and my family what to do with our private messages. If you want to destroy them immediately, that's fine. But stop demanding that Signal destroys pictures and messages my grandmother cares about without her own input.
This arrogance is the worst cancer on "privacy" software. Essence of privacy is _control_ over data, not destruction.
Not sure I agree with this. The problem is I don’t know what I’ll need later until I need it… old messages from months or years ago that I never expected to need have saved me multiple times for a variety of reasons by now.
It’s also awkward to try to herd a conversation partner from chat to email at some arbitrary point when you think the conversation is veering in a direction where preservation is important.
I use Signal as my main messaging app now, but even for the contacts on there I have to fall back to Whatsapp to share our live locations in order to find each other. Doesn't happen very often but it is a useful feature that it is missing.
Don't iPhone and Android make it super trivial to get a live location link from the maps app that you can drop in the chat? I know Android does. Seems weird to put it directly into an encrypted messaging app when it's native to the OS.
I'm on Android and didn't know I could do that. Now I realise that you can, its just buried a little bit. Signal also lets you share photos directly from the app; I don't have to go to another app on the phone and share from there, so it does seem like a different UX route compared to what I'd expect.
Do people really need minutely updates on your bike ride? What value does it add to anyone's life to know what exact block you're on for the next 15 seconds?
Just tell them your final destination verbally, and you're done.
Maybe they were riding in a group and one of them stopped to take photos and lost the rest of them. Now they want to see where everyone else is and catch up to them.
Sometimes its about the journey, not the destination.
"I am about 200 feet southeast of the large monument in the center of the park, wearing a red shirt"
"From the XYZ Street beach entrance, we're about 100 yards north, with a blue umbrella."
Using realtime GPS tracking for this sort of thing is fetishizing technology to overoptimize a problem that was trivially solved for millenia using verbal offsets from known landmarks, while at the same time introducing and normalizing grave privacy concerns in society.
Good luck at long beaches where there are endless swaths of identical copy-paste tress, tents, deck chairs and umbrellas, without any unique elements to use as bearings. I would hate to have to send people on wild goose chases in the hot sun.
>wearing a red shirt
You've obviously never experienced how difficult it is to be found by your friends if you're short in a crowd of tall people at a concert or any sort of wide festival/gathering. Telling people what color your shirt is doesn't do anything to help if they can't see you until they're within 1m of you. And that's without it being dark at night. It's like finding Waldo IRL but more difficult.
>
fetishizing technology to overoptimize a problem that was trivially solved for millenia
Ok Fred Flintstone, you do you, just let me enjoy the modern comforts of current technical achievements please and you feel free to follow the stars and buffalo tracks with your friends.
I mean people used to do this all the time. I sure did.it isn't that hard and is often more accurate than GPS, but I do get your point. For what its worth signal does have location sharing.it just doesn't update.
You can easily send a location pin. Yes I realize this isn't constantly updating, but seems enough to meet 90% (number pulled out of my ass) of the use cases.
I like the social impact of real-time disclosure of my location. I’d rather share my location for an hour with someone that I’m meeting than send them periodic messages guessing about how far away I am.
I think Apple has done a really good job with this — you can share your location for an hour, the rest of the day, or forever. I use the “share for an hour” option all the time.
Telegram has a bot API that is great. I use it for a lot of Projects. Used to be a niche feature I guess, but nowadays I see a LOT of people using some bot for some specific feature.
The ability to forward more than one photo at a time. When someone reacts to a message I get a notification but there's no way of determining what message has been reacted to. The backup system to restore messages when changing phones is fragile and something I have to help less technical friends / family members with.
> The ability to forward more than one photo at a time
This is already possible (on Android at least), and has been for a long while.
Long press on one, press "select" which allows you to select other photos, select the photos you like, and then press forward.
One issue with that is that if multiple photos are grouped together, you have to select the whole group, but you can definitely forward multiple photos in one go.
Sorry, I meant forward from an existing message. So if I want to share a bunch of photos from one group to another, I dont believe theres any way to select multiple photos (on iOS at least).
Who are these older/less technical users that can't store text or images outside of an encrypted conversation, but somehow are still agile enough to search back through lengthy conversation histories?
I dont think I did a very good job of explaining what I mean. Im talking about the process to transfer Signal from one phone to another. In my experience it involves placing the phones near one another and transferring over bluetooth (I think) and this process has failed for me a number of times - a scary experience!
I don't use it, (I wish everyone used it or something similar, but nobody I know does, or certainly didn't when I last tried it and it was nothing like that, just SMS-like) so I can't speak to that, but my impression up-thread was that that was exactly the sort of thing people were wishing it wouldn't (have) focus(sed) on.
> That is no small thing. Bitch all you want but make sure when you do you compare it to the success...
Approaching valid criticism from that angle, with that attitude only throws a big jug of fuel to the already volatile fire.
We are having these these kinds of arguments on another piece of software which I won't name, and it's leading to the same outcome. No productive discussion, no progress, nothing.
Signal achieved good things, yes. Kudos for them coming that far. But if there is a considerable volume of same feedback, it's at least beneficial to listen to them intently, ponder and then sleep upon them, and draw some insight out of it.
A kind reply and acknowledgement would be very fit and handsome jest, but it's not a must.
You might be thinking that Signal is a flawless piece of software, even better than the sliced bread itself, but not everyone is on the same boat with you, and this is the way it should be. If this thing is an infrastructure for some people, and use it that much, the users have at least the right to make their opinions heard.
I have a group chat in Signal of 12 people. Only me, and another person, have a moderately technical understanding of what Signal provides. Besides the obvious "secure chat".
There is no path for non-tech users to start using Element/Matrix or some Fediverse thing. These are excellent concepts, but they will remain there, as nice ideas. Because they are not a quick three-step process of Download -> Setup -> Chat with Friend
Literally, my Grandma uses Mastodon! It is not hard! Many of us are old enough to remember a time (before gmail became the de-facto standard) when we had to hand-hold non-technical friends and family members through the process of choosing an email provider. Choosing a Mastodon/Matrix server is pretty much the same thing. Once you have an account on the server, there is pretty much nothing no downsides even for non-technical users...
I am not sure why you think of that for Matrix. I am the only technical person in my group who self-hosts the Matrix server. All that my friends had to do was download the client, copy/paste the instance url provided by me, and boom we were chatting.
Copy/paste of some URL in a specific field to get started will cause at least some non-nerd friends to question the ease of use and inherit distrust.
"Why am I pasting a URL given by you in this app, will you be able to track all my private conversations as well? Hell, will you be able to hack into my phone now?"
You must have some horribly untrustworthy friends. Or, more accurately, your friends must not find you very trustworthy if they're constantly asking these questions whenever you suggest something.
A healthy dose of skepticism is warranted, but at the end of the day this whole thread is about friend groups talking to each other. This just wouldn't be a realistic line of questioning in this scenario imo.
It would absolutely be a realistic line of questioning for friends and even family.
There is terms and service, legal systems etc for corporations. There is no such thing for individual server admins. They are right to feel weird about their friend running their private chats as opposed to a company.
People implicitly trust friends and especially family to be generally good and not misuse their information. Far more than they would trust a random stranger or corporation, regardless of legal systems, terms of service, privacy policy, etc. They are also generally grateful that you're providing a service they can use and can handle issues coming up moreso than from others.
And, of course they would, you've built up years of personal trust and relationships with them, which goes far deeper than anything professional.
Source: I do this. For multiple services. For multiple people. But also, just basic common sense.
The proof is all around us. People don’t want to use services run by their friends. Otherwise they would.
I trust my brother with my life, but I would prefer to use Instagram DMs rather than a chat service he is running on a VPS. There is so much that can go wrong with a service like that. No offense to him, but I’d rather a company handle it where people are getting paid to do it.
Generally speaking, if someone is running a service out of the goodness of their heart, they are doing it as a hobby. And you have to wonder why it is so fun to them? They enjoy handling peoples’ chats? Seems a lil weird. I love my brother, but just seems a little off.
Agree to disagree, but your conclusions and what you consider "weird" are just absurd. The reason people don't use their friends' services is because the supply doesn't exist, not because there's no demand.
And /r/homelab (and the numerous spinoffs) would highly disagree with you; the fact that they exist is what you would call "the proof" which is "all around us".
Even without you providing an instance URL, most clients give a drop-down list of servers with open registration when you sign up. For some reason, these days, that's seen as an impossible barrier to entry.
Element/Matrix is literally "Download -> Setup -> Chat with Friend". I know, because I invited many non-technical people successfully and without any issues. OK, there was an issue back in the days when verification was much shittier, but it has been resolved by now.
