Hacker News new | past | comments | ask | show | jobs | submit login

If we were going to rank our priorities, they would be in this order:

1) Make mass surveillance impossible.

2) Stop targeted attacks against crypto nerds.

It's not that we don't find #2 laudable, but optimizing for #1 takes precedence when we're making decisions.

If you don't want to use your phone number, don't use it. You can register with any GV, Twilio, Voicepulse, or other throwaway VoIP number.

If you don't want to run Chrome, use Chromium instead.

If you don't want to use Google Play Services, use GcmCore.

The world you want this software for is not the world that everyone else lives in. You can certainly make it work in that world with a little effort, but because of how we've prioritized our objectives, that's not the default experience.




Thank you for your reply. I really appreciate it. As I stated earlier, I feel bad about 'expecting more' here - I certainly see the appeal of a popular ~decent~ option. Without trying to derail this further, let me look at those points:

If I use throwaway numbers: What happens if I lose access? Do I _need_ the number for anything in the future (say, device died)? Can someone else mess with me if they get access to this number, if the number gets reassigned? Searching for this kind of information is hard, because 'Signal' isn't exactly a word that search engines understand in context.

Chromium and Chrome are the same thing for me: A browser I don't care for and only install on a dev machine for some tests. I wouldn't install either on my personal rig, ignoring the suffixes. And certainly not for an 'app'. It's both 'Not liking Google' and 'No general web browser to run an IM client'. The latter isn't solved by Chromium.

As far as I'm aware there are no Google Play Services for FxOS (looking at this Flame right here) and I expect that there's no easy solution for SailfishOS either.

I understand that I'm not the target audience. Please believe me when I say that I don't feel that I can (as in, it suits me/feels okay to do so) use Signal right now. I'm writing these messages here not to hit on your work, but to express that there is an audience with other preferences/goals. It's Christmas soon, after all - consider this my public, unrealistic, idealistic wishlist.

(Edit: And I apologize that my critical comment ranks rather high right now. I might believe that I'm not completely bonkers and there are other people that feel the same way, but it still sucks to see this kind of feedback on an announcement post)


That's a pretty big holiday wishlist. =)

This is the world we live in: people do most of their communication on mobile devices running iOS or Android, use Chrome on the desktop, and expect contact discovery to be automatic in their social apps. The browser has won the desktop, iOS and Android have won mobile, and the velocity of the ecosystem is unlikely to make "distributed" communication mechanisms possible for some time.

We're trying to make mass surveillance impossible within this world of ours. We want to produce technology that is privacy preserving but feels just like everything else people already use, not somehow convince everyone to fundamentally change their workflow and their expectations.

It'd be sweet if we lived in an alternate reality where everyone ran SailfishOS or something (and maybe this year will be the year of Linux on the desktop!), but we can't just pretend that's already the case.


If we ever meet I'll buy you a beer for the year of the Linux desktop line.

But honestly: I understand mobile support for iOS/Android only. I don't understand Chrome as a platform (FF isn't dead. And the biggest reason for that is that I fail to understand why that client needs to be 'web based' and then again not. A web app in a silo)

Mobile numbers.. Why? I mean, if 90% of the population WANT mum to see that they use a service and when they're online (or whatever metadata you want to exchange for contacts), just because they happen to know the phone number: Fine. But why isn't it possible to sign up, hit a box that says 'no phone number associated' and .. add contacts manually? I don't want the 99.999% to change, to make it harder for them. I just wish that Christmas brings an option that lets me opt-out of that. Chat contacts don't need my phone number. People that know my phone number are not chat contacts.

I'll get back pretending that Linux has won and will try to surf the web in FxOS for 30min just .. to prove you wrong. :)


This is my question exactly. What features does Chrome have that are worth making the app completely incompatible with other browsers? Why is it not just a "Web app" and it's a "Chrome app" instead?


Similar to Firefox extensions, Chrome has "apps" and "extensions". Both are locally-saved packages of locally-run JS/HTML/CSS, differing in what capabilities they have w.r.t. chrome api access.


So... I think the question still stands.


Perhaps Signal just isn't for you. No one who I've introduced signal to has ever had a problem with it. Now if you add a randomly generated 128 bit account identifier, then people WILL have problems with it. Not with you, but with your mum/grandma.

I really think Signal might not be for you. Signal is not about building the most secure or private system, it's about building the first mass-market encrypted that that's Good Enough. Signal is a infinite percent improvement over plaintext/https. It's not supposed to be as good as OTR.


Non-technical people I've introduced to Signal on iOS stop at the "upload your contacts" stage and go "I don't want this random little company to have access to my contacts". These are non-technical people who understand the importance of keeping their contact list private, and there are a lot of them.

