Yet another reason not to use Signal. The correct behavior would have been for signal to offer an official snap or to contact the maintainer. Instead they send their legal team...
Moxies always been fairly dictatorial about Signal. no third party clients, no decentralization. im not surprised to see a DMCA at all.
So far Signal is a centralized encrypted messaging app that includes its own cryptocurrency and wallet no one asked for, shills me for donations every other release, and begs me to invite new users despite deprecating regular SMS message support.
if youre a threat-actor the most malevolent thing you could do at this point is just watch Moxie and the team drive this project into the ground.
My grandma uses WhatsApp Web and Facebook hasn't taken down the WhatsApp Web snap yet. Both are end to end encrypted and based on the same transport but one of them used copyright law to take down a redistribution of their application.
If "a messenger that works" is a narrow lens, then sure. WhatsApp is still as secure as it ever was and everyone is already on it.
Signal had one feature it did better than its competitors and that's allowing integration of SMS. That feature is now getting killed because of RCS issues. With all my contacts on similar chat apps, I don't see why I should keep Signal installed once they remove the SMS feature, let alone why I should convince my grandma to make the switch.
"But Facebook is evil and wants to control you and wants to suck your blood" yes and so do the companies that made our phones and mobile operating systems. What's the point of Signal's openness (well, "open", they did stop uploading the source code for a while when they were adding in their crypto scheme) if you still use it on a proprietary phone.
And no, Linux on neither mobile devices nor the desktop is grandma-ready.
You mix up concepts. The client app is responsible for e2ee, you don't have to care about the server.
So you can actually audit the client code and make sure it is e2ee, which you cannot do with WhatsApp. In other words, for e2ee you must trust WhatsApp, not Signal.
I presume that for the outdated code, you think about the server code. That's different and would imply metadata, not message content.
Signal is e2ee, and you don't have to trust them for that.
> Signal is e2ee, and you don't have to trust them for that.
Only if both sides are using clients that are self-compiled, independently-compiled (and audited), deterministic/reproducible or third-party.
The problem is that the network and the app are the same people, and worse than that; they send binaries and expect you to trust them.
I know lip service is paid to reproducibility but afaik the instructions for doing that are 404ing.
I just get a greasy feeling from the lock-in, the heavy marketing, the fact that everyone refuses to speak critically of them unless it’s about anonymous usernames.
A truly good secure client would have worked on any network, it wouldn’t rely on transporting your data over their servers, it would be a protocol that was open to third parties to implement, it would also be reproducible or independently compiled by trusted third parties (like OS maintainers, who already audit a lot of the code that gets built and signed).
> I just get a greasy feeling from the lock-in, the heavy marketing, the fact that everyone refuses to speak critically of them unless it’s about anonymous usernames.
There are two things: First, say the Android apk they distribute has a backdoor, and someone realizes that (it's distributed to millions of people, could be that someone checks). Then that's the end of Signal, right? So that's a big risk for them. That's for the "mass surveillance" scenario. Not perfect, but that's something. Second, if you fear a targeted attack, then self-compile Signal. It's not that difficult if you care about it.
Look at how signal vs meta make their money. Meta's entire business model is built around directly violating people's privacy, and conspiring with other businesses to violate people's privacy.
Meta is a publicly traded company. Signal is a 501c3, it's a completely different kind of organization.
I already said that meta has an incentive to snarf up your data.
There is credibility to the notion that signal is designed to ensure that people who are paranoid would prefer it.
The fact that it exists and is convenient prevents more secure messengers from existing as the lions share simply goes to signal, and this is what I mean by marketing. It is conventional wisdom that signal is the bees knees and looking further or scrutinising it is folly.
A lot of funding comes from the government to signal too; and since it’s an American company it must comply to the best of its ability with US law. They tell us that they can only comply in small ways, but given that there is no independent verification of the server (that it even runs the FOSS code) and the hostility in having unofficial clients on the network I am left pondering.
Beyond that, metadata can be every bit as interesting as the actual conversation. Alice only talks to Bob on the weekend. Charlie sending a message to Dave cascades to Dave talking to Eric, Francis, and Gavin. Herald is only online from this business' IP address during opening hours.
The list goes on (and on), but the point is that Facebook gets to be the good guy and claim E2EE, while gathering all that metadata.
It's extremely expensive outside the US and can't be sent over wifi - so if you're communicating with someone abroad it's not a very convenient option. You're also missing out on E2EE and, lastly, Apple has corrupted the utility of it as a communication method for half of the devices out there.
I'm not in US, and unlimited sms is included in monthly subscription.