I'm guessing that most of those people have at least one account (on some sort of service) that uses the traditional email+password login. I don't think that adding one more thing (the server domain) to that is hard. Or they could just use the default (in basically every client it is matrix.org).
> Signal brought e2e encryption to the masses in a form that was and is usable.
The general users do not care, just like how no-one cares about the inventor of the smartphone and Apple repackaged it and brought out the iPhone to billions of users.
Therefore, WhatsApp is the chosen one because in reality and contrary to what the herd believe here on HN, research [0] shows that even when Signal was boosted by some famous people, 'the masses' gave up using Signal when migrated and instead moved back to WhatsApp or Telegram.
I think Signal has done a terrible job at selling itself and retaining its users migrated from other messengers and was only riding on the back of boosters that don't even use it, which allowed Signal to get distracted and rush and push in a private cryptocurrency project useful to criminals and scammers to execute a pump and dump scheme for the founders.
The level of delusion in the comments about that so-called 'mass migration' or great 'messenger migration' to Signal seems to be as present as a haunted house.
What a shame. And nope, anecdotes is not evidence.
> but only 0.5% uninstalled WhatsApp. Let me put these numbers into perspective: if we translated this result to the entire population of WhatsApp users (approx. 2 billion), we’d be talking about 500 million users trying to flee from WhatsApp, and only 10k uninstalling it
0.5% of 2 billion is 10 million not 10k, which incidentally corresponds quite closely (within order of magnitude) to the number of people who downloaded signal at the time. As a side note if someone argues with numbers and is 3 orders of magnitude of in their calculation are their conclusions still valid? It doesn't give a good look.
But actually there were events, when millions of users migrated to Signal, from Whatsapp. Like the last time when Whatsapp was down. So it is not as onesided as you make it out to be.
+1 though to his credit he does caveat it a bit and states it’s still worth talking about the issues given the technical audience.
I do think Moxie is right though and the talk is wrong on the core issue which is federation doesn’t work as well unless you really boil the ocean to do it (urbit) and even that still has to prove itself. Signal is really good at doing what it does well and I’m grateful for that. Matrix is cool, but my family/friends will never use it (and element still sucked last I checked, especially to deal with encryption).
Signal is easy to use, extremely secure, and I can actually use it with less technical people I care about.
Like you said - these are major wins among an ocean of failure from technologists who have for years complained while failing to ship a solution with the right tradeoffs (normal) people would actually use.
I don’t find his other arguments very convincing either.
> I do think Moxie is right though and the talk is wrong on the core issue which is federation doesn’t work as well unless you really boil the ocean to do it (urbit) and even that still has to prove itself.
I'm not so sure about that. I feel like Matrix has pretty much solved the problems with federation, E2EE, and multi-device usage. I typically have Matrix clients running on three devices, talking to my self-hosted homeserver, with encrypted chats with people on different homeservers, and it's been... at least a year?... since I had any issues with encrypted messages.
It's been really good at disproving Moxie's assertion that you have to have centralization to evolve a protocol, too. The introduction of Spaces (like Discord servers) was really smooth and backward-compatible.
There are features it lacks that I miss (stickers, sending multiple images in one message), but they're not essential.
I do still also use Signal with less technical people, and I think Signal has been very successful at making adoption very easy, but with serious trade-offs for anyone not on the happy path (changing devices is a nightmare, it's too easy to lose chat history, multi-device is a trainwreck).
>Signal brought e2e encryption to the masses in a form that was and is usable.
Not really. It has the same weakness that other E2EE schemes have when it comes to general usability. In a usability study involving Signal[1], 21 out of 28 computer science students failed to establish and maintain a secure end to end encrypted connection.
The usability issue is a huge ongoing problem but there is a tendency to want to talk about everything but usability. We are having an animated discussion about the paint scheme while the barn is on fire.
This feels like moving the goal posts a bit. Before Signal, literally all the other options were orders of magnitude worse on either the privacy or the usability dimensions. Which is why there was essentially no mainstream E2E messaging app to speak of. After Signal there were multiple. For any system someone creates there will be weaknesses. The question isn't and shouldn't be did they create a system with no weaknesses? The question instead is did they meaningfully improve the privacy of of a large number of mainstream users and the answer there for Signal is Yes.
E2EE in WhatsApp is here because Meta does not care about the content of your messages. Analyzing natural language is hard anyway, whereas determining who you are, what you aspire to, and how to trick you into thinking your life won't be whole until you buy $PRODUCT is scandalously easy given your (weighted) relational graph.
That doesn't make sense . If they didn't care about the content of your message why would they ask signal to help them add ee2e in the first place . they could have left it on tls like it used to be.
What I meant what "who you talk to and how often you do" is as valuable as "what you say".
> If they didn't care about the content of your message
I'm not saying they don't care, just that e2ee in a centralised platform whose business is data collecting does not accomplish as much as one can think.
> why would they ask signal to help them add ee2e in the first place.
I hate that it relies on phone numbers instead of usernames. Sure, for the masses it is easier and certainly a success formula. But I still like to have an alternative anonymous service.
Me too. At least you can use VoIP numbers with Signal. You can also get a prepaid SIM anonymously, use it to create a Signal account, and then not use it. So there wouldn’t actually be any cell network activity tied to the phone number.
That's actually harder than you may think in more and more countries. Even with VoIP it's hard to not associate your banking details with your phone number. It won't be long until anonymous phone numbers will disappear again.
I have more contacts on Matrix than on Signal, and that's really saying something.
WhatsApp brought encryption to the masses. Sure, they did so using Signal's code, but they could've picked any code base for E2EE. Even XMPP has secure encryption.
Signal is "that alternate WhatsApp some people use".
I don't understand the point of your comment. Are you saying that because Signal solved a problem in one way it should be immune from future criticism? This seems like a really narrow perspective, the opposite of the kind of curiosity and creativity this site tries to foster.
I think it's good to take a look at Signal, recognize that it's better than what came before, and still come to the conclusion that it could be better. Signal is far from perfect despite its achievements, and today, years down the line from its original success, there is much room for improvement (or, barring that, replacement).
Signal, as a means of developing the signal protocol, really brought encryption to the masses. Signal, WhatsApp, and RCS accounts for about 90% of my text communication. All encrypted by variations of the signal protocol.
Signal is yet another of those products that Knows Better Than You what's good for you. It Knows Better what you're allowed to do with your messages, what kind of client you're allowed to use, what kind of multidevice experience you need and when it should destroy messages you care about.
The arrogance of the owner directly transfers to the arrogance and lack of control in the software which is fundamentally limiting its usefulness for everyone.
Or, to re-frame it, the people who own Signal have opinions on what the right way to do things are. You may disagree with those, and for good reasons depending on your context, and that's ok! There's plenty of other messaging options out there which may fit your context better.
Life is about compromise. Complaining that someone else's compromise doesn't work for you is not particularly productive.
It’s not about just opinions. Signal is actively hostile to user privacy and experience in certain ways (note that I’m not saying it’s hostile to user privacy in all ways).
As I wrote in this comment in the past [1]:
> Additional irritants that nobody in the development team has thought about for years:
> * I decline Signal’s prompt to turn on notifications with the “Not now” button (there is no “No thanks” button). It responds with “We’ll remind you later” and nags me again in a few days.
> * I decline Signal’s prompt to share my contacts with it using the “Not now” button (there is no “No thanks” button). It responds with “We’ll remind you later” and nags me again in a few days.
> Signal may be good at security, but whoever designed the app has no respect for users’ time, and it doesn’t seem like they respect a user’s privacy choices either.
This is not what the OP said. It's not just opinions. You are forced to use the only client and the only server. You are forced to not have backups, and so on. You are forced to use an Android or iOS phone (security? really?).
> You are forced to use the only client and the only server.
This is a fancy way of saying that the protocol is private and that their instance of the server has a ToS. There's also nothing stopping you running your own server instance (I know of a handful of private Signal server deployments).
> You are forced to not have backups
I literally juse restored my signal backup to a new device in the last 10 mins. ¯\_(ツ)_/¯
> You are forced to use an Android or iOS phone (security? really?).
I'm interested in hearing about what other client platforms they should invest in supporting that would increase the "security" of their users and service.
What's frustrating is that these sorts of rants can generally be summarised as "I want to use someone else's service on my own terms, even if the service owner explicitly doesn't want that".
>> You are forced to use the only client and the only server.
> This is a fancy way of saying that the protocol is private and that their instance of the server has a ToS.
No, this is a "fancy" way of saying that they are actively fighting against decentralization. It makes me suspicious of their intentions, to be honest.
> I'm interested in hearing about what other client platforms they should invest in supporting that would increase the "security" of their users and service.
How about a normal desktop GNU/Linux client? Is Android more secure than Linux? It depends on what threats you want to defend from, and Signal developers think that Google/Apple are not my threats. They force their own threat model on me. It makes me suspicious, again.
