1/ In defense of . Yes, I'm a guy that just posted a roundup of distributed/mesh messengers of which was obviously not part. I am really excited about the potential of those.

But to the general public, I still recommend Signal. Here's why.

2/ brings and to meet people where they're at, not the other way around. People don't have to choose a server, it can automatically recognize contacts that use Signal, it has emojis, attachments, secure voice and video calling, and they all just work (Musk aside). It feels, and is, a polished, modern experience with the bells and whistles they are used to.

3/ I am a huge fan of /#Element and even run my own instance. It has huge promise. But it is Not. There. Yet. Some reasons:

, the only currently viable Matrix server, is not ready. My Matrix instance hosts ONE person, me. Synapse uses many GB of RAM and 10+GB of disk space, with little tuning for either. It's caused OOMs more than once. And this is AFTER extensive tuning. It cannot be hosted on a Raspberry Pi or even one of the cheaper VPSs.

4/ Choosing a instance. Well you could just tell a person to use But then it spent a good portion of last year unable to federate with other popular nodes due to Synapse limitations. Or you could pick a random node, but will it be up when someone needs to say "my car broke down?" Some are run from a dorm computer, some by a team in a datacenter, some by one person with EC2, and you can't really know. Will it be stable and long-lived? Hard to say.

5/ Voice and video calling is not there yet. Matrix has two incompatible video calling methods (Jitsi and built-in), neither work consistently well, both are hard to manage, and both have NAT challenges.

6/ is so hard to set up on a server that there is matrix-docker-ansible-deploy . This makes it much better but it is STILL terribly hard to deploy, and very simple things like "how do I delete a user" or "let me shrink down this 30GB database" are barely there yet, if at all.

7/ Encryption is not mandatory in . E2EE has been getting DRAMATICALLY better in the last few releases, but it is still optional, especially for what people would call "group chats" (rooms). Signal is ALWAYS encrypted. Always. (Unless, I guess, you set it as your SMS provider on Android). You've got to take the responsibility off the user to verify encryption status and make it the one and only way to use the ecosystem.

8/ Again, I LOVE . I use it every day to interact with Matrix, IRC, Slack, and Discord channels. It has a TON of promise. But would I count on it to carry a "my car's broken down and I'm stranded" message? No.

9/ What about some of the other options out there? is fantastic and its offline options are novel and promising. But in common usage, it can't deliver a message unless both devices are online simultaneously, and doesn't run on iOS (though both are being worked on). It also can't send photos or do voice or video calling.

10/ Some of those same limitations apply to most of the alternatives also. Either that, or they are encryption-optional, or terribly hard to set up and use. Just today, I boosted a post about , which shows a ton of promise also. But it's got no voice or video calling capabilities. How about ? Fantastic protocol, extremely difficult onboarding (lengthy process, error-prone finding a sub, multi-GB initial download, etc)

11/ So gives people: dead-simple setup, store-and-forward delivery, encrypted everything, encrypted voice/video calls, ability to send photos/video encrypted. If you are going to tell someone "it's so EASY to get your texts away from Facebook and AT&T", THIS IS THE THING you've got to point them to. It may not be in 2 years, but for now, it is. Do not let the perfect be the enemy of the good. It advances the status quo without harming usability, which nothing else does yet.

12/ I am aware of all of the very legitimate criticisms of . They are real and they are why I am excited that there are so many alternatives with promise, some of which I use actively. Let us technical people use, debug, contribute, and evangelize the alternatives.

And while we're doing that, tell Grandma to contact us on Signal.


@jgoerzen great exposition, most comprehensive address to my objections. still: i don't want to give my phone number to people i don't trust (that is moxie and openwhisper and all who can grab it from the discovery process, like the police, the state, fascists, etc). i don't want them to have my kid's phone number either, nor my friends and comrades. 1/

@jgoerzen fascism is here, all around us already, in various forms. those phone numbers will be in many databases comprising a graph of relations of everyone on signal. available to all future police and repressive regimes. unacceptable

@zeh I think you and I are pretty much in agreement about Signal's weaknesses. But for the vast majority of people, the choice is not "Signal or ", it's "Signal or SMS/Whatsapp". And the reason is that Signal is the only thing that they are going to be able to easily learn, use, and understand.

