Hacker Neue

Preferences
godelski parent
You're being pretty disingenuous and we've talked enough over the years for me to know you know you are being too. So why?

  > I imagine Signal is also more than happy about remote attestation and upcoming Android developer verification?
No, why would you think so? They were very against the Europe encryption issue[0]. You can also go check Meredith's Twitter[1] or Moxie before her. Their stance on things have been consistent and clear.

But does Signal comply with government warrants? Yes, absolutely. But they don't get many requests because they designed their program to assume Signal is an adversary to the user[2]

  > I don't like it because it made other choices that led to their larger network being infested with scammers and all kinds of shady types, but at least the client itself doesn't suck :).
Does it? Or have you made an assumption? I get a spam messenger on Signal maybe twice a year. Over SMS about 10 times a week (though a bit more than half are auto blocked), over phone I get at least 5 calls a week but sometimes I get that in a day, over WhatsApp I get a few a month. So I don't really buy your argument, but I'm only a sample size of one. But I also know there's no technical reason for your argument either. I'm also pretty sure we've had this conversation in the past, so what's up? You're one of the most active HN users[3], you're easy to remember.

[0] https://signal.org/blog/uk-online-safety-bill/

[1] https://x.com/mer__edith

[2] https://signal.org/bigbrother/

[3] For anyone interested https://news.ycombinator.com/leaders

TeMPOraL
>> I imagine Signal is also more than happy about remote attestation and upcoming Android developer verification?

> No, why would you think so? They were very against the Europe encryption issue[0]. You can also go check Meredith's Twitter[1] or Moxie before her. Their stance on things have been consistent and clear.

Never was a fan of Moxie, and I'm not going to read Twitter backlog right this moment to confirm what Meredith thinks, but my reasoning here is pretty simple: remote attestation and developer verification are tools that enable what Signal seems to want, which is to be its own walled garden with only one app from one official source - this is necessary for them to deliver on the promises of privacy and security they make.

>>> What, should we also just use telegram where E2EE is off by default?

>> I don't like it because it made other choices that led to their larger network being infested with scammers and all kinds of shady types, but at least the client itself doesn't suck :).

> Does it? Or have you made an assumption? I get a spam messenger on Signal maybe twice a year. (...)

Here I meant Telegram, not Signal. I don't get any spam on Signal at all, but then hardly anyone in my circles uses it. WhatsApp, maybe few times a year. Telegram, all the time, and I only keep it because my local Hackerspace moved over to it from IRC, + it's actually useful for some automation here and there.

People have different preferences; not everyone sees privacy from powers that be as the only requirement. I for one care more about my freedom of computing on my own device; I'm not that worried about my shitposting remaining private. I don't like the push for E2EE messaging in its current form, because I see incentives of both megacorps and OSS devs align against my own. I speak up, because messaging is inherently network-effects based, and I don't want to end up in a situation where all communication goes through end-user-opaque black boxes, regardless of whether they're corporate or community-made.

> I'm also pretty sure we've had this conversation in the past, so what's up?

I know your username and remember us having some back-and-forth on various topics, but I don't recall this particular one.

This item has no comments currently.