Signal has been a good option because you can get “normal” people to use it, which hasn’t been true for many of the alternatives (except Telegram, but that’s a mess).
The problem is that it was easier to get people to move to Telegram since it had an abundance of features compared to WhatsApp which was compelling for the average person that doesn’t care about encryption. Signal doesn’t have any of these features that make it enticing for the person.
Chronographs@lemmy.zip
on 21 Jun 09:05
nextcollapse
If you quickly uninstall it because you don’t know anyone using it it sounds like you’re part of the problem. If someone you know installs it to try it out that’s one less person they see as well. Personally I got the vast majority of my friend group to move to it years ago by just saying like “hey Facebook sucks we should move to signal”. If you don’t want to do that should at least leave it installed it’s not like it’s taking up much space
pheonixdown@sh.itjust.works
on 21 Jun 09:18
nextcollapse
Signal used to be the best answer to this conundrum, since it would use its own internal protocols if it could or fall back to SMS if it couldn’t, unfortunately they decided to drop SMS support a few years ago, citing users that sent sensitive information not realizing they were using SMS (that always felt kinda flimsy). I really disliked this change, because it raised the difficulty of adoption, from just getting people to replace their default app with Signal to making them manage multiple apps.
Now though, you basically need to advocate socially for the change you want to see in the world. Anecdotally, I started using Signal when they still supported SMS to talk with 1 friend group, and eventually convinced most of my closest family groups to also use it, many after SMS support was dropped. Apart from 1 tech illiterate elderly couple and 1 extended family member, I haven’t received any personal (non-company related) text messages in like 5 months.
The sad truth is that the majority of people are treating WhatsApp exactly as a social network. It is there to send memes and stickers. See what others are up to without having to interact. Then mindlessly scroll through reels. Ocassionally purchase something via chat with a corporate bot.
After Trump was elected and inaugurated, Signal has finally been gaining some steam here in the Netherlands.
It’s still an American company, so it’s not ideal. But it’s still significantly better better than letting a tech giant like Facebook have control over the most commonly used chat app.
WhatsApp needs to go and Signal is the most likely way in which we can achieve that. We can worry about the American elephant in the room later.
Kualdir@piefed.social
on 21 Jun 09:20
nextcollapse
Sadly many still don't want to switch. My most active chats are in signal now but the large majority of chats are still on whatsapp
I have a non-official chat group with some colleagues, and a chat group for the neighbourhood that are not likely moving just because I am refusing to use Whatsapp. It would just result in me missing out on those chat groups.
Currently I just have both installed, and that is also how I try to convince people to install and try out Signal.
Yeah, but Threema has basically no momentum behind it at all at this point.
I’m putting my social capital behind the option that currently stands the most chance of beating out Whatsapp
You can help making it stronger. That’s what I did in Germany: if people want to contact me, I usually give them my Threema ID first, everything else comes later.
But my goal is not to move to Threema, my goal is to move away from Whatsapp.
Signal fits the bill while expending far less social capital convincing people to use it.
Which hype? Matrix as a protocol is used for a decade now, especially by various big governments (French, Luxembourg and German governmental messenger, various German states, German and Polish armed forces, German healthcare messenger, various smaller projects in Latin America), is bridgeable (I currently have it bridged to Whatsapp and Signal amongst others) but I really don’t see a hype - on the contrary I only see people predicting me the immediate apocalypse of Matrix for 5 years now, currently due to matrix.org (one of a hundred instances) introducing a premium account model for the most cost intensive (heavily media sharing)users.
(See below for that).
ornery_chemist@mander.xyz
on 22 Jun 14:02
nextcollapse
FYI, while Threema front-end clients (apps) are open-source (and offer reproducible builds, which is surprisingly uncommon in open-source land), the server component, though supposedly audited, remains closed-source.
EDIT: for comparison, the Signal server code is mostly open source, but things like the spam filter are closed.
America is not a monolith. Signal’s developers are very much aware of the risks of operating there and probably already have several escape plans given recent developments. I also think five-eyes probably has access but getting it might be computationally expensive.
uniquethrowagay@feddit.org
on 22 Jun 18:13
collapse
Signal is based in America but it’s a non profit organization, not a company. Important difference
But being based in the United States it is still subject to American laws, and that comes with the risk of potential American spying and embargoes. Software from any American entity (be it coorporation or non-profit) comes with that risk.
When you've been around a while, you begin to notice certain trends.
This particular trend being the one where the young, bright, ethical start-up turns into the sort of monster they originally rallied against, ensh*ttifying their product and spouting all the same reasons for it.
Signal is relatively young, bright and ethical. The cynic says "for now".
Quazatron@lemmy.world
on 21 Jun 11:32
nextcollapse
That’s pretty much the only advantage of getting old.
That’s a risk, and a reason I’d like to see something federated succeed in this space. Unfortunately neither Matrix nor XMPP has managed to achieve quite the level of UX necessary for mainstream adoption, nor have the average person’s tech skills and comfort level improved.
Signal’s status as a well-funded nonprofit gives me hope that the current situation is reasonably stable.
yessikg@lemmy.blahaj.zone
on 22 Jun 21:59
collapse
I’m sure there are several I would consider fine for me.
I’m skeptical that they can be fine for someone who doesn’t know what federation means, isn’t especially upset that a handful of megacorporations control most human communication, and already finds the fact that I’m asking them to use anything different from what they’re used to annoying. XMPP has more things for the end user to think about than Signal does even if a client is very polished.
Signal is very actively and directly working to pioneer a new financial model for long term software business stability that does not rely on surveillance capitalism. Your experience with young companies enshittifying into monsters is the natural cycle for the surveillance economy, and if Signal does eventually go that way it will be a profound disappointment, but I expect the foundation would rather die first. Check out this interview from last year with the president of the Signal Foundation for more depth on that.
Overdramatic blog post,sorry. I can’t stand the whole “fremmium” crybabies that then literally recommend the next freemium or “non transparent funding model” service… And don’t understand the fundamental difference between the Protocol and one of its implementations.
Matrix as a protocol is solid and is used far beyond the Matrix messenger. (e.g. the French and German governmental messenger, the German healthcare messenger,various armies,etc.)
With a lot of commits coming from there - but not enough funding,that is definitely an issue.
The current issue with Freemium is solely limited to the matrix.org instance. There are hundreds of federated instances out there that aren’t Freemium and won’t have the need to go that way as they are funded differently.(e.g. the Lemmy Instance I am currently writing from, feddit - we are financed through other means)
As they are federated it doesn’t matter - and honestly, I personally tend to see this as a good thing - it will lead users away from matrix.org towards other instances, making the whole network more reliable and decentralized.
There are two other issues that are relevant, though:
The way the foundation is run is not ideal, definitely - there are and were issues and I am not happy with some management decisions, but at least they are getting somewhat better recently (government board). The whole protocol does not evolve as fast as it should be and this is an issue,especially as a it also affects bug fixing.
As an executive for a (much smaller) company myself I see management issues and infighting due to lack of leadership within the foundation and I am not happy with that.
The second issue is Element as a company that does things companies do - focus on making money. This in theory would be a good thing if Element would send enough money AND effort upstream to seriously bring the whole project forward. For a long time this seemed to be the case,but licensing issues and the “stale” development off Element X(Matrix 2.0) has me questioning that as well - but recent changes show us hope in that regard.
We also need to carefully reconsider if element is keeping too much"closed" source code for monetized features and what influence VC really has.
In conclusion: We need better leadership for Matrix,more transparency and more funding.
The good news is: It doesn’t mattter too much - if the current foundation fucks up and goes belly up it is not the end of Matrix - the protocol is decentralized enough and the licencing of the core components permissive enough for another (better?) foundation to start over. There are dozends of clients available and we have alternative servers available by now.
The funding part nevertheless is my major pet peeve here.
All around Europe governments try to get rid of US tech - and use Matrix protocol based products. But they hardly if ever fund that. If Germany, France, Poland and Luxembourg (the big users) would give 5€ per year for each client they implement all issues with funding would be gone, Matrix 2.0 would be available in a few months, VC could be pushed out of elements AND they could mandate more transparency.
The issue with funding is relevant for all NGOs and especially in tech. Running servers costs a fuckton of money.
Signal has a respectable amount of backers but is a centralized protocol and when Trump does something shady moneywise their infrastructure,money and possibly even people will be gone within 24 hours.
Threema has a more sustainable business model but Switzerland is,well, difficult, in terms of privacy and intelligence services overreach, especially towards traffic pointing to foreign servers or hosts.
Revolt is a centralized service with no federation,limited selfhosting capabilities,with unclear funding(we are waiting for a financial transparency report for ages now).
Polyproto is still not quite there feature wise and funding, etc. is unclear.
Delta Chat is indeed an option but has massive technical limitations.
That leaves XMPP as the sole big competition if you want non-centralised, non-US based, privacy friendly, messaging.
Arcane2077@sh.itjust.works
on 21 Jun 11:18
nextcollapse
I like Signal. I even got all my close friends and family on it, specifically to message me because I won’t use whatsapp. The PIN reminders are annoying it enough to be legitimately holding it back from mass appeal imho
Typotyper@sh.itjust.works
on 21 Jun 11:33
collapse
The fact that it’s opt-out is already a reason to push people away from the app
Typotyper@sh.itjust.works
on 21 Jun 11:46
collapse
I think it was meant as a security feature in case someone picked up your unlocked phone. It perhaps someone cracked your front screen passcode.
I know if you forget your password and have to reset it you lose all previous conversations. It’s very secure this way. Bit of a pain… but secure.
Arcane2077@sh.itjust.works
on 21 Jun 12:01
collapse
That’s not even what it is lol.
And as the other commenter alluded to, defaults matter. You’re not replacing the thing everyone is already using by pitching “here’s an alternative that is better in ways which don’t affect your usage at all, and also you have to dig into the settings to turn off the optional daily popups”
Yeah someone who cares enough about security to switch to Signal in the first place will be willing to go into the settings to get everything just the way they like it, but everybody else will only keep the app if it doesn’t bug them.
