←back to thread

Signal adds a payments feature with a privacy-focused cryptocurrency

(www.wired.com)
544 points josh2600 | 3 comments | 06 Apr 21 16:23 UTC | HN request time: 0.613s | source
Show context
meowfly ◴[06 Apr 21 21:24 UTC] No.26717573[source]
The comment from the article echos my own sentiments:

> Speaking solely as a person who is really into encrypted messaging, it terrifies me that they're going to take this really clean story of an encrypted messenger and mix it up with the nightmare of laws and regulations and vulnerability that is cryptocurrency.

Moreover, there are three other points I'd add:

1. I don't like "do everything" apps like WeChat or Line. One of Signals strengths was UX that focused on it's core competency. Early in Signal's development they would add privacy features. Lately they have been adding social features. This, however, feels especially out of left field and likely to hurt the UX.

2. This smells like dev resources will be spent building and maintaining something not related to messaging.

3. I've always had a "don't let perfect be the enemy of good" rationalization that gives Signal autonomy to grow a privacy centric messaging app despite the deficits (e.g lack of federation). In contrast, I personally associate "crypto" with "scam". There have been so many shady ICOs and pump-dump schemes around crypto. This will taint the product for those of us who don't think of crypto currency as being anything more than pump-and-dump schemes and a way to buy dab rigs online.

replies(16): >>26717639 #>>26717735 #>>26717739 #>>26717937 #>>26719072 #>>26719095 #>>26719299 #>>26719963 #>>26720322 #>>26720564 #>>26720761 #>>26720886 #>>26721182 #>>26721555 #>>26721814 #>>26726903 #
sequoia ◴[06 Apr 21 21:43 UTC] No.26717739[source]
> Early in Signal's development they would add privacy features. Lately they have been adding social features.

This is intentional and relates to Signal's growth in the past few years. It's not "a hacker tool for nerds" it's "a friendly, easy to use chat app with stickers & voice messages (also strong encryption)."

IRC does one thing and does it well, and barely anyone uses it. The "clean technical vision" story isn't enough on its own.

replies(5): >>26718318 #>>26718841 #>>26718861 #>>26719338 #>>26721383 #
reader_mode ◴[06 Apr 21 23:53 UTC] No.26718841[source]
> a friendly, easy to use chat app with stickers & voice messages (also strong encryption).

Except it's not, strong encryption and privacy emphasis goes against easy to use. I recently got my family to switch to Telegram (because I like the interface) - my sister works in an environment where she has to have a separate work phone without a camera and everything synced up out of the box, history, etc. Brother lost his phone - same thing, has chat histories and everything is back to normal. I use Telegram on desktop and mobile and it synces instantly.

Compare that to Signal, you don't even sync between active devices and you can forget about having old conversations on a new device. And just to give you a scope of how important messaging history to people is (I've seen people say nobody cares about IM history) - designer from work is lugging around her Android phone year after switching to iPhone just for WhatsApp history (it doesn't sync between OS-es).

replies(7): >>26719014 #>>26719536 #>>26720242 #>>26720267 #>>26720361 #>>26720475 #>>26724564 #
1. godelski ◴[07 Apr 21 03:24 UTC] No.26720267[source]
> Except it's not... my sister ...

I don't see how these relate. Signal isn't explicitly aimed at high security targets, although it works for them (seeing the Snowden endorsement). Signal is about bringing encryption to the masses. Making E2EE the default choice for everyone. Is is much more about mass surveillance. Your sister has a different threat model, one where they are also concerned about the physical device being compromised (i.e. stolen, hacked, or being physically accessed).

These are different threat models. For E2EE for the masses you need things like stickers and for it to be "fun" in addition to being a tool. In your sister's threat model she's more concerned about the tool over the fun part. It is a work phone after all (I mean this is why they take out the camera).

E2EE for the masses is pointless if you can't appeal to the masses. Cypher nerds will always have their fun toys to communicate with but we are also in dire need for something that prevents mass surveillance. That is, after all, one of the fundamental necessities of a democracy: being able to speak your mind without fear of government spying/involvement (this is the reason they got funding from Radio Free America in the past). Unfortunately this means some compromises need to be made. But as far as I'm concerned Signal has done far better than any service I've seen and the relative leak is near zero. The weak points are SGX and pins, which only hide some minor metadata (even fully leaked this would be better than WA or Telegram).

replies(1): >>26720911 #
2. reader_mode ◴[07 Apr 21 05:33 UTC] No.26720911[source]
I'm just giving real world scenarios where people might have two phones, plenty of people have them for different reasons, it's useful to sync between them - I should have worded that differently.
replies(1): >>26720975 #
3. godelski ◴[07 Apr 21 05:50 UTC] No.26720975[source]
Oh, I understand now. Though I would argue in your sister's case she would explicitly not want to sync. But other people might. I'm actually highly in favor of Signal allowing multiple devices and their platform to be expanded (it'd be nice for IOT bots). Or even allowing for decentralization while maintaining the core official node.