262 comments

[ 2.7 ms ] story [ 258 ms ] thread
> It’s that adding a cryptocurrency to an end-to-end encrypted app muddies the morality of the product, and invites all sorts of government investigative and regulatory meddling: by the IRS, the SEC, FinCEN, and probably the FBI.

We need to fight against the idea that private payments are any less moral than private conversations.

We also need to actively reject the status quo in the USA of a complete and total lack of financial privacy. OF COURSE something that brings real privacy to payments is going to be a target for busybody financial regulators, just as the first widespread e2e-encrypted messenger was (iMessage, now backdoored for the FBI).

Cryptocurrencies at their core are speech, not property, so it makes perfect sense to enable use of them via a private communications tool.

"private payment" ≠ "payment using an ID that can be trivially linked to your phone number on an indelible public record"
That’s not how mobilecoin work
Allegedly, if you trust Intel.
You can use it without signal? Why didn't they just integrate with Etherium then?
Because Moxie is involved in mobilecoin and needs to pump it before he can dump it.
There is no indication whatsoever that the messaging service will see any of the end-user cryptocurrency addresses.

What makes you make that assumption? They have a perfectly good e2e messaging channel to use; the only party seeing the payment address would be the one paying.

Isn’t cryptocurrency inherently public?
The transactions are but the identities of participants are not.
Theoretically, yes, but practically? Countries like Germany already legally require you to provide your ID to buy cryptocoins at non shady businesses.

So in reality for most people crypto remains perfectly tracable for all time to their identities. But then again, no one uses crypto as a peer to peer currency anyways...

Money is not speech.

Words are not taxed.

iMessage is backdoored? Evidence please?
iCloud Backup backs up plaintext of all iMessages from the device to Apple, with Apple keys (non-e2e). It also includes all SMS.

This is documented plainly on Apple's iCloud security overview page. The list of things that are end-to-end encrypted is listed. iCloud Backup is not in it. It's on by default on all iOS devices.

Apple was to fix this by end to end encrypting iCloud device backups, and (I understand) even had an implementation, but stopped its deployment on request of the FBI to preserve access to phone contents (including iMessage/SMS history).

https://www.reuters.com/article/us-apple-fbi-icloud-exclusiv...

So turn off iCloud backups?
Then your conversation plaintext gets escrowed to Apple via just Bob instead of both Alice and Bob.

(Conversations are backed up twice: once by each party.)

You'd need everyone you talk to to also disable iCloud Backup. This is pretty unlikely.

Easier to just use Signal, where the chat history isn't included in the device backups at all.

Signal doesn't--and can't--somehow magically prevent people from backing up their messages insecurely. That they don't support being backed up by normal backup methods on iOS--including highly-secure ones--is a missing feature (and a devastating one at that: people expect to have access to their old messages) more than a security measure. Consider this: the existence of a popular tool that helps people back up their Signal messages wouldn't somehow cause it to be accurate to claim there is a "backdoor" in Signal.
If that tool shipped as part of iOS, were on by default, and silently sent the full message history plaintext to Apple (such as if Apple iCloud Backup stopped respecting the storage class of apps and just backed up EVERY FILE), I think it would be fair to call that a backdoor (in iOS).

What if iCloud Backup started including in the backup a snapshot of device RAM? I think we are splitting hairs here.

The desire of users for message history in backups is entirely orthogonal to whether or not iCloud Backup is a cryptographic backdoor, in the traditional "plaintext escrow" sense. Indeed, the FBI would not have torpedoed Apple's e2e encrypted device backup system if not.

Really it boils down to the fact that it's on by default and the users were never asked to consent to their full chat history being transmitted to Apple effectively in the clear. I imagine most users are unaware of the fact that the FBI has warrantless access to every iMessage they have ever sent or received.