Don’t let perfection stand in the way of good enough
It may not be the holy grail, but moving away from Meta-owned Whatsapp is already a pretty significant improvement
I agree and it would be much better if people would use Signal instead of WhatsApp, but I think there’s still one problem.
Due to how messaging platforms work, every time you switch you lose pretty much everything (messages, media, etc)
This makes switching very hard even for a nerd like me, because if Signal is not “perfect” it means that I will have to switch again at some point and lose everything again.
foggenbooty@lemmy.world
on 21 Jun 14:59
nextcollapse
I’ve been using Signal for years and my database was getting really bloated with media, attachments, etc but I didn’t want to delete it all. I used this and it’s incredible:
Just make a backup from within signal, copy that backup file to your PC, then run this tool. The commands I used make an HTML webpage that looks just like the signal messenger, along with a way of searching your messages. You can choose different commands to export however you like.
Thats a problem with silos (where one owner hosts all the servers) in general. You will have to switch the entire ecosystem once the inevitable enshitification sets in. It’s a good idea to switch to something open source and federated (where many different non profit organisations and even self hosting individuals host many different servers).
That way you can migrate your history and contacts to another server of necessary but never have to switch the ecosystem again. Think it how email works, it’s the best known federated system. If you don’t like you email provider anymore you can just chose another one and still keep your contacts and messages on a client like Thunderbird forever.
Xmpp and matrix are the hottest candidates in my opinion, but you can check the messenger matrix that was linked in a comment above to see what suits you best.
Sure, but if I switch from Signal to another potentially better messaging app down the line my chat history will get fragmented
Plebcouncilman@sh.itjust.works
on 22 Jun 11:08
collapse
Can I ask why are you so attached to your message history? I recently lost my entire WhatsApp history and it hasn’t made any difference in my life to be honest.
mathemachristian@lemmy.blahaj.zone
on 21 Jun 14:05
collapse
original_reader@lemmy.zip
on 21 Jun 15:41
collapse
Most of the alternatives mentioned have such low adoption that they aren’t truly viable options yet - no matter how much we wish otherwise.
And I say that not as a critic - I actually use Matrix, XMPP, and Jitsi myself. But guess how many of my friends, family, or colleagues are on them?
Exactly.
That’s why I recommend Signal. At least there, people are likely to find folks they already know.
herseycokguzelolacak@lemmy.ml
on 21 Jun 11:38
nextcollapse
I don’t use Signal because they don’t release the app in F-Droid. Signal devs refuse to release the app outside of Google Play Store, which is very evil.
laughingsquirrel@discuss.tchncs.de
on 21 Jun 11:59
nextcollapse
You can download the APK once from the website, after that it updates automatically.
signal.org/android/apk/
herseycokguzelolacak@lemmy.ml
on 21 Jun 17:02
collapse
I know I can. But the hostility of Signal devs to open source and F-Droid makes me uncomfortable. Why use an app with such hostility?
I use obtainium to install it and it works flawlessly. The reason they don’t publish it elsewhere is due to licences and push notifications iirc
AmbiguousProps@lemmy.today
on 21 Jun 13:06
nextcollapse
You can use Molly from F-Droid. They even have a full FOSS version that you can set up a self hosted notification socket for, to avoid Google Firebase.
No. WhatsApp came first, but later adopted Signal’s key exchange and encryption. WhatsApp was an independent company for years and had rejected several acquisition offers, but $19 billion is a big number.
One of WhatsApp’s founders is now chairman of the Signal Foundation and a major financial backer of the project.
It used to function as a fallback SMS/MMS messenger (like how iMessage does) but when Google started moving to convert Android from SMS/MMS to RCS Signal made the hard decision to cut the fallback functionality rather than follow Google’s new framework.
I personally hope once the dust settles Signal designs a RCS engine and restores the fallback functionality.
Yeah killing the sms function was basically a deal breaker for me, no matter how much I tried I could only get three people to use Signal, the rest were all sms. When the sms feature was removed 2 of the 3 dropped Signal completely, so now the only person I know who still uses it is my mom and even she still flips back and forth between Signal and Google messages when texting me.
I still have Signal on my phone and suggest it people when they ask how to contact me, but everyone just wants to text my phone number.
exactly. so I’m wondering what the purpose is for its need.
(edit: apologies- the phone number. needing the phone number.)
FooBarrington@lemmy.world
on 21 Jun 22:56
collapse
What? You use a secure messenger to send secure messages. It doesn’t make sense for a secure messenger to offer sending insecure messages (SMS).
Edit: oh, you’re probably referring to why it requires a phone number. This seems to be due to abuse/spam prevention, as otherwise creating new accounts to spam people with is basically free.
Spam prevention? Ive got spam on Signal. Having your phone number be the barrier of entry doesn’t make Signal a flawless app.
and considering i can just plug a google voice number in, I’m not sure its the best barrier.
FooBarrington@lemmy.world
on 22 Jun 10:01
collapse
Spam isn’t a binary issue, where it either exists or doesn’t. It could very well be the case that, without requiring a phone number, there’d be far more spam (since it’d be far easier to automatically create new accounts).
Again, do you have a better suggestion for spam & abuse prevention?
And still, aside from that - it doesn’t really make sense to expect Signal to offer SMS integration just because it requires a phone number for spam prevention, when offering this integration would be detrimental towards the mission of Signal (offering secure messages).
it does make sense, actually. as they had that function when the app was first around. why do you think they have you sign up with a phone number in the first place?
also, it’s not on me to solve every technical hurdle you make up. if you want to learn more about Spam Prevention methods, I can point you to some resources if you’re truly interested.
I’m sorry that not everyone thinks Signal is a god app worthy of worship. its a message app, and its not the only one. it does stuff some people don’t like. including me.
FooBarrington@lemmy.world
on 22 Jun 16:13
collapse
why do you think they have you sign up with a phone number in the first place?
Again, spam & abuse prevention. We’ve been over this.
I’m sorry that not everyone thinks Signal is a god app worthy of worship. its a message app, and its not the only one. it does stuff some people don’t like. including me.
I’m not saying that Signal is a god app worthy of worship, I’m saying it’s detrimental for them to include SMS functionality, since that’s fundamentally insecure. That’s literally why they removed it. Is that so hard to understand?
nope I fully understand it. completely. and when they removed it, they removed my need for their app. as suddenly I went from being able to message everyone, to being able to message just 2 people.
it no longer fits my needs. so it isn’t used by me or by both of the people that were leftover after the sms turn off. as they had the same reaction I did.
so that’s that, I suppose.
romantired@shibanu.app
on 21 Jun 14:36
nextcollapse
telegram much better
original_reader@lemmy.zip
on 21 Jun 15:32
collapse
The main differences between a regular chat and a secret chat in Telegram, from a security standpoint, are:
End-to-End Encryption
• Regular Chat: Messages are encrypted client-server-server-client, meaning Telegram servers can technically access the content.
• Secret Chat: Messages are end-to-end encrypted, so only you and the recipient can read them. Not even Telegram can decrypt them.
Cloud Storage
• Regular Chat: Messages are stored in the cloud. You can access them from any device logged into your Telegram account.
• Secret Chat: Messages are device-specific and not stored in the cloud. They can only be read on the devices where the secret chat was initiated.
Self-Destruct Timer
• Regular Chat: No self-destruct functionality.
• Secret Chat: You can set a self-destruct timer for messages after they’re read.
Forwarding
• Regular Chat: Messages can be freely forwarded.
• Secret Chat: Messages cannot be forwarded.
Screenshots
• Regular Chat: Screenshots are not restricted or notified.
• Secret Chat: Telegram tries to prevent or notify about screenshots (depends on the OS).
Summary:
Use secret chats if you need maximum privacy, as they’re more secure and don’t rely on Telegram’s servers to store message content. However, they’re less convenient because you lose cloud sync and multi-device support.
How about Delta Chat? At least as secure as Signal, open source, and decentralized.
ornery_chemist@mander.xyz
on 22 Jun 15:01
collapse
Not saying that it’s necessarily a bad option, but my biggest issue with delta chat is that it does not offer forward secrecy (if a user’s private key is compromised, past messages can be revealed); Signal does. Delta no question beats signal in decentralization, though email is less decentralized than it seems–how many people do you know who still use gmail? Delta also inherently leaks metadata on whom you’re communicating with to the email host (that’s just imap/smtp). Signal can mitigate this somewhat with Sealed Sender (which gives one-way anonymity), though it can be broken with statistical analysis, and signal metadata is more identifying due to requiring a phone number.
Basically Signal but without the weakness of a phone number & runs on a Tor-like network. It’s still a work-in-progress thing but you CAN use it to send messages
Der_Fossyler@feddit.org
on 21 Jun 15:15
nextcollapse
I like the comparison and prefer simplex as an replacement to Signal in the Future.
Self hosted Matrix Servers are a good idea aswell if you have the money and knowledge.
Vanilla_PuddinFudge@infosec.pub
on 22 Jun 11:10
collapse
Xmpp is far lighter on resources and not ran by a company with funding issues.
kokomo@lemmy.kokomo.cloud
on 21 Jun 22:04
collapse
network_switch@lemmy.ml
on 21 Jun 15:13
nextcollapse
Ya it’d be better if it didn’t require a phone number but it’s a solid start as it’s build up a user base over the past decade. Matrix is good but I know far less people that use it and it’ll be a long time of growing with nerdy/geeky communities before it starts getting more mainstream users
Could you explain a bit? I see main issue with Signal (though I’m not an expert, and they’re not strictly related to security): it’s centralized (and the server isn’t even open-source).
The question is also a lot about your threat model right?
DreamlandLividity@lemmy.world
on 22 Jun 01:28
collapse
The encryption being crap really does not depend on the threat model. Sure, in some threat models you may not need e2ee at all but in that case, what’s wrong with WhatsApp?
The issue with XMPP is that security really was an afterthought. Not only is e2ee an optional extension, but there are actually 2 incompatible extensions, each with multiple versions. Then you have some clients not implementing either, some clients implementing the older, less secure one. Some implement the newer one but older version of the spec with known issues. And of course, the few clients that implement it well become incompatible with other clients that don’t if you enable e2ee, so it is disabled by default.
