A PoW could limit bots too. Require say 30 seconds of work before your registration submits. For regular users that isnt to bad. For bots its a PITA to get tons of accounts
Edit: tor uses PoW as DDOS protection and its helped massively
For each account you register, you have to do 30 seconds worth of work. So to register one account, you do 30 seconds worth of work. To register 100 accounts, you do 100*30 or 3000 seconds (50 minutes) worth of work. Registering tens of thousands of accounts then becomes unfeasible.
Exactly! ANYTHING THAT CAN COMPUTE CAN DO IT. Few things have a uniquely identifying piece of information with other levels that are barriers to entry...like a phone number. The idea is to STOP bots from signing up to Signal.
It's ALSO possible to generate virtual phone numbers for a small cost.
Using a cryptographic PoW is a different small cost.
Either way, it only takes a small cost to prevent mass bot registration.
You're treating processing power and time as if it is 100% free just because it can be done in a VM. But it doesn't matter if it is a VM. It is still going to require at least some certain threshold of processor time, and that processor time has a real cost. For the kind of place that can just spin up thousands of VMs and use it to do massive bot registration... they could just be mining bitcoins instead.
It's not just whether you can do this. It's how much value it has vs what ELSE you could be doing with the time and energy. A Signal account is already worth vanishingly little as a spam tool, they just need to give it enough of a cost to make it not worthwhile.
If preventing Jimmy Bumfuck from spinning up a couple sock puppets is your fear, yeah, PoW systems don't help. But those are rarely the problem.
For a phishing scam or astroturf operation to be worth it, you need tens of thousands of accounts all running the same script. Those get filtered hard by PoW systems.
Phone validation works just as well, and stops Jimmy Bumfuck from making sock accounts. But now every user must be stapled to a phone number. Maybe that's a worthwhile trade to you, but it sure doesn't seem to be to everyone replying to you.
It was the original purpose of the bitcoin algorithm to limit spam.
If you have to do a lot of maths that takes your computer (for example) 30 seconds, that means it costs 30 seconds of compute to create an account. Nothing to an average user, for a spammer that wants thousands of accounts it gets expensive.
Several captcha[0] libraries already use this and it's great for accessibility (normal captchas are terrible for it)
Because it's not. I can spin any number of emulators or VMs that do any amount of work with a simple script, but that's all it does. How does it prove I'm anything but a scripted, virtual instance of a person with a device?
There's a reason why Telegram is flooded with bots, Signal as of now has not been.
I thought peoples big problem with it was not wanting to give others their number to use signal? Like I meet Joe Blog online and don't want to give him my real number to chat.
Personally, I care about the phone number requirement not because I don't want to reveal it to Signal servers, but because it limits access to Signal for people in countries that block their SMS service - registration messages just don't arrive
I thought peoples big problem with it was not wanting to give others their number to use signal?
The issue is that giving your phone number to Signal Messenger LLC is giving it to others, and therefore not keeping it private in the usual sense of the word.
Some people may be unconcerned about a corporation knowing their number vs. their contacts knowing their number, but that doesn't diminish the misleading aspect of this headline.
Putting a SIM card in a phone exposes it to enormous surface area of attack. People have been asking to register with anonymous emails instead of a phone number, like Wire has had for years
Wrong, it still keeps it private but not anonymous. It's not the same concept and for most thread models knowing that you use Signal is not really an issue, especially since with this feature no one can check if you have one if you don't give them your username unless they have access to Signal servers in which case they still have nothing except the knowledge that you have an account.
They do a lot of work to keep your phone number private, or at least any data that is tied to it. This username upgrade is solely for someone to communicate over Signal without needing to hand over your phone number.
For example, you can now be in group chats with internet strangers by just giving them your username.
On top of that, once MLS is adopted, you can communicate with other messengers as well.
About time!! Been waiting for this for so long. This will definitely make the usability of Signal better and it'll also be more accessible to people who wanted a Telegram like way to talk to other folks. Requiring a number to still register isn't a bad thing in my eyes though sometimes it can be frustrating so I hope that there's an option to create an account without a number. Maybe the account will have finite time before it's auto-deleted if you don't input a number some time later to ensure that this option isn't abused to all hell by bots and malicious actors alike.
its a sensible choice because many potential implementers hae been dissuaded by the anxiety attached to risks of giving out phone number. (harrassment, stalker, spammer, scammer) . the telephone system has paralyzed itself in fear. yet we all keep buying their shit.
