Most active commenters
  • cdogl(3)

←back to thread

Signal adds a payments feature with a privacy-focused cryptocurrency

(www.wired.com)
544 points josh2600 | 25 comments | 06 Apr 21 16:23 UTC | HN request time: 1.371s | source | bottom
1. cdogl ◴[06 Apr 21 23:13 UTC] No.26718524[source]
Long-time Signal user here, with a number of technical and non-technical friends, colleagues and acquaintances who also use it. I don't know who was asking for this. And I think it really dilutes Signal's message.

I believe that everyone has a fundamental right to secure, private communication. Some people may hold the same belief for the right to transfer funds. I don't agree and I suspect many others feel the same. That tension alone makes this look like a bad decision to me.

replies(7): >>26718703 #>>26718805 #>>26719043 #>>26719103 #>>26719202 #>>26720779 #>>26726663 #
2. flyinglizard ◴[06 Apr 21 23:36 UTC] No.26718703[source]
Communication platforms like Signal live or die by network effects. If payment is incorporated as a first class citizen into other platforms, Signal would need it as well to maintain its network - just like it would need the capability to transfer photos or other non-textual items.
3. JeremyNT ◴[07 Apr 21 00:21 UTC] No.26719043[source]
This kind of anti-feature is not what I signed up for. I just wanted a secure messenger normal users could understand! It seems like a simple enough problem that Signal solved well (apart from the phone number requirement).

Sadly, now it feels like Signal was just a long game trojan for Marlinspike to onboard users to a cryptocurrency pyramid scheme. This has nothing to do with its core functionality and it makes me question the developers' motives.

I've wasted my influence with my non-technical friends convincing them to adopt Signal, and I don't forsee convincing them to switch yet again to something different.

The state of secure messaging is really bleak. I wish Matrix had an IM-style client that was decent enough for non-technical users to adopt.

replies(4): >>26719195 #>>26719289 #>>26720457 #>>26720662 #
4. bmarquez ◴[07 Apr 21 00:31 UTC] No.26719103[source]
I don't know what who was asking for this either, especially when what I consider to be core features are still missing.

Signal for iOS still doesn't support message backup like the Android version.

And Telegram introduced a feature to import old Whatsapp chats into new Telegram conversations, a form of "backup". This was great when I was migrating away from Whatsapp, and made the decision between Signal and Telegram easy for casual conversations where encryption wasn't a priority.

5. climb_stealth ◴[07 Apr 21 00:41 UTC] No.26719195[source]
> I've wasted my influence with my non-technical friends convincing them to adopt Signal, and I don't forsee convincing them to switch yet again to something different.

This has bitten me before. Now I'm thinking that every recommendation and suggestion to adopt must come with a "for now this is the best way to do it, but it will probably change again". And somehow try to prepare the non-technical people for that.

replies(1): >>26723169 #
6. leppr ◴[07 Apr 21 00:42 UTC] No.26719202[source]
> I believe that everyone has a fundamental right to secure, private communication. Some people may hold the same belief for the right to transfer funds. I don't agree and I suspect many others feel the same.

What are the arguments?

Don't you think that as data becomes more and more valuable, "freedom of transaction" is a natural evolution of "freedom of communication"?

In an environment where only "legally valueless" data circulates freely, the few entities that are actually able to monetize this data become gigantic monopolies (Google, FB, ...), while most individual parties are either forced to play by their rules (Youtube, Patreon, ...) or filtered out by startup costs.

replies(1): >>26719466 #
7. leppr ◴[07 Apr 21 00:51 UTC] No.26719289[source]
How does the ability to transfer "points" from one number to another, remove from the messaging features?

Is it really that hard to imagine unobtrusive UI that makes this as optional as sending GIFs, stickers or location data? Or did the later features already kill Signal for you?

replies(1): >>26719824 #
8. cdogl ◴[07 Apr 21 01:20 UTC] No.26719466[source]
My view is that the public in general has a right to universal services that can realistically only be delivered through taxation. That right needs to be balanced against the right to transaction privacy. It's one thing to say that friends should be able to send money to each other privately; it's another to think about bank settlements and international flows of large sums of money not being visible or auditable.

The whole issue is a real minefield and I don't have a firm stance. And obviously the fiat money system has gaps and flaws there too. I'm sure much of the HN audience would disagree with me here from a libertarian point of view. But I think it's safe to say that the issue of transaction privacy & freedom is not as straightforward as that of speech (which itself is really not that simple).

9. cdogl ◴[07 Apr 21 02:11 UTC] No.26719824{3}[source]
Signal's UX still needs work and a lot of features just don't work very well (e.g. the desktop sync). That's fine in and of itself - the team is small and they're funded by donations - but if they're spending time on payments, that raises concerns for me about the priorities of the project and how the funding is being spent.
10. jakecopp ◴[07 Apr 21 04:01 UTC] No.26720457[source]
> The state of secure messaging is really bleak. I wish Matrix had an IM-style client that was decent enough for non-technical users to adopt.

See Element [1] which uses Matrix [2]. It feels like IM, and is super simple to onboard new users. I'm not involved with it, but I'm a huge fan of the Matrix ecosystem.

If you want group chats to be mixed in with 1-1 chats, try SchildiChat [3], a fork of Element.

[1]: https://element.io/

[2]: https://matrix.org/

[3]: https://schildi.chat/

replies(2): >>26720956 #>>26725258 #
11. sequoia ◴[07 Apr 21 04:39 UTC] No.26720662[source]
> This kind of anti-feature is not what I signed up for.