That is all before you start looking into security audits or metadata harvesting.
Vanilla_PuddinFudge@infosec.pub
on 22 Jun 11:18
collapse
Your reasoning would hold up if 80% of xmpp wasn’t running on Conversations or forks of it, that all support OMEMO and OpenPGP.
Your criticisms are too broad with few serious negatives. What makes extensions powerful is that they can easily change the rules without breaking the underlying system. If your client sucks, get another?
You have choices, but if your problem is metadata, whoooo boy.
DreamlandLividity@lemmy.world
on 22 Jun 12:46
collapse
So much cope you didn’t even notice no one mentioned matrix. We are comparing XMPP with Signal.
Your reasoning would hold up if 80% of xmpp wasn’t running on Conversations or forks of it
Also, you really think saying only 20% of your chats are insecure is somehow making it better?
Vanilla_PuddinFudge@infosec.pub
on 22 Jun 16:46
collapse
That’s their problem. If their messages aren’t encrypted, it isn’t like you won’t be aware of it. Request that they use a modern client and get with the times. None of this is an actual problem without easy solutions.
DreamlandLividity@lemmy.world
on 22 Jun 21:34
collapse
Then let us know when they are solved. Until then, I have a lot more hope in matrix than XMPP. They at least seems to be making progress in the right direction, although they are not there yet either.
Wish more of my contact list would switch over to Signal. It’s nearly the same. I don’t see why it’s so hard for some people to just start using Signal instead of WhatsApp.
Oh well.
Kekzkrieger@feddit.org
on 21 Jun 17:03
nextcollapse
Because people are beyond stupid. “i dont want to download another app” - while having an app for almost every other store and bullshit game and whatever
The exit plan from WhatsApp is quite simple. Start by installing Signal and setting it up – it takes only a couple of minutes. Then, resume any WhatsApp conversations on Signal if that person is already a Signal user. If they are not, then switch to regular text messaging and gently suggest to that person to switch over to Signal.
Sadly for me, this doesn’t really work for some relatives as
They live abroad and the cost of sending text messages abroad is not insignificant
Some are so tech un-savvy that even installing a new app by themselves is too much.
All I can do for those relatives is to leave WhatsApp installed but take away basically every permission I can, including running in the background.
NewNewAugustEast@lemmy.zip
on 21 Jun 22:43
nextcollapse
They live abroad and the cost of sending text messages abroad is not insignificant
Signal is free just like whats app. For text, calls, and video.
NewNewAugustEast@lemmy.zip
on 21 Jun 22:45
nextcollapse
They live abroad and the cost of sending text messages abroad is not insignificant
Signal is free just like whats app. For text, calls, and video. So that isn’t a problem.
I too have friends and family in different countries, one of which is crazy about whatsapp. I simply tell them this is how we are going to do things now, and walk them through it. It is not hard. If they can’t do it, well then we don’t need to communicate this way. Whatsapp is not an option. It is that simple.
Signal is not capable of SMS and quite a lot of people still use it.
yes, i know SMS isn’t secure at all. but if the option is “keep in touch with close family” or “don’t keep in touch” they will probably choose the former if they want to keep that.
NewNewAugustEast@lemmy.zip
on 22 Jun 00:00
collapse
I would rather SMS than use WhatsApp. But even then if my family is far away, why am texting them at all very often? With the time zone differences I’ll call or email, or nothing. It’s weird how people got along just fine with letters that took weeks and suddenly we now need instant communication for some reason?
How is that weird? You can be fine with suboptimal stuff, and recognize it’s suboptimal. Some people like their relatives and wished they could talk together more readily. Letters were just the fastest (while economical) method of doing that for a while.
we used to be fine with candles and stinky lanterns filled with perfectly good kerosene too. who tf needs electricity? 🤨
on the topic of family connection, I can’t speak to your family experience. only my own. and our family group chat is pretty damn active.
NewNewAugustEast@lemmy.zip
on 22 Jun 03:45
collapse
Did you get everyone to settle on the same thing, like Signal? We are spread out over about 8 countries, and with all the different phone numbers and plans, we use various methods, with several of us on Signal. Some on whatsapp, some on messenger. So we are not coordinated enough for a group chat. Which is fine, I dont really need to know everything all the time, we catch up when can, or get into small video chats occasionally. Luckily we do tend to physically see each other somewhat frequently.
no we are all on different platforms. half are on android and half are on apple which is irritating. so sadly the sms is our best tool to hit everyone at the same time with any urgency.
NewNewAugustEast@lemmy.zip
on 22 Jun 19:31
collapse
sms is not even an option for us; international texting costs a lot. Some people don’t even use a phone, they rely on internet connected devices only. Trying to coordinate all of this gets complicated fast.
weirdly my first thought just now was “wouldn’t it be cool if we could federate this somehow”. have a single (or a handful) of secure communication protocol(s) so that users could just choose the app with the UI they liked best and be done with it.
…then I realized I just essentially invented matrix and that already exists. lol. but yeah the issue is getting everyone to the same place.
its impossible to get some people to move from a platform they’ve used for over a decade in most cases.
InfiniteHench@lemmy.world
on 22 Jun 00:25
collapse
How did they get WhatsApp installed? Is a FaceTime or other video option available? Never give up, never surrender
I wish I could do this, but trying to convince people to ditch an app they’ve never had problems with and where they all have their family, friends, work groups and school groups already mashed together, how do you convince them? Its not even about me convincing my friends or family, its about everyone else doing the same and when everyone has so many contacts in WhatsApp, that number starts to snowball real quick. Its just not feasible to try and explain this to someone who literally doesn’t care. I mean even though I myself know what Meta is and how Zuck is complete asshole, I still can’t switch off of WhatsApp because nobody I know is on Signal and I’d just be alone there. What’s the point? WhatsApp is pretty much the first app anyone installs on their phone (regardless of platform), they’re not gonna switch now.
Yep. I know the details. I’m tech savvy enough, but I use what my contacts use, and I’m not leaving WhatsApp. Same goes for youtube. The content I consume is there. There is no suitable alternative until the content creators switch. It’s not really about the technology at all.
I will say it again just so it’s stated.
People are not going to move to another service unless they can obviously see the benefit in moving to that service. People who are not technically inclined (that doesn’t mean stupid) are not going to see the benefit.
Don’t be rude about people you don’t know anything about. Don’t insult their intelligence just because they’re not as interested in a very niche area of technology as you are.
spoiler
>Why are you friend with stupid people?
Also note that if you are going to be rude about people you know nothing about, you had better check your grammar
VintageGenious@sh.itjust.works
on 24 Jun 19:28
collapse
What I said is that smart people can be convinced to move to another platform. Most of my friends are not technically inclined, but it was easy to make them use it, at least to chat with me.
What you did is change “smart people” with “people who already want to move”, which is not the same. You then said it’s not something you can choose (as you cannot choose to be rich). But I answered that you can actually choose your friends.
Never did I say people who are not interested in niche technologies are not smart. My statement can be rephrased in an equivalent statement “people who cannot be convinced to change are not smart”, and I stand to it.
There’s nobody on Signal, that’s the problem. If I want to miss out on all of my group conversations, work conversations, messages between myself and others, then yeah, I can switch. But if I want to receive any messages at all, I have to keep WhatsApp installed.
I simply deleted my WhatsApp and moved to signal. Just did it.
People installed the app, at least the ones that cared about staying in touch. Which was most everyone I cared about staying in touch with. A few of my friend groups also moved the group chat to signal, though all of them do have other ones with the people who didn’t care enough to move too, but I hear it isn’t that big a deal, they had multiple groups before and will have in future, doesn’t really feel like any extra hassle they say.
It’s been fine. No problems. I’ve had more trouble trying to explain to my extended family why I’m no longer posting on instagram. Those I never had in WhatsApp either back in the day, so they “stayed in touch” by watching my pictures I suppose. But I just consistently tell people they can reach me always via signal or plain old sms.
I guess the biggest thing to be scared about would be fomo for most, but I don’t really care enough, I’ve got so much going on already that it’s more of a blessing that I don’t have to be involved in every conversation or meme sharing or whatever.
It really gets so easy after simply switching. Just do it and that’s that. The people worth anything come with you, it’s just another app and another group chat or personal chat. Most already have discord and the meta messenger whatever its name is these days anyway. I know zero people with only one messenger/chat app and unsplintered groups across them. It’s not a big chore, and if it is, there’s always sms.
I guess the biggest thing to be scared about would be fomo for most
I don’t mind missing out on some things, but I would mind missing out on literally all of the things. Everyone is on WhatsApp and trying to convince people to switch to a different app when, from their perspective, their current app has over 99% uptime, their kids, their family, their extended family, their friends, all are on WhatsApp. Its the same for me, its everyone. Its just a different situation in Europe.
WhatsApp is pretty much the first app anyone installs on their phone
Is this really the case?
Maybe it’s a regional thing. I’m in the northeast US, and nearly everyone I know uses Facebook Messenger as their main form of communication, even people who don’t touch Facebook at all. I hate Messenger for the same reasons that people hate WhatsApp, but I still have to use it because my entire social circle does. If I want to message someone outside Messenger without giving my phone number out, I use my Google Voice number.
I’ve only ever used WhatsApp to talk to work contacts overseas, and I’ve only ever used Signal to talk to paranoid drug dealers, which is a use case that’s mostly been replaced by Telegram now.
Outside of North America, most other countries’ use WhatsApp as a choice for personal and business uses is WhatsApp. Rest are mostly dominated by Facebook messenger. Excluding China which has WeChat domestically.
How Meta was ever allowed to buy WhatsApp without triggering anti-trust laws is beyond me.
Many of my European and South American friends are having a hard time because that’s where all their families and friends back home are, and it’s hard to get them to use something new, especially the older folks.
