WhatsApp is razend populair. De app is wel van Facebook, niet iedereen vindt dat een prettig idee. Berichten-app Signal is een privacyvriendelijk alternatief. We helpen je de app te gebruiken.
WhatsApp is razend populair. De app is wel van Facebook, niet iedereen vindt dat een prettig idee. Berichten-app Signal is een privacyvriendelijk alternatief. We helpen je de app te gebruiken.
Hey, at least thanks for having done your research on the topic :-)
Re: “Signal technically cannot know your social graph” is more of “we, Signal, have got the information in our hands but we swear not to look at it”. Essentially, your device is sending the data to Signal, and then the matching is done in a “secure enclave”. One problem is that this step could totally be bypassed without your knowledge or consent. A second is that the technological underpinning of it (Intel SGX) has known unpatchable flaws. A third is that even if the build-up of your social-graph isn’t stored initially, it can eventually be inferred from your usage patterns. A fourth is that even if you find good reasons to trust Signal today, they offer no definitive technological guarantee to enforce it in the future (the deal can change at any moment, being a non-profit isn’t a guarantee either).
No, in a decentralized system, you elevate your service provider to the same level of trust that you do today with Signal (with E2EE and maths taking care of the rest). The gotcha lies in the fact that you can be your own service provider in this case, or that you can establish other means to trust them (contractual, legal, moral, … obligations, that’s up to you). And in the fact that changing service provider doesn’t mean relinquishing all your contacts, histories, data, clients, etc…
I don’t disagree that Signal has some appeal over WhatsApp today. I only disagree that it represents a significant-enough step forward to justify having people massively migrate to it. From experience it is a doomed service that will deceive its users eventually (by design), and will cause more harm down the road (triggering another unorganized rush towards even worse services like Telegram) when it ultimately gets to this point. If you ask people old-enough to have known and used WhatsApp in its early days, they will depict a picture about as rosy as the one you paint today for Signal. All that to say, once again, that nothing is eternal. Especially in today’s extremely consolidated internet (like, who would get in the way of Meta, Alphabet or Microsoft buying off Signal if they ever want to?).
I would go into the specific points, but really none of this invalidates my main point that Signal is a marked step forward, seems to be having some success, and that undermining that success is therefore misguided. Heck, Signal might be a stepping stone to people using whatever decentralised system you prefer! I was around in WhatsApp’s early days, and never adopted it, because the picture was never as rosy as Signal’s. Of course, it did become significantly worse when Facebook acquired it, but that happens to be exactly the thing that can’t easily happen to Signal.
I will say that I agree that nothing is eternal, but that’s no reason to encourage people to stay on WhatsApp (which is what disparaging Signal use will actually achieve).
My point was that you’ll be communicating with people each of whom chose their own service poviders, and thus you’re also trusting those.
We are going circles but I will repeat it: Signal isn’t immutably better than WhatsApp, it only happens to be more politically-aligned with your beliefs (which we share in large parts, to be fair!) at this very instant (and we saw that this can change without notice).
My threshold for justifying a mass-exodus out of a popular messaging system is that 1- it offers non-revocable privacy and security guarantees and 2-, that it doesn’t lock its users in a single vendor/single service provider. Those two things combined are important, because they would finally give the chance of breaking away from the never-ending cycle of “enshittification → exodus → unsatisfactory explorations → painful rebuild(s) → monopoly consolidation → user captivity → enshittification”. Anything else is a slight variation around the current disappointing status-quo. I don’t think it’s too far-fetched, and we really deserve this “luxury” for something as fundamental as instant messaging. I can only hope that you understand why I’m not willing to compromise on that.
I’m also willing to bet that, with the rumbling going on in the USA at the moment, Signal might sooner or later become a target of/re-align itself with the new “administration”. Maybe then you will sense more of that captivity I keep rambling about?
The worst thing the other server can do is drop your messages silently, which you will absolutely come to know. Think of XMPP with end-to-end encryption as essentially encrypted email. “What if I can’t trust the other server at @bizarre_email_domain.org? Whatever.”
I think you’re right that we are going in circles now, so let’s end it here :) Thanks for the discussion!
And thanks to you as well for the cordial discussion! I’m hopeful that bystanders got an interesting read out of it :-)
As of me, the “worst” I would wish upon you is to adventure into XMPP, via an easy-entry app like quicksy.im (android) or monal-im.org (iOS) and see for yourself that you can get something as secure and featured as Signal, without the captivity and monopolistic abuses.
Oh no worries, I have used XMPP (though admittedly in the far past) and am on Matrix as we speak.