1) I think Signal is really bad at communicating with its community. Especially being an open source project I think it is important to be open in communication. I wish they wrote more blog posts and were announcing these things through blog posts (I really miss those blog posts, even the non-Moxie ones. They made it feel more communal and like you understood Signal's vision. Ultimately, that builds trust, which is ironically necessary when building trustless systems). Creates a good way to succinctly explain what the feature is, the end goal, and so on. You can easily add a cross link to any forum discussions. But jesus fucking christ, I really hate these private communities. No one likes making random accounts just to submit bug reports and it is a little insulting to make devs do it when GitHub exists (I can get why they do this but there might just be no optimal solution...). But man, the Signal community is particularly bad and off-putting...
I'll add that this is an extra pain point being a security app. It should be expected that Signal users are suspicious of Signal. That should even be encouraged! But lack of communication often breeds conspiracies. People not knowing even a high level road map start believing that Signal is doing nothing while asking for money. It's a small team, so of course it is slower, but just a bit of transparency can do a lot to mitigate this. You don't need full blown PR, but PR to the tech nerds does seem necessary at this stage (can become general public when your average tech nerd is convinced Signal is more secure than Telegram and understand that Signal and Matrix are not solving the same problems). Right now it is the tech nerds that spread the conspiracies and the infighting just ends up making apps like WhatsApp more inviting. We're usually bickering over technical mostly non-issue things[0]
2) The post mentions
> The ability to dynamically offload media so that Signal takes up less space on your phone, while still letting you download that media on the fly if you scroll back.
But my point here is kinda about trying to better reach out to the community. I get that listening to users is noisy, but truth is that Signal's lack of metadata means they have fewer insights into user desires and concerns. Fortunately, Signal has more technically minded users than most apps, but there's no real good communication path with them. Honestly, I think there are dozens of good ideas in their community forums that go missed. Big reason I hate these community forums is that they also use popularity as a proxy for user desire. But requiring login makes that noisy as well as many features are going to be things people want but don't know they want, especially when there's some technical aspect involved. Here's a few examples:
[4] "Airdrop": User presented an "Airdrop" like feature which benefits them, reduces Signal's bandwidth costs, and could ultimately create a pathway forward to decentralization if they decide to go that way.
[5] Link Sanitization: This is straight up a privacy feature! You know when you share a YouTube link? Strip everything after the "?" because that's just tracking data. (You could solve the false positive issue by a default setting to sanitize or not and long press to get unsanitized link. Plenty of solutions to that). But Firefox and other privacy preserving platforms already have some solution to this. Signal really does need this to meet its own goals, and even naive users benefit from just a more visually appealing link (shorter)
[0] Guarantee to see a reply doing this. Which is fine, this is HN, its a space where we can do technical bickering.
[1] When I export data, I get unique dupes and when I delete data my storage responds appropriately. Could be how storage is determined, but I strongly lean towards these being unique copies.
[2] https://btrfs.readthedocs.io/en/latest/Introduction.html
[3] If any Android or iOS engineers are reading this, please, for the love of god give us this. Should make security better too since you can do subvolumes and encrypt those. I'm sure Signal would love to get containerized and encrypted subvolumes. Hell, fucking containerize each app! Big security win. (I'm sure there are issues and I genuinely would love to hear what they are. Please educate me, this is not my domain but I'd like to know more)
[4] https://community.signalusers.org/t/signal-airdrop/37402
[5] https://community.signalusers.org/t/clean-sent-links-strip-t...
Also, I don't know if Discourse was dropped in its head as a baby but only through some determined use of the mouse wheel could one possibly discover that there are ... I don't even know ... unlimited additional pages of discussion hiding in that thread. Infinite scroll wasn't designed to be taken literally, holy shit
At least with "Page 1 of 8675309" one can know in advance that they should pull up a chair. I guess the UX pattern is "hover over the '1h ago' URL to see the page number, n00b"
But, back on topic:
> We chose not to exclude all disappearing messages because
uh-huh, so kind of defeats the purpose of disappearing if they're preserved, eh?
I don't know if misspelled on purpose, but I think the original name is a more accurate description than the typo (Discourse). Because it sure does create a lot of discord (disagreement and lack of harmony)
You might as well go to the Arch Linux forums or Stack Overflow. Where someone will berate you for bringing up an already discussed topic that is difficult to search for. And to rub salt into the wound, they almost never provide the cross-link...
Back on topic (kinda):
Man, I really do wish Signal would allow you to pin or bookmark messages. It sure beats the cluttered chaos of scrolling, searching, or forwarding to Notes To Self (which lacks a cross-link back but at least gives you precise search queries).
I actually sponsor Zulip because that's the world I want to live in: sane threading, public HTML views of the chats, Apache 2 licensed, and a "we host it for you" for Open Source communities
---
Back in the olden days, I actually would have submitted a PR to introduce that new behavior, but their "fuck you, it's our project" taught me that it's source available more than open source for any meaningful version of that
But thanks, I'll look into Zulip. Sounds like it has things I want
The signal forums that guy linked are from a Discourse instance/forum. Discourse is a platform to build forums.
Someone told them online chat was Hyperbolic and they took it literally.
Funny because YouTube is exactly the example I would use for the URL parameters being important. I frequently send links to specific times in the video using the `t` parameter.
Sure, it'll happen to small sites too but there's solutions. Like always being able to restore or working with the community to create whitelists like you would for YouTube. Or enable a user generated whitelist and make it sharable. There's a lot of solutions here
I dont think this changes anything, in regards to a malicious(/incompetent) recipient.
They can, and maybe they do. We can't really verify whether their servers run only what's published on GitHub (remember the MobileCoin gap? [1]).
> What do they gain by getting it through backups?
They don't need to capture the messages through backups, but the feature is a plausible reason for the users to foot the storage bills. Maybe the donations are not enough.
[1]: https://www.androidpolice.com/2021/04/06/it-looks-like-signa...
Concerns that were all dismissed when the insecure pin system was introduced because only contacts and settings were hosted, not content. ...
It's already known that users can't choose secure passwords even without UI that tries hard to encourage an insecure choice and that the rare ones that are secure are the ones that also get lost/forgotten. As a cryptosystem "user chooses and remembers a key" is known to be broken. So backup to the cloud really just means "hand to NSA with already known broken encryption".
I really want the backups to stream off to my own version of the backup service, and do the neat deferred media thing which would be great for keeping long range archives (i.e. by letting them get picked up by my server's regular snapshot to backblaze).
This is rather impractical if you have a lot of content in Signal, which I do because my family use it extensively to send photos and videos (which is the sort of thing you generally really want to backup).
If you are alleging that Apple's own local Finder/Itunes backup of an iPhone includes Signal messages, that's not true, against reasonable user expectations, by Signal's own design choices.
Anyone who's counting on such local backups to save their histories is in for the same rude surprise I and many others have hit unaware:
https://www.reddit.com/r/signal/comments/1hgukpg/backup_and_...
No option has ever existed on iOS, despite the recent announcement assuring users "Local backups still exist". They've never existed for iOS users!
I trust Signal but I find this quite basic compared to just how much thought/work went into the Signal protocol comparatively.
* Backups are structured so that the Signal service cannot associate a backup with a given user.
* Payments are structured so that the Signal service cannot associate a payment with a given user.
ggm•7mo ago
I merely observe that there's a duty cycle here across data which states and providers have to dance through each time.