Maybe the account will have finite time before it’s auto-deleted if you don’t input a number some time later to ensure that this option isn’t abused to all hell by bots and malicious actors alike
we're already banning bots, thus effectively making them time-limited.
Yet we still have bots and spam on there. This sadly won't work.
I think its great. Its for people who simply don't want to share their phone number with other people which is a huge privacy concern, as you can find out a lot about a person by looking up info connected to their phone number.
Matrix/Element is slower than shit. I don't understand why anyone recommends this.
Session is also slow but that's not even a problem because I don't know anyone who's even heard of it, much less used it, and that's mostly because it doesn't have phone numbers.
At least some people I know are on Signal and I can easily discover them by phone #. Or at least I used to.
Been using matrix as my primary communication method (including bridges to other networks for things like Slack and WhatsApp) for over 3 years now, doesn't feel slow?
I can only tell you my experience using several different softwares across several different hardwares across several different servers on several different networks.
At some point I got fed up with waiting 10-20 seconds for new messages to load every time I opened the apps.
Might need to check your setup. But, I will concede that after 2 years in - a point at which the DB grew into something massive, what with the massive Matrix rooms I was idling in - I started to notice slowdowns. The whole sliding sync proxy thing (with the new generation Element X clients) fixed everything.
You shouldn't be having 10-20 second syncs with a new deploy (and limiting the amount of massive rooms your users can join, depending on your hardware), might be something awry relating to your config. If you're absolutely certain it's not that, check out the sliding sync proxy until it gets merged into the main spec - it's great.
I've just told you I've "checked my setup" a thousand times. I've also stated dozens of people also agree with me. So either you put some fancy wizardry into your system or you're just in denial.
Either way, I'm done being gaslighted and trying to fix a "setup" that don't exist.
Sorry man, I don't know what to tell you. I've got a pretty medium end VPS on which I host my Matrix instance - only had to add an extension for storage after the first few years when the DB got too big. Things were never as bad as you said early on, and as time passed I absolutely got to the point where it would take 10-20 seconds to sync - but this was after 2 years or so of constant use.
The reason why it takes long is because of the size of the sync payload - logically, for a new server/user, this really shouldn't be that big (unless you're in rooms like Matrix HQ). So, genuinely, look into optimization: postgres, your web server (nginx, apache, caddy), and limiting your users from accessing "problematic" rooms.
Barring that just deploy the sliding sync proxy and be done with it. It's not really a problem that requires you to attempt it a thousand times.
So either you put some fancy wizardry into your system or you’re just in denial.
It's called pure Debian, baby. Also, you'll need a decent chunk of RAM if you don't have that yet. Avoid a pagefile if you can.
Is Session actually secure though? I know they're based in Australia, and as an Aussie myself, holy fuck would I not trust this country for even a fraction of a picosecond with anything private or sensitive. We have some of the world's most draconian and far-reaching digital privacy and surveillance laws, and I'm not ready to accept that Session hasn't been secretly compromised by the AFP, given the law against revealing government backdoors.
Happy to be proven wrong, but I always err on the side of extreme caution when it comes to Australia. Digitally, we're closer to the CCP than any of our fellow western nations.
I'm not the person you responded to, but the Assistance and Access Act 2018 is probably a good place to start. Here is a page from the Aus Government about it, but the very short version is that the government can ask tech providers to assist them with building capabilities into their systems to allow the government to access data to help with the investigation of certain crimes. In some cases these will be voluntary requests, in other cases they will be requests that must be fulfilled, including asking providers to add capabilities that the government has developed.
There's a lot more detail about it, and the government insists that they won't ask providers to create systematic weaknesses or to decrypt communications entirely, but it's not clear to me exactly how those ideas are actually implemented. Unfortunately, much of the process (likely the entire process) is not made public, so as far as I'm aware there aren't any good examples of requests that the government has made and what sorts of things have or haven't been implemented.
Thanks for the warning -- that was my first question. It is my top reason (among many other reasons) for avoiding Signal.
Checkout Matrix/Element or Session,
All 3 of the sites you linked are Cloudflare sites (thus antithetical to privacy). Yes, I know you can use some of that tech without touching CF, but when they run CF websites it reveals hypocrisy & not understanding the goals of their audience.
If that's a concern you could also always use Threema, which has been built from the ground up to use anonymous random IDs and optionally lets you link a phone number or e-mail address to that ID. The company has also won important court cases against having to store metadata preemptively and responding to blanket requests by law enforcement.