> No, this is a "fancy" way of saying that they are actively fighting against decentralization. It makes me suspicious of their intentions, to be honest.
I don't really see them "fighting" anything? They've made a decision that they want to build a centralised service, and as far as I can see they've been pretty open about why they want that and quite happy running a centralised service. Are they going round trying to convince other people to choose against decentralization in their systems?>
If anything, the "fighting" here seems to be from people who really really care about decentralization and really wish Signal would just adopt their value system and do what they want, as though it's some sort of objective good.
> They force their own threat model on me. It makes me suspicious, again.
This is true for literally every company running any service you use. The people who pay for, design, engineer and run a service "forces" their threat modelling, feature prioritisation, colour scheme etc. on you. If you're suspicious about it or don't like it, simply stop using it.
> Are they going round trying to convince other people to choose against decentralization in their systems?
Yes? For a while moxie would show up in every matrix topic to talk about "But matrix is federated and federation is slow moving and therefore bad". The most commonly quoted argument against decentralisation is hosted on signal.org: https://signal.org/blog/the-ecosystem-is-moving/
Qubes OS is cool, but the linux userspace as a whole doesn’t have a good solution to sandboxes with fine-grained permissions. On that front, Qubes OS is a radical “solution”, akin to using different devices for different things, which is good practice, but it is not as practical as the out-of-the box security of ios/android
> You are forced to use an Android or iOS phone (security? really?)
I agree with your other points, but not this one. Mobile OSs are so ahead of the competition in security it is not even funny. Like, as much as I like my linux systems, they are a huge pile of vulnerability not even making the task of a hacker hard.
What if I want to protect myself against the Google's tracking? There is some tradeoff currently here. I'm fine with that. Also, I'm not going to use a regular Linux distro but Qubes OS.
When it stops being okay is when Signal's know-better-than-you/opinions are motivated by their commercial interests, and in conflict with the interests of the users.
The "interests of the users" is not a single, homogonous thing that you can point at and define. Some users' interests conflict with other users! Also, interests can have a whole range of motivations, and I'm not sure any single class of motivation (commercial, spiritual, whatever) objectively outranks any other. People are going to disagree on that, because everyone ranks values differently. I don't get to tell Signal what to do though, they should be free to balance interests however they like. i may not fully agree with their approach, but may also choose to compromise on that because there's nothing out there that fits any better.
This idea that "someone built a thing, has strong ideas about what that thing should look like, and some people don't like that because they don't share the same values" being somehow "not ok" is peculiar to me because it's at the very heart of fundamental freedoms around speech / association etc. If you don't share Signal's values, or disagree with how they balance competing interests, go use something else!
Signal works for me (and many of my friends/family because it looks/works like Whatsapp). I'm not an expert, one has to trust someone, at some point. I love Matrix but the sign-up process (and even understanding it's federated model) is much more complicated than what Signal offers.
Or another way to think about it: It's quite hard to build something with great usability but also a high degree of privacy and security. Especially when users are used to products, that on paper offer the same while being a lot simpler to use
The client is f/oss and released under the GPL. It's not arrogance to make opinionated product decisions when you are 10000000% free to fork or patch it to do whatever you like.
While I a mostly agree with you, you're ignoring network effects. People being forced to use it for work, or whatever, because they won't interoperate with other clients.
The author notes:
"Finally, we need to talk federation. Does it make moving fast and breaking things more difficult? Yes, yes it does, and that can be a good thing."
The other, super-underrated feature of federated systems is that antagonistic parties are willing to use them together. For example, the US military, Russian government, major international banks, Google, Facebook, etc ALL use email and happily exchange messages over SMTP. There's no centralized service you could get all these parties to agree to use (not even Signal).
The result of this is that everyone has an email address, and that makes it the universal standard for business-to-business communication. I can loop in any number of parties on a single thread from all over the world and it just works.
My startup Shortwave is trying to build a messaging future that is email. We're trying to evolve and upgrade email to have the look and feel and features of a product like Signal, but with all the universal, federated goodness of the global SMTP network. It's a long project -- federated systems evolve slowly! -- but it's the bright open future I think we need. I go into some detail here: https://www.shortwave.com/blog/future-of-messaging/
This. I've long advocated for and would be delighted to have an "Email" that was identical to current email except with cryptography built-in from the ground up, with public certs for any given domain based simply on DNS and coordinated through the server for that domain. Otherwise the same as email. It doesn't need to be "evolved" and "upgraded" beyond that, everyone is fine with and understands email already. At most I'd add "no remote resources", or a standard system around "so and so wants to talk to you" to make it easier to do whitelist/greylist, a standard API for 3rd party vouching services, all things to help transparently cut down on spam ahead of time.
But overall less is more here. There is certainly a place for real time messaging/chatting/rich collaboration services as well, but they aren't "electronic mail". The focus should be on making a standard and then model implementations that work very well.
It'd be nice if we could either have a better subset of html/CSS support, or find a simpler content type for email content that isn't 80-chars-wide-and-monospaced, but isn't full html.
The problem is that big tech would all need to get behind a concerted effort to improve email, but they have no incentive to strengthen a decentralized, nonproprietary communication medium.
It would be nice to have a standard for delivering email-like messages over Matrix, with email-like clients rather than chat-like clients. The protocol itself would support it.
Isn't the whole concept of Matrix to be a DAG of messages with hashes for tamper-resistance (ie a Merkel tree) to secure the history in the presence of many servers, some of which might exhibit Byzantine failure?
What is the point of any of that for 1-to-1 communication?
It's a general Merkle DAG, not a tree. This is because two homeservers can append nodes to the DAG at the same time. The state resolution algorithm ensures all homeservers in a room eventually agree on a consistent state despite receiving nodes in an inconsistent order
It's fairly useless for 1-to-1 communication. But for any group communications, it means there's no one server that can go down that will take down the whole room (unless all the participants are on the same server); contrast with XMPP MUCs.
All of a user's device still go through the one "homeserver" which is the only party doing the federation. If the multi-party stuff is client-to-server, again the Merkle tree is useless.
Please don't. Current email is a mess. One person's email client will set the email background to dark gray and another person's email client will have a dark grey background and the result will be unreadable. One person's email client will put the quoted text at the bottom and another person's client will put the quoted text at the top and the thread will be unreadable. A sender's email client will use quotes in a way which a receiver's client doesn't understand and the receiver's client will show a thread view where each message in the thread also contains a copy of all previous messages in the thread. The sender's email client will use a symbol font which the receiver doesn't have so that symbols look like random letters to the receiver.
Email is terrible. It does need to be radically overhauled. The lack of cryptography is far, far from its only problem.
Plus there's the spam problem, which means you won't be able to send email reliably unless you're a major company. It's federated, but only multinationals are allowed to play.
I think the parent meant identical in concept, not in the technical format. All the valid points you raise could be fixed with a new format and related conventions without changing what email is conceptually (e.g. distributed threaded long-form asynchronous decentralized communication with Subject/To/Cc etc.), as opposed to turning it into a chat system.
> I think the parent meant identical in concept, not in the technical format.
That might be true. But I feel like a lot of email proponents have this idea that email is actually pretty good, when in reality, email is an unmitigated disaster and sorely needs drastic changes on the technical front.
Email is not a disaster in user communities with established conventions, such as B2B (and intra-B) communication and open-source/unix-oriented mailing lists. People in those communities see how systems like Slack and Discord and Signal are completely unsuitable to replace the email mode of communication, and therefore there is a pushback against those who push for such a replacement.
Yet for 99% of regular people, email is a complete disaster, and the people who are in extremely insular communities (such as certain FOSS projects) don't realize just how broken email is. There _is_ need for a replacement, since email plain doesn't work.
I’m all for improving/replacing email with something that is the same in spirit and doesn’t constitute a regression for the user communities I mentioned (which at least in the B2B case are quite large). Making email Signal-like isn’t that, however.
Sure, I agree. A requirement for a replacement would be that it's federated, and that it's asynchronous (i.e not chat). Signal is neither.
I just wish that the people who care about federation and asynchronicity weren't also the people who delude themselves into thinking that email is fine the way it is. (Case in point: my comment about the problems with email is downvoted, presumably by the exact kind of people I'm talking about.)
> We're trying to evolve and upgrade email to have the look and feel and features of a product like Signal, but with all the universal, federated goodness of the global SMTP network.
This already exists. It's called Delta Chat. Please don't make your product incompatible.
Three, actually; the third is that email is an asynchronous, store-and-forward system. That feature makes it unsuitable as the basis for an "instant chat" system. It also makes it challenging to put e2e encryption on email.
