• TheGrandNagus@lemmy.world
    link
    fedilink
    English
    arrow-up
    49
    arrow-down
    8
    ·
    edit-2
    9 months ago

    On the one hand I agree with them sticking to their guns re: adamantly protecting privacy.

    On the other, the number of contacts I have using signal has dropped off a cliff, from 12 to just one. It certainly isn’t rising. The people I know who used it have abandoned it and went back to WhatsApp.

    Getting rid of SMS support was a mistake.

    I’d personally prefer that when messaging with someone using WhatsApp, they make clear to you that Facebook can and will have some metadata, but not the contents of the chat itself. Shit, make it opt-in.

    A big part of why nobody uses signal is because… nobody uses signal. If you could still talk to people on WhatsApp, the de facto standard in most of the world bar the US and China, more people might give it a try, and thus more people over time would be having signal-to-signal conversations.

    IMO a good but imperfect solution is preferable to nobody using Signal, which is the realistic alternative.

    I’ll continue donating to Signal, but much like their SMS decision, I believe this to be a mistake that will severely hamper adoption.

    • Quik@infosec.pub
      link
      fedilink
      English
      arrow-up
      8
      ·
      9 months ago

      I would state it even more generally, something like “when chatting with WhatsApp/Facebook Messenger users Signal can only ensure no data is shared with third parties from your device …” or something around the lines of that

    • kevincox@lemmy.ml
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      Perfect is the enemy of good

      This is exactly the problem. If they support interoperability then they will allow their users to continue using the Signal app which has high security standards, even if the particular conversation is not as secure as native signal conversations and they can’t control what the third-party app does. This will help grow the Signal network (because now it is easier for WhatsApp users to incrementally switch to Signal) and become more secure.

      By rejecting interoperability they may be slightly improving the privacy of the 1% of users where their conversation partner would have switched to Signal, but are harming privacy the 99% of users that will now need to switch to WhatsApp for those converstions and are harming their future network growth (which would bring even more users to a private solution).

    • umami_wasabi@lemmy.ml
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      6
      ·
      edit-2
      9 months ago

      they make clear to you that Facebook can and will have some metadata, but not the contents of the chat itself.

      You thought you’re safe and private when the content is encrypted? LOL, no. Metadata are much more useful to Facebook, and to the intelligence services.

      “We Kill People Based on Metadata.” – General Michael Hayden, former Director of NSA and CIA

      • TheGrandNagus@lemmy.world
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        1
        ·
        9 months ago

        My point isn’t that metadata isn’t useful for them, there’s no need to be condescending about things I never said.

        • umami_wasabi@lemmy.ml
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          2
          ·
          edit-2
          9 months ago

          My point is metadata should be protected as content does. While IM platform needs to know which message should be delived to whom, they don’t need that after being delivered, nor have it profiled.

    • uis@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      4
      ·
      9 months ago

      I disagree. When sending SMS you are leaking info like when, to whom and how big message you sent to a lot of spying agencies.

    • TWeaK@lemm.ee
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      20
      ·
      9 months ago

      I’d personally prefer that when messaging with someone using WhatsApp, they make clear to you that Facebook can and will have some metadata, but not the contents of the chat itself.

      If you believe that, then I think you’re one of Zuckerberg’s proverbial “dumb fucks”. Not that I mean to be insulting, but that’s literally what he thinks of his users.

      Facebook’s WhatsApp is almost certainly filled with backdoors and exploits. In particular, with Android they often bypass Play Store checks by bundling system apps directly via the manufacturer.

      • TheGrandNagus@lemmy.world
        link
        fedilink
        English
        arrow-up
        40
        arrow-down
        3
        ·
        edit-2
        9 months ago

        Calling someone a dumb fuck, even indirectly by using Zuck’s famous quote, is quite rude. People aren’t dumb fucks because they are forced into using WhatsApp.

        Maybe you’re from the US or somewhere where iMessage, SMS, or WeChat dominate, but here, you either use WhatsApp, or you become an outcast. Whatsapp is de facto mandatory. Even half of my delivery notifications and 2FA comes to my WhatsApp, not SMS. When people say “just don’t use WhatsApp”, they may as well be saying “just don’t use email”.

        I don’t want to be one of Zuck’s users. That’s why I want an open and secure protocol for cross-client messaging. So I and others can use something else without being isolated from friends and family. Being lonely isn’t pleasant.

        Facebook’s WhatsApp is almost certainly filled with backdoors and exploits

        Perhaps it is. We can never know due to its proprietary nature… which is why I don’t want to use it.

        As it stands, I can use Signal with one contact. The rest refuse to use it, or used it and abandoned it.

        It would be amazing if everyone woke up tomorrow and flocked to signal, but here in the real world, outside of my fantasies, I have to go with the standard, which unfortunately is WhatsApp.

        The only other alternative is SMS which is far worse in terms of both security and privacy, and would also cut me off from talking with friends as I’d have no group chat access and because nobody uses SMS.

        My choice is between:

        • being alone and unable to talk to anybody, but being a privacy purist.

        • conceding some metadata but retaining private chats and using a client I want to use. It would also bring more people to signal as they also won’t be locked out from chatting with others. Overall I’d gain signal-to-signal contacts, as well as imperfect signal-to-whatsapp ones.

        • giving in entirely and using Facebook software.

        To me, there’s an obvious answer there. It’s not perfect, but it’s better than the others.