The Signal Server repository hasn’t been updated since April 2020. There are a bunch of links about this here but I found this thread the most interesting.
To me, this is unforgivable behaviour. Signal always positioned themselves as “open source”, and the Server itself is under the best license for server software (AGPLv3 – which raises questions about the legality of this situation).
Signal’s whole approach to open source has constantly been underwhelming to say the least. Their budget-Apple attitude (secrecy, i.e. “we can never engage the community directly”, “we will never merge/accept PRs”, etc) has lead to its logical conclusion here, I guess. I have been somewhat of a “Signal apologist” thus far (I almost always defend them & I think a lot of criticism they get it very unfair) but yeah I’m over Signal now.
Another big problem with Signal is the fact that it’s centralized with the server being located in US. Even if the protocol itself is secure with the server not having access user data, this presents a huge risk since US government can simply force Signal to shut down the service at any time. The server can also potentially collect metadata about the users providing US security agencies with user connection graphs.
I think that Matrix approach is much more sound, and would always recommend it over Signal.
I wrote about both issues, and why Matrix isn’t a perfect solution, previously: part 1, part 2. Starring WhatsApp, Firefox, Signal, XMPP, Email, and Matrix.
Also discussed on Lemmy: part 1, part 2.
Signal’s problem is being a closed platform; Matrix suffers primarily from complexity. Both enable dependence on a single small group, and therefore enable user domestication. That being said, Matrix is considerably less bad than Signal.
For large public rooms, IRC continues to be the best option. All its issues are client-side; IRCv3 supports history, multiple devices, authentication without NickServ, and even typing notifications. All these features are supported on Oragono. For small, private E2EE rooms, all existing solutions have major trade-offs.
yeah completely agree with all that
All these discussions tend to ignore Wire. It is similar to Signal but has none of these drawbacks and even some extra good features.
Wire was mentioned in this thread. It transferred ownership (which in itself was shady) and its new owners are shady too.
What do you mean about its new owners?
deleted by creator
Same, /r/privacy and /r/privacytoolsio are so completely watered down that I’ve even seen a lot of pro-microsoft / vscode apologia there. The red flags with signal have been there for years, but they choose to ignore it.
vscode is a meh software. Vscodium on the other hand…
I feel like lots of “privacy-oriented” mainstream tech discourse is a psyop designed to direct people to honeypots or even just inferior solutions.
Removed by mod
Never underestimate how many people are paid to influence product reviews, social media, message boards and so on.
Pro US all the way down. It’s why all the reddit “privacy” subs praise microsoft, apple, signal, etc.
Off-topic, but the US-centrism is what put me off reddit entirely. I just can’t go there anymore because it makes me immediately feel like a foreigner in another country. I sometimes wish there was an internet-wide filter for anything US.
Unfortunately, you will also find it here, but it manifests to a lesser degree.
Same.
They ignore Mozilla’s nonsense too. All though I don’t remember seeing any pro-Microsoft apologia on r/privacytoolsio, any time someone suggested a Microsoft product as an alternative it was shot down saying Microsoft isn’t any better.
We had huge discussions about it here on lemmy.ml a few weeks back. In the end I think the main problem with Signal is that (while surely better than WhatsApp) it does not fundamentally change anything about the dependency on a walled garden with servers and developers based in the US. No amount of Signal apologizing can change that, and we should really strive for something better than such a gradual improvement at best.
deleted by creator
Removed by mod
Fluffychat
Hydrogen, while not stable yet, will hopefully be much more useable over slower networks including Tor: https://github.com/vector-im/hydrogen-web
Ohhhh. Seems better than other ones.
Removed by mod
What about Tox?
I had high hopes on Tox, but now a days I no longer do. Its security status hadn’t change for a while: https://github.com/TokTok/c-toxcore See there:
This is an experimental cryptographic network library. It has not been formally audited by an independent third party that specializes in cryptography or cryptanalysis. Use this library at your own risk.
The underlying crypto library NaCl provides reliable encryption, but the security model has not yet been fully specified. See issue 210 for a discussion on developing a threat model. See other issues for known weaknesses (e.g. issue 426 describes what can happen if your secret key is stolen)
And the 2 issues highlighted there are scary:
https://github.com/TokTok/c-toxcore/issues/210
https://github.com/TokTok/c-toxcore/issues/426
To me experimental, as highlighted in the github repo, is not enough, as mentioned in the 2nd issue.