In my region in Europe, it really is. EVERYONE uses WhatsApp. I’m not sure the last time I saw someone use SMS, its all WhatsApp. iOS, Android, its all there.
peteyestee@feddit.org
on 22 Jun 04:45
nextcollapse
Vanilla_PuddinFudge@infosec.pub
on 22 Jun 11:07
collapse
I believe in it,… for now.
I moved my family group to xmpp to have more personal control over our chats. Signal seems benevolent, but I’ve seen this play out before. Will it stay that way? We treat online forums with the idea that federstion works to stop enshittificstion. I believe XMPP is a good model for federating secure chatrooms for the same reason: People should control the voices of the people, not companies.
I am so excited to see people embracing xmpp! I’ve been using it since 2010 and I was really bummed when my company got swallowed up by a huge conglomerate and we were forced to use their shitty proprietary one.
I will switch to signal when I can avoid installing stuff on bunch of my devices. Until web version is available, sorry it hard for me to switch and for me to convince other people to switch.
ChaoticEntropy@feddit.uk
on 22 Jun 09:32
nextcollapse
I would like nothing more, but so few of my contact group are willing to switch away… despite all of Meta’s bullshit. I resent being made to use it whilst their AI/ads encroach further and further.
so a centralized American messenger enshitified, lets switch to the next centralized American messenger, it surely will not enshitify in the future, lets ignore the actual problem, what could go wrong
Jaberw0cky@lemmy.world
on 22 Jun 09:41
nextcollapse
My wishlist is an app which is not linked to a phone number, is multi platform and has a web app. It should be none US and open source. That isn’t too many requirements and yet nothing seems to full fit the bill? Anyway good luck trying to get school parent’s groups to use something other than WhatsApp.
smiletolerantly@awful.systems
on 22 Jun 11:46
nextcollapse
XMPP/Jabber via a web client like movim.eu sounds like it ought to work!
You can also look into Snikket as a host for small groups like friends or family, but can continue to use the Movim web client even if you’re hosting with Snikket rather than Movim itself.
Humans are too stupid to switch from convenience to slightly less convenience even if they get privacy for free. Any amount of discomfort is too much and changing an app is basically death.
Vanilla_PuddinFudge@infosec.pub
on 22 Jun 11:02
collapse
They see no value in it. They don’t see that privacy is proactive measure that can protect you.
On Facebook, especially in my family, accounts get lost and hacked. One fine day, it might be someone with more influence in the family who’s attacker might make off with stolen bank information or passwords.
but “that’ll never happen”, right?
FireIced@lemmy.super.ynh.fr
on 22 Jun 11:16
nextcollapse
IMO the best on-boarding I have seen in a chat app. Just scan each other’s QR codes or click a link. No account management because ID is unique to each conversation.
Signal and WhatsApp need a phone number, Matrix/Element is needlessly messy, XMPP/Conversations is sensible IIRC (ID + password)
declanruediger@aussie.zone
on 22 Jun 13:48
nextcollapse
You can use Signal with a different client. Signal being operated within the US has no effect. As of now the jurisdictions that I know of to be worried about are:
The White House both in Trump’s first term and in Biden’s presidency were pro-encryption. Signal and Tor were US government funded projects. That’s not to say the US is great on encryption, and there have been laws in the past that did/were proposed to limit it. But, as of now, it seems that the US is (edit: one of) the most hospitable jurisdictions for encrypted messaging non-profits.
BTW, I’m not saying using Tox is bad, or that Signal is good, I’m just talking about the US jurisdiction part.
Can you advise, which one would be a good one? Because I actually use Signal too, it’s just misbehaving a lot recently.
I have had endless difficulties with Signal forcing upgrades on me and requiring to sign in on the phone, under threat of deactivating my account (I use it on a PC).
raynethackery@lemmy.world
on 22 Jun 14:04
nextcollapse
TIL I have no family I care to keep in touch with and I have no friends.
But_my_mom_says_im_cool@lemmy.world
on 22 Jun 14:24
nextcollapse
How do we know signal isn’t also run by a techbro who just wants our data?
hackitfast@lemmy.world
on 22 Jun 16:30
nextcollapse
I don’t think that the founders are bad people. If you look at their history of work, they have done enormous amounts of work in the computer security sector. The founder, however, did run a cloud based WPA cracking service.
Meredith Whitaker, who is the president, used to work at Google doing research for “issues related to net neutrality measurement, privacy, security, and the social consequences of artificial intelligence”.
In 2018 she then staged walkouts at Google over concerns of sexual misconduct and citizen surveillance.
The people on Signal’s board seem to be trustworthy people with a pretty airtight background. You have to worry more about the mobile operating system compromising you than do you about Signal.
Yes, you can use their exact build environment straight from GitHub. You can also use Molly.im which is another app that i think is a fork? Im still investigating it.
I think it’s by request. the fdroid team build every single app in their repos which means that they are not always fully up to date, so signal argues that whenever they need to push a security release people on froid would take forever to update.
I think I’ve had this issue with simplex. I’ve had to wait over 2 weeks for an update. That’s why I’m using obtanium for it instead
I went from Telegram to WhatsApp. That was enough to annoy my people.
You know and I was the biggest smack talker of apple and I got the 16 pro just to get encryption when talking to my mom and husband. I can see why people like these things.
But it does feel very basic coming from a long time Samsung user.
Steven_T_Baxter@lemmy.world
on 22 Jun 21:57
nextcollapse
Compare with Zangi Private Messenger. Yes, every country who has jurisdiction has access. Just ask yourself, which gov do I trust more with my private chats?
The irony of you posting this on lemmy, which won’t allow posting from a VPN or masked email addresses is not lost on me.
The amount of hoops I had to jump through to make this comment and maintain some semblance of privacy is infuriating but at least it’s not reddit I guess?
But do go on about your security standards…
Edit: BTW, you can set signal to hide your number completely. Combined with FOSS-based encryption keys on-device makes signal the only choice for trying to maintain freedom of expression globally.
Nothing will protect anyone from messaging with a snitch who knows how to screenshot though. Food for thought… get to know your neighbors now.
It doesn’t matter if you hide the number; at some point they deanonymized you when you signed up.
Want to be a dick about “hoops”? Get a number that isn’t traceable. It can be done, but it’s tough. I doubt its possible in the countries that really need anonymity of association.
Deanonymized isn’t a risk with end-to-end FOSS-governed encryption (as compared to Meta’s mysterious backend that manages keypairs for whatsapp and messenger). Sealed Sender can even obfuscate the metadata of the recipient for further snooping hurdles. Nothing is perfect, and any participant can silently ex-filtrate conversation data with another camera.
Thanks, appreciated. I installed Nord on my linux box as well, then set that to openvpn technology and obfuscated servers which worked. I’d prefer to use their quantum-proof encryption but there’s no way to bypass VPN checks if one sets that. I think it’s a mistake on lemmy’s part to even put that hurdle up, but it is what it is. Having one’s real world identity tied to social media is a risk going forward. Data is the enemy.
They DID put that roadblock in place. That’s kinda my point. You have to loosen a VPN’s security to post here (as I’ve had to do to reply). It says “no posting from VPN” in the lower left if one uses more advanced/secure encryption. They also don’t allow account creation from masked email platforms like fastmail.
When they dropped sms support I was no longer able to convince people to migrate to signal.
Before I could make the argument that you need one sms app anyway so that app might just as well be Signal instead of the one that comes preloaded with your phone. That way people would gradually get more and more secure messaging as time went on. When sms support was dropped, Signal could not replace an existing app and adding another messing app is much less appealing than replacing one.
threaded - newest
.
Signal has been a good option because you can get “normal” people to use it, which hasn’t been true for many of the alternatives (except Telegram, but that’s a mess).
The problem is that it was easier to get people to move to Telegram since it had an abundance of features compared to WhatsApp which was compelling for the average person that doesn’t care about encryption. Signal doesn’t have any of these features that make it enticing for the person.
If you quickly uninstall it because you don’t know anyone using it it sounds like you’re part of the problem. If someone you know installs it to try it out that’s one less person they see as well. Personally I got the vast majority of my friend group to move to it years ago by just saying like “hey Facebook sucks we should move to signal”. If you don’t want to do that should at least leave it installed it’s not like it’s taking up much space
.
Signal used to be the best answer to this conundrum, since it would use its own internal protocols if it could or fall back to SMS if it couldn’t, unfortunately they decided to drop SMS support a few years ago, citing users that sent sensitive information not realizing they were using SMS (that always felt kinda flimsy). I really disliked this change, because it raised the difficulty of adoption, from just getting people to replace their default app with Signal to making them manage multiple apps.
Now though, you basically need to advocate socially for the change you want to see in the world. Anecdotally, I started using Signal when they still supported SMS to talk with 1 friend group, and eventually convinced most of my closest family groups to also use it, many after SMS support was dropped. Apart from 1 tech illiterate elderly couple and 1 extended family member, I haven’t received any personal (non-company related) text messages in like 5 months.
The sad truth is that the majority of people are treating WhatsApp exactly as a social network. It is there to send memes and stickers. See what others are up to without having to interact. Then mindlessly scroll through reels. Ocassionally purchase something via chat with a corporate bot.
.
After Trump was elected and inaugurated, Signal has finally been gaining some steam here in the Netherlands.
It’s still an American company, so it’s not ideal. But it’s still significantly better better than letting a tech giant like Facebook have control over the most commonly used chat app.
WhatsApp needs to go and Signal is the most likely way in which we can achieve that. We can worry about the American elephant in the room later.
Sadly many still don't want to switch. My most active chats are in signal now but the large majority of chats are still on whatsapp
If you leave WhatsApp, your chats will usually follow.
Not all of them.
I have a non-official chat group with some colleagues, and a chat group for the neighbourhood that are not likely moving just because I am refusing to use Whatsapp. It would just result in me missing out on those chat groups.
Currently I just have both installed, and that is also how I try to convince people to install and try out Signal.
There is threema, a Swiss messenger that gained some popularity earlier since they had end to end encryption before whatsapp.
Unfortunately the source code is not open (even though they do get annual audits with public reports), and the client costs 3 EUR or something (once).