Give them Status or Element and it's going to get tried out for 10 minutes and then ignored or deleted, by the vast majority of people. Either that or they will stumble into plaintext.

@zeh 2/ As I reflect on this, I'm going to make a bold and possibly wrong assertion: is the first and only system the world has seen that makes strong cryptography easy to adopt correctly for everyone.

I was using in the 90s, still use , and of course there's , but none of these are easy to get right.

Signal isn't perfect but it's better than the alternatives people are used to, and that right there is huge.

Additionally, I find it remarkable, that it's the first (I'd say since decades) direct #opensource competition to large enterprise (FB/Google) software that is actually standing a chance in the #mainstream.


@jgoerzen you are defending that we should compromise on metadata security. i refuse that. metadata is as important (or even more important than data, since it's analysis can be automated). they arrest, torture and kill based on metadata. i will not recommend a communication system that is an absolute dead end wrt metadata protection and will not say it is "more secure" when compared to whatsapp/sms - as that is deceptive and will put them in danger.

@zeh Not really. What I'm saying is if you take the "all or nothing" attitude, and "all" is hard to use correctly, is crypto-optional, or doesn't have features people want, they will go to "nothing" instead (or use "all" incorrectly), which is WORSE.

Fundamentally, every "instant" system is vulnerable to a timing analysis by sophisticated state actors anyway (whenever person A sends a packet, person B gets one).

@zeh There is absolutely a need for things like that don't even use the Internet, and other things that tilt the balance further away from usability. But advocating their use in such strong terms now is counter-productive at lifting the global average level of privacy, because they are hard to use correctly and don't have the features people expect.

@jgoerzen my attitude is not "all or nothing". it's "this is not enough", it lacks metadata security. and if i recommend it people will not understand or remember that behind the veneer of easy to use, there are serious dangers that may expose come them in the future.

@jgoerzen and you know better than i do that timing attacks are targeted attacks, in a whole different class than the basic protections of data and metadata at rest that we are discussing here.

@zeh @jgoerzen Saying that Signal is not more secure than SMS is ridiculous.

@be @jgoerzen kindly stick to what i said. admittedly, i'm stressing the point, but what i said was that i would not say to people that signal it is more secure because it is not, wrt metadata. maybe i'd go there if i had the opportunity to go into a detailed exposition (which is rarely the case)

Show newer

@zeh @jgoerzen again: all metadata is encrypted (except like IP adresses and dates)

@jgoerzen @zeh I'm almost certain 50 MILLION people have never used secure telecommunications ever before last week.

@be @zeh @jgoerzen actually it does, if he's posturing as an authority on privacy. It shows he's either not committed to his own cause or incompetent in the discapline.

@jgoerzen @zeh It is a good evaluation of the 'secure-messengers' ecosystem. I think, prior, keybase also did a really good job in making it *easy* to have complete encrypted messaging - even connected to your existing gpg identity. Of course, with the zoom acquisition,
trust has been eroded by now and few people still consider it viable. The one issue I have with Signal is its continued refusal toward federation, but I realize it's a difficult topic to broach.

@resist1984 @zeh @jgoerzen Thanks for the info. After reading into it more, I decided to not just not use anymore - but purge and delete my remaining keybase details.

Not sure if you're aware of #Threema then:

costs a little to install (via playstore, appstore or directly from their website), free to use. That price pays their bills. It's securely e2e-encrypted, has passed a few audits, source has been published too. My whole family, including several non-technical pensioners, are using it, never had issues.
It's not linked to phone number, runs without SIM.
I use both Signal and Threema, can recommend both.

@jgoerzen @zeh #Signal is so far from perfect that calling it merely "imperfect" is absurdly generous. For the grandma use-case, #Wire is a drop-in replacement for Signal. Grandma doesn't care if her metadata links her to her grandkids, but forcing grandma's network of friends & family to get GSM/CDMA subscriptions & share their ph# is a stupid move that's both exclusive & privacy-abusing

@zeh @jgoerzen Those who call #OWS #Signal merely "imperfect" have not read or fully absorbed this article on what a shit-pile it is, in terms of ethics, privacy, & security:

@resist1984 @zeh @jgoerzen My wife and I have been using our own self hosted service and experimenting with Session. It's curious that Session doesn't require phone numbers, even though it's a fork of Signal and used the Signal protocol until very recently. I haven't voiced that concern to my normie friends who use Signal because I'd rather them use anything other than Facebook and I don't want to confuse them, but I can't help but wonder.

@resist1984 @jgoerzen @zeh Very interesting thread. Regarding Wire: you don’t consider the subscription price as a possible roadbump in making “all ones friends” including friends/family to sign up?

@mathias @jgoerzen @zeh Is Wire no longer gratis? I didn't pay anything for my Wire account. A couple months ago I got someone to start using it and I think they would have complained to me if it had a cost.

@resist1984 @jgoerzen @zeh I have been trying to look up all the alternatives mentioned. I am not excluding I might have looked at the “wrong one”, but this was the Wire I was thinking you guys were talking about:

Show newer

@jgoerzen @zeh it seems the choice for most people has become #Signal or #Telegram, that’s how it’s shaping up in the UK anyway, both are high up in the top app lists and I’ve seen my friends and family split between the two as they leave #WhatsApp. Baring in mind SMS isn’t an option here, not even my grandma uses SMS, only the US still uses SMS for some strange reason. I guess we have to factor in #iMessage too, indeed my family are all iPhone users.

@jgoerzen @zeh ...all that fragmentation then causes problems of course, people don’t want to switch between many different apps to stay in contact. I think #iMessage gets a pass since it’s built into the OS it’s not treated as an “app”, but the battle in the UK is now going to be #Telegram vs #Signal. I can see average users liking Telegram more because it has more bells and whistles. Shame everyone thinks it’s “encrypted” when it isn’t.

@aspie4K you said "people don’t want to switch between many different apps to stay in contact" and it is true.

@jgoerzen @zeh

I totally agree with that!! But how about using a burner number from the internet for sign up? Then set a strong registration lock password. You won't need access to the number after that anymore. Of course, it would be nice to do that without a workaround, but still...

Btw, your phone number is sent to the server only in a hashed form. So I imagine plain text retrieval by a third party a very hard task to accomplish...


It may be worth reiterating at this point that although Signal uses your phone number as a user identifier, I'm not actually sure of they store it or just a hash of it, and they definitely don't transmit otjer numbers from your contacts for discovery:

They also announced they're trying to move away from using phone numbers at all (the recent intoduction of PINs is in preparation of that) -- but it may take some time

@Mr_Teatime @jgoerzen @zeh #OWS keeps a copy of your phone number on record for account recovery purposes. Of course, this also opens you up to various attacks and compromises.

@resist1984 @jgoerzen @zeh

Hm... yeah, makes sense. Would it be possible to do those things without storing the user ID?

@Mr_Teatime @zeh @jgoerzen It occurs to me that they could theoretically store a hash, and then ask for the ph# again at acct recovery time, then compare the hashes. But I don't give OWS the benefit of the doubt considering how they push users into Google Playstore & claim it's safer than the APK download which they hide. It's hard to trust OWS anytime trust is needed.

@resist1984 @zeh @jgoerzen

As far as I can tell, they are pretty good at minimizing the amount of stored data, including profile, contact data, metadata etc:

As far as i can tell, they don't have more than the phone number (hashed or not, not sure, haven't found the info yet)

Also, the code is open source, so it is testable whether it does what OWS says it does -- no need to speculate.

@Mr_Teatime @resist1984 @jgoerzen oh, look at that. not only is #signal hostile to federation and freedom, centralized and closed source (no new code published for a year), they also gone full cryptoscam now. who could have possibly imagined something like this.

@zeh @resist1984 @jgoerzen

Cryptoscam? Which news did I miss again? Do you have a link or something?

Also, they do have a reson for not federating -- I think there are more important counterarguments, but it's a valid one: Federating means the server will be operated by loads of different people, some of whom might not know what they're doing or be malevolent, and regular users can't (and shouldn't have to) make sure that their own and their contacts' providers do everything right.

Show newer
Show newer

@zeh @jgoerzen so moxie won't get your phone number. Your phone number also gets encrypted.

@jgoerzen Thank you for the great summary!! 🙂 I think you really hit the core of that question very well. In many discussions about that topic, tech users don't consider the average user enough, or even at all, or have a wrong image of them.

Sign in to participate in the conversation

For people who care about, support, or build Free, Libre, and Open Source Software (FLOSS).