15

Anyone else wondering?

top 50 comments
sorted by: hot top controversial new old
[-] ebc@lemmy.ca 29 points 1 year ago

Signal had something good when it could simply be your default messaging app on your phone, and it'd transparently send either encrypted messages, or plain-text SMS. Now that they've removed SMS, they've just turned into a worse Whatsapp (because nobody is on it). Network effects are important in messaging apps.

[-] mossy_capivara@midwest.social 18 points 1 year ago

Trust me I know, having my whole family try it out and then have them pull that later was a punch in the face

[-] sarsaparilyptus@discuss.online 6 points 1 year ago

Was that the punch in the face, or was it all the morons intentionally misinterpreting this argument and saying "but why would u want to send nonsecure messages are you aware SMS isn't secure it's like so insecure to send SMS bro it's not secure it's like literally a security risk bro SMS isn't secure at all and also are you aware SMS security is poor"

[-] dismalnow@kbin.social 4 points 1 year ago* (last edited 1 year ago)

Not doubting that pushy idiots are going to pushy idiot, but I think you've strawmanned the actual reason hard enough.

Most people who want it back don't need, want, or understand why secure messaging exists.

Here's the simple facts:

SMS is not secure, or private.
Signal is for secure, private comms.

As mildly inconvenient as it is, Signal explained their reasoning in great detail, and I happen to agree: There should never have been an insecure option on a secure messaging app.

[-] ebc@lemmy.ca 4 points 1 year ago

Well, I happen to disagree. I'm a privacy-conscious person, but I'm not an activist. Most of my contacts in real life (i.e the people I need a messaging app to talk to) are non-technical, and not really privacy-conscious. They're not going to install a different app just to talk to me. The big draw of TextSecure (before it became Signal) was that they could just set that as their default SMS app, and it'd magically start to send encrypted messages if the other end was also using TextSecure, and they had to change exactly 0 of their habits.

I guess it depends on how you view it:

  1. Move as many people as possible over to encrypted comms with the least friction possible, or
  2. Provide a niche secure messaging platform for niche activists with niche needs.

I thought the goal was 1, but turns out it was 2. All my contacts are now back to Facebook Messenger...

[-] poop@lemmy.blahaj.zone 2 points 1 year ago

It sounds like you're slightly mis-remembering this oft-cited Hacker News comment from Moxie from 2015. I'm going to quote the main bit here because honestly a lot of people in this thread could stand to think about it:

If we were going to rank our priorities, they would be in this order:

  1. Make mass surveillance impossible.

  2. Stop targeted attacks against crypto nerds.

It's not that we don't find #2 laudable, but optimizing for #1 takes precedence when we're making decisions.

[-] ebc@lemmy.ca 1 points 1 year ago

I wasn't actually quoting this, but yeah, I think that's the point. Supporting SMS was helping adoption by promoting a seamless transition for users. Dropping it feels like prioritizing #2 to me. (All this comment thread about opsec, compartimentalization, activism, etc is really about #2, IMO)

[-] ChaosSauce@wizanons.dev 2 points 1 year ago

Totally agree. Good opsec is all about building good habits. Having 1 app for secure and a different app for normal creates a healthy compartmentalization in the mind for ease of building and maintaining habits.

[-] dismalnow@kbin.social 2 points 1 year ago

Indeed.

It's a very basic trade that it seems few understand. You MUST trade a bit of convenience to increase your security, or mistakes will happen.

load more comments (15 replies)
[-] brill@lemmy.world 2 points 1 year ago

My family still uses it vs texting. We like the video calls as well. :)

[-] Steve@compuverse.uk 3 points 1 year ago* (last edited 1 year ago)

This always struck me as strange thinking.
Are most people really unable to understand and use different messengers with different contexts and groups?

Honestly I use a few myself. My job has Tiger Connect. I use Signal with all my family and friends. Then I use SMS for some companies automatic notifications. It's pretty simple and easy.