Asynchrony is the feature I most value in email. I can send you a message if you're in the bath, if your device is switched off, or if you're AFK for the next 3 months. You can read it on your desktop, mobile device, or in a web cafe. I don't use chat, and I don't like SMS (which anyway only works with a SIM, so on a mobile phone; and your identity is tied to a specific SIM).
The problems with email, as I see it, are:
- text/html. HTML email has always sucked. It's the devil to craft HTML that works in programs like Outlook. And it's full of vulnerabilities.
- Encryption. You can't e2e-encrypt email headers, because they're needed by intermediate nodes for routing. GPG/PGP has a horrible trust model, that deters people from using it (I've never really looked into S/MIME).
Looks like this is built on the gmail api? Any plans to support Office 365?
How well does this approach work when communicating outside your organization with non-shortwave users? Seems challenging to degrade the experience gracefully.
Open shameless plugs are a long and storied tradition on Hacker News. Full disclosure: I run a startup that specializes in shamelessly plugging your startup. Contact deets in profile.
* signal has good cryptography and has a good usability
--
* there are other third party clients that just work and it's ok
* it's not that frowned upon, but they are hard to maintain because signal is a moving target
--
* clearos has signal fork called ClearSIGNAL I wonder if this will be shut down winkwink
--
* signal has too much of a silicon valley vipe for me
---
This wasn't the Q and A we were missing.
This talk wasn't what was promised and most talking points he had were easy enough to counter. But yeah signal clients that aren't signal would be nice. Kind of
Signal always left a bad taste in my mouth. It's fundamentally built on the requirement that to have conversations with any trusted individual, I need to, for no obvious reason, also incorporate and trust a 3rd party individual, who won't even use their real name, and did some shady crypto currency integration.
Matrix is so so much better in that regard. I can communicate without any 3rd party needing to be trusted. The areas where I need a "3rd party" (the server and client code) are effectively diluted by the fact that thousands of eyes pore over it. Rather then trust in a single person (Marlinspike), instead I just have to trust the person I'm actually talking to.
And the Matrix team have done nothing to make me question their motives.
I am a Matrix user -- I run a homeserver primarily for bridging my other services into one chat application -- and I am a Signal user.
I have found that Signal strikes a good enough balance with E2EE that I can easily recommend Signal to anyone -- I do not find the same to be true of Matrix. While I believe Matrix to be a better choice for freedom and privacy I do not see it as a good option for non-technical users. Even for technical users I feel it can be very confusing to use unless you are already familiar with the Matrix ecosystem, jargon, etc. With Matrix, the overhead to manage sessions and your security is much higher than Signal. Sure, it's unfortunate that you have to place some trust in Signal, but it's far less confusing than having to manage your own sessions.
In my subjective and probably biased experience, Signal feels as easy as iMessage but still provides greater privacy than most other platforms (not Matrix, obviously).
I really like Matrix for myself and for dev communities. But I have a hard time seeing a future where Matrix becomes a mainstream personal messenger until the experience feels a bit more hands-off for non-tech users.
100% agree. Matrix is great and while it took a bit to setup everything I liked the direction it's going.
Started using Beeper which is built on top of the Matrix protocol. Even with this nice abstraction app, there were several steps to set up and then connect to the various bridges they have. They're still very much a beta product.
I'm in exactly the same boat as you. Signal for random friends and family, Matrix for anyone who can handle a little bit of tech. No one else in my Matrix friends group chat works in IT, though, so it's not that bad.
I agree, but I expect Matrix to catch up in the long run.
There is nothing in the Matrix protocol that fundamentally blocks it from having a great UX. The client apps are just not as good as Signal's yet.
Yeah, I guess that's true. I suppose it's the way Matrix gives you control to manage multiple sessions that gets confusing. I can understand why it's good to give users that control -- but for non-technical users it gets confusing quick in my opinion.
If you live in a village where everybody knows each other what happens inside your house can be private even if everybody knows you live there.
The other way around you could be at a nightclub in a big city where nobody knows you and do the most i timate stuff publicly (but protected by anonymity).
Of course if you have privacy and anonymity what you do will have even stronger protections, which could be especially useful in the internet, where the biggest part of our conversations is not ephemeral but persists. But to defend Signal here, this is actually something you could choose with their disappearing messages.
Anonymity massively helps privacy. Legislation in my country could force the company to spy on me and break encryption, technical challenges completely aside.
a phone number is a very private thing so your explanation is unwarranted. you can be concerned about giving away your phone number without having concerns for anon
I would guess that for many people their mobile phone number is a identifier more stable and unique than even their full name. In some jurisdictions it's hard to get one without presenting an ID.
except as a spam impedence (not prevension) requiring phone numbers is a legitimate security and privacy risk, especially for people who think it is a stable and unique identifier
Not your contacts, but everyone [already using Signal] who has you as a contact.
To remove that functionality would be equivalent to removing the ability to look up if a Signal message can be sent to a particular number. At least as long as phone numbers are used as the sole identifier for Signal accounts—another decision that has been debated into the ground, of course, but was done for understandable reasons.
that is mostly a UX problem, not a technical problem: people are surprised that signal tells others that they created an account, and this isn't a pleasant surprise IME. doubly so (more, actually) if you've got a stalker who has your phone number.
That would also remove the ability to easily transfer your existing social graph, which would kill adoption. You don't actually have any other choice if you target for mass adoption.
The problem with Matrix (compared to Signal) is the huge amount of unencrypted metadata your average Matrix conversation will generate.
I'm not versed well enough in network theory to decide if that's a consequence of federation or if it's just an oversight. I'm also not enjoying the wasted bandwidth of base64 encoding binary data in JSON, the encryption is inherently wasteful to make it easier to use for web developers.
I do prefer the ideas and concepts of the Matrix ecosystem, but Signal does privacy better in pretty much every way except for them requiring a phone number.
> huge amount of unencrypted metadata your average Matrix conversation will generate
Do you have more details on this? Matrix being distributed of course will not "tumble" everything through a single service, sure, is that what you mean or other issues?
Matrix servers store the conversation history for their local users. The message contents (for e2ee rooms) are e2e-encrypted. The metadata (which user sent it where and when and to who) is not currently encrypted or obfuscated. We're working on addressing this in the context of P2P matrix (as per https://arewep2pyet.com).
I dont really consider it too much of a problem but there are unique identifiers in plaintext for (almost?) every message to make federation and E2EE work. If an 3ncrypted, federated room receives a message, its participants need to know what key to use for decryption and in some cases what specific device ID was used to request the right keys.
What I find particularly strange is that my messages also contain the event identifier a message is a reply to outside the E2EE envelope, as well as the message type for example. If you can get your hands on a database, you can find reply messages and see the messages part of threads without having to decrypt anything. I'm not entirely sure why the server would need this information, perhaps for making notifications work efficiently?
You can see this for yourself if you enable dev mode in Element, hold/right-click a message and hit "show source". You can also compare that to the result of "show deceypted source".
All of this metadata is being transmitted over HTTPS, of course, unless you're using some local devices setup. It's not literally plaintext but the envelope stored on the server contains much more message details than Signal's.
There definitely seems to be a gap between what a certain subset of people want out of Signal and what I do.
I like Signal because it is a fairly pure messaging app. Admittedly, introduction of Mobile Coin has marred that though. I want something analogous to SMS but is E2E encrypted. I'm personally not intentionally trying to evade state governments, I'm concerned about Comcast.
My favorite Signal feature is automatic deleting messages. I can have ephemeral conversations with people about politics, a health issue, etc and generally trust that it won't be on their phone later. When that feature rolled out, it was controversial. The security types complained that it provided a fake assurance of privacy since there was nothing stopping screenshotting or simply taking a picture of your phone. It reminds me of the federation discussion in that I understand the concern from security pureists, but Signal still seems like the better option than an FB managed app or SMS while still providing something my parents can easily use.
> I'm personally not intentionally trying to evade state governments, I'm concerned about Comcast.
There’s a pretty interesting irony, or a joke, buried somewhere in the fact that those living in authoritarian regimes use Signal to evade the regime, while those of us living in the “free world” use it to not primarily evade state owned institutions but the private for-profit institutions that start doing very similar things to the regime.
Here’s an attempt at a joke:
Q: what’s the difference between your private communications being intercepted in Iran and the US?
A: in the US it increases the value of your stock portfolio
I don't think you can compare Comcast with a government. Governments kill, imprison, and torture people based on the information they collect. The worst Comcast could do it give it to a government, they are not going to do those things to you directly.
A note: once you have secure messaging, payment coordination is just another form of usage of that messaging channel, same as stickers or photo attachments. It's still a pure messaging app even though it allows sending of photos or payments.