They also offer Threema Libre on F-Droid for all us folks who degoogled their phone
Yeah, but Threema has basically no momentum behind it at all at this point.
I’m putting my social capital behind the option that currently stands the most chance of beating out Whatsapp
Threema has a pretty big momentum in some countries.
Which?
Switzerland. ;-)
Then by all means keep that momentum going. I’m just looking at this from a Dutch perspective, where Signal is seeing by far the most growth.
You can help making it stronger. That’s what I did in Germany: if people want to contact me, I usually give them my Threema ID first, everything else comes later.
But my goal is not to move to Threema, my goal is to move away from Whatsapp.
Signal fits the bill while expending far less social capital convincing people to use it.
And Switzerlands records in terms of privacy sadly is far worse than most people think - even with the last attack being repelled.
Matrix (preferably on a non-matrix.org instance) currently is the preferable non US and privacy friendly way.
I don’t know - this hype about Matrix reminds me of XMPP which was similarly popular a decade ago. Today, nobody even remembers it anymore.
Pepperidge farm remembers, and so do I. Lots of people I know use XMPP (Cheogram, Dino, etc).
Which hype? Matrix as a protocol is used for a decade now, especially by various big governments (French, Luxembourg and German governmental messenger, various German states, German and Polish armed forces, German healthcare messenger, various smaller projects in Latin America), is bridgeable (I currently have it bridged to Whatsapp and Signal amongst others) but I really don’t see a hype - on the contrary I only see people predicting me the immediate apocalypse of Matrix for 5 years now, currently due to matrix.org (one of a hundred instances) introducing a premium account model for the most cost intensive (heavily media sharing)users. (See below for that).
Until Facebook buys them like they did with WhatsApp…?
Wrong.
threema.com/en/why-threema/open-source
FYI, while Threema front-end clients (apps) are open-source (and offer reproducible builds, which is surprisingly uncommon in open-source land), the server component, though supposedly audited, remains closed-source.
EDIT: for comparison, the Signal server code is mostly open source, but things like the spam filter are closed.
Thanks.
And I didn’t know Signal had spam filters. It makes sense to not make that open source.
In my circle of 20 there has only been one instance of spam over several years. 3 of us got the same message.
That's just the client, the server architecture is what really matters.
Thanks, yeah someone else said similar here.
America is not a monolith. Signal’s developers are very much aware of the risks of operating there and probably already have several escape plans given recent developments. I also think five-eyes probably has access but getting it might be computationally expensive.
Signal is based in America but it’s a non profit organization, not a company. Important difference
But being based in the United States it is still subject to American laws, and that comes with the risk of potential American spying and embargoes. Software from any American entity (be it coorporation or non-profit) comes with that risk.
It’s ethical because it runs on donations and has a non-profit business model.
Meta likely spends at least $1 billion a year running WhatsApp.
Please donate to Signal if you use it.
For now anyways lol
What does this mean
When you've been around a while, you begin to notice certain trends.
This particular trend being the one where the young, bright, ethical start-up turns into the sort of monster they originally rallied against, ensh*ttifying their product and spouting all the same reasons for it.
Signal is relatively young, bright and ethical. The cynic says "for now".
That’s pretty much the only advantage of getting old.
That’s a risk, and a reason I’d like to see something federated succeed in this space. Unfortunately neither Matrix nor XMPP has managed to achieve quite the level of UX necessary for mainstream adoption, nor have the average person’s tech skills and comfort level improved.
Signal’s status as a well-funded nonprofit gives me hope that the current situation is reasonably stable.
Several XMPP clients look perfectly fine
I’m sure there are several I would consider fine for me.
I’m skeptical that they can be fine for someone who doesn’t know what federation means, isn’t especially upset that a handful of megacorporations control most human communication, and already finds the fact that I’m asking them to use anything different from what they’re used to annoying. XMPP has more things for the end user to think about than Signal does even if a client is very polished.
Signal is very actively and directly working to pioneer a new financial model for long term software business stability that does not rely on surveillance capitalism. Your experience with young companies enshittifying into monsters is the natural cycle for the surveillance economy, and if Signal does eventually go that way it will be a profound disappointment, but I expect the foundation would rather die first. Check out this interview from last year with the president of the Signal Foundation for more depth on that.
How about matrix?
Don‘t.
Overdramatic blog post,sorry. I can’t stand the whole “fremmium” crybabies that then literally recommend the next freemium or “non transparent funding model” service… And don’t understand the fundamental difference between the Protocol and one of its implementations.
Matrix as a protocol is solid and is used far beyond the Matrix messenger. (e.g. the French and German governmental messenger, the German healthcare messenger,various armies,etc.) With a lot of commits coming from there - but not enough funding,that is definitely an issue.
The current issue with Freemium is solely limited to the matrix.org instance. There are hundreds of federated instances out there that aren’t Freemium and won’t have the need to go that way as they are funded differently.(e.g. the Lemmy Instance I am currently writing from, feddit - we are financed through other means) As they are federated it doesn’t matter - and honestly, I personally tend to see this as a good thing - it will lead users away from matrix.org towards other instances, making the whole network more reliable and decentralized.
There are two other issues that are relevant, though: The way the foundation is run is not ideal, definitely - there are and were issues and I am not happy with some management decisions, but at least they are getting somewhat better recently (government board). The whole protocol does not evolve as fast as it should be and this is an issue,especially as a it also affects bug fixing. As an executive for a (much smaller) company myself I see management issues and infighting due to lack of leadership within the foundation and I am not happy with that. The second issue is Element as a company that does things companies do - focus on making money. This in theory would be a good thing if Element would send enough money AND effort upstream to seriously bring the whole project forward. For a long time this seemed to be the case,but licensing issues and the “stale” development off Element X(Matrix 2.0) has me questioning that as well - but recent changes show us hope in that regard. We also need to carefully reconsider if element is keeping too much"closed" source code for monetized features and what influence VC really has. In conclusion: We need better leadership for Matrix,more transparency and more funding.
The good news is: It doesn’t mattter too much - if the current foundation fucks up and goes belly up it is not the end of Matrix - the protocol is decentralized enough and the licencing of the core components permissive enough for another (better?) foundation to start over. There are dozends of clients available and we have alternative servers available by now.
The funding part nevertheless is my major pet peeve here. All around Europe governments try to get rid of US tech - and use Matrix protocol based products. But they hardly if ever fund that. If Germany, France, Poland and Luxembourg (the big users) would give 5€ per year for each client they implement all issues with funding would be gone, Matrix 2.0 would be available in a few months, VC could be pushed out of elements AND they could mandate more transparency.
The issue with funding is relevant for all NGOs and especially in tech. Running servers costs a fuckton of money.
Signal has a respectable amount of backers but is a centralized protocol and when Trump does something shady moneywise their infrastructure,money and possibly even people will be gone within 24 hours.
Threema has a more sustainable business model but Switzerland is,well, difficult, in terms of privacy and intelligence services overreach, especially towards traffic pointing to foreign servers or hosts.
Revolt is a centralized service with no federation,limited selfhosting capabilities,with unclear funding(we are waiting for a financial transparency report for ages now).
Polyproto is still not quite there feature wise and funding, etc. is unclear.
Delta Chat is indeed an option but has massive technical limitations.
That leaves XMPP as the sole big competition if you want non-centralised, non-US based, privacy friendly, messaging.
That blog post was my reason to double down on Matrix.
Why?
signal not being on fdroid is a strike against them
Fair. There is Molly on fdroid if you like.
Molly is great.
Can’t find it though
Forgot- you gotta add their repo.
molly.im/fdroid.html
It is though. I currently use Signal installed through F-Droid. You just need to add a separate repository.
Signal is on F-Droid.
You can always install a release of any Android APK from a git repo using Obtainium.
Signal releases
i dont use whatsapp that much anyways
I like Signal. I even got all my close friends and family on it, specifically to message me because I won’t use whatsapp. The PIN reminders are annoying it enough to be legitimately holding it back from mass appeal imho
Turn them off
The fact that it’s opt-out is already a reason to push people away from the app
I think it was meant as a security feature in case someone picked up your unlocked phone. It perhaps someone cracked your front screen passcode. I know if you forget your password and have to reset it you lose all previous conversations. It’s very secure this way. Bit of a pain… but secure.
That’s not even what it is lol.
And as the other commenter alluded to, defaults matter. You’re not replacing the thing everyone is already using by pitching “here’s an alternative that is better in ways which don’t affect your usage at all, and also you have to dig into the settings to turn off the optional daily popups”
Yeah someone who cares enough about security to switch to Signal in the first place will be willing to go into the settings to get everything just the way they like it, but everybody else will only keep the app if it doesn’t bug them.
They are monthly not daily popups. They are daily at the start kust to make sure you memorize your PIN, then they peter off.
However if you ignore a monthly one then it doesn’t disturb you until the next monthly reminder. What is the point of a PIN if it can be ignored?
Proprietary servers is still proprietary software
Don’t let perfection stand in the way of good enough
It may not be the holy grail, but moving away from Meta-owned Whatsapp is already a pretty significant improvement
Be careful with that ol’ Chestnut. Circumstances may dictate perfection, where less than such may be catastrophic.
In that case it wouldn’t be “good enough”. But I don’t think this is such an all-or-nothing situation.
I agree and it would be much better if people would use Signal instead of WhatsApp, but I think there’s still one problem.
Due to how messaging platforms work, every time you switch you lose pretty much everything (messages, media, etc) This makes switching very hard even for a nerd like me, because if Signal is not “perfect” it means that I will have to switch again at some point and lose everything again.
I’ve been using Signal for years and my database was getting really bloated with media, attachments, etc but I didn’t want to delete it all. I used this and it’s incredible:
github.com/bepaald/signalbackup-tools
Just make a backup from within signal, copy that backup file to your PC, then run this tool. The commands I used make an HTML webpage that looks just like the signal messenger, along with a way of searching your messages. You can choose different commands to export however you like.
I used:
So while this doesn’t help you move off your current messenger, you don’t have to worry that your data/messages will be lost in Signal.