And years before that sms was cheaper than data.
Also sms is cheaper when roaming in Europe (in my case it has zero cost besides the monthly subscription price).
Sure IM are etter if you need group chat or communication abroad. But that is not the case for majority of population where 1 to 1 communication is used inside a single country.
Federating is hard, and Signal is trying hard to solve the metadata problem in a fundamentally different way (which I happen to believe is better).
I see you want federation, that's fine. I want private metadata. Don't use Signal if it doesn't do what you want, but maybe try to accept that not every project should do what you want. They have their preferences too.
You can build their client and use it yourself, but they don't want you to distribute it and they don't want you using their infra and API from a third party client.
Honestly not what I expected to hear about Moxie. Any more tales that back this up? If this line of behavior is true then I think it's time to move on.
I was ready to grab my pitchfork after that first comment, but farther down:
>>Some time ago you federated with CyanogenMod. What has changed since then?
>What changed was going through that experience. It seriously degraded the UX for our users and held us back in the development process at many times. I'd estimate that all told, we lost about 6 months to a year of progress. It's something we'll probably never do again, and has fully convinced me that federated protocols are a thing of the past in this world of ours.
That's a pretty reasonable take: we tried it and it hurt velocity too much.
Ah yes, velocity. I want my secure and encrypted messaging app to have development velocity so they can add sketchy cryptocurrencies, stories and giphy integrations instead of making a stable and polished app that can send messages and pictures.
There's a time for high velocity, and a time for stability. Federation, at least officially-supported federation is difficult when it's time for high velocity. Having used Signal in 2016 when that thread was written, it makes sense to me that Moxie felt it was a time for high velocity.
I'm not convinced that's still the case in 2022. There are a couple issues I'd like to see polished in the Android client, but I have not noticed bugs or missing features that seem likely to require breaking changes.
> In general, I hope to contribute to a world where we value skills and relationships over careers and money, where we know better than to trust cops or politicians, and where we're passionate about building and creating things in a self-motivated and self-directed way.
Wait? Really? I've been out of the loop regarding Signal. But "crypto punk/anarchist" Moxie Marlinspike is using DMCA takedowns and doesn't like decentralization and 3rd party clients? I'm flabbergasted.
So, this looks like a fraudulent DMCA claim by Signal, as the snap package maintainers and Canonicial have an open source license! This shows malice by Signal.
3. No-one from Canonical contacted the package maintainer(s) about the DMCA, so they have no opportunity to counterclaim or defend.
This is an open sign Snap should not be used. Because utterly unjustified DMCA claims will result in the removal of a package without any way to contest.
This is compounded by Canoncial's controlling methodology with Snap where it is ostensibly open-source but Canonical controls what is permitted with snap through a closed-source server.
AGPLv3 does not somehow permit trademark violations. Signal has taken issue with third parties building binaries and calling them Signal, and I can’t really blame them. This is the same reason Signal isn’t in F-Droid
DMCA takedowns are for copyright only, not trademark. Requesting or demanding removal for trademark reasons is legitimate, but using the DMCA takedown process when there is not a copyright violation is fraudulent.
From galgalesh, the snap package maintainer, in the linked forum post:
> I was just linked to this thread from our issue tracker
> As a maintainer for this snap package, it’s mind-boggling to me that, even after almost two weeks, the store team did not contact me at all. I had to find this out myself from users reporting it on our bug tracker.
> After almost two weeks, the maintainer of the snap has not received any official communication about this, but @roadmr was able to provide this tiny sliver of info in a thread on this forum.
From the original comment of this particular thread, also from galgalesh:
> Snap Maintainer here, this is because of a DMCA takedown request from lawyers representing Signal. Canonical is currently working with them to clear things up.
> Canonical's communication to me was initially lacking due to issues in their process, the process has been amended and I'm back in the loop again.
Seems pretty clear that he was neither aware of it being taken down nor the reason, so I think it's safe to assume that Signal didn't contact the maintainer directly.
> Seems pretty clear that he was neither aware of it being taken down nor the reason, so I think it's safe to assume that Signal didn't contact the maintainer directly.
You could be right, but I think another possibility is that the maintainer did get contacted earlier by Signal, and just didn't mentally connect the dots between that and his Snap package being pulled.
Note that I don't know how realistic this is, I'm just trying to be fair in my assumptions.
