10 hours ago
Prepare for the UK requests for mandatory key escrow into the data. Which I have high confidence signal will refuse to do.
I merely observe that there's a duty cycle here across data which states and providers have to dance through each time.
6 hours ago
The post claims with regard to the cost of a cloud backup that "Local backups still exist" - but that's a lie, there's no local backup option on iOS.
6 hours ago
iOS can back up to a Mac or PC.
5 hours ago
Sadly not Linux tho.
3 hours ago
If you sync an iPhone to a Linux machine, you can then save your backups on Linux.
7 hours ago
So is this going to be self-hostable? Because what I'd really like is backups to go to my own server and definitely things like the media offload.
an hour ago
The article says that local-backups are still going to be a thing, and that it'll use the new format (so that you can restore ex an Android backup on iPhone and the other way around). Presumably you'll have to bring your own solution for storing the backup, but if its just a file / archive then you can store it however you store the rest of your backups.
9 hours ago
Back it up now so when the encryption is broken, it can be read!
8 hours ago
If you think they've gone rogue and are working with the NSA or whatever, why can't they be doing the same thing with your e2e messages while in transit? What do they gain by getting it through backups?
8 hours ago
6 hours ago
The backup is secured with "a strong key", implying that all PFS guarantees go out the window regardless of the PFS algorithm used to send the messages in the first place. Signal had great guarantees by how they both enforced a single client and was limited largely to screenshots as backups, now you'll never know if the person you're talking to has a full backup in the cloud, with metadata to match the actual conversation times, destroying the repudiability (i.e. plausible deniability) feature.
2 hours ago
Whats to say they didn't take screenshots of the conversation that got backed up to Google Photos or iCloud anyway?
I dont think this changes anything, in regards to a malicious(/incompetent) recipient.
10 hours ago
This is pretty awesome and an exciting feature. But I want to make 2 critiques here.
1) I think Signal is really bad at communicating with its community. Especially being an open source project I think it is important to be open in communication. I wish they wrote more blog posts and were announcing these things through blog posts (I really miss those blog posts, even the non-Moxie ones. They made it feel more communal and like you understood Signal's vision. Ultimately, that builds trust, which is ironically necessary when building trustless systems). Creates a good way to succinctly explain what the feature is, the end goal, and so on. You can easily add a cross link to any forum discussions. But jesus fucking christ, I really hate these private communities. No one likes making random accounts just to submit bug reports and it is a little insulting to make devs do it when GitHub exists (I can get why they do this but there might just be no optimal solution...). But man, the Signal community is particularly bad and off-putting...
I'll add that this is an extra pain point being a security app. It should be expected that Signal users are suspicious of Signal. That should even be encouraged! But lack of communication often breeds conspiracies. People not knowing even a high level road map start believing that Signal is doing nothing while asking for money. It's a small team, so of course it is slower, but just a bit of transparency can do a lot to mitigate this. You don't need full blown PR, but PR to the tech nerds does seem necessary at this stage (can become general public when your average tech nerd is convinced Signal is more secure than Telegram and understand that Signal and Matrix are not solving the same problems). Right now it is the tech nerds that spread the conspiracies and the infighting just ends up making apps like WhatsApp more inviting. We're usually bickering over technical mostly non-issue things[0]
2) The post mentions
> The ability to dynamically offload media so that Signal takes up less space on your phone, while still letting you download that media on the fly if you scroll back.
But my point here is kinda about trying to better reach out to the community. I get that listening to users is noisy, but truth is that Signal's lack of metadata means they have fewer insights into user desires and concerns. Fortunately, Signal has more technically minded users than most apps, but there's no real good communication path with them. Honestly, I think there are dozens of good ideas in their community forums that go missed. Big reason I hate these community forums is that they also use popularity as a proxy for user desire. But requiring login makes that noisy as well as many features are going to be things people want but don't know they want, especially when there's some technical aspect involved. Here's a few examples:
[4] "Airdrop": User presented an "Airdrop" like feature which benefits them, reduces Signal's bandwidth costs, and could ultimately create a pathway forward to decentralization if they decide to go that way.