I never heard about Threema before,
quickly glanced at it's Github repo,
but I think I prefer Matrix/Element over it.
Threema seems to largely rely om GMS (Google Messaging Service),
meaning that most messages will go through Google's servers,
albeit end-to-end encrypted for now,
I would not be suprised if Google would participate in "Harvest now, Decrypt later".
There's actually an option to turn GMS off entirely if that's a concern (Settings-->About-->Advanced). It comes at the cost of slightly increased battery usage. Sadly Google does have a bit of a monopoly on mainstream Android there.
Having said that, the messages themselves should never pass Google's servers, just a packet saying "check your Threema server, there's new stuff waiting for you."
I would love to use Signal more, but I have it for only 1 friend. No one else I know uses it. And the fact that they don't support SMS is I imagine a large contributing factor.
(Yes, I know SMS is inherently insecure & unprivate, but having that support is a good way to get users' foots in the door, and also what good is a totally secure platform if no one uses it?)
I still luckily have a nice group of friends using Signal but I agree that dropping SMS support was a mistake. There was a good issue explaining why dropping SMS support was bad on their GitHub: https://github.com/signalapp/Signal-Android/issues/12560
In hindsight it's sad how very right he was. Now when I think "I want to send Alice a message", I just go to the app I know will work, instead of trying to remember if Alice still uses Signal too.
It's never too late. "Back then", when I started using Signal (called TextSecure), only one other single friend used it. Nowadays, almost all my personal contacts use it. Every additional Signal user adds a contact in someone other's address book as a potential Signal contact. It just takes time. Good luck!
In my region everyone uses Facebook Messenger. And if you don't use it, to contant people that won't install an app for you (like meeting you for first time), the only option is SMS.
I mean to be honest to only reason to use messengers is just costs, I wish SMS where as cheap as internet flatrates... But that might very well be a regional issue too
This is VERY debatable because statements that broad are almost always false. There is no need to have a cellular->IP->cellular bridge for 1:1 communication involving more servers, more service providers. If anyone wanted to they could implement at least the 1:1 signal protocol and probably even the messaging layer security protocol on top of SMS to get e2ee group communications.
Nobody wants to because cell providers sell SMS for horrendous prices compared to internet access.
There's anonymity and privacy. This keeps you private from other users, and they already keep you private from themselves other than the initial sign up. What this service isn't, and never has been, is anonymous. They don't want that and there are big usability issues with an extended anonymous user base. Decide for yourself what you need
Specifically, anonymity is confidentiality of identity. Confidentiality is part of privacy, which is a broad concept. So when a tool or mechanism works against anonymity, it works against privacy. It may not work against a privacy aspect that you care about, but it’s privacy nonetheless.
I'm still just so furious at Signal management for removing compatibility with other text apps. I used to be constantly growing my Signal network, now it's a slowly shrinking rump that I never add anyone to.
Right, the idea was that you could use Signal as your SMS app, and so whenever there was someone else doing the same you'd automatically upgrade to Signal. Whereas now I never have those auto-upgrades, any new contact I am just stuck on SMS with.
In my opinion, relying on upgrading users automagically to an encrypted and secure protocol isn't good practice. If someone wants to use an encrypted chat, they should do so consciously. It will only cause confusion otherwise.
Do people still use SMS these days though anyway?
I would have thought iMessage, RCS and separate chat apps like Whatsapp, Signal and WeChat would have largely replaced SMS by now.
In my opinion, relying on upgrading users automagically to an encrypted and secure protocol isn’t good practice. If someone wants to use an encrypted chat, they should do so consciously. It will only cause confusion otherwise.
This is my theory for why they ditched this feature - the ultra-concerned about privacy superusers don't approve of its messiness, even though in practice it's the main engine for user growth.
Do people still use SMS these days though anyway?
I would have thought iMessage, RCS and separate chat apps like Whatsapp, Signal and WeChat would have largely replaced SMS by now.
SMS, MMS, iMessage and RCS are all compatible with each other and mostly used interchangeably and are the main way people text each other (in the US anyway). You just have a phone number, and when people text it with any of those formats you receive the message and respond the same way.
This is a big complaint for me. I know that there is the official standalone APK, but if I am running a de-Googled phone, I want to be able to use Signal and have it update on a regular basis.
signal.org
Top