Making it a de facto requirement that users on your network be personally identified via a phone number ("get a burner number"? really?) and that you have a copy of their contact list and phone calls, all within US jurisdiction, means mass metadata surveillance a single judicial order away (as it is now with the telecoms).

Unlike POTS, Signal prevents phone taps, yes, but it does not hide your social network, and so does little to provide you with the ability to associate with someone anonymously.


> These are non-technical people who understand the importance of keeping their contact list private

Do you take this opportunity to point out to them that they do away with this privacy every time they install whatsapp / fb messenger / hangouts / skype / practically anything that asks for contacts permissions?


The last person I'm recalling this conversation with actually blocks Whatsapp / Facebook from getting her contact list, but trusts Microsoft and Google. I'm not sure how representative that is, but I wouldn't be surprised if people trust big companies with big brands over relatively no-name startups in this regard.


See, that identifier might be an option. Or .. it might not be necessary. If that identifier would be the core 'me' on Signal, why wouldn't you be able to add me by phone number - if I gave Signal one to share/associate with? Mum and Grandma would see no change. People like me could run around without a phone number.

It's not as if that hasn't been done. twitter.com/darklajid is me (not worth checking it out). See? A name, tied to an identity. Same here. I used to have a FB account and even _there_ you can have a profile name that is unique and shareable. I really think you conflate things here: I DO NOT want to make life harder for mum/granny/the average WhatsApp fan. If you love that random people show up in your roster because you store their number (or vice versa: You show up on your Ex's roster because she didn't delete you yet) that's fine. And could continue to work like that.

I really have a hard time understanding why it isn't impossible to opt out. If I have a key, registered with Signal - why would I need a number on top? _Especially_ given that there's no federation to speak of, so I assume they don't need to 'shard' base on the identifier. foo@example.com -> talk to example.com? That's not happening here. And I don't see why/how they'd shard on numbers? +49 -> route to a German server?

Why is a phone number (and all the things that come with it: Discoverability for example) a requirement? You didn't answer that.

Yes, Signal might not be for me. I'm reasonably sure that I mentioned that before in this thread ;-)


If that identifier was linked to my Keybase.io account, that would be really cool. Or linked to Namecoin. Using methods like that to find my contacts would be great.


> Not with you, but with your mum/grandma.

Hey, please consider finding a better way to say "the average person" than calling out women and old people as being groups you think of as non-technical. Thanks!


It's a bit of a slippery slope argument. Things are hard. Let's compromise to make them usable.

That said there's a lot of potential as the crypto libraries are known to be top notch and reviewed. I hope they progressively address these issues.


If Signal's not good enough for us, what is?! I want to know...


> FF isn't dead

From http://www.computerworld.com/article/2893514/an-incredibly-s...:

> In the last 12 months, Firefox's user share -- an estimate of the portion of all those who reach the Internet via a desktop browser -- has plummeted by 34%. Since Firefox crested at 25.1% in April 2010, Firefox has lost 13.5 percentage points, or 54% of its peak share.

I love Firefox, but having used FxOS and mobile versions of Mobile Firefox, the Mozilla Foundations new products feel like the Netscape 6 / Mozilla Browser Firefox was created to replace, rather than the lightweight, user focused alternative.


Chrome is not any better at all. Speedwise they're about the same, but Chrome has better separation between tabs. However it allocates ram like there is an infinite supply of it, and it absolutely kills the battery on my computer. This is with the same extensions installed in both browsers, uBlock Origin, Privacy Badger, No Script, Last Pass, and Wunderlist.


They are not at all the same. I love Firefox too, but had to change to Chrome because of JS engine speed alone.


> I understand mobile support for iOS/Android only. I don't understand Chrome as a platform

> Mobile numbers.. Why?

Pidgin + OTR works on Linux, and doesn't relate to mobile numbers or Chrome at all. This might be a better fit for you.


I'm aware of that. I used to run an xmpp server and recently switched to Telegram for inter-family conversations (wife, brother, intimate friends) because the xmpp UX story is unfortunately not perfect (you need message carbons, you need stream management and you probably want MAM to have a usable system that can be used on mobiles as well).


This is great news! Such a big fan of the work you guys are doing at Whisper Systems. We are in the middle of an update to Umbrella App (which contains lessons on digital and physical), so will add the latest Signal changes to it in the next few days.

If anyone is interested in taking a look (free, open source, code reviewed, Android) please feel free: https://play.google.com/store/apps/details?id=org.secfirst.u...