I really had high hopes on Tox, given its peer-to-peer distributed nature (much better to me than just decentralized by self hosting or so) but I don’t see it improving unfortunately…
Briar is similar, but a 3rd party is just adding support for desktops, and as well as Tox, and I’d guess as any peer-to-peer distributed messaging mechanism, it’s really battery hungry, and phones don’t survive even half a day with them active. I don’t like Briar’s reliance on Tor btw: https://briarproject.org/how-it-works
And on such peer-to-peer distributed systems, it seems really hard to get multi-devices support or syncing. But I’d guess there’s no other choice for some people other than Briar. I’m still looking for a distributed peer-to-peer messenger, not consuming the whole battery at least in a day, and that somehow, through mechanisms like the one keybase uses, allow some sync between devices… But the most important thing of course is battery life… Hopefully supporting as well voice/video calls, and some other common stuff to avoid needing other meesengers to support them…
qTox is just a desktop client. The Tox protocol implemented by c-toxcore is the one with security issues. BTW, part of the issue is precisely that the Tox protocol is not an e2ee one, and in one of the issues referred the axolotl protocol is shown as an example… So, no matter the client, the Tox protocol is lagging behind in terms of security.
Oh, I hope it improves. Personally I want my IM client to send and receive e2ee text. Rest should be handled by other programs.
Tox has a terrible security track record. At the same time, developers are still making wild claims that Tox can protect your from nation-state sponsored attacks:
Whether it’s corporations or governments, digital surveillance today is widespread. Tox is easy-to-use software that connects you with friends and family without anyone else listening in.
This is not a code problem.
Let’s be honest, Signal was never an option.
Rather than being free software, signal is more like museum software, you can see, but you cannot touch.
A few years ago (2017?) I decided I would move messenger apps. The aim (and what I’ve achieved) was all my messaging going through a secure, private app.
Signal was never an option.
In 2017, Signal really was the only option. Element (Riot, back then) was really bad and didn’t feature e2ee (which only got enabled by default last year!). XMPP was and remains difficult to use (not even many people here use it, how could I expect “normal people” to use it?)
I made the choice to use Signal, and I don’t regret it. I only regret that it has taken until now that we are starting to see a glimmer of a real competitor, in the form of Matrix. But a really competitor to Whatsapp and the like, back in 2017, just didn’t exist outside of Signal.
I don’t quite get why you think XMPP is harder to use than Matrix. The only way this seems true is if you use the main matrix.org instance and then you are pretty much back at a centralized service based in a five eyes country (UK).
It’s not about instances, they’re pretty much equal in that regard. There are two main issues with XMPP:
- Clients. There is no “default” or “reference” client for XMPP, whereas there is a cross-platform one for Matrix (in the form of Element). This has several implications, but the most important is that for the non-technically aware (which is the vast majority of people I talk to), it is easier and reassuring to use “the” Matrix client. The more important implication to me is on e2ee. Conversations started in Element now enable e2ee by default. In contrast, every XMPP client I’ve tried (on Linux & iOS) does not.
- Message history. Matrix and XMPP differ a lot here, and it’s why the Matrix homeservers are much more resource hungry than XMPP servers. When I use Matrix, I get message history on each device. This is a critical feature for those I want to move from Whatsapp and the like. This is not the case with XMPP.
I disagree on the default client idea, especially if it is such a badly done web-based one as element/riot. In the end clients are always platform specific, and there are easy to find “best” XMPP clients for each platform. At most it is a branding/marketing problem (see Snikket.org for that).
As for the other two points: that is both false and outdated. e2ee has been supported and the default in XMPP for longer than in Matrix and message history (as much as the e2ee double ratchet algorithm used both in OMEMO and OLM permits) is working perfectly in XMPP across clients if the server has MAM enabled (pretty much all have).
You say you disagree with the default clients idea, but why?