XMPP has a variety of clients for about all platforms, is federated, can (optionally) be e2ee. Its most used client on Android is user-friendly and has built-in (optional, again) tor support. On a cheap vps you can easily run a server with many users. I think it deserves a little more love than it receives.
The promise of XMPP + E2EE (with OMEMO) is appealing, but I found that in practice it doesn't work. For example: you want to start an E2EE chat with your friend on the riseup.net XMPP server. You can't, because their server hasn't enabled the necessary XEPs like Message Archive Management.
I think XMPP is perhaps the best example of what Moxie was talking about in The Ecosystem is Moving: it's a super fragmented experience. Most users do not (and should not need to) know the technical details of how their server, or their friend's servers, are configured.
I like the speed and simplicity of XMPP with OMEMO, but you're right that apps and servers may not all be up to date. IMO, if a server doesn't support the latest IM and Mobile compliance suites[1], the admin responsible is negligent, though. You should just be able to install Conversations and have an encrypted chat with anyone (I recognize that this is not, in practice, the case).
For me, the biggest blocker on XMPP is that OMEMO and multiple devices don't seem to get along. Matrix solves this with cross-signing, but I don't believe the OMEMO XEP addresses the problem in any way.
I think Moxie's article is directly a response to XMPP. But on the other hand, Matrix has managed to have both federation and rapid evolution, so he's just empirically wrong.
May I suggest you give it another try? It has been steadily working for me for a few years now. (Conversations/gajim/dino/siskin-im/beagle for the clients, and prosody server side)
> because their server hasn't enabled the necessary XEPs
Changing to a server that does is not a big deal, since most (all?) XMPP clients allow multiaccounting.
> it's a super fragmented experience
What you call fragmentation I would call diversity, and I think it is a good thing.
> Most users do not (and should not need to) know the technical details
I agree that a certain level of abstraction is necessary to use complicated stuff. However, I think not having the slightest idea of things work is a problem, and leads to alienation.
XMPP needs more love. Provider indepedent end-to-end encrypted messaging, standardized by the IETF and not tied to a VC-funded startup reinventing the wheel.
Let's make using and building on internet standards popular again.
I think that beside the scary name, not forcing 'apps' into user's devices and via massive advertising is what makes XMPP not so popular. https://snikket.org/ is an attempt to 'rebrand' XMPP into something that should be more familiar to non-hackers.
Yes, which sort of explains why it has failed for widespread adoption.
The wider audience wants to be able to hand out their contact details at a bar and know they'll be able to block the person if they turn out to be a creep.
Or they want to be able to block their annoying ex, that crazy QAnon fan cousin etc etc.
This is a 100% must have feature, and yet it's treated like an optional feature.
There's so many features like this - it's like people using XMPP have never looked at how most people use messaging.
You quote a comment where I present several options to solve a problem I have never experienced on XMPP (spam). How does that illustrate "critical features [not being] there"?
Why was that an EEE? It's not like Talk "killed" Jabber. Jabber had very marginal use, it shot up when Jabber support for Talk launched, and then it tanked to the previous levels when Google pulled the plug.
Whatsapp also originally (or maybe still?) used Jabber. The whatsapp protocol was Jabber with binary tokenised XML, iirc.
Are there any Linux client with good spam filtering? I had to give up on XMPP as I was receiving thousands of times the amount of spam as I did actual messages. Just rendered the whole thing completely unusable.
I think you can block a user easily if your server supports XEP-0191, or if it implements some sort of blacklisting. I am unsure about blocking client side, since I never needed it (yet?).
It is probably due to XMPP's lack of popularity, but FWIW I have been using my XMPP for about 4 years and have not received a single unsolicited message yet.
I love XMPP/Jabber and the available clients are vastly superior to what Matrix and Signal offer. Sadly, the amount of people I know who use it make Matrix shine in comparison :(
Signal has a bulky, slow Windows client. Elements is a [0] bulky, slow Windows client. Gajim is fast (I’m guessing it’s the only native of the 3, but I haven’t checked). Configurability is also better. And then there are other options (which I’ll evaluate soon, as I did not like the recent redesign), while there are none for Signal and none that are stable for Matrix.
It’s not as bad on mobile (I can only talk about Signal here, not Matrix), as clients are far more constrained, but once again Signal has a slow Android client (every action only happens after a noticeable delay) while the biggest XMPP client Conversations is instant.
[0]: I tried a beta version that felt like an alpha, but OTOH the last time I tried it, it seemed reasonably stable.
As an old hacker and daily Signal user, I have mixed feelings. I want my freedom, but I recognize centralizing controlling effects can help the “network” with quality issues. As maligned as Nintendo’s NES era policies towards third-parties, there was a direct historical reason for it. Shit quality tanked the industry.
So imagine a world of half-baked, likely insecure clients popping up, creating confusion and chaos around what is a great tool / protocol.
I think NES case is more about business practices and distribution problem w/o a digital network. Im sure there was a lot of talent left untapped. If they somehow passed decision making from distributors to end users they would have a healthier ecosystem with a lot of innovation coming from small teams
The NES lockout chip is almost certainly a direct reaction to the lack of a lockout chip on the Atari 2600 and the resulting immense pile of garbage games at your local retailer, and the video game crash.
So much of the NES's design is an attempt to distance themselves from the previous version. Front-loading makes it look like a VCR rather than an old game system, the box and cartridge art is actual art from the games (enlarged, but blocky) rather than images that are not part of the game, etc.
Of course, it's hard to measure apples to apples and see if open would be better, because nobody released an open console after that generation (Sega didn't put a lockout in the Genesis originally, but they added one in later revisions)
> the box and cartridge art is actual art from the games (enlarged, but blocky) rather than images that are not part of the game
The only ones I can recall like that is SMB and Duck Hunt, but all others I recall definitely not. SMB2, SMB3, Megaman, Contra/Probotector, Zelda, Olympus, Parodius... all had specific cover art, often of the "over the top" kind.
Imagine a world where a compliant implementation can get a certificate. You as a user might choose whether you agree to interact with non-certified clients.
It's a different business model. But it seems workable (see Bluetooth, USB, JVM), and it'd be more resilient than the current single-benevolent-vendor model.
Interesting because your examples all suck in different ways, especially when devices of different manufacturers (or even models) are supposed to interact.
I haven’t yet watched the video, but I agree with the text in that I found the Signal’s hostility toward third party clients both confusing and disappointing. That single decision probably dampened my excitement for it as both a developer and user than anything else.
I'm really torn on Signal these days. It's still a great method of communication, but it's kinda floating in a sea of other great methods of communication.
I remember using TextSecure while rockin' a Whisper System shirt, cause it was the best way to show support, but now it's opaque updates to include cryptocurrency, chat stickers, and subscriptions.
Really though? From my perspective, it seems as though an option can either be a great academic solution or it can be widely adopted. I've used Signal service discovery to decloak a whole mess of colleagues. I'm talking about people who have firstname@aol.com email addresses. Good luck finding another messenger with penetration that deep and a material dedication to user privacy or security.
Alternatives exist, like Telegram I guess, but I perceive the list of viable alternatives to be very short. That's not to say we should accept Signal because it's inevitable, just that network size should be a strong consideration when considering how to advocate for changes or decide between potential alternatives.
Example: Signal requires a phone number as an identifier. Do we spend resources lobbying Signal to accelerate deprecation of phone numbers or advocating that people use other software? In my view, the size of the user base makes lobbying Signal worth the effort.
I liked Threema but it had the same issue of getting other people to use it. For me it was usually very specific individuals I wanted to share a channel with so it wasn't too difficult. But for more general contacts and friends there was no chance. And maybe that is ok in the end.
I've set Signal as my SMS app. When I message somebody, sometimes they happen to have Signal installed, and so it's a Signal message. Otherwise, it is a plain SMS.
What I don't understand about the phone app version of Signal is, when I say "No I don't want to share my contacts" or "No I don't want notifications", it says Ok, we'll remind you later. And it sure does. I thought that apps were generally supposed to respect a user's decision to tell it to fuck off.
I've never denied these permissions to Signal, but I have denied them to WhatsApp. What's really surprising to me is that WhatsApp never asks again and totally functions without contacts access. Weird, right? I just receive messages from rando +93 numbers, which is exactly what I want. Of course this is not a comment supporting WhatsApp, since it has all kinds of user-hostile components (I can't even send a message without adding a number to my contacts and giving the app permission to read contacts).
Just let me suffer with the amount of pain I am willing to put up with to use the app the way I want. If I don't need profile pics and names from my contacts, then don't try to make me have them! :)
It's okay to praise Whatsapp for something they do right even if they don't do everything right. I suppose.
problem is that those are two really core features of a messenging app, so they probably don't see how you can keep using the app without them and not have a shite experience.
edit : in case people wonder "share your contact" is actually the only way an app can tell you if a friend from your contact book can be contacted through the app. It's a pretty important thing especially for the onboarding of new people.
