* Has a non-zero price, so uptake is embarrassingly low. Embarrassing for humanity that is. I've struggled to get well paid professionals to cough up the €4. There is some mental block beyond 'free', yet these same people decry WA's privacy changes.
I think signal was right to use GCM,for the general audience, but I personally would like to avoid it where possible. I use both apps, which in itself is a boon.
Feel free to reach out, my Threema ID is in my profile. Would love to create a HN group to test the group features at scale.
I'd like to add "network effect" to this, as I can draw a parallel to another failed attempt which made the same general mistake (placing a hurdle in front of newcomers). Google Plus.
When Google Plus hit the streets, Google had this stupid "invite only" system and it just became this huge thing within 24 hours to "buy invites" and so forth, people at that exact moment were ready and willing to try the new thing and were excited... then were hit with "yeah sorry, you can't sign up right now" and walked away never to return. They heard about it on Facebook, tried to go give it a try, then hit the hurdle and stayed on Facebook. It's my personal belief this initial step is what Google got wrong, all warts about the service aside. The first 48 hours was make or break, and they lost the momentum and never recovered.
Threema was the same to me - I heard about it years ago and read very positive reviews, however to even try it out I needed to spend money and convince a bunch of friends to spend money just to get the client and see what it was about. It may have been great! However if I couldn't have a friend to chat with, it was of $0 value to me to even buy the client. IMHO, this is the hole Threema now has to dig themselves out of - walled gardens with an initial adoption hurdle trigger a psychological "nah, maybe later" reaction out of many people.
I just bought threema out of the blue and to see how many of my friends are using it (and make themselves be found).
I'd say 10% of my contacts, mostly tech-savvy, are there already and no need to convince anyone.
> Has a non-zero price, so uptake is embarrassingly low. Embarrassing for humanity that is. I've struggled to get well paid professionals to cough up the €4.
What's really weird is that people park their car somewhere and pay 8 Euro parking fee without thinking about it. But when an app (which sure lasts a lot longer then a couple of hours of parking space) costs any amount more then zero people it suddenly becomes a mental barrier for people...
The other thing about a paid messenger service is that you not only have to pay the small fee, but convince your friends and family to pay as well, not to mention getting them to believe that the app is trustworthy and won't result in sketchy charges. This makes it so much easier to pitch free messaging apps, since you can always tell them to uninstall it if they don't like it.
The Apple App Store allows this (you can gift apps), but Google Play has no such mechanism unfortunately.
Threema would need to switch to an in-app purchase model in order to be able to handle "gifted/sponsored apps" manually, but then people would probably be pissed because "the app looks free but then requests a payment".
The Android version can also be obtained (and gifted) through https://shop.threema.ch/, but this requires manually installing an APK. The best way would be for Google to provide a means to gift apps to others in the Play store. I really can't comprehend why they don't do this.
The cost in itself isn't a barrier, but it compounds hidden network effects making it a problem.
I paid for Threema this month while looking for WA alternatives. I had to pay the money just to find out that absolutely nobody in my contacts uses Threema.
Was it a waste of money? Maybe, but I'm ok with being the first, most people would not be ok with that and I have a very real concern I'll never see a friend join me there, then it would be money wasted.
WhatsApp charged its users to continue using it after a year, I wish Threema took this approach. I paid that money without issue because I already saw the value, so did a lot of people I know. So it's clearly not that people won't pay, but they need to show their customers it's worth it first.
My take on it would be that people see cars for example as a physical item. And that item comes with real expenses. Fuel, parking tickets and whatnot. Your conditioned for this when you get your first car
Mobile phones apart from the device itself are seen as free. Your conditioned to expect to get apps for free, I expect content to be free.
So when you start asking for money; there is no association between the price wanted and a physical object. Only an application which was free.
I think this is because of the prevalence of free (as in free beer) software. The moment this became normalized, every time something actually does ask for money, you have to decide that the expenditure is indeed worth it. Yes, 4 bucks is a pittance in absolute terms for many people, but they still don't want to just throw it out the window, so they have to actually take the mental energy of justifying this purchase.
And yes you could say that the same people won't bat an eye spending 4 bucks on beer, but beer is an immediate reward in itself. The brain is usually already wired to automatically reward it's own decision to buy beer and buying one beer lessens the very restraints that would stand in the way of buying beer to begin with.
These factors are usually not present when buying an app, unless it's a game or similar or it becomes a "passion" purchase.
I don't know how to fix this. I would like to blame Ad Tech and the blight of "free" apps that fund themselves out of mining people's data. I think it is fair to say that this was a contributing factor at least. At the same time, I think there is genuine value in a proposition where people can pick to get the product for "free" and sell their data, or pay for the product and keep their data private.