At most it is a branding/marketing problem
I don’t know why you’re so dismissive of this issue. I feel like you’re framing me as if I’m anti-XMPP when that isn’t the case; on the contrary I use XMPP and am a Prosody server admin. The reality of the situation though, like I’ve said above, is that next to nobody uses XMPP, even in tech communities. At this point “branding/marketing” could end up being the be-all and end-all of the entire protocol.
As for the other two points: that is both false and outdated.
You’ve misinterpreted my comment. I am very well aware XMPP has and has had e2ee support, the issue is that XMPP clients never have this switched on by default, in my experience (which was testing every XMPP iOS client there is, the platform most my friends use).
The situation on iOS for XMPP is uniquely bad (but actually Siskin and Monal are improving a lot lately). It simply is unfair to look at only one tiny and for most people irrelevant (and uniquely bad) platform and extrapolate from that. On all other platforms XMPP works great and most clients have e2ee enabled by default for 1:1 chats (where it makes the most sense).
As for the other topic, sorry I didn’t want to sound so confrontational, but the same argument comes up all the time inside and outside of the XMPP ecosystem and I think it is simply false. There are other problems why XMPP isn’t adopted. Network adoption is driven by network effects. People invite other people to the network and when doing that they typically also recommend a client (& server). The case of a lone person looking for a new messaging system without any network is the rare exception and one that only comes up in the bubble where this discussion usually takes place.
Removed by mod
Wire was pretty good, true. I used it a bit, but chose Signal because Wire (similarly to Matrix, for now) doesn’t encrypt any/most metadata, whereas Signal encrypts everything and always has.
And like you said, it’s since been sold to an advertising company. Not sure if that’d even be possible with Signal since it’s owned by a non-profit (admittedly not always the case, I guess it could have been possible when they were still OWS).
In both cases, their centralised nature means changing ownership can be devastating (like in the case of Wire). This is why I believe Matrix is the future. Its community is much healthier and active in the development of the ecosystem (3rd party clients, bridges, they actually accept PRs, etc…)
Removed by mod
FluffyChat is a decent alternative client (with E2EE support). If you don’t need e2ee there’s actually a healthy number of clients, and some of them do seem to have it on their roadmap
Point taken on server implementations though
Removed by mod
I have a lot of thoughts about this but don’t really have the time to reply.
All I’ll say is that I hope you’re following Element’s progress with Dendrite closely. I host my own Dendrite server and it is much more reasonable in terms of resource usage versus Synapse, and it hasn’t even had any resource optimisation features implemented yet.
While Dendrite is better in many ways, AFAIK it does not solve the fundamental architectural problem of immutable and permanent history room metadata. As a result of that, database storage use is growing indefinitely (easily into the hundreds of gigabytes) and there is no real solution to that anywhere in sight. In addition I think it also is a massive privacy issue, as this immutable and permanent history room state data is synchronized across any server that has a member joining a chat. Yes I am aware that this is a “feature” of matrix, but IMHO a really bad one and resilient federated rooms can also be implemented in different, less over-engineered ways.
massive privacy issue, as this immutable and permanent history room state data is synchronized across any server that has a member joining
This is terrible.
Matrix evolved evolved in a very messy way, starting without encryption and hacking it in later on, and now it’s even trying to become P2P. I expect more serious privacy-breaching “features” to come out over time.
Removed by mod
Removed by mod
Element the client is garbage, I was talking about Element the organisation formally known as New Vector, who develop and maintain the Dendrite homeserver
That pretty much sums it up. Matrix isn’t bad, but basically over-hyped and reinvents the wheel for most stuff.
As for sealed-sender in Signal: That is in theory a good idea (and should be implemented in XMPP at some point), but in a walled garden with a single server it is snake-oil as the central server can still easily correlate sender based on other metadata.
Not only sold, I used to report bugs to Wire by e-mail and GitHub before of the change.
One day, they just sent me an automated message in which they said they would not going to provide support to the personal edition at all during a time because of the lack of staff while providing support to the business edition.
It passed more than a year and was maintained, I don’t know today but I expect the same.
Edited: I don’t know why I put Signal instead of Wire jajajajajajajaja.
Wire looked nice, but I stopped using it after they persistently dragged their feet on federation.
Once something with federation gains popularity, the discussion may be over, as we won’t have to talk about jumping ship every year. I’m not sure it’s doable yet, but I’m sure that once it takes hold it’ll last, just like email.