[5] Link Sanitization: This is straight up a privacy feature! You know when you share a YouTube link? Strip everything after the "?" because that's just tracking data. (You could solve the false positive issue by a default setting to sanitize or not and long press to get unsanitized link. Plenty of solutions to that). But Firefox and other privacy preserving platforms already have some solution to this. Signal really does need this to meet its own goals, and even naive users benefit from just a more visually appealing link (shorter)
[0] Guarantee to see a reply doing this. Which is fine, this is HN, its a space where we can do technical bickering.
[1] When I export data, I get unique dupes and when I delete data my storage responds appropriately. Could be how storage is determined, but I strongly lean towards these being unique copies.
[2] https://btrfs.readthedocs.io/en/latest/Introduction.html
[3] If any Android or iOS engineers are reading this, please, for the love of god give us this. Should make security better too since you can do subvolumes and encrypt those. I'm sure Signal would love to get containerized and encrypted subvolumes. Hell, fucking containerize each app! Big security win. (I'm sure there are issues and I genuinely would love to hear what they are. Please educate me, this is not my domain but I'd like to know more)
[4] https://community.signalusers.org/t/signal-airdrop/37402
[5] https://community.signalusers.org/t/clean-sent-links-strip-t...
3 hours ago
> You know when you share a YouTube link? Strip everything after the "?" because that's just tracking data
Funny because YouTube is exactly the example I would use for the URL parameters being important. I frequently send links to specific times in the video using the `t` parameter.
9 hours ago
> But jesus fucking christ, I really hate these private communities.
Also, I don't know if Discourse was dropped in its head as a baby but only through some determined use of the mouse wheel could one possibly discover that there are ... I don't even know ... unlimited additional pages of discussion hiding in that thread. Infinite scroll wasn't designed to be taken literally, holy shit
At least with "Page 1 of 8675309" one can know in advance that they should pull up a chair. I guess the UX pattern is "hover over the '1h ago' URL to see the page number, n00b"
But, back on topic:
> We chose not to exclude all disappearing messages because
uh-huh, so kind of defeats the purpose of disappearing if they're preserved, eh?
9 hours ago
Discord is only marginally better than dedicated forums. Honestly, I'm not even sure it is... But boy am I annoyed at how frequently that is used too.
I don't know if misspelled on purpose, but I think the original name is a more accurate description than the typo (Discourse). Because it sure does create a lot of discord (disagreement and lack of harmony)
You might as well go to the Arch Linux forums or Stack Overflow. Where someone will berate you for bringing up an already discussed topic that is difficult to search for. And to rub salt into the wound, they almost never provide the cross-link...
Back on topic (kinda):
Man, I really do wish Signal would allow you to pin or bookmark messages. It sure beats the cluttered chaos of scrolling, searching, or forwarding to Notes To Self (which lacks a cross-link back but at least gives you precise search queries).
8 hours ago
Yes, and only recently did I learn that Discord has a 100 join limit, so yea for everyone in the universe locking themselves in an anti-automation limited platform. As show-stoppingly annoying as joining every single Slack workspace in the universe is, at least they didn't ban my email after 100 workspaces
I actually sponsor Zulip because that's the world I want to live in: sane threading, public HTML views of the chats, Apache 2 licensed, and a "we host it for you" for Open Source communities
---
Back in the olden days, I actually would have submitted a PR to introduce that new behavior, but their "fuck you, it's our project" taught me that it's source available more than open source for any meaningful version of that
8 hours ago
It makes me wish Keybase was still a thing. They had a slack like platform that was E2EE. It still exists but idk, do we trust Zoom? Maybe it is still a better option.
But thanks, I'll look into Zulip. Sounds like it has things I want
8 hours ago
I used keybase for the longest time (one can still see the proofs on my various profiles) but eventually the app would hang so much I convinced my network to move to Signal. I still don't know why Zoom didn't cut the technology loose since they seemed to just have acquihired keybase and didn't try to fold it into Zoom or do anything except let it bitrot
7 hours ago
That’s not a typo. They’re complaining about Discourse.
The signal forums that guy linked are from a Discourse instance/forum. Discourse is a platform to build forums.
7 hours ago
Oh thanks for the correction, I didn't realize the underlying program was called Discourse. I think my joke still stands, but I do appreciate the correction.