The problem of course being that those users that use the closed source Google browser and iOS won't care much about what Signal is offering either. They're already using Hangouts, iMessage and Signal is pretty much a downgrade from those.


Millions disagree.


nope!


I don't really know anybody who uses "Chrome apps", technical or non-technical. I agree that was an odd choice, and will probably exclude a lot of people.

It's also odd to me that privacy advocates would push people to Google's ecosystem.

I hope one day there will be Windows and Mac apps. And that instead of phone numbers, we can use email addresses.


First, congratulations on shipping. Usable E2E encryption is something I care deeply about and Signal is the best Ive ever used. Completely agree fighting mass surveillance for avg users is highest priority.

What do you mean by "the velocity of the ecosystem is unlikely to make distributed communication mechanisms possible for some time"?


Ecosystem - tools and services with network effects, like Google Cloud Messaging.

Lots of phone carriers whitelist that server of theirs to allow it to wake up phone unprompted from idle while typically only allowing phone-initiated connection to stay active, and they also tend to block most incoming connections once the phone has been inactive for a while.

While it isn't technically hard to make something distributed, to also make it work well can be troublesome...

Yet another reason I want home servers to become common, as your phone could automatically request that your carrier whitelist your chosen trusted nodes such as your home server.


"most people" in "the world we live in" are completely hopeless. You won't get to them until you sink completely to the level of the services you are trying to replace. So you won't help people who can be helped because you're trying so hard to get to the people who just can't be.

By the way - the biggest problem with textsecure^Wsignal right now is the lack of encrypted export and import of the private key. Forget the issue about message history, the freaking private key is the most important thing. All the dumb users you may manage to reach with your current integrations and conveniences are just accepting a changed key for their contacts at any time, and now also smart and diligent people are doing the same thing because you can't keep private key continuity unless you root your android phone and use a root backup app. It's a basic core failing.


I would argue that the removal of SMS encryption is a worse failing. Accepting all key changes without question renders you vulnerable to active attacks, but you remain safe from mere passive collection (the most common case). On the other hand, whatever Whisper Systems would have you believe, people really do still use SMS. A lot.

I will never convince my friends to use an internet-based messenger - I might as well try and get them to use Pidgin+OTR if that's the ball game. I have, however, switched a few of them over to SMSSecure, the SMS-only TextSecure fork, which is a perfectly serviceable SMS client.


Why do your friends care about the underlying transport?

I too think SMS transport should have been maintained, but I believe it only really matters when you're stuck without mobile data access (for example, when I was on a cruise ship earlier this year I had roaming SMS/voice but not data).

As long as you _do_ have mobile data access at both ends, then a message to another TextSecure user will be sent encrypted over the data connection; and a message to a non-TextSecure user wouldn't have been encrypted anyhow.


I am farting in a thunderstorm, since this argument has been had a million times. Nevertheless, i will explain why i personally worry about the transport. Perhaps the other commenter has different reasons, i don't know.

I currently pay €2 per month for my mobile bill. That is very little money. Notably, that includes no internet/data, but it does include unlimited text messages. Can you see why SMSSecure is something i would want?


Because most people I know keep their data switched off most of the time, which will always be the case as long as apps are abusive about phoning home.


I like the fact that Signal makes good cryptography available to the masses. But I also share the OP concern about Chromium (and about a central server, but this is technically much harder to fix).

Perhaps it would be possible to have a simple CLI app that is free from these dependencies (which should also be quite simple to develop).


some signal cli clients were discussed on the mailing list yesterday: https://lists.riseup.net/www/arc/whispersystems/2015-12/msg0...


Sounds very interesting, thanks.


Yes because the GUI is the hardest part of p2p networking.


The main thing I have against webapps is that from a technological point of view they aren't meant for the use we go today. Obviously the privacy thing is another big issue, but this leads me to point 2; I can protect my privacy: I just need to switch off my router, throw away my phone and say good bye to the grid, but that is the 2015 way of being an heremit and honestly, is something I don't want. So I came up with this solution: carefully try to not divulge sensible data and, if I need to, split that over many possible unrelated services.

We're not going to win, but at least I try to defend myself


Please make it possible to use public keys as identifiers somehow, maybe linked via for example keybase.io to provide simplicity in lookups and tracking usernames.

It would also be much easier to allow federation with that mechanism, as your keybase.io account even could point to your chosen server together with the public key.


> 1) Make mass surveillance impossible.

A worthy goal. But let's be real; to stop mass surveillance by writing a new chat program, you need mass adoption of your new program, and that means you need truly amazing UX.

If you write something which is technically perfect and would work if it was widely used, but nobody uses it because Telegram is just a little bit easier to get started with, and has nice cartoon drawings to explain their features (or whatever), then you've completely failed.