You'll have to do that, hoping that they're on the platform, then the server will respond "sorry, i don't know this guy".
Then either you send him a SMS or email, saying "hey, when you're on signal, let me know". or you repeat the process every day until finally the person is on signal.
That's a crap experience for an onboarding to the platform.
Most people will allow contacts and notifications, which will help with onboarding ordinary users.
I don't need help. I already want to use it the way I want to use it. Don't need to keep reminding me after every update or more than once or whatever.
How about a "No, and don't remind me again" option?
But yeah, I get what you are saying about most users.
I have lots of contacts in Signal without sharing my contacts list. I put my friend's number in, and send a message. No prob. If a messaging app needed me to add a contact first before I could send a message, then maybe I wouldn't use it. My wife's messaging is just a lot of phone numbers and I don't know how she keeps track of who is whom, but she does and she has never put them into contacts. [edit: e.g., using the default phone msg/txting app.] That doesn't work for me, but my way does just fine.
I don't need notifications for Signal just like I don't need notifications for email just like I don't need notifications for anything besides reminders or alarms.
I don't want my life to be "oh shit I gotta check out this latest notification".
Just because "they" don't see it that way doesn't mean "they" shouldn't respect my denial. I have a lovely experience, in fact! :)
YMMV, and I get that. Not knocking anyone who lives that way.
And back in the day apps used to ask for your email password to find your contacts and I never did that either.
Having to manually exchange usernames is a tradeoff I have mo problem making against having to provide my social graph to a corporate entity or having people able to do a basically public identifier lookup to my private life.
I'm surprised recruiters haven't started spamming signal yet - they certainly have my phone number in DBs against my will, and 1 has tried it on whatsapp.
I've always hated Moxie's stance on federation and alternative clients. As a result I've never promoted Signal among my friends as an alternative for WhatsApp.
I strongly believe in federation and open client ecosystems. Matrix is ideal for me but people don't seem to like it. I'm kinda hoping that signal will change now that Moxie is gone.
I mean, I see it the same way, but it's still better than running on centralized Facebook or Telegram infrastructure. What do you recommend to your family instead, or are they all still on WhatsApp / plain text SMS for this reason?
For me, comparing Wire, Signal, Threema as the most mature and stable e2ee messengers that have any kind of network effect (so people will grow the network beyond just talking to this weirdo called Aachen), Signal has by far the largest network effect and by a very small margin the best user experience. My family is on Signal now and I was regretting not going for Wire (which has more features and fewer connectivity problems) until I needed to use Wire on Android again a few weeks ago and the Android user experience turns out to have degraded severely.
The only realistic alternative I'd see to Signal, Wire or Threema (all centralized, though Wire has some enterprise on-prem thing I'm not familiar with) is self hosting something that just uses TLS to the server, but then you're always going to be on call and they won't use it with anyone else, also because you can always read all their messages. A friend has a matrix server (UX on Element is awful and buggy as heck) and every few weeks there's some problem and we temporarily fall back to Wire, and when that doesn't work, back to Signal, and when that doesn't work, calling.
I don't have the energy to push them to move over especially because they also have their circles that use WhatsApp. So I decided to just set up Matrix Bridges and get all that shit (WhatsApp, Telegram, Signal, Discord) off my phone, I use them all through Element now.
But I'm not going to do free promotion for what is yet another walled garden.
PS: Element works pretty well for me, and it gives me the added benefit of having all my chats stored in one place. Also gives me the ability to read chats that have been deleted by the user, make copies of what people put in their WhatsApp 'status updates' etc.
I really wanted to address the speaker's points but what's the point, it's just a rant (kudos to him for being upfront about it). Instead I just went and donated to Signal once again.
As a concrete reminder, Signal didn't publish the source for their server-side from 20 April 2020 to 6 April 2021 while they secretly added a cryptocurrency payment system, which Moxie denied they were doing in January 2021 (I'm on phone at the moment, happy to provide cites later but truly, they're not hard to find).
Don't trust Moxie; don't trust the server side of Signal.
Don’t trust the server side of any service. Open source or not, federated or not, it’s impossible to verify that a server you talk to runs the code it says it does.
Which leads to one of the selling points of Signal: that the client is designed to expose as little metadata as possible to the server. Sure, the Signal servers could be slurping up IP addresses and timings despite advertising that they don’t. But I can’t think of a single alternative service that can guarantee otherwise, and that problem is compounded by clients that leak much more metadata than Signal.
This comes across as dismissive of the criticisms outlined by GP in favor of more general critiques about owning your own data. Yes, "The cloud is just someone else's computer", but GP gave specific criticisms about Signal.
This would be no different from someone replying to a criticism about Telegram ("They rolled their own crypto; Don't trust the server side of Telegram!") with "Don't trust the server side of any service.". Yes, it's true, but it doesn't address the issue raised.
The difference compared to your analogy is that Telegram’s self‐rolled crypto is a problem many messengers don’t have, and it can’t be mitigated by the client.
Whereas the possibility of malicious things being done on Signal’s server end is a problem shared by every messenger, and Signal works hard to mitigate this by pushing smarts like contact handling entirely to the client side.
I also don’t see why you brought up “owning your own data.” I already discussed that the same “don’t trust external servers” axiom applies to self‐hosted federated systems as well.
I have a modicum of trust that the sensible reader understands that given the phrase “federated or not,” the subsequent phrase “a server you talk to” refers to external servers in the federation that your self‐hosted server talks to.
Because they provide no guarantees around the stability of the protocol, and presumably don't want to drag around the weight of a load of poorly-maintained clients that break all the time.
Besides, it's their service, they get to say who and how they connect.
I tried to watch the video... But damn the speaker is hard to pay attention to. I barely got through the intro.
Honestly, Signal was too unreliable and hard to use for me. I've lost too many messages, had issues with multi device use (with messages not syncing correctly or not being delivered everywhere). Security is cool but I need more reliability. Also my threat model is not that high.
They just gotta work on reliability and some more joy in the UX for regular folk. Might not be easy but I've seen too little progress in that direction over the years and I don't feel it's high on their priority list. At least that's the optics from a distance.
When did you throw in the towel? In the last year or so they’ve been rock solid for reliability. (Note: some Android devices background app memory/power/cpu management of Signal effetely makes any type of messenger useless.)
I've been a Signal user for the last 6ish years, and if anything I've noticed message delivery reliability go down in the last year. This is an active discussion point within my circles that something is seriously broken at Signal as we are a large group all having these issues happen to us (i.e not tied to one platform or os version).
Using Signal has been frustrating for me too, though my usage is minimal. In the last few months I’ve seen messages getting delayed in delivery (like the next day or two). That along with user experience issues (pestering often to sync contacts and turn on notifications, not allowing backups on iOS) makes it hard to recommend it.
I primary use Telegram and sometimes Signal when I need to.
Telegram >is< very – very, very – shady but it's hard to argue with the extreme polish and attention to detail with which all of it's apps are made.
Signal does not even come close in terms of user experience (neither does Matrix) and Signal also does not seem to strive to catch up. Their position seems to be that security as a feature has to be enough.
I'd love to have an alternative to Telegram, but Signal ain't it.
I've thought he's wrong for a while. The problem is not that you can't innovate within the context of a (well designed) federated system. If that were true the Internet would still be using telnet, rlogin, finger, Gopher, and vanilla ftp.
The problem with decentralized and federated systems, as I've repeated ad nauseum, is lack of an economic model. It's the same as the problem with any kind of consumer-oriented open source. IMHO every other explanation is mental contortions to avoid looking at the economic factor.
The innovation isn't happening because producing high quality software with support for multiple platforms, diverse network environments, etc. is fabulously expensive yet we pretend it's something hobbyists (who don't have trust funds) can do in their spare time.
Centralized systems can have their choice of viable economic models: commercial software rental (SaaS), non-profit fund raising, free core with paid upgrades, advertising, and of course less savory ones like surveillance and pay-to-play addictionware.
You can try to raise money for clients/nodes to run in decentralized and federated systems, but since there's always more than one and very few people pay for anything unless compelled there's always going to be too little funding to make any of them great.
For a little while I was optimistic that cryptocurrency and tokenization might provide a mechanism, but then scammers and gamblers destroyed that ecosystem.
The "major problems" this talk seems to address are essentially that Signal doesn't support third party clients.
Really? Supporting SailfishOS won't move the needle on Signal adoption. Just say the truth: you want the ability to hack around with the protocol and clients, for fun.