This. I sounded the alarm on signal a few months ago: https://lemmy.ml/post/47340
edit: i didn’t mean to say that this post is unimportant, rather that this course of events for signal was somewhat predictable and i’m not terribly surprised that this happened…
Then you should have used this https://en.meming.world/wiki/File:Surprised_Pikachu.jpg (yes, I’m fun at parties)
Signal is the easiest alternative to WhatsApp for now. But we need to be moving to something like Jami.
Try Conversations or Element
Conversations
I like those too, still mostly centralized at the moment though…and no one I know uses them
Why not Jami? (Rather than like Jami?)
Oh, I like Jami, but no one I know uses it
I warned you guys about this: https://lemmy.ml/post/47340
Removed by mod
I have always had my doubts about how open and transparent signal is to its community, I so far have resisted the urge to join signal because of how adamant they are to creating yet another walled garden around their platform.
They have times and times again shown their disdain to interacting with their user base (unlike other open source platforms) and answering valid questions and concerns from their community. and them keeping secrecy about what is being worked behind the scenes and their very vague and evasive answers about future features.
To me signal’s attitude is more inline with silicon valley venture startups than with a non-profit who listens to its user base concerns and needs. though they are working hard on switching more whatsapp users and keep growing.
They ignored the most asked feature for years which is the ability to sign-up without the need of a phone number. while they kept rolling meaningless features to privacy like reactions, stickers, backgrounds, group chats… and kept answering that usernames are coming, but didn’t give any details to how that would be implemented.
Hopefully Berty if released could become a viable solution. as to me right now signal isn’t more than a whatsapp clone if they don’t give up reliance on phone numbersPeople seem to float https://getsession.org as an alternative. Are there any details on who’s actually behind that? Personally, I really hope p2p solutions like https://jami.net get better soon.
I won’t promote Session again because of this point:
Convenience again instead of doing something which is in their hand. They are just sold.
Better Jami.
Jami is great, at least from an intention standpoint. It’s backed by the freedom-fanatic FSF so it’s probably impossible they would even consider using proprietary dependencies
session is recently released on fdroid but you need to add their repository… https://fdroid.getsession.org/fdroid/repo?fingerprint=DB0E5297EB65CC22D6BD93C869943BDCFCB6A07DC69A48A0DD8C7BA698EC04E6
Then is not in “F-Droid” (main repo) itself which is what I meant. The repo was mentioned in the thread as is the way to not cleaning the code but allow people using F-Droid client to install it easily.
jami looks nice
Jami does look nice but personally I really like having partial sync. So that only recent data is on my mobile device and the majority of the data can be saved somewhere with more storage available. I think this could be added to Jami by adding per-device automatic deletion of old data and having one device serving as an archive (with the ability to resend messages to other devices if they scroll back or search) but this would be a huge feature and doesn’t really match the current architecture IIUC.
You could have a private server interacting with the Jami network, and connect all your devices to that server
I have tried Jami about more than a year ago, It has its promise. but they need to work on resolving many connectivity issues. I might go back to checking it later.
I find it sad that this app isn’t more advertised and talked about in privacy and security circle it definitely deserves more light. but hey we always flock t champion the winner.
as for session, I don’t like the direction the devs are taking, as they are switching to using Loki net instead of tor. and they will be tying the app more and more with their blockchain and cryptocurrency. this is enough for me to stay clear as I can’t trust projects developed on money insentivesLast time I looked into Session, my conclusion was that its background was shady enough that I’d never use it.
p2p solutions would be great. The team at Matrix have demonstrated p2p over Matrix (using the Dendrite homeserver) so hopefully that also becomes more accessible at some point.
deleted by creator
I recommend Delta Chat, it doesn’t needs to create an account since it is just an email client with a chat interface, it is not a replacement for your fancy chat app but for your email app, everyone have email, so will need an email app anyway, it makes email easy to use and encrypted out of the box without your friends having to know what encryption means.
I like XMPP but UI/UX is really poor, it is surprising that this email client has a much better UI/UX than Conversations, it has swipe to reply, etc. I found Conversations ridiculously “hard” to use, blabber.im improves a lot of small details that have an impact in the users every day workflow
Delta Chat does look really cool. Like you said, it’s client (testing on iOS) is nice. It’s a shame their desktop app is Electron though.