[-] ebc@lemmy.ca 3 points 1 year ago

Well, yes. But when all your friends are already on Facebook Messenger, good luck getting them to install Signal only to talk with you. Network effects are important; a messaging app has no use when you have nobody to message on the app. Supporting SMS was taking advantage of its network effect, and I don't think their network was big enough to be self-sustaining for most users (it wasn't in my case, my only contact in there is my wife).

load more comments (2 replies)
[-] DarkThoughts@kbin.social 2 points 1 year ago

I don't see the issue? Just use your native messenger for SMS. Why does it need to be part of Signal? It just makes things convoluted and confusing to have an unsecure messaging service inside an otherwise secure messaging app.

[-] NENathaniel@lemmy.film 2 points 1 year ago

I've just kinda made anyone I message regularly message me on Signal or Telegram. Fuck Meta 🤷

[-] comcreator@lemmy.world 10 points 1 year ago

Matrix is the federated alternative to Signal.

However it would be cool to see Signal implementing their encryption into Matrix and turning Signal into a Matrix provider, becoming a federated messanger.

[-] Molecular0079@lemmy.world 8 points 1 year ago

I believe Matrix already supports olm which is the same encryption technique used by Signal. The main issue with Signal becoming federated is that in order to make the federation work, a lot of metadata will leak and that could be a cause for concern when using Signal as a private messenger for important things like whistleblowing, etc.

load more comments (1 replies)
[-] nickavem@lemm.ee 9 points 1 year ago

Though the fediverse is good for a lot of things, security is not one of them. Maybe this will change in the future, but right now there are just too many chances for bad actors.

[-] mossy_capivara@midwest.social 2 points 1 year ago

I heard that's the case, but hey it's FOSS maybe it'll change in the future

[-] hitagi@ani.social 7 points 1 year ago

Do you mean decentralized or federated? I don't really see how Signal would work with something like ActivityPub where so much information is meant for public viewing.

There's also Matrix if you're looking for just decentralized and federated.

[-] mossy_capivara@midwest.social 2 points 1 year ago

I was thinking more in the finding contacts way since Signal only uses phone numbers

[-] hitagi@ani.social 4 points 1 year ago

Try Matrix or XMPP.

[-] jet@hackertalks.com 3 points 1 year ago

https://www.securemessagingapps.com/

Session doesn't have perfect forward secrecy. Session also depends on the oxen Blockchain not collapsing.

Session has its uses, just be aware.

[-] WhoRoger@lemmy.world 5 points 1 year ago

Maybe, but if I want to privately talk to randos from the internet, then using my phone number like with Signal is a no-go from the start. Threema is paid and only partially open source.

Session is fully decentralised and while you can think of crypto whatever, at least it gives people the incentive to run nodes, unlike Tor where the incentives are all over the place, or centralised messengers which are fully reliant on one entity.

[-] JoeKrogan@lemmy.world 2 points 1 year ago

I seen in a matrix talk on YouTube they are bringing interactive multi user vr to matrix too and it can be end to end encrypted because its built on matrix

[-] poop@lemmy.blahaj.zone 2 points 1 year ago

All of the people recommending matrix don’t understand why signal is secure. Matrix offers the same level of end to end encryption as Facebook Messenger, but it’s federated so people who care more about federation than privacy like to misrepresent its safety

[-] caboose20@kbin.social 2 points 1 year ago

I will admit I don't understand why Signal would be more secure than Matrix. I understood Signal to have E2EE just like Matrix.

load more comments (1 replies)
[-] floofloof@lemmy.ca 1 points 1 year ago

Matrix offers the same level of end to end encryption as Facebook Messenger

Can you please explain that in a bit more detail, for those of us who use these systems but aren't up on the architecture?

[-] poop@lemmy.blahaj.zone 2 points 1 year ago

Facebook Messenger offers optional end to end encryption just like Matrix. Just like Matrix, the server knows who you're talking to, what groups your in, who else is in those groups, how many messages you sent to which group, who's messages you react to, etc. But the actual text of the message is technically encrypted so Facebook can't respond to subpoenas for your messages. I use Facebook Messenger as an example because Facebook is (correctly) generally considered not private or safe.

[-] dismalnow@kbin.social 2 points 1 year ago

Appreciate the heads up on session.

[-] mossy_capivara@midwest.social 1 points 1 year ago* (last edited 1 year ago)

Given everyone's advice, I'll look into matrix

load more comments
view more: next ›
this post was submitted on 21 Jul 2023
15 points (74.2% liked)

Fediverse

28252 readers
477 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 1 year ago
MODERATORS