I think Threema seems like it might be a solid alternative to Signal.
A couple of other drawbacks for Threema:
- Can’t delete messages on recipient devices (disappearing messages in Signal)
- As far as I can tell, the server isn’t open source
Also, a very brief look suggests the two most recent security audits for Threema only covered the iOS & Android clients? Someone correct me if I am wrong
Threema run & operate all their own servers - that’s good & bad in my eyes (do they know what they doing? Has any of their infrastructure been security audited?)
> As far as I can tell, the server isn’t open source
That could be said of Signal too, since updates to the server source code haven’t been published for a very long time now (unlike the client’s source code).
> Threema run & operate all their own servers - that’s good & bad in my eyes (do they know what they doing? Has any of their infrastructure been security audited?)
> I've struggled to get well paid professionals to cough up the €4. There is some mental block beyond 'free', yet these same people decry WA's privacy changes.
For some people the issue is not about the money but about giving it to a vendor-locked platform and have access to the app depend on it. I happily did donations to open-source projects such as MyExpenses [1] and Netguard [2] to support the projects and unlock features. And can still use these now that I went for a mobile with Android but without Google Services/GCM.
The uptake in Germany was rather good at one point for years I think it was in the top paid apps in the apple app store. I've not looked recently as I bought it just incase anyone I knew got it and wanted to use it.
> I've struggled to get well paid professionals to cough up the €4. There is some mental block beyond 'free', yet these same people decry WA's privacy changes.
Our culture is totally broken. I think it stems from our salaries being too low. People have less money than they should so need thinks to be free to get by which means investors need to pay for it which means the salaries need to be low so the investors make money.
> Our culture is totally broken. I think it stems from our salaries being too low.
In this case, I really don't think that is the reason: As mentioned above, often the same users that are hesitant to spend €4 on encrypted messaging will happily spend €4 on a single cup of coffee.
I've read an interesting exploration of this idea a while ago (i.e. why is it easier to get people to pay you €x for a cup of coffee than it is to get them to pay the same amount for your app) – I think the main argument in favor of the coffee was familiarity and predictable utility.
> As mentioned above, often the same users that are hesitant to spend €4 on encrypted messaging will happily spend €4 on a single cup of coffee.
I don't think they is much of argument, even if it would be sushi the they often buy 4eur coffee. Everybody has to have some strategy on how not to spend too much money. Usually it involves buying some things and not buying others. And when you are in balance, it involves not changing patterns without reason and if you change them, kick some other thing out.
And easiest way how to not spend too much money on apps is to simply not buy them. Takes little effort and is very effective.
I am willing to pay €4. But only if all my friends also pay €4 and decide to start using the app. Otherwise it's worth €0 to me. So unless I can convince them to start (which I usually can't, because they don't trust that their friends will use it), the natural equilibrium is that nobody buys it.
One solution might be a 30 day free trial? I don't know why free trials are so unpopular nowadays. I am much more inclined to buy something when I have had a chance to try it!
Didn't WhatsApp do it similar in the beginning? AFAIR they offered the app for free and said after one year you have to pay 1€/$. I paid this once or twice and then it was free again (probably because of FB).
However it was very clever to give a whole year for free, lock everyone in and then start taking a small fee. I like that strategy. Now with FB it's just a plain data grab.
Correct. And despite this, many of my friends refused to pay the $1/£1/1€ on the basis that facebook messenger was free, as was SMS in their cell plans.
So I paid for them. Despite them all earning real money in real jobs.
Then Facebook bought WhatsApp, and now none of them are willing to move to Signal, because they like WhatsApp.
I think threema is a great product and at the same time a core reason why they haven't grown bigger yet is because they don't experiment enough with pricing models. Successful apps I know offer some standard functionality for free, get users to use the app and then offer additional functionality that a certain amount of people will buy after they have fallen in love with the product. There is no chance competing with all the free messengers otherwise.
Where is signal hosted? I know quite a few people who picked Threema because it's not hosted in the US (even if you can validate the encryption is sound by checking the app source).
apparently threema also uses google for notifications on android:
"Threema uses Firebase Cloud Messaging (FCM) to notify the app of new messages in the background. If Google Play Services are not installed, Threema checks for new messages using polling. The polling interval is configurable between 5 and 30 minutes and may cause additional battery drain and data usage."
but, apparently doesn't transmit any messages via fcm:
"Threema uses Firebase Cloud Messaging (FCM) to inform Android users about incoming messages in the background. The app then fetches messages directly from the Threema servers, decrypts them and displays a local notification. Neither contents nor details about messages are transmitted via FCM (the FCM payload is empty), and all of Firebase’s tracking and analysis components have been removed."
perhaps signal does something similar?
on ios, it apparently encrypts notification messages instead:
"Threema uses the Apple Push Notification Service (APNS) to inform recipients with iOS about new messages while the app is closed or in the background. The APNS message contains a payload that has been encrypted with a symmetric key, which is negotiated between the app and the Threema servers and is not known to Apple."