Thats a problem with silos (where one owner hosts all the servers) in general. You will have to switch the entire ecosystem once the inevitable enshitification sets in. It’s a good idea to switch to something open source and federated (where many different non profit organisations and even self hosting individuals host many different servers). That way you can migrate your history and contacts to another server of necessary but never have to switch the ecosystem again. Think it how email works, it’s the best known federated system. If you don’t like you email provider anymore you can just chose another one and still keep your contacts and messages on a client like Thunderbird forever. Xmpp and matrix are the hottest candidates in my opinion, but you can check the messenger matrix that was linked in a comment above to see what suits you best.
Well said, the problem really is that Signal isn’t federated. I’m keeping an eye on Matrix for now.
You can save any media you care about. And Signal can backup your chats if that history is important to you.
Sure, but if I switch from Signal to another potentially better messaging app down the line my chat history will get fragmented
Can I ask why are you so attached to your message history? I recently lost my entire WhatsApp history and it hasn’t made any difference in my life to be honest.
dessalines.github.io/essays/why_not_signal.html
Most of the alternatives mentioned have such low adoption that they aren’t truly viable options yet - no matter how much we wish otherwise.
And I say that not as a critic - I actually use Matrix, XMPP, and Jitsi myself. But guess how many of my friends, family, or colleagues are on them?
Exactly.
That’s why I recommend Signal. At least there, people are likely to find folks they already know.
I don’t use Signal because they don’t release the app in F-Droid. Signal devs refuse to release the app outside of Google Play Store, which is very evil.
You can download the APK once from the website, after that it updates automatically. signal.org/android/apk/
I know I can. But the hostility of Signal devs to open source and F-Droid makes me uncomfortable. Why use an app with such hostility?
I use obtainium to install it and it works flawlessly. The reason they don’t publish it elsewhere is due to licences and push notifications iirc
You can use Molly from F-Droid. They even have a full FOSS version that you can set up a self hosted notification socket for, to avoid Google Firebase.
I don’t know, the GrapheneOS folks say that F-Droid is a potential security catastrophe.
You can find Molly from Accrescent (and apparently also from F-Droid if you must use that), which is not so much a security catastrophe.
Wasn’t WhatsApp essentially built from Signal’s base protocol anyway? Why use the meta clone when the original is right there?
No. WhatsApp came first, but later adopted Signal’s key exchange and encryption. WhatsApp was an independent company for years and had rejected several acquisition offers, but $19 billion is a big number.
One of WhatsApp’s founders is now chairman of the Signal Foundation and a major financial backer of the project.
Thanks!
A truly ethical replacement would not need a phone number
And would have FOSS implementations of reference server & client + an openly specified protocol.
Like Matrix.
Matrix still has it’s problems. All the meta data is still saved on every server permanently.
There is still space to improve from there.
And it would have as much spam as email.
signal requires a phone number and won’t even allow you to send sms to those that aren’t on signal.
its better, but still not great.
It used to function as a fallback SMS/MMS messenger (like how iMessage does) but when Google started moving to convert Android from SMS/MMS to RCS Signal made the hard decision to cut the fallback functionality rather than follow Google’s new framework.
I personally hope once the dust settles Signal designs a RCS engine and restores the fallback functionality.
Yeah killing the sms function was basically a deal breaker for me, no matter how much I tried I could only get three people to use Signal, the rest were all sms. When the sms feature was removed 2 of the 3 dropped Signal completely, so now the only person I know who still uses it is my mom and even she still flips back and forth between Signal and Google messages when texting me.
I still have Signal on my phone and suggest it people when they ask how to contact me, but everyone just wants to text my phone number.
If you need to send sms to someone not on signal, why not just send them an sms
if they need my phone number to have an account anyway, they can offer both.
i dont need more apps that do the same thing. i need less.
It’s arguably a very bad idea for a secure messenger to also provide an SMS interface, since those are basically cleartext
exactly. so I’m wondering what the purpose is for its need.
(edit: apologies- the phone number. needing the phone number.)
What? You use a secure messenger to send secure messages. It doesn’t make sense for a secure messenger to offer sending insecure messages (SMS).
Edit: oh, you’re probably referring to why it requires a phone number. This seems to be due to abuse/spam prevention, as otherwise creating new accounts to spam people with is basically free.
using the phone number is still a pretty unnecessary risk, imho.
there’s no real need for it any longer.
Do you have a better approach to prevent spam in mind? Without a barrier of entry it becomes a serious issue.
Spam prevention? Ive got spam on Signal. Having your phone number be the barrier of entry doesn’t make Signal a flawless app.
and considering i can just plug a google voice number in, I’m not sure its the best barrier.
Spam isn’t a binary issue, where it either exists or doesn’t. It could very well be the case that, without requiring a phone number, there’d be far more spam (since it’d be far easier to automatically create new accounts).
Again, do you have a better suggestion for spam & abuse prevention?
And still, aside from that - it doesn’t really make sense to expect Signal to offer SMS integration just because it requires a phone number for spam prevention, when offering this integration would be detrimental towards the mission of Signal (offering secure messages).
it does make sense, actually. as they had that function when the app was first around. why do you think they have you sign up with a phone number in the first place?
also, it’s not on me to solve every technical hurdle you make up. if you want to learn more about Spam Prevention methods, I can point you to some resources if you’re truly interested.
I’m sorry that not everyone thinks Signal is a god app worthy of worship. its a message app, and its not the only one. it does stuff some people don’t like. including me.
Again, spam & abuse prevention. We’ve been over this.
I’m not saying that Signal is a god app worthy of worship, I’m saying it’s detrimental for them to include SMS functionality, since that’s fundamentally insecure. That’s literally why they removed it. Is that so hard to understand?
nope I fully understand it. completely. and when they removed it, they removed my need for their app. as suddenly I went from being able to message everyone, to being able to message just 2 people.
it no longer fits my needs. so it isn’t used by me or by both of the people that were leftover after the sms turn off. as they had the same reaction I did.
so that’s that, I suppose.
telegram much better
By features, yes. By 10 miles.
Privacy? It isn’t driving anymore at this point.
any proofs?
blog.cryptographyengineering.com/…/telegram-is-no…
To get encryption one must start a “secret chat”. It’s an opt-in! Regular users will not even know the option exists, that’s how well hidden it is.
Regular chats? Plainly readable on the server.
The main differences between a regular chat and a secret chat in Telegram, from a security standpoint, are:
End-to-End Encryption • Regular Chat: Messages are encrypted client-server-server-client, meaning Telegram servers can technically access the content. • Secret Chat: Messages are end-to-end encrypted, so only you and the recipient can read them. Not even Telegram can decrypt them.
Cloud Storage • Regular Chat: Messages are stored in the cloud. You can access them from any device logged into your Telegram account. • Secret Chat: Messages are device-specific and not stored in the cloud. They can only be read on the devices where the secret chat was initiated.
Self-Destruct Timer • Regular Chat: No self-destruct functionality. • Secret Chat: You can set a self-destruct timer for messages after they’re read.
Forwarding • Regular Chat: Messages can be freely forwarded. • Secret Chat: Messages cannot be forwarded.
Screenshots • Regular Chat: Screenshots are not restricted or notified. • Secret Chat: Telegram tries to prevent or notify about screenshots (depends on the OS).
Summary:
Use secret chats if you need maximum privacy, as they’re more secure and don’t rely on Telegram’s servers to store message content. However, they’re less convenient because you lose cloud sync and multi-device support.
How about Delta Chat? At least as secure as Signal, open source, and decentralized.
Not saying that it’s necessarily a bad option, but my biggest issue with delta chat is that it does not offer forward secrecy (if a user’s private key is compromised, past messages can be revealed); Signal does. Delta no question beats signal in decentralization, though email is less decentralized than it seems–how many people do you know who still use gmail? Delta also inherently leaks metadata on whom you’re communicating with to the email host (that’s just imap/smtp). Signal can mitigate this somewhat with Sealed Sender (which gives one-way anonymity), though it can be broken with statistical analysis, and signal metadata is more identifying due to requiring a phone number.
Anyone using Session? I finally got most of my friends and family on Signal so I’m not gonna switch but I just heard about it, seems pretty good.
Basically Signal but without the weakness of a phone number & runs on a Tor-like network. It’s still a work-in-progress thing but you CAN use it to send messages
Have a look here: www.messenger-matrix.de/messenger-matrix-en.html
I like the comparison and prefer simplex as an replacement to Signal in the Future. Self hosted Matrix Servers are a good idea aswell if you have the money and knowledge.
Xmpp is far lighter on resources and not ran by a company with funding issues.
The only thing I don’t like about Session is, it runs on a underlying crypto token, incentivizing the network to keep on going. getsession.org/…/migrating-from-the-oxen-network-… imo
Nah, that would be Matrix, XMPP, DeltaChat or SimpleX
Jami*
Matrix isn’t necessarily p2p
Oh yes that too
Ya it’d be better if it didn’t require a phone number but it’s a solid start as it’s build up a user base over the past decade. Matrix is good but I know far less people that use it and it’ll be a long time of growing with nerdy/geeky communities before it starts getting more mainstream users
No. XMPP would be the best choice.
Tell me you don’t know anything about security without telling me you don’t know anything about security.
I guess that sucks because I make a living working in cyber security. What do I know, amirite? 🤷
Could you explain a bit? I see main issue with Signal (though I’m not an expert, and they’re not strictly related to security): it’s centralized (and the server isn’t even open-source).
The question is also a lot about your threat model right?
The encryption being crap really does not depend on the threat model. Sure, in some threat models you may not need e2ee at all but in that case, what’s wrong with WhatsApp?
The issue with XMPP is that security really was an afterthought. Not only is e2ee an optional extension, but there are actually 2 incompatible extensions, each with multiple versions. Then you have some clients not implementing either, some clients implementing the older, less secure one. Some implement the newer one but older version of the spec with known issues. And of course, the few clients that implement it well become incompatible with other clients that don’t if you enable e2ee, so it is disabled by default.
That is all before you start looking into security audits or metadata harvesting.