Call a spade a spade: if iCloud Backup is insecure (and it is), then say iCloud Backup is insecure, not iMessage. Your stance on this is FUD because you don't respect the semantic boundaries of the systems you are discussing, and so anyone who decides to truly listen to you and internalize the things you say leaves with a broken mental model rather than an educated stance :/. Every single person who reads what you say "iMessage, now backdoored for the FBI" who decides to stop using iMessage (which wasn't even insecure to begin with) and does NOT decide to stop using iCloud Backup (which will be insecure even if the user is using Signal, along with Signal's iOS product flaw that attempts to circular file your messages, as messaging is but one of myriad things a user does on their phone) is someone you have failed by teaching them the wrong lesson.
I think that iMessage is simply a feature of iOS, same as iCloud Backup. They can't be installed or used separately, they are a single atom. A single atom with message plaintext escrow enabled by default: a backdoor.

By your reasoning, would "iOS is insecure" be an accurate statement?

iCloud Backup being insecure does NOT mean iMessage is "backdoored": if you don't use iCloud Backup--and there is no reason to do so, as Apple (notably unlike anything Android) has a really good local way to do highly-secure backups using iTunes--my (rather firm) understanding is that, even if you turn on the iCloud iMessage sync (which is also optional: I do not have it on, for example), iMessage actually is pretty damned secure (with no key escrow).

I appreciate that a lot of people--maybe most or even "almost all" people!--use iCloud Backup, but semantics matter as you present it as if iMessage is insecure, when not only the "real" but the only issue is iCloud Backups (which we should be making sure people don't use, with targeted education campaigns, as it isn't like using Signal could ever solve this issue for all of the other personal data the user had).

If you want to make this kind of argument, you need to be doing it from a place of being more informed; like, you could be trying to poke at how the protocol had a weakness--found by pod2g's team--with respect to Apple's ability to inject new keys for existing chat participants, an issue I am not sure they fixed (or even could fix, as it is arguably a UI security problem... but maybe they did, as I don't always follow the blow-by-blow); but this indirect argument you make is FUD.

> iCloud Backup being insecure does NOT mean iMessage is "backdoored"

Technically not, but in practice it is for the most users.

Without the source code, you should provide evidence that it's not backdoored. Given how large Apple is, how big its userbase, I am sure all agencies do everything possible to get the precious data.
(comment deleted)
Cryptocurrency != speech; it is not at its core some vehicle for transmission of information, or at least, no more so than conventional currency is. Currency, crypto or not, is no more than a marker of value established by a popular consensus. If any sort of currency supports the transmission of information, it’s a secondary effect where the act of transmitting that information is riding on the coat tails of the monetary/asset exchange.
The act of "sending" a cryptocurrency payment is actually the publication of a cryptographic signature.
Sure, but law and regulation doesn't work that way. It's about the intent, not the technicality. That's e.g. the difference between gross negligence, manslaughter and murder, even if someone died in all these situations.
The (IMHO bogus) argument Schneier was making was that it muddles the morality of the situation, not whether or not it is or isn't, or should or should not be illegal: just that it would invite "meddling" (his word).
> it muddles the morality of the situation

For most people, it does. I hold political free speech protections as sacrosanct. I do not have the same view towards dark money.

Putting my views and morality aside, the law treats commercial and non-commercial speech differently. Integrating payments lets the government subpoena records (and more) under AML/ATF law. Those laws are powerful and broadly supported.

Totally separately, if we take the position that money is speech, then fine. Why the hell not make a one-click “send wallet address” option for a variety of coins?

I think Signal is already very widely used today to transmit cryptocurrency payment addresses privately.
And the act of 'sending' a conventional fiat payment today is actually the publication of a transaction record in one or more databases. That doesn't mean it's 'speech'.
(comment deleted)
> We need to fight against the idea that private payments are any less moral than private conversations ... Cryptocurrencies at their core are speech, not property

That's an interesting take. Assuming you're American, maybe you could challenge this in court? Maybe Congress will have an epiphany - all this time they've been regulating inter-state commerce, but it's been inter-state speech the whole time. To resolve this contradiction in the Constitution, they'll likely just disband the Federal Government, ushering in a libertarian utopia.