I have no problem paying €4 or even €40. Problem is that I don't know when I can be locked out of an app due to Apple or Google policies. Not the fault of the creator(s), obviously.
That, and as another commenter pointed out: network effects. I'll pay alright, no worries. But how I even test the thing if none of my people are there?
And why no free trial? I'd evaluate the messenger in maximum 30 minutes.
The free trial is just asking the App Store for a refund. I did it twice so far when i bought an App wich sounded good but then didnt do what i wanted. I think you have 48 hours time for this.
Signal still works with notifications and everything without GCM or any google aervices. I have grapheneos on my pixel phone and signal works flawlessly.
But yes it would be nice if they used something else other than GCM for the vast majority.
I had the same question until I realised it meant Google Cloud Messaging (or, this is how people seem to interpret it) - my initial thought was that it was about Galois Counter Mode (an authenticated encryption mode), and was curious why not using it was considered a benefit.
Threema does seem to use XSalsa20 + Poly1305 for authenticated encryption (not AES in GCM), btw.
a) I feel Google is over-represented in our tech lives, so when it's possible to use an alternative I choose to.
b) GCM undoubtedly collects metadata about my usage of it
c) [falsified] AFAIK GCM requires a Google account, which means your usage of the system is at the pleasure of Google, and can be disabled for a myriad of Orwellian reasons.
I use Signal on Android and I definitely have no Google account. It seems to be an optional component of Signal. As well I never was asked sign up anywhere.
I wonder if this is secure partially because of the "security through obscurity" factor, in that case. More eyes are on Signal based on usage and promotion, that's for sure.
Yeah I'm not paying for an app nobody else I know is using haha
Can apps do custom trial periods? I reckon they'd benefit from something like a 3 month trial period. Let people really get into using it before committing.
Note that Signal's crypto is more robust. This lacks forward secrecy, and Signal also has the Double Ratchet algorithm which provides some protection to earlier and later keys (/messages) if an attacker is able to recover a user's keys at a fixed point in time.
The sound quality for phone calls is fantastic - I prefer Threema calls over regular mobile phone calls because they are just so much clearer. (Provided one has a stable Internet connection, of course.)
The Swiss government is using the Threema Work version as its official internal messenger [1]
They also provide a transparency report about metadata shared with government agencies through court orders, requests have been going up in the last years [2]
Depending on the country, WhatsApp was “pay once a year” or free.
I don’t understand how a service that requires online resources and maintenance can charge a one-time fee and be done with it, more so considering that this one says it’s based out of (expensive) Switzerland.
If you take a look at the customer list (Daimler with 300k employees, Bosch with 400k employees, the federal administration of Switzerland, and others) it does seem to be quite a sustainable business model.
Threema is Open Source and didn’t get bought by Facebook. Also, was WhatsApp ever super privacy friendly? They weren’t Facebook level bad, but I don’t remember them being specifically targeted towards privacy
Back when Threema was founded, WhatsApp was still blasting messages in plaintext through your WiFi, where the other people sitting next to you in Starbucks could read along.
I don't ever recall WhatsApp as being privacy friendly.
Omg I just watched it... that, that shouldn't exist. A lot of production quality went into that.. and yet if I tried to convince anyone to use Threema based off that vid they'd balk.
Since then, they seem to have open sourced their client applications, so it should at least be possible to verify e2e encryption of messages. That isn't to say that metadata isn't valuable as well, of course.
> Slovak investigators, working with Europol, the European Union’s law enforcement agency, cracked Kocner’s phone and gained access to encrypted communication via the instant messaging app Threema.
If I remember correctly, the user in question kept exported plain-text backups of the conversations on the phone. The encryption of the app itself was not breached.
* Does not require a phone number
* (related) more tractable on non-phone devices
* Does not use GCM.
* Interface is smoother (subjective)
* Has 'work' mode allowing for enterprise use
Drawbacks over signal:
* Has a non-zero price, so uptake is embarrassingly low. Embarrassing for humanity that is. I've struggled to get well paid professionals to cough up the €4. There is some mental block beyond 'free', yet these same people decry WA's privacy changes.
I think signal was right to use GCM,for the general audience, but I personally would like to avoid it where possible. I use both apps, which in itself is a boon.
Feel free to reach out, my Threema ID is in my profile. Would love to create a HN group to test the group features at scale.