At the risk of sounding like a Signal simp: don’t use this feature if you’d don’t like it? I have no idea whether this is a good or bad idea, I figure the proof of the pudding is in the tasting and I haven’t had a chance to try the signal payments feature, but I’m willing to extend the benefit of the doubt here at least as far as “I’ll withhold judgement til I can try it for myself.”

I really don’t get the ire on this. I think it’s good that whisper systems is forward looking and trying to be innovative and dynamic and go where users are rather than just sit around waiting to become irrelevant. Not all experiments or risks will pay off but that doesn’t mean risks and bets are bad.

replies(2): >>26720771 #>>26721651 #
12. hanniabu ◴[07 Apr 21 05:00 UTC] No.26720771{3}[source]
It's the fact that many much needed improvements to their core offering are not being taken care of and instead they've gone and done this, which nobody asked for and puts the operation at risk. Not to mention that they integrated a premine scam coin over a proven leader like Monero. Sadly it seems the Signal team has sold out. Really hope their payout for this move was worth it.
13. cookiengineer ◴[07 Apr 21 05:02 UTC] No.26720779[source]
I'm curious: why did you choose Signal when you care about privacy?
replies(1): >>26721022 #
14. mtsr ◴[07 Apr 21 05:44 UTC] No.26720956{3}[source]
Even with a fast home server Element is quite slow. Slow enough that even I, trying to get my circle to use it, feel some reluctance to open the app. Hopefully the upcoming Hydrogen client can solve this.
replies(1): >>26721318 #
15. fastball ◴[07 Apr 21 05:59 UTC] No.26721022[source]
Probably because all conversations (1-to-1 and group chats) are E2EE.
replies(1): >>26721105 #
16. cookiengineer ◴[07 Apr 21 06:17 UTC] No.26721105{3}[source]
> Probably because all conversations (1-to-1 and group chats) are E2EE.

They are in WhatsApp, too. At least Facebook still claims that after the Snowden leaks :) And: Did you verify this? Did you check the source code at signal's android/ios client repo? Did you also verify that no untrusted third party receives your backed up private keys?

Why do you trust Google more than Facebook? [1]

[1] https://github.com/signalapp/Signal-Android/blob/d74e9f74103...

I'm not trying to troll here. I'm trying to point out that babbling about crypto is easy. Verifying it, and actually caring about it is another thing. Most users are probably also the wrong audience for early adoption of TOX.

replies(1): >>26725783 #
17. ptman ◴[07 Apr 21 07:03 UTC] No.26721318{4}[source]
element-web? element-android? element-ios? all of them?

Have you tried fluffychat on android? Or any of the other clients https://matrix.org/clients-matrix

replies(1): >>26721515 #
18. remirk ◴[07 Apr 21 07:37 UTC] No.26721515{5}[source]
I love FluffyChat. Been using it for a month now and it's significantly faster than Element/SchildiChat on Android. It has the basic chat features I would expect from a Matrix application. Only feature I don't think it has crosssigning at the moment. (In which you're signing your friends master-key, which they use to sign their new devices, so you don't have to have a cryptoparty anytime a friend adds a new device)
19. fauigerzigerk ◴[07 Apr 21 07:56 UTC] No.26721651{3}[source]
>don’t use this feature if you’d don’t like it?

How do I prove that I didn't use it? And why on earth would I want a messaging app to put a target like that on my back if I'm not even using the feature? With this feature, the likelihood of someone demanding access to the app grows from almost zero to pretty significant.

replies(1): >>26724816 #
20. fsflover ◴[07 Apr 21 11:10 UTC] No.26723169{3}[source]
> Now I'm thinking that every recommendation and suggestion to adopt must come with a "for now this is the best way to do it, but it will probably change again"

Except for Matrix, because it is decentralized.

replies(1): >>26733318 #
21. sequoia ◴[07 Apr 21 13:44 UTC] No.26724816{4}[source]
Good point, I hadn't thought of that.
22. JeremyNT ◴[07 Apr 21 14:14 UTC] No.26725258{3}[source]
I occasionally use Element on my Android device, waiting for it to get to the point where I can seriously recommend it as an alternative to silos like Signal or Telegram. It's sadly not at that point.

Fundamentally, Element "feels" more like an IRC client than a typical IM client like Signal. It isn't focused on direct, one-off, or small group communications (this isn't a technical thing and it has nothing to do with federation, it's simply the UX paradigm that Element has adopted).

The SchildiChat fork looks promising, although it's clearly too early to recommend it. It's not even available on the Google Play store, which makes it unsuitable for non-technical users.

23. lxgr ◴[07 Apr 21 14:52 UTC] No.26725783{4}[source]
> Why do you trust Google more than Facebook? [1]

How is using Google for domain fronting for the purpose of censorship circumvention "trusting Google"? They don't get to see the message content (just like Facebook doesn't see the content for WhatsApp).

> Did you also verify that no untrusted third party receives your backed up private keys?

Private keys are not backed up in either service, as far as I know.

> Did you check the source code at signal's android/ios client repo?

Given the lack of reproducible builds on iOS/the app store, any source code audit is pointless if the app vendor is included in your threat model.

24. e12e ◴[07 Apr 21 15:51 UTC] No.26726663[source]
This is rather terrible news. On the other hand; there's no technical reason someone (like, say the EFF) couldn't fork the client and server - and establish a new signal network - maybe drop the need for phone number registration as well?
25. climb_stealth ◴[08 Apr 21 00:10 UTC] No.26733318{4}[source]
Hah, this almost feels like a matter of faith. It would be interesting to see though where Matrix would end up if it manages to becomes as popular as Whatsapp or even Signal.