Go for it! We're rooting for you!

That's a very American idea. Nowhere else would people think that money is speech, especially in the sense of free speech. I guess it joins "corporations are people" in that category of ideas.
> We need to fight against the idea that private payments are any less moral than private conversations

Disagree, but upvoting because clearly articulated.

If money is private and money is speech, then taxes aren’t tenable. Would you agree?

I see no good way out of this, if someone forks it and removes all that extra attack surface I guess Moxie will fight it, as he doesn't want many compatible clients.

And if the crypto features stays in there it will become another avenue for pump-and-dump schemes, so I can no longer recommend it to people without looking like a crypto hustler.

Fight it? How?
Moxie has a history of being an asshole to anyone trying to make a third-party client. They're prohibited from using the OWS servers, which do not federate (so they couldn't talk to Signal users), and Moxie has attacked third-party software over trademark issues, too. Any Signal fork is likely to be DoA, thanks to Moxie's deliberate actions.
Not everyone agrees that protecting a brand and controlling who connects to and uses a service you run and pay for is "being an asshole".

Lots of people pretty readily made the choice to move from WhatsApp to Signal when the benefits became clear. There's nothing stopping anyone from forking the client/server and running their own network - if there are meaningful benefits to end users of the fork, there should be no problem picking up traction.

"Protecting the brand and controlling who connects to your service" is what put Moxie in a position of power from which cryptocurrency garbage could be introduced to scam money from its users. That's all there is to it. I call that being an asshole.

Nothing stops you from forking the network, except for the fact that none of the users come along. Signal holds its users hostage. I call that being an asshole.

Calling it open source and saying "anyone can fork it!", then threatening legal action against anyone who does just that and dares to mention the word Signal in their documentation? I call that being an asshole.

Moxie is an asshole.

> "Protecting the brand and controlling who connects to your service" is what put Moxie in a position of power from which cryptocurrency garbage could be introduced to scam money from its users. That's all there is to it. I call that being an asshole.

I feel sad that you're apparently so angry about a piece of software.

> Nothing stops you from forking the network, except for the fact that none of the users come along. Signal holds its users hostage. I call that being an asshole.

The users have the choice to use it or not. If you build an alternative and noone uses it, it's not better. Like I said, more than a few people happily wandered over to signal from WhatsApp. Weren't those users "held hostage" by Facebook in the same way?

> Calling it open source and saying "anyone can fork it!", then suing anyone who dares mention the word Signal in their documentation? I call that being an asshole.

Who did he sue?

Come on Drew, you can't do this here. We ban accounts that do. I don't want to ban you. You're smart and do valuable work and I can feel that your heart is in the right place (edit: at least I hope it is—https://news.ycombinator.com/item?id=26723629 is pretty mean), but your comments that break the HN guidelines set an incredibly shitty example. You may not be coming from a mean place but plenty of other commenters will take this kind of thing as a free pass into forum hell.

https://news.ycombinator.com/newsguidelines.html

If you don't want people to be able to fork your product, make it proprietary. Don't pretend to be open source and then attack people for exercising the rights that development model affords them.
Let's fork Signal.
Yesterday I learned that the 'main' fork of Signal, Session, _already_ had a coin mainlined... FFS...
That's sad...

Still, I cannot believe the lack of vision of the founder of Signal Marlinspike. Now Signal will be soon banned. Already democracies were looking for "legit" ways to ban e2ee, but hey they did not even foresee that their best allies would be the app developpers themselves. They don't need anymore to search, they will just have to ban Signal for whatever tax evasion, criminal payments, human exploitation rings, etc. that occur through its blockchain.