I use Telegram because it is a superior product. Then I don't see the point in encrypted chats with many users, no use case for me. For work, I would use self-hosted solution like Mattermost. Then, if it is true that Signal behave like they know better VC company and block 3rd party clients, etc. Signal is centralized, but I want decentralization, not just from technological point of view. With today predatory imperialistic sanctions issued by US against whole countries, I do not want to place all my eggs in same bucket, controlled by US government and I still remember Snowden revelations.
It sounds like you are still under the impression that Telegram is, or ever was, Russian. It's run on infrastructure from the USA and its allies just like Signal, Wire, etc.
What you're looking for might be WeChat (this is definitely the first and hopefully will be the last time I recommend that)
On a less sarcastic note, Threema makes a point of running in Switzerland. Not that they're friendly with military powers other than NATO, but (per your desire) it's slightly better than running on US/UK infrastructure directly.
Also worth pointing out that Jitsi isn’t a standard protocol (AFAIK), but an open-source library. Matrix, the protocol, doesn’t actually have support for video/voice chat.
Ah, I didn’t know that. I’m not sure I consider that “great support.” It looks relatively new, and from the blog post it seems the spec is still in proposal and development stage. It’s not implemented in any of the chat clients either.
Well, it's 'great support' in that i use it as my daily driver instead of Jitsi without problems. The spec is indeed still in proposal, and it's currently being integrated into Element Web/iOS/Android. Meanwhile Matrix has had native 1:1 VoIP/Video calling since 2015.
Ah TIL. Matrix can be used to setup a WebRTC session between two participants. But that looks like pretty rudimentary. Do any chat clients use this? I thought Elements used Jitsi.
Meanwhile, I'd just like to have a messaging service that I can use on multiple devices and which isn't tied to my phone (number), and which doesn't have a trash client.
I don't really see this behavior you're describing, but related seems to be the tendency to share full name on WhatsApp and Telegram but only have a single letter on Signal because now they suddenly feel the need for privacy/secrecy/mystery.
Then start a PM chat and expect I have any idea whom I'm talking to. Sure enough, once they send me an actual name I know them, but...
I wonder why XMPP is not more popular. It’s like people forgot that it has e2ee, and that the protocol is flexible enough for people to iterate quickly with, or how there’s a well laid out path to get extensions into the standard, and there are already robust, battle-tested, and scalable implementations of both clients and servers in multiple languages. Instead we end up trying to reinvent an ecosystem with Matrix?
They could have done that by making more streamlined XMPP clients or improving release engineering for servers, or creating new logos to rally around, or solving the spam problem or pushing the idea of “Jabber home servers”, or provide services to aggregate RSS, or even making a completey open-source and open standard “skin” for a Slack experience, or protoyping a Websocket replacement for BOSH, or write Javascript XMPP libraries that let devs hack on the front end. But they did not do any of that.
It’s as if the people involved with Matrix don’t really know what is available for XMPP, or have studied its history to see what is in store for their own efforts.
I have a friend that was seriously trying to create a service backed by Matrix. He saw it as a way to bring e2ee to more people. Yet recently, when I revisited XMPP and discussed it with him, the more I dig into XMPP, the more I’m scratching my head — why didn’t we just start with XMPP?
Speaking as project lead for Matrix: Matrix is not an attempt to reinvent XMPP, plus we had extensive XMPP experience before creating Matrix (running 10M+ user ejabberd deployments; writing XMPP clients based on Smack, XMPP.Framework and Strophe.js; writing our own ejabberd modules for things like push notifications and persistent chat history, etc).
Instead, Matrix is an entirely different architecture with different tradeoffs which you may or may not agree with.
The main differentiators are:
* It's a protocol for replicating conversation history; not for passing messages.
* You get eventually consistent conversation history, as well as decentralised key-value store for metadata about the room.
* Rooms are entirely decentralised over the participating servers; there are no single points of failure/control in a room.
* It automatically heals after network partitions
* It's a single monolithic spec
* E2EE is on by default.
If anything, Matrix is more like NNTP than XMPP.
Now, you're welcome to dislike Matrix and build on XMPP (or SMTP or NNTP or SIP or MSRP or IRC or whatever other messaging protocol floats your boat) instead, but it's completely and utterly wrong to claim that Matrix is just a reinvention of XMPP by people who don't understand XMPP, or a marketing gimmick.
Thank you for explaining this. My claims about the reinvention were incorrect.
I didn't think about the replicated conversation history and did not know about the decentralized rooms (though looking back, I can see what you mean by that if XMPP rooms are tied to a JID). Those kind of properties seem to work better for some ideas of mine's, though there are others that XMPP still seem to be better for other ideas.
Yeah, but XMPP is using a horrible and inefficient XML encoding. These days we prefer horrible and inefficient JSON encodings, hence the need for Matrix.
I don't care that it's XML, but I do care that I can't send encrypted messages or make A/V calls to Matrix users simply because they choose to reinvent the existing standard.
Standardization is much more important than which encoding is popular right now.
But still, XML is easily compressed, parsers are much faster than required for IM and XMPP servers and clients are much more memory and CPU efficient, XML or not.
And it gets stranger. I looked into it more and found design goals stating that Matrix was originally designed as a way to link existing messaging systems like XMPP and Slack together. Yet, people remember it as its own thing, and that thing is a subset of what XMPP already offers.
When I looked into what it would take do commercial home servers, I found immature implementations that fall over while ejabberd has been battle tested on 2 million concurrent users on a single instance.
Best I can tell is that Matrix has better marketing. While Google is scaling back in XMPP for gtalk because of spam and lack of participation from other companies, Matrix is seizing mindshare as being newer and “better” and shinier. (And if they get big enough, it will also suffer from spam …)
I noticed that XML allows for pointing to custom schemas (vis semantic web) and feature discovery. It is what allows developers to iterate on extensions without breaking compatibility
As far as efficieny, XMPP powers some very large deployments: Apple Push Notifications, Google GTalk, even WhatsApp is a modified XMPP.
I have multiple non-technical friend groups that uses Signal for communications. Onboarding is absolutely not in issue.
Some people refuse to use Whatsapp because of privacy and general evil monopolist issues and Telegram also has also been getting a bad reputation for hosting hate groups and such. So if you want to get everyone on board, Signal is the neutral territory to go for.
Signal is absolutely mainstream, at least here in Germany. My 60-something landlord uses Signal to communicate with me.
Totally correct. The problem on this comments here is that many of them insert their own anecdotes as evidence. It isn't evidence.
> Almost no one uses Signal outside of your social bubble.
There is evidence support that claim. From [0]:
"25.97% of participants wanted to switch to other apps (at least partially) due to the update, but only a quarter of those succeeded."
"Only 0.5% of participants uninstalled WhatsApp. The data shows how installing a new app is easy, but leaving an app is not, mainly due to strong network effects, differences in functionality of different apps, and feeling a loss of control over the distribution of contacts across apps."
So that wasn't the so called 'mass migration' that was religiously believed by the Signal fans here. In fact, they are still using WhatsApp or Telegram.
Signal has vastly improved in its user experience in the past few years, it's simple enough that my parents and girlfriend use it, and the enforced policies err on the side of security.
This reads like a Linux user who gets frustrated when people use Ubuntu. You like Matrix? Cool, use it, but I for one don't give a damn about your self destructive purity spiral.
Currently they're pretty far off something robust and usable by relatively tech savvy folks let alone the masses, but the direction is sound and I'm sure they'd be happy for help.
Can't read the article as it is being HN'd to death. But...
I really like signal. I send a message and the other person receives it. They send me one and I get it. Rarely is it down for me and I use this app as my primary means of communication with a number of people. Is it perfect? No, but it is mostly there.
My personal wants:
Don't use phone numbers - though I totally get why they chose to and I'm okay with that. But move on. At the very least let me use one account on multiple phones - there are far too many of us that have two or more phones.
Some sort of mesh operation. If I'm on the same network as someone, my messages should go straight to them.
But, you know, as long as Signal doesn't degrade I can live with the features it currently has and be perfectly fine and I'll continue to donate.
rysiek claims in this talk that the Signal desktop app requires 4GB of RAM in order to run because it is an electron app. Where does he get that number from?
I'm currently running Signal on OSX and it has been open for 7 days. It has 5 processes, that combined are using 440MB. This is a lot, but an order of magnitude smaller than rysiek claims.
Thought I'd look at other electron apps I have running. Slack is using ~700MB and VSCode is using ~1.4GB.
the examples given (matrix, activitypubkindathing) both have major players (matrix, mastodon) that move fast enough that everyone else is constantly chasing after parity with them, which IMO kinda re-enforces moxie's point.
As far as I can tell, if you want to do fully open and parity, you got either IRC, the joke being still lack of parity, no client can agree on using the same E2E encryption method, etc. Or XMPP, once again, 5million extensions to the spec (the XSF recommends reading through 23 seperate RFCs to get an idea of how to implement a client).