I have tried it and it is fast, but I would also like to avoid Electron, I think they are considering to replace Electron in the future
Well, fast on your computer. I have got continued freezes with its desktop version. I hope it changes Electron by something native.
It is great on mobile.
when was that? I used to have freezes in the past but recent versions (prereleases, not stable releases) are faster
Let’s wait the next stable release then but the freezes are not because of the core at all but because of Electron. Because of the core (or something in the “backend” side).
I have experienced it with other Electron apps too in a similar situation by the way it freezes, how did render the interface at all, how responsive it is, etc and comparing reports with other people both IRL and GitHub (Wire, Signal, etc).
I’ve been recommending Session over signal for a while. It does what’s signal is supposed to do, and more, with even more anonymity
https://getsession.org/assets/videos/this-is-session/720p.mp4
Strong glowie vibes from this video.
I never used Signal. I use P2P apps instead. I wonder why people still use centralized messengers. Theres a lot of P2P messengers available. Theres a few here
Because centralized messengers
- Have better UX than federated ones
- Are more reliable than P2P ones (less battery usage, messages can be sent without the need for both clients to be online at the same time)
- Have been audited by third parties
- Leak less metadata
Edit: Here are a few examples of what metadata Signal protects that Matrix doesn’t:
- Signal has implemented a sealed sender feature, which means that they can’t know anything but the IPs (which can be easily hidden from them via a VPN) of who’s talking to who.
- The Signal client only sends group metadata encrypted , while it seems that Matrix stores it in clear in the server database
Have better UX than federated ones
This is definitely currently the case, and could be factual but I think the fundamental difference is minuscule. People are currently using QR codes or phone numbers to find each other (both supported my Matrix) and regularly use emails. You can probably argue that the @domain.example suffix to IDs is a hurdle to UX but I think it is incredibly minor.
So I hold out hope that UX of decentralized messengers will approach or surpass the centralized ones.
Are more reliable than P2P ones - less battery usage
Maybe for “pure-P2P” but for services that still use servers this isn’t the case. (Like Matrix, and IIUC there are XMPP extensions for using external push services that put battery usage on par with any of the centralized ones)
Are more reliable than P2P ones - messages can be sent without the need for both clients to be online at the same time)
This is also only a concern for “pure-P2P” services. Furthermore many pure-P2P services have solutions to this via distributed buffers and logs. In fact for optimal privacy you don’t want to directly connect to the recipient anyways.
Have been audited by third parties
Some of them. However some open-source ones have also be audited and have research done on them. I would love to see enough funding for some of the open-source messengers to get official audits.
Leak less metadata
citation needed. To be fair signal is very good in this regard. However there are better decentralized options and worse centralized options. I don’t think this claim can be applied to centralized or decentralized messengers in general.
I do agree with most of what you said here but here are a few things:
What I call centralized/federated are things like XMPP/Matrix, which require servers to function but are interoperable. What I call P2P are apps that don’t need any servers (beside a few bootstrap nodes) to function like Tox. As you said, when it comes to battery, Matrix/XMPP work fine with push notifications, and users don’t need their phones to be on all the time.
A lot of UX could be improved in Element, that is completely separate from the fact that it is federated. I have never used XMPP though. The #1 problem is that apps for federated services will always have to present you a screen “what instance are you using ?”, and ask you to do your own research to find a decent one, whereas centralised services can just create your account on the fly.
Some of them. However some open-source ones have also be audited and have research done on them. I would love to see enough funding for some of the open-source messengers to get official audits.
Can you share some sources for that? Last time I checked I failed to find any info on Matrix passing (or not) third party audits. If you have something about another decentralised protocol with audited implementations I’d be happy to have it.
citation needed
That’s fair, I was just lazy in my first post. I don’t think it’s impossible to develop a federated protocol that leaks very little metadata like Signal, but it would be a pain to get different clients/server version to handle it correctly. One aspect is also that with whatever metadata still leaks, you will have to trust two servers (receiving and sending) instead of just one.