Signal offers an official deb. The correct behavior would have been for third parties to not distribute trademark-infringing binaries and call them Signal
Yeah, checking on IA the snapcraft page, before Sep there was no notice (one was added early Sep) this was an unofficial package and the link just below the package name was/is link to Signal homepage with tooltip saying developer. Think the issue was the lack of such notice before. Because on Flathub the equivalent package exists fine: https://flathub.org/apps/details/org.signal.Signal
Signal has historically taken issue with 3rd parties distributing binaries and calling them Signal (understandably so). Most prominently with another serial trademark violator, F-Droid
Regardless of whether you actually should* be able to, "should" and "can" don't always match.
* I'm sure Signal would object to you redistributing binaries under their name, even if you claim they are unmodified, but they can't verify that fact. And honestly such an objection seem pretty reasonable.
Modification of binaries of open source projects is a common and perhaps the only issue from a trademark standpoint. Firefox and debian used to have this too until they resolved it at some point.
- Still need a phone number
- They refuse to post the app on f-droid (directly)
- No 3rd party clients allowed on their servers.
- Crypto thing they attempted
- I don't trust Moxie, he rubs me the wrong way.
Jitsi Meet is pretty good for video, and relatively easy to self-host, though you'll need some decent resources for it. The docker-jitsi-meet project[0] can get you started quickly
Signal's "source available" infra can be self-hosted but it's huge effort and relies on a bunch of cloud-specific services which need to be replaced with self-hostslable alternatives. It's also extremely poorly documented and the code quality is fairly mediocre. I wouldn't recommend trying to host Signal infra yourself; it can be done; I've done it at work and it took some months of effort, and maintaining it is a nightmare (or was, then at least) because they'd only push one huge update to GitHub quarterly or less often.
keybase.io has been great, although it's not without its risks either since it was acquired by Zoom. It's still up and seemingly maintained but AFAIK there's no new feature work.
I've heard WhatsApp recommended from people I trust, but I have never personally used it so can't speak from experience.
The legal team at the company I work for are suggesting to remove keybase and treat it as compromised as there is no way of knowing of keys and other data has not been shared with the Chinese government. No proof at all of course, just the world we live in I guess :)
None of these suggest you shouldn't use signal - or that it's not meeting its goal of secure communication (except the last one I suppose).
Signal is not without flaws as you say, but if you have a phone number and can access a binary, there's every reason to believe it will securely and privately transmit your messages. You are also, ofc, free to fork their client and run your own service (as others have done).
Signal has repeatedly been audited[1] so there's more reason to believe the protocol has the capacity to be secure than other options. Obviously if you believe the company is actively subverting their goal, you should use your own fork.
Edit: to be clearer - signal both publishes a protocol (that is thought to be secure) and provides a public service (that claims to use the signal protocol). Signal has claimed that the binary blobs they add to their public client (and the other restrictions) are required to run a public service (anti-abuse, etc). You are free to believe them or not - I do.
At the protocol level, which you are free to use, none of the problems you or the ancestors have pointed to apply. All of the alternatives people are pointing to here are at the "protocol" level - accessible only if you or someone you trust has setup a node. There's nothing wrong with that - it's a good idea - but it's no reason to attack signal's service for not being a protocol (which they also provide).
Not GP but I'm a Signal user and here are my gripes:
- No easy way to do and restore backups on Android and impossible to do backups on their PC client
- Does not support Android tablets at all (my mom loves hers)
- Fails to ring on Android when you call someone or someone calls you, later serving you a missed call notification (disabled Doze/battery optimization feature on Android and tested on 3 different phones with no cigar)
- No way to share your live location to friends
- Using its built in photo snapping and sharing function takes horrible pictures on Android (I suspect they're using the wrong API). If I want to send someone I'm currently texting a good looking picture I need to switch to my phone's camera APP, then back to the chat and use the photo upload function, instead of the in-app photo snapping and sharing function
Some of these bugs have been reported 3+ years ago, while these things work flawlessly on WhatsApp since nearly forever, meanwhile Signal is busy implementing crypto payment features.
I don't know about iOS, but at least for Android and PC, it still feels like an app in alpha that's not yet released to the public compared to how polished and feature rich WhatsApp and Telegram are.
Backups work fine on my Android phone. They consistently go to a folder and Syncthing backs them up from there.
Also no problems with it not ringing, Signal is actually the primary way that my family calls each other now and no one has experienced it not ringing when expected.
The rest I admittedly dont use or arent impacted by.
While its not perfect in all ways, I disagree with the "alpha" quality sentiment. Especially when you are comparing it to apps that dont have the same security goals or standards.
I thought it was something I did that causes it to not ring. Glad it's not just me that has the issue.
I generally agree with gp, it's not a bad app but certainly not one id ever use if I could contact someone another way. I find the lack of interpretability with my computer especially annoying. I'm constantly left feeling like a second class citizen.