- - -
So, if you have issues with the current options, and concrete ideas of how to solve them, please free us all from the hell that is current open communications. This isn't a "just fork it", its an earnest plea.
> Or XMPP, once again, 5million extensions to the spec (the XSF recommends reading through 23 seperate RFCs to get an idea of how to implement a client).
Fact check:
The XMPP core protocol is split into three RFCs, one describing the fundamental building blocks of the protocol (RFC 6120, "XMPP core") and the second describing how to compose these for instant messaging (RFC 6121, "XMPP IM"). Finally, there is an additional short RFC which describes the address syntax and rules (RFC 6122).
These documents are stable, and need to be updated rarely. Other things such as audio/video calls, file transfers, push notifications and such, are defined by the XMPP Standards Foundation (XSF), as I imagine you know, in documents known as "XEPs". These have enabled the evolution of the protocol over the years, and are why XMPP didn't get stuck frozen in time in the early 2000s.
People like to point at the "5 million" XEPs (actually, 468). However the truth is that these are not required reading. They are not all applicable to IM clients (e.g. XMPP is used in IoT and other places), and many are simply proposals/experiments that didn't take off (XEPs have a lifecycle, including states such as "proposed" and "stable"). The XSF is a place of sharing and collaboration, and these proposals are a natural side-effect of that process.
The actual required reading is published annually in the "compliance suites" which describes what implementations are expected to be supporting in any given year. This promotes interoperability, encourages regular reviews of the ecosystem, and helps developers to discuss and plan their roadmaps. The 2022 document is here: https://xmpp.org/extensions/xep-0459.html
Why is all this relevant? Because, although I don't claim XMPP to be perfect (what software/protocol is?), I think this has been a pretty successful model that has stood the test of time and continues to deliver sensible community-driven evolution. The Matrix model is extremely similar (they have "MSCs" instead of "XEPs", and they regularly release versioned documents, though not strictly on an annual basis), IRC folk are trying something with IRCv3. Open protocols and ecosystems are hard work, but they are worth it.
> The Matrix model is extremely similar (they have "MSCs" instead of "XEPs", and they regularly release versioned documents
This isn’t strictly accurate. Matrix’s MSCs are effectively proposals to update Matrix’s monolithic spec, and once they are merged into the spec (or closed) they are discarded. So someone reading the spec should never have to mess with MSCs (unless they are implementing something experimental); this is a very fundamental difference to IETF RFCs or XMPP XEPs.
I wouldn't call it a fundamental difference. If I was to concatenate the 3 XMPP RFCs and the suggested XEPs from the compliance suite linked, I would end up with a monolithic spec.
Every now and then, when a new compliance suite is published, I'd need to update the one concatenated document aka. monolithic spec. A new compliance suite in XMPP "activating" a XEP is like "merging" an MSC. For as long as a XEP is not part of the compliance suite, it's not part of the monolithic spec (it's still just an MSC) and you don't have to mess with it.
The only real difference is that the current version of XMPP spec is a document with links to other documents whereas the current version of Matrix spec is a document with links inside the document itself.
also 6122 is replaced with 7622, updated rarely, but updated often enough it seems.
I never mentioned "core" for a reason, I used the words "to get an idea of how to implement a client" for a reason. perhaps "recommend" is wrong, but they still list 23 RFCs as relevant.
And I'm talking clients mainly as in pre-existing ones, where every landed XEP might need to be implemented if its codified for a given year, even if its removed the very next year.
And by fact of XMPP being still updated, means parity chasing is still happening.
I'm eager for IRCv3 to end as opposed to becoming a living specification, because no one of any popular client seems even slightly interested in chasing parity anymore, the constant slow trickle of things to change must be so insanely wearing.
I don't disagree with "its the best we've got" but when other areas of software development have like, 20 best-we've-gots, but live text communication has 2 best-we've-gots, I would love to see that change, despite not having the skills to do so (but I plan to try regardless!)
In the past 30 years I've used email, and close to three dozen different messaging solutions that each came and went.
Patterns why none of these chat solutions really stick long:
- Lack of standardization and ecosystem. There are multiple standards of course. But unlike email, none of the standard based products ever managed to become entrenched enough such that the rest of the market could not afford to ignore the standard. Jabber for example never really ended up mattering because at no point did it get over ever a percent of user adoption. Email had the advantage that you could email the whole world or only people inside a single company with corporate mailing systems. By the time MS figured out that they wanted in, they tried really hard to change that but never really were able to make people use their protocols rather than SMTP for delivering emails. For better or worse, that's how mail gets delivered.
- Walled gardens where companies jealously aim to keep all competitors outside. Microsoft, Facebook, Google, Yahoo, AOL, etc. each had a go at this space with long forgotten products. And some of the products that disrupted those are also long gone.
- Reinvention of the same wheels over and over again. It's disgusting how close e.g. ICQ was in functionality to things like Signal and Whatsapp. That was in the late nineties! This space is running around in circles. Arguably it had some useful features that some contemporary products still lack.
- Federation is consistently rejected as a feature by new players and a contributing factor for their inevitable demise; even if initially successful. What matters more to people is who they can chat with than what the feature set is when they are chatting. Whatsapp cleverly capitalized on that end ended up disrupting lot of entrenched things simply by offering wider access to essentially everyone with a phone, which at this point is most of the planet. Of course, whatsapp's popularity has suffered a lot in recent years courtesy of Facebook doing what every other big company has done in this space historic: get overly possessive and throw out the baby with the bathwater. Signal is backed by the Whatsapp founder. And ironically repeats most of its mistakes.
- Users inevitably try out a new app and as they move, some apps go in and out of favor. And since they don't federate, users go where the other users are.
Wake me up when Telegram, Whatsapp, Signal, whatever the hell Google is calling their chat app this month, iMessage, etc. can talk to each other. I have close to a dozen chat and messaging apps on my phone and they all get used. It's beyond ridiculous. All proprietary walled gardens with enough people in them that I somehow need to be there as well.
That's why email is still a thing. Because when you have to reach somebody, you send them an email. Instead of playing roulette with your selection of chat apps to see which one of those might get a response. Pun intended of course, chat roulette was a thing at some point.
The only standards I know of are XMPP/Jabber and IRC. XMPP has seen widespread adoption when Google and Facebook started offering it. Then they stopped doing so probably because interoperability is hard AND is counterproductive to their business incentives since users could very easily switch to a different provider instead of being locked into your walled garden.
Hopefully we will see interoperability and adoption of internet standards again if companies are forced to (DMA) or users start making standards compliance a hard requirement.
I choose to delete every walled garden messaging app and started using XMPP exclusively. Since I'm not reachable on anything else about 20 of my friends and family members now have reachable XMPP addresses and they make up >90% of my messages.
I actually need to be able to communicate with a range of people that just aren't that open to switching apps just to chat with me. A jabber client is the one thing I don't need actually. I literally don't know anyone currently that is using that. I've used it in the distant past of course. But it's a long time ago that I encountered anyone using that or suggesting that as a way to contact them.
im curious what people think about briar. it seems to be the next iteration of secure communication protocol. real time physical conversation happens (usually) without a middle man. there is no reason we need a cetralized server to regulate all of our chats
I found plenty of my contacts moved to Signal in the last two years. I can even order in some restaurant nearby with Signal, but not having to reveal my phone number is one of the things I like from Threema.
Why do you need centralization for "network effects"? Send a cc mail to all people you want to communicate with, exchange keys in person and use PGP.
Worried about traffic analysis? Well, in that case don't trust Signal and send encrypted messages regularly (including fake messages) to some Usenet group, using mixmaster or Tor.
I was a PGP enthusiast for some time, and advocated it to technical friends.
In the end, though, I only ever received a single PGP‐encrypted mail from a single person.
These days, I have over a dozen reliable Signal contacts, nearly all with safety numbers verified in person, and have sent to or received from them hundreds (perhaps thousands) of encrypted texts and voice messages, and dozens of encrypted audio calls. The majority of my immediate social circle doesn’t use Signal (and some have tried and rejected it), but a sizeable chunk does use it, including non‐family.
When it comes to volume and quality of E2EE communication in my daily life, I cannot call PGP anything but a failure, and I cannot call Signal anything but a success.
That is no small thing. Bitch all you want but make sure when you do you compare it to the success of literally ever other attempt to bring e2e to the masses and then if I'm gonna be snarky maybe compare it to your own achievements.
It would have been fantastic if signal also achieved other things on top of what they did. Maybe. Knocking what they did? Forget it. Signal is an outstanding achievement and nothing else comes close. I will cheer you so, so hard if you beat it.