Your reasoning would hold up if 80% of xmpp wasn’t running on Conversations or forks of it, that all support OMEMO and OpenPGP.
Your criticisms are too broad with few serious negatives. What makes extensions powerful is that they can easily change the rules without breaking the underlying system. If your client sucks, get another?
You have choices, but if your problem is metadata, whoooo boy.
news.ycombinator.com/item?id=32780665
github.com/matrix-org/synapse/issues/9133
reddit.com/…/is_matrix_still_a_metadata_disaster/
So much cope you didn’t even notice no one mentioned matrix. We are comparing XMPP with Signal.
Also, you really think saying only 20% of your chats are insecure is somehow making it better?
That’s their problem. If their messages aren’t encrypted, it isn’t like you won’t be aware of it. Request that they use a modern client and get with the times. None of this is an actual problem without easy solutions.
Then let us know when they are solved. Until then, I have a lot more hope in matrix than XMPP. They at least seems to be making progress in the right direction, although they are not there yet either.
Signal remains the best option for now.
Wish more of my contact list would switch over to Signal. It’s nearly the same. I don’t see why it’s so hard for some people to just start using Signal instead of WhatsApp.
Oh well.
Because people are beyond stupid. “i dont want to download another app” - while having an app for almost every other store and bullshit game and whatever
I think what they really mean is “I don’t want another account”.
Hell I’ve been getting rid of accounts lately. Feels good.
It’s super cathartic, I agree. Feels extra good when it’s big tech and fascist-owned as well.
My dad won’t switch from Facebook messenger so now we have to talk via unencrypted sms
I tried switching my family over, but being unable to install it on a second device or tablet was a deal breaker.
“But why, everyone is on WhatsApp”, and also a lot of businesses. “Privacy? I’ve got nothing to hide, what are they gonna do eith my info?”
groups/channels?
Sadly for me, this doesn’t really work for some relatives as
All I can do for those relatives is to leave WhatsApp installed but take away basically every permission I can, including running in the background.
Signal is free just like whats app. For text, calls, and video.
Signal is free just like whats app. For text, calls, and video. So that isn’t a problem.
I too have friends and family in different countries, one of which is crazy about whatsapp. I simply tell them this is how we are going to do things now, and walk them through it. It is not hard. If they can’t do it, well then we don’t need to communicate this way. Whatsapp is not an option. It is that simple.
Signal is not capable of SMS and quite a lot of people still use it.
yes, i know SMS isn’t secure at all. but if the option is “keep in touch with close family” or “don’t keep in touch” they will probably choose the former if they want to keep that.
I would rather SMS than use WhatsApp. But even then if my family is far away, why am texting them at all very often? With the time zone differences I’ll call or email, or nothing. It’s weird how people got along just fine with letters that took weeks and suddenly we now need instant communication for some reason?
How is that weird? You can be fine with suboptimal stuff, and recognize it’s suboptimal. Some people like their relatives and wished they could talk together more readily. Letters were just the fastest (while economical) method of doing that for a while.
we used to be fine with candles and stinky lanterns filled with perfectly good kerosene too. who tf needs electricity? 🤨
on the topic of family connection, I can’t speak to your family experience. only my own. and our family group chat is pretty damn active.
Did you get everyone to settle on the same thing, like Signal? We are spread out over about 8 countries, and with all the different phone numbers and plans, we use various methods, with several of us on Signal. Some on whatsapp, some on messenger. So we are not coordinated enough for a group chat. Which is fine, I dont really need to know everything all the time, we catch up when can, or get into small video chats occasionally. Luckily we do tend to physically see each other somewhat frequently.
no we are all on different platforms. half are on android and half are on apple which is irritating. so sadly the sms is our best tool to hit everyone at the same time with any urgency.
sms is not even an option for us; international texting costs a lot. Some people don’t even use a phone, they rely on internet connected devices only. Trying to coordinate all of this gets complicated fast.
weirdly my first thought just now was “wouldn’t it be cool if we could federate this somehow”. have a single (or a handful) of secure communication protocol(s) so that users could just choose the app with the UI they liked best and be done with it.
…then I realized I just essentially invented matrix and that already exists. lol. but yeah the issue is getting everyone to the same place.
its impossible to get some people to move from a platform they’ve used for over a decade in most cases.
How did they get WhatsApp installed? Is a FaceTime or other video option available? Never give up, never surrender
I was with them helping them out. For reasons I won’t discuss here I won’t be able to visit them anymore, so that avenue is gone 😞.
I can’t call ethical an app that relies on Electron.
Weird goalpost but Ok
I think it is more of a hill than a goalpost.
I wish I could do this, but trying to convince people to ditch an app they’ve never had problems with and where they all have their family, friends, work groups and school groups already mashed together, how do you convince them? Its not even about me convincing my friends or family, its about everyone else doing the same and when everyone has so many contacts in WhatsApp, that number starts to snowball real quick. Its just not feasible to try and explain this to someone who literally doesn’t care. I mean even though I myself know what Meta is and how Zuck is complete asshole, I still can’t switch off of WhatsApp because nobody I know is on Signal and I’d just be alone there. What’s the point? WhatsApp is pretty much the first app anyone installs on their phone (regardless of platform), they’re not gonna switch now.
Yep. I know the details. I’m tech savvy enough, but I use what my contacts use, and I’m not leaving WhatsApp. Same goes for youtube. The content I consume is there. There is no suitable alternative until the content creators switch. It’s not really about the technology at all.
Just ditch WhatsApp. Don’t give in to social pressure to install malware on your phone
The problem is there’s no one on signal that I want to talk to. So “just ditch the app” isn’t actually helpful.
Just need to move everyone. Not that hard honestly, if you are around smart people
" It’s not that hard really all you have to do is be around people who already want to move over". Yeah thanks for that advice.
I have a very similar strategy to being rich, step one is to be rich already. Simplicity itself.
Why are you friend with stupid people?
Why are you being intentionally disingenuous?
I will say it again just so it’s stated.
People are not going to move to another service unless they can obviously see the benefit in moving to that service. People who are not technically inclined (that doesn’t mean stupid) are not going to see the benefit.
Don’t be rude about people you don’t know anything about. Don’t insult their intelligence just because they’re not as interested in a very niche area of technology as you are.
spoiler
>Why are you friend with stupid people? Also note that if you are going to be rude about people you know nothing about, you had better check your grammar
What I said is that smart people can be convinced to move to another platform. Most of my friends are not technically inclined, but it was easy to make them use it, at least to chat with me.
What you did is change “smart people” with “people who already want to move”, which is not the same. You then said it’s not something you can choose (as you cannot choose to be rich). But I answered that you can actually choose your friends.
Never did I say people who are not interested in niche technologies are not smart. My statement can be rephrased in an equivalent statement “people who cannot be convinced to change are not smart”, and I stand to it.
There’s nobody on Signal, that’s the problem. If I want to miss out on all of my group conversations, work conversations, messages between myself and others, then yeah, I can switch. But if I want to receive any messages at all, I have to keep WhatsApp installed.
Well, just an anecdote:
I simply deleted my WhatsApp and moved to signal. Just did it.
People installed the app, at least the ones that cared about staying in touch. Which was most everyone I cared about staying in touch with. A few of my friend groups also moved the group chat to signal, though all of them do have other ones with the people who didn’t care enough to move too, but I hear it isn’t that big a deal, they had multiple groups before and will have in future, doesn’t really feel like any extra hassle they say.
It’s been fine. No problems. I’ve had more trouble trying to explain to my extended family why I’m no longer posting on instagram. Those I never had in WhatsApp either back in the day, so they “stayed in touch” by watching my pictures I suppose. But I just consistently tell people they can reach me always via signal or plain old sms.
I guess the biggest thing to be scared about would be fomo for most, but I don’t really care enough, I’ve got so much going on already that it’s more of a blessing that I don’t have to be involved in every conversation or meme sharing or whatever.
It really gets so easy after simply switching. Just do it and that’s that. The people worth anything come with you, it’s just another app and another group chat or personal chat. Most already have discord and the meta messenger whatever its name is these days anyway. I know zero people with only one messenger/chat app and unsplintered groups across them. It’s not a big chore, and if it is, there’s always sms.
I don’t mind missing out on some things, but I would mind missing out on literally all of the things. Everyone is on WhatsApp and trying to convince people to switch to a different app when, from their perspective, their current app has over 99% uptime, their kids, their family, their extended family, their friends, all are on WhatsApp. Its the same for me, its everyone. Its just a different situation in Europe.
Is this really the case?
Maybe it’s a regional thing. I’m in the northeast US, and nearly everyone I know uses Facebook Messenger as their main form of communication, even people who don’t touch Facebook at all. I hate Messenger for the same reasons that people hate WhatsApp, but I still have to use it because my entire social circle does. If I want to message someone outside Messenger without giving my phone number out, I use my Google Voice number.
I’ve only ever used WhatsApp to talk to work contacts overseas, and I’ve only ever used Signal to talk to paranoid drug dealers, which is a use case that’s mostly been replaced by Telegram now.
Outside of North America, most other countries’ use WhatsApp as a choice for personal and business uses is WhatsApp. Rest are mostly dominated by Facebook messenger. Excluding China which has WeChat domestically.
How Meta was ever allowed to buy WhatsApp without triggering anti-trust laws is beyond me.
Some numbers
Many of my European and South American friends are having a hard time because that’s where all their families and friends back home are, and it’s hard to get them to use something new, especially the older folks.
It was still called Facebook when they bought it.
In my region in Europe, it really is. EVERYONE uses WhatsApp. I’m not sure the last time I saw someone use SMS, its all WhatsApp. iOS, Android, its all there.
I don’t believe in signal.
I use it mostly for family chats, I got the extended family to use it rather than Facebook Messenger
What makes you not trust signal as against WhatsApp?
Interesting phrasing. How so?
I believe in it,… for now.
I moved my family group to xmpp to have more personal control over our chats. Signal seems benevolent, but I’ve seen this play out before. Will it stay that way? We treat online forums with the idea that federstion works to stop enshittificstion. I believe XMPP is a good model for federating secure chatrooms for the same reason: People should control the voices of the people, not companies.