Especially when it comes to seeing my history, I linked the accounts ages ago, I barely use my phone yet I'm consistently losing messages on my pc
As for the "security" I'm pretty sure it doesn't have reproducible builds, so it's basically just "trust me bro". rather trust moxie than zuck but still don't really trust either.
>Backups work fine on my Android phone. They consistently go to a folder and Syncthing backs them up from there.
I never said backups don't work, I said they're not easy to do and restore compared to other apps where it's much more seamless and hands-off. No average user knows what Syncthing is and how to set it up. People expect the messaging app to have its own backup-restore system compatible with the cloud storage provider setup in the phone's OS.
>Also no problems with it not ringing, Signal is actually the primary way that my family calls each other now and no one has experienced it not ringing when expected.
Can't concur, I've personally seen this issue across 3 different android phones form 3 different brands and there are countless people online complaining about the same issue. You were lucky.
>Especially when you are comparing it to apps that dont have the same security goals or standards.
Which security goals and standards exactly? Signal's sales pitch is that it's end-to-end encrypted, but so does WhatsApp, and until we have an independent security audit of all of Signal's code and infrastructure, the claim for "better" security goals is as valid as "trust me bro". The only thing going for it is that it's not owned by Zuck's advertising empire or owned by Russian/CCP tech magnates, and that's it, but that's a very low bar to clear.
And also, how does having "better" security goals impact the issues with picture quality the app takes or the app failing to ring when someone calls you? "Security" is not an excuse for major bugs and lack of basic features. If security is done right then it should work transparently for the bytes going down the internet pipe and not have an impact on any other features.
It takes a few clicks and entering a password to enable backups. Restore also worked fine the one time I needed it. They can go to Google Drive just fine, Syncthing is only so I have the backups going to my NAS instead.
As to ringing, it seems that the six people with six different phones (mostly Pixels, one iPhone) in my circle mean that it isn't good luck on my part...
It's end to end by default vs Telegram which is well known to be end to end maybeish if it's explicitly setup, for private chats only. WhatsApp is WhatsApp. Maybe it's a low bar, but Signal beats those others pretty easily. And refusing to use Signal over those two due to lack of a security audit is a bit absurd... All you're getting from Telegram and WhatsApp is "trust us bro" as well.
It's not an excuse. But considering it IS transparent for many users, me included.... Not everyone is having the issues you are.
This is mostly Androids fault... For me, even Whatsapp's built in camera is terrible. When you press the button to take a photo, it starts focussing, then takes a photo before the focussing is done. So every photo taken is reliably blurry. There isn't any way to take a non-blurry photo with the main (back) camera.
The main OS camera app works fine.
I think they have per-device logic for this sort of thing, and mine is an uncommon chinaphone, so presumably they haven't tuned the logic for it.
Looking at the source code, they're using the newer Camera2 API. I have no expertise in implementing said API, and a quick comparison between Signal's code and that of Open Camera suggests the Signal developers don't have a whole lot more.
It also has some questionable decisions in it like cropping to close to the screen's aspect ratio rather than using the native aspect ratio of the sensor. I never want that behavior.
If you want to be reductionist, everything is a feature. But if an app is missing something so basic as to impact usability, I might consider it a bug. It's a matter of opinion where the line is, of course.
Uncontroversial example: a calculator app that doesn't have a divide key. Technically, yes, it's a separate feature from the multiply key, but it's so basic, so expected, that its absence is a bug.
From the above list, I consider "No easy way to do and restore backups on Android and impossible to do backups on their PC client" a bug, or at least a frustrating omission by design.
More like missing basic features. I never said all are bugs, I said some are bugs and that all these things exist and work on the other alternatives like WhatsApp or Telegram
No, that's not just my criteria, but Signal's own, when they entered the market as an alternatives to WhatsApp.
If you climb in the ring with Ali, then you'd better be able to box.
And it's also the criteria of millions of other users who have not switched to Signal because of the bugs, quirks, and lack of basic features for a modern messaging app.
Just being able to send encrypted ASCII characters to someone is not enough to make a good messaging app these days.
No, they are your personal criteria. Your “gripes” as you said.
> And it's also the criteria of millions of other users who have not switched to Signal because of the bugs, quirks, and lack of basic features for a modern messaging app.
You have absolutely no knowledge that this is why people haven’t switched, indeed it’s highly unlikely that it would have been as successful as it has if this were the case. People move to Signal because they distrust Facebook and telegram.
The more logical explanation is simply network effects and inertia. Occam’s razor.