Here are a few examples of what metadata Signal protects that Matrix doesn’t:
- Signal has implemented a sealed sender feature, which means that they can’t know anything but the IPs (which can be easily hidden from them via a VPN) of who’s talking to who.
- The Signal client only sends group metadata encrypted , while it seems that Matrix stores it in clear in the server database
decentralised protocol with audited implementations
There haven’t been many, funding for it would be great. But at least some XMPP OTR implementations have been audited: https://www.eff.org/pages/secure-messaging-scorecard. But this isn’t really different between centralized and decentralized, it is just individual. (And usually connected to how much money they have)
a few examples of what metadata Signal protects that Matrix doesn’t
For sure. As I said Signal is a very good protocol. But not because it is centralized, just because it was designed to be very privacy friendly.
Also for what it is worth a lot of that group metadata can be undone because they have some idea who is sending and receiving the messages along with timing. Of course it is still better that they have the sealed sender and encrypted group data but it definitely isn’t perfect.
And yes, Matrix does intentionally leave more of that in the open. Everything is tradeoffs.
Oh ya “conveniency” again ! 😂😂😂
For 99% of the people that use messaging services, convenience is the number 1 priority.
Then you must teach them ethics. If you see that, it is in your hand try it, so it is a moral obligation.
Ya which is stupid
I hate that they downvoted you for pointing out facts. Convenience is slavery, more you prefer it the lazier you become.
The metadata part is kinda valid, no?
Leak less metadata
citation needed. On the contrary, any network observer can perform a timing attack by correlating messages being exchanged to/from clients and servers. Having centralized servers only makes it easier.
Briar, on the other hand, is P2P and uses Tor as transport network making such attack way more difficult.
I edited the comment with citation.
Briar suffers from the problems I mentioned about P2P requiring more battery and not being able to use push notifications. It also has the works UX of the lot, since you can’t even begin communicating with someone without being in having a way to get them a cryptographic identifier/QR code. No way anyone but the most tech savvy will ever use it. Also, it’s still not available on IOs.
To protect users metadata including the type of application, protocol, and timing push notifications cannot be used. Equally, direct connections to centralized servers are not suitable. That’s a reason for Briar to use Tor.
The thread is about centralized vs decentralized. Availability on OSes, polished UIs and so on are besides the point.
The thread is about centralized vs decentralized. Availability on OSes, polished UIs and so on are besides the point.
Yes, your are obviously right. Who cares about the end user? /s
+1 i got all my friends on matrix anyways now.
The thing is, I first thought that it was not updated frequently simply because the server side of Signal is really simple (it’s only role is to forward messages after all), so the code was very rarely touched.
However there seems to be people that have tried to run their own infrastructure that are not able to get some features to work.
Would it be even legal for them to run an updated version of the server without releasing it as FLOSS given the AGPL license?
The legality of this is unclear. If their silence on this topic isn’t because they’re trying to do their best Apple role-play (which is most likely, imo), the cynic in me says it’s because they acknowledge they should publish the source ASAP in compliance with the AGPLv3.
If you are the sole owner of the copyright of some software you can do whatever you want with it. The license applies to others, not yourself.
Not well versed in this, so this may be inaccurate, but the other issue is that the Server relies on and uses other AGPLv3 software (e.g. storage-service), so if they want to use the latest versions of each they also have to release all the latest changes to the server under AGPLv3 (which is why Google avoid AGPL like the plague).
This is not true. That library appears to be entirely developed by Signal: https://github.com/signalapp/storage-service/graphs/contributors and if that’s the case they don’t have to follow any of the AGPL requirements because they own the copyright on it.
do you have any links/more info about the people who had issues running their own infrastructure? ive been following Signal development pretty closely and all features im aware of make sense that they would not require a server code change. I’d love to see any actual technical details over the hysteria in this thread.
This thread linked by OP contains someone talking about attachment not working. I wasn’t able to find where I remember reading about someone not being able to make reactions work.
It actually seems like they have already been criticised in the past for being slow to release the server side code: https://community.signalusers.org/t/where-is-new-signal-server-code-why-not-share-signal/15068/2
not trying to be rude, but uh, no shit? I think it’s malicious of them to say that they’re end to end open source to be honest.