I am so excited to see people embracing xmpp! I’ve been using it since 2010 and I was really bummed when my company got swallowed up by a huge conglomerate and we were forced to use their shitty proprietary one.
I will switch to signal when I can avoid installing stuff on bunch of my devices. Until web version is available, sorry it hard for me to switch and for me to convince other people to switch.
I would like nothing more, but so few of my contact group are willing to switch away… despite all of Meta’s bullshit. I resent being made to use it whilst their AI/ads encroach further and further.
so a centralized American messenger enshitified, lets switch to the next centralized American messenger, it surely will not enshitify in the future, lets ignore the actual problem, what could go wrong
My wishlist is an app which is not linked to a phone number, is multi platform and has a web app. It should be none US and open source. That isn’t too many requirements and yet nothing seems to full fit the bill? Anyway good luck trying to get school parent’s groups to use something other than WhatsApp.
Matrix fits the bill.
Unless you don’t like the federated nature.
XMPP/Jabber via a web client like movim.eu sounds like it ought to work!
You can also look into Snikket as a host for small groups like friends or family, but can continue to use the Movim web client even if you’re hosting with Snikket rather than Movim itself.
delta.chat
Matrix and Element. Run your own server if you want or use a server that’s not in the US.
Humans are too stupid to switch from convenience to slightly less convenience even if they get privacy for free. Any amount of discomfort is too much and changing an app is basically death.
They see no value in it. They don’t see that privacy is proactive measure that can protect you.
On Facebook, especially in my family, accounts get lost and hacked. One fine day, it might be someone with more influence in the family who’s attacker might make off with stolen bank information or passwords.
but “that’ll never happen”, right?
SimpleX as well!
IMO the best on-boarding I have seen in a chat app. Just scan each other’s QR codes or click a link. No account management because ID is unique to each conversation.
Signal and WhatsApp need a phone number, Matrix/Element is needlessly messy, XMPP/Conversations is sensible IIRC (ID + password)
Just got the app. Really like the idea!
The founder of SimpleX is out of his mind. Check yourself: xcancel.com/epoberezkin
It doesn’t look good indeed…
Sadly, that’s what we have to work with. The app is pretty good though
TIL the founder is a transphobic and conservative piece of shit
Made a post to raise awareness
Avoid the lemmy.ml community because it’s moderated by that fucker
programming.dev/post/32716098
I will use the opportunity to remind that Signal is operated by a non-profit in the jurisdiction called “the US”. This could have implications.
An anarchist option might be TOX. There is no single client, TOX is a protocol, you can choose from half a dozen clients. I personally use qTox.
Upside: no phone number required. No questions asked.
Downside: no servers to store and forward messages. You can talk if both parties are online.
Well yeah we could also use Briar or whatever… but would your grandma?
i’ve only managed to get some of my fam to move over to signal. the other half full on refused
.
Not sure if you’re actually sincere or are sarcastically making fun of Tox’s onboarding. That’s a long key.
They’re probably not joking, TOX IDs are like that. :) Mine is:
CA9A4C1968AA38CC93CB32F31F3682AB897ABA42C90E6F0EA5E1FB541930FD64138B4CC09AD*
(*the number opposite to the first is the number that comes after one, to hinder any spam bots)
.
You can use Signal with a different client. Signal being operated within the US has no effect. As of now the jurisdictions that I know of to be worried about are:
The UK, where Apple was recently ordered to remove end-to-end encryption features, and have been gagged from talking about it
Sweden, where a law is proposed to add an encryption backdoor
The EU, where leadership is pushing for an encryption backdoor
My understanding is that the Indian government under the BJP and Congress has been pretty consistently anti-encryption, and violated privacy rights
France arrested the founder of Telegram for using end to end encryption in Telegram
Australia in 2018 passed a law that enabled the government to require communications platforms add a backdoor for government decryption. The Director of the Australian Security Intelligence Organisation (ASIO) said that “privacy is important but not absolute”. Which has the same vibes as “this is not about human rights, this is about human life.”
WhatsApp was previously suspended in Brazil for refusing to hand over decrypted messages.
Austria is in the process of passing legislation allowing police to backdoor encryption in messaging apps
China and Russia are very obvious problems. Here’s an easy one of many examples
The White House both in Trump’s first term and in Biden’s presidency were pro-encryption. Signal and Tor were US government funded projects. That’s not to say the US is great on encryption, and there have been laws in the past that did/were proposed to limit it. But, as of now, it seems that the US is (edit: one of) the most hospitable jurisdictions for encrypted messaging non-profits.
BTW, I’m not saying using Tox is bad, or that Signal is good, I’m just talking about the US jurisdiction part.
Can you advise, which one would be a good one? Because I actually use Signal too, it’s just misbehaving a lot recently.
I have had endless difficulties with Signal forcing upgrades on me and requiring to sign in on the phone, under threat of deactivating my account (I use it on a PC).
I’ve never used any, but Molly seems well liked
.
TIL I have no family I care to keep in touch with and I have no friends.
How do we know signal isn’t also run by a techbro who just wants our data?
I don’t think that the founders are bad people. If you look at their history of work, they have done enormous amounts of work in the computer security sector. The founder, however, did run a cloud based WPA cracking service.
Meredith Whitaker, who is the president, used to work at Google doing research for “issues related to net neutrality measurement, privacy, security, and the social consequences of artificial intelligence”.
In 2018 she then staged walkouts at Google over concerns of sexual misconduct and citizen surveillance.
The people on Signal’s board seem to be trustworthy people with a pretty airtight background. You have to worry more about the mobile operating system compromising you than do you about Signal.
Does it really matter who made it if you can see the source code? You don’t have to trust them.
That’s kind of a core tenet of libre/open software, innit? Independently verifiable software that you can change at your pleasure.
Can you though? Can I build the apk myself and use their services?
Yes, you can use their exact build environment straight from GitHub. You can also use Molly.im which is another app that i think is a fork? Im still investigating it.
Anyone know why the Signal app isn’t available on F-Droid? Isn’t it supposed to be open source?
Molly is in f-droid, though it’s technically third party. Looks identical though.
I was looking at Molly.im and it has its own f-droid repo. There are two options: with and without Google servicios.
I think it’s by request. the fdroid team build every single app in their repos which means that they are not always fully up to date, so signal argues that whenever they need to push a security release people on froid would take forever to update.
I think I’ve had this issue with simplex. I’ve had to wait over 2 weeks for an update. That’s why I’m using obtanium for it instead
You can install and update it through Obtainium directly from GitHub.
I got tired of asking my family to download yet another app. Went iPhone at this point.
How many apps did you ask them to download?
Personally, I only asked for this one, and everyone who is of importance to me chose to do it.
I went from Telegram to WhatsApp. That was enough to annoy my people.
You know and I was the biggest smack talker of apple and I got the 16 pro just to get encryption when talking to my mom and husband. I can see why people like these things.
But it does feel very basic coming from a long time Samsung user.
Compare with Zangi Private Messenger. Yes, every country who has jurisdiction has access. Just ask yourself, which gov do I trust more with my private chats?
Don’t ask me for a phone number and I’ll use it.
When did WhatsApp start allowing signups without a phone number?
No clue. Never even tried to use it since it’s a Meta product. I was referring to Signal’s phone # requirement being a non-starter.
So what do you use now?
I use Element.
I use both and have been happy with both, but note that Element / Matrix have recently announced the intent to add paid service tiers.
Fair enough, servers cost, you can self host it too…
Remeber, If it’s “free”, you are the product.
Both technologies are open source. It’s a common model of compensation for the developers, pay as your able.
A friend hosts my instance. I don’t expect free as in beer hosting, only free as in speech code and protocols.
Matrix
The irony of you posting this on lemmy, which won’t allow posting from a VPN or masked email addresses is not lost on me.
The amount of hoops I had to jump through to make this comment and maintain some semblance of privacy is infuriating but at least it’s not reddit I guess?
But do go on about your security standards…
Edit: BTW, you can set signal to hide your number completely. Combined with FOSS-based encryption keys on-device makes signal the only choice for trying to maintain freedom of expression globally.
Nothing will protect anyone from messaging with a snitch who knows how to screenshot though. Food for thought… get to know your neighbors now.
You’re using the wrong lemmy server then, no problem with mine
It doesn’t matter if you hide the number; at some point they deanonymized you when you signed up.
Want to be a dick about “hoops”? Get a number that isn’t traceable. It can be done, but it’s tough. I doubt its possible in the countries that really need anonymity of association.
Deanonymized isn’t a risk with end-to-end FOSS-governed encryption (as compared to Meta’s mysterious backend that manages keypairs for whatsapp and messenger). Sealed Sender can even obfuscate the metadata of the recipient for further snooping hurdles. Nothing is perfect, and any participant can silently ex-filtrate conversation data with another camera.
If you’re reading this comment, I posted it from proton vpn
Thanks, appreciated. I installed Nord on my linux box as well, then set that to openvpn technology and obfuscated servers which worked. I’d prefer to use their quantum-proof encryption but there’s no way to bypass VPN checks if one sets that. I think it’s a mistake on lemmy’s part to even put that hurdle up, but it is what it is. Having one’s real world identity tied to social media is a risk going forward. Data is the enemy.
Data is 100% the enemy and you’re right, lemmy would be moronic to put that roadblock in place
They DID put that roadblock in place. That’s kinda my point. You have to loosen a VPN’s security to post here (as I’ve had to do to reply). It says “no posting from VPN” in the lower left if one uses more advanced/secure encryption. They also don’t allow account creation from masked email platforms like fastmail.
Duck duck Go VPN connection here
When they dropped sms support I was no longer able to convince people to migrate to signal.
Before I could make the argument that you need one sms app anyway so that app might just as well be Signal instead of the one that comes preloaded with your phone. That way people would gradually get more and more secure messaging as time went on. When sms support was dropped, Signal could not replace an existing app and adding another messing app is much less appealing than replacing one.