I'm ready to jump over to Element (/matrix). Anybody else?
Already there, feels awesome. Just add bridges to all your apps and now you need only Element.
I can't convince my family to switch over when the UI is so shit.
fluffychat and nio both have good apps similar to whatsapp/telegram
We were considering moving from Keybase to Element for a group I’m part of, but the iOS client is bad. Lots of UI bugs that make it borderline unusable. The Android client seemed fine, but iOS is the lion’s share of our membership so the state of the iOS client makes Element a hard pass.
I'm already on matrix. It's decent.
> jMyles on Aug 9, 2018 [–]

> I have recently switched to Riot (built atop Marix, which the author endorses at the end) for some family communications and yeah, I think I do prefer it to Signal.

So, there are indeed some matrix fanboys polluting the debate.

Pfff.

Shame on you.

Shame upon me?

Why?

Because I like matrix?

I scarcely used it in the past year. And I haven't really used Element at all. ...what's wrong with considering doing so?

> Because I like matrix?

So you like it but...

> I scarcely used it in the past year. And I haven't really used Element at all. ...what's wrong with considering doing so?

...yet three years ago:

> jMyles on Aug 9, 2018 [–]

> I have recently switched to Riot (built atop Marix, which the author endorses at the end) for some family communications and yeah, I think I do prefer it to Signal.

You switched to it for some family communication (have some of that real usage cred) but today:

> I'm ready to jump over to Element (/matrix). Anybody else?

So either you didn't really use it three years ago and were dishonest or you did but then you are dishonest today.

Attacking another user like this will get you banned here. Please review https://news.ycombinator.com/newsguidelines.html and stick to the rules.

Hounding someone with quotes from a previous thread is particularly not ok. As the site guidelines say: Have curious conversation; don't cross-examine. Those sets are disjoint.

Please don't do the "shame on you" thing either—it's against both the letter and spirit of the guidelines. We're trying to avoid the online callout/shaming culture here: https://hn.algolia.com/?sort=byDate&type=comment&dateRange=a...

I am very enthusiastic about blockchain tech and its potential for economic healing in the world.

But this... this is a horrible idea.

I find this incredibly offensive. Has there been any deliberation in the Signal community on whether or not this is something that Signal should have?
What "Signal community"?
Good point. My main point is perhaps that this shouldn't be up to one dude that loves crypto assets – that there should be a signal community making decisions.
Being a centrally-guided product over a community project has been an intentional core characteristic of how Signal is run from the start though, so that's pretty much against the principle for it. (outside of the level that companies listen to user community feedback)
It's already a Free Software.

Huge fork in 10... 9... 8...

I look forward to replacing Signal with Noise.
I shall wait for Ratio
Trevor Perin created both protocols. Noise isn’t an asynchronous messaging protocol. So it won’t replace Signal. WhatsApp use Noise and Signal together.
Mirroring the sibling comment here, moxie has been very open that this is his project, top down. He moves as fast as he wants and he steers wherever he thinks is appropriate. This is one of the main reasons Signal doesn't federate - he thought it'd bring iteration speed to a halt.

(And let's be honest, if XMPP and the A3-sized spreadsheet you need for to pick a client based on XEP support is anything to go by, this is not undue concern.)

After convincing all my friends to move from WhatsApp to Signal I am really annoyed about this move. This really damaged the trust I have for Signal. I hope they realize their mistake quickly and drop this idea.
I think it won't be problematic as if someone doesn't want to create wallet they dont have to. So this payment option will be for only those who wants to enable it.
It feels scammy and annoying though, making people less likely to accept it, exactly like Keybase and Stellar. First time I got a Stellar email from Keybase I thought it was a literal scam.
I understand that point - it's the "optics". ...but for users that ignore the crypto feature, I don't see the issue - there is no real negative impact for them.
More code, more possible bugs, more updates needed.

All that things are not necessary, they could create a separate app "Signal Pay" and everybody who wants it can use that.

It made no sense to implement everything in one app.

Maybe not from a security perspective, but WeChat has been extremely successful by virtue of implementing everything in one app.
WeChat has been extremely successful by virtue of being the only app the government allows you to use in a country of a billion people.
> It made no sