Problems we are having with #Signal:
* It is and will remain centralized (clear strategy of *not* federating servers)
* It requires strong identifiers/selectors (phone#) to use
* Author disallows distribution by anyone but Google, although free/libre
* It keeps pushing away verification of fingerprint in interface
* It relies on Google+Amazon infrastructure
* Its funding is shady (OTF = Radio Free Asia = USG)
= clearly unethical choices, unjustifiable by accessibility or technological reasons.
@jz what do you mean by "It keeps pushing away verification of fingerprint in interface"?
There is a feature to verify a conversation hash/QRCode when physically meeting the correspondant — so I suppose you are speaking of something else.
@turb The verify feature used to be within the conversation, starting with a healthy warning "your conversation has not been verified yet, do it". now it is not displayed, like if safety was assumed by default.. and you have to go into *4 (four!)* clicks before you can find this feature now "conversation settings, scroll down, etc." where it is called "view safety blah" not even "verify..."... If UI were to be used to discourage from doing it, it would exactly look like this.
very bad practice.
@jz Share your concerns + also that they have effectively helped whitewash Google/Facebook by working with them to add encryption that's not on by default.
At the same time, only one of two solutions right now that are fully open source + cross platform (the other being Wire). (Also, an apk is available for download but is discouraged/not easy to find - they do push people to Google.)
We definitely need decentralised alternatives that publicly oppose surveillance capitalism.
What a surprise... :/
Conversation is working well. Omemo gives hope that some flaws of XMPP/OTR could be compensated (offline messages, decent crypto...)
- fully open source, server as well as client
- self-hostable and only requires PHP
- app in F-Droid, apk available too
- uses WebRTC standard
- federation is planned, but using links to have calls with people not on Nextcloud is already possible
https://nextcloud.com/talk - would love to get your feedback!
So far it's looking good. Doesn't depend on a single server, even as a default. End to end encryption. Server and client are open source. They have a good track record on security, at least since NextCloud has become a mature product. Other than having to enter a server URL as well as a user name and password, it's pretty friendly to non techs to install and set up (excluding the server). Client is on FDroid.
@mray @bob @jz Delta chat seems creative but very silly... they make it sound like creating an account is this HUGE hurdle/problem. And like I guess? But it doesn’t stop most people. On one hand it’s clever to use encryption(pgp?) over email as the IM transport, but that also seems very convoluted and complex? Which leads to problems.
If I want a secure chat, I’d just use like Tox or Ricochet that’s been designed from the bottom up to be secure.
I’m not trying to attack this project, I think the idea is cool, just seems like there’s better solutions already and energy would be better spent improving those?? But that a FLOSS community problem.
@mray There is still a way to disable the local node and use another node to listen the network for you (a DHT proxy)
@hinterwaeldler The DHT is like a distributed mailbox. You send the encrypted message on the DHT network even the peer is disconnected. Then the peer has some minutes to read the DHT. So you don't send the message directly to the recipient, but let a message in a hash (like a mailbox). It's also used to init direct calls between you and your contact.
Otherwise, poorer data/battery perfs are the cost of a fully distributed network on mobile devices... but as said, we're working on the DHT proxy which is some kind of tradeoff between distributed network and battery/data footprint. It's still a bit experimental but you can already try it, it's kind of hidden in the settings :-)
If you want alternative desktop clients written in your own language or integrating with your favorite messaging client, it isn't some impossible feat to build. Finn and a few other Seattlites have been working on bots and integrations like Weechat, I'd encourage you to poke around. Signald is pretty user friendly by the way!
The Better options all require advanced skills to use. Non-technical users deserve privacy too.
* Non-federation means users not giving up at server selector dialog and no one-off hostile servers.
* Phone numbers are mediocre IDs but hard for users to screw up.
* Google prevents third parties (e.g. abusive ex, corrupt local sherrif) from tampering with the apk.
* Funding is funding; the USG funds lots of stuff, some of it good.
Signal is imperfect but the perfect is the enemy of the good.
@suetanvil I wish we stop attempting at justifying the ethically/morally unacceptable by "usability". this notion considers that "users" (not people eh!) are all idiots, incapable of doing what the person mentioning it is capable of.
It is by infantilizing people that they end up being subjugated, under control.
My own field experience of sec is that when u make people understand (activists, journalists doing real journalism, sources, etc.) they are capable of making efforts (tails, GPG, etc.)
Have you succeeded in training anyone without a secondary-school degree in the use of GPG? Because withholding quality education from the poor is one of the tactics in wide use against the US poor.
Would you get my mother to use something harder than signal?
I tried to make her use it but she said some of her contacts did not receive messages.
I mean she did not really care about privacy or crypting messages. So she went back to her standard app after switching phone.
Standards users will not make the effort to understand something more difficult than what Google teaches them.
Usability is important, yet not *crucial*. It is often in the hands of people with large resources. Most of the it time amounts to having software making choices instead of you.
Balancing techno-ethics and software freedom by "usability" is i think a fake dichotomy.
Like balancing freedom and security to justify anti-terror measures restricting freedoms and agency. One cannot pretend to trade one for the other.
(Jefferson mode: ON - "He who sacrifices freedom for usability...."?)
Given that the majority of security problems are due to user error, I would think it is obvious that UI is a significant aspect of software security. Describing usability and security as a trade-off is an astounding false dichotomy.
@jz How does Telegram compare? Their funding feels equally awkward, ℅ some Russian magnate, and based in Dubai.
@jz While I agree with most of that, I disagree with:
> * Author disallows distribution by anyone but Google, although free/libre
They allow distribution through Apple's iOS store. For the desktop version you can compile it yourself (I think) from Github.
> * Its funding is shady (OTF = Radio Free Asia = USG)
The "USG" is not a single entity, and you cannot treat it as one. The USG funds many good projects, including, perhaps most famously, Tor.
@jz conversations for xmpp is using the same encryption algorithm as signal under the extension name OMEMO
@jz That being said, I finally have the vast majority of my contacts including many non-technical people using a secure messenger for the first time in history. Change will be slow and many of the alternatives are not currently viable for non-technical users, partly due to usability and partly due to the network effect of "I'm not installing yet another app that runs yet another service just to talk to one person."
Mamot.fr est une serveur Mastodon francophone, géré par La Quadrature du Net.