Signal combines a competent and relatable user experience with a reliable security model. The latter is required to make a few people install it, the former is required to make their acquaintances install it, too.


Moxie, you really think crypto nerds are being attacked? They're not the ones with Keys to the Castle. Sysadmins have the keys! In fact, the NSA has been targeting sysadmins for a while. Sysadmins make great targets. Forget about their inability to implement a real security program, a sysadmin can barely get a security compliance regimen off the ground. Here's an article from Glen Greenwald's TheIntercept that details why Sysadmins are sitting ducks against both the NSA and Nation States: https://theintercept.com/2014/03/20/inside-nsa-secret-effort...

It's Sysadmins who make for a delicious muskrat lunch, not the crypto nerds.


There is a bunch of overlap between those groups (though too many sysadmins indeed don't grasp the threats that face them, or don't take them seriously).

I'm saying this as a sysadmin and crypto nerd who really wishes we had a secure messaging system that achieved both of Moxie's stated goals. Unfortunately, I don't want to use it in its current state for largely the same reasons as laid out by 'darklajid.

Both goals are important and feed into each other. If we don't have #2, it's easy for NSA and friends to backdoor the software or services for #1, for example like they did with their trusting-trust trojaned XCode.

Does anyone really believe these agencies will not react as we deploy "mass-surveillance-proof" software? What will be their next move to collect the data that they want? All of these attacks that people now write off as "crypto-nerd paranoia" will just become the new normal.


If someone was able to come up with a native equivalent, would you support that level of access or is that something you'd oppose?

It seems to me, at least, it might be possible to do so if the API was consistently exposed and versioned.


Regarding #2, since it's worded somewhat ambiguously, should we read that as wanting to stop targeted attacks in general (I'm thinking specifically of criminal suspects/etc. when a valid warrant exists) or targeted attacks against specific targets (i.e. people being illegitimately targeted like crypto nerds)? As a follow-up, are there any situations in which you think it would be appropriate to give information or the plaintext content of encrypted messages for a specific user to a law enforcement agency?


Why not both?

#1 is essential, but you really need to cater to #2 as well because "crypto nerds" are likely those who will eagerly adopt the software and advertise and praise it to others.

Here is a simple non-exhaustive list of changes to better achieve #2:

1. If the phone number starts with +xx where xx is a reserved/invalid country code, the rest is the client's base10 public key. Verification happens by signing a challenge or simply successfully performing a DH handshake instead of by SMS.

2. Provide a "pull" notification socket in the Signal server, use it if GCM is not available

3. Package the mobile-sync Chrome app with node-webkit or simply as a standalone server that auto-opens your browser to localhost:port

4. Use libtextsecure-java to make a simple standalone desktop client that could either have a command line interface or a localhost web interface (please don't use the C library, since C is not suitable for secure software)

Obviously these changes could be done by third parties, not necessarily by Open Whisper Systems.


#1: Will require really long numbers.


What is GcmCore? It doesn't show up on ddg or google.


It's GmsCore, moxie typo'd. However you can also install via F-Droid by adding this repo https://fdroid.eutopia.cz

Moxie is probably going to hate you for it, but it works very well and doesn't require Google Services or anything else.


Using that websocket stuff instead of Play Services or GmsCore will make receiving Signal calls impossible.


> Moxie is probably going to hate you for it

Overly dramatic...



It's a typo of GmsCore:

https://github.com/microg


Is there a technical limitation against having two phone numbers?

I live between two countries, and have two phone numbers - friends and family in one country have the one, in the other have another.

In places like Myanmar, people regularly have several SIMs with several numbers due to poor connectivity.


Could you tell me more about gcm core? I've removed play services from my phone and for the moment accept that this means some apps dont work. I'd love a substitute, but a quick search for 'gcm core' didn't give useful results.


You can't make mass surveillance impossible if you require a platform that is a mass surveillance nightmare.

Also can we please stop calling this a Desktop app? It requires Chrome to run, so it's neither Desktop nor Web app.


> 1) Make mass surveillance impossible.

That's an extremely noble goal, and it seems you've made great progress towards it, but..

Will the US government really just let you do it? Have they not interfered yet? It seems highly unlikely that they wouldn't somehow neutralize the threat your work represents, so I'm just.. cautiously optimistic instead of really excited.


> Will the US government really just let you do it? Have they not interfered yet?

Of course they did: the recent propaganda wave against "encryption" is all about preventing the next wave of privacy-conscious communication tools, to which Signal belongs.

Smart governments don't have to "interfere": they just have to pass laws.


Making encryption illegal would certainly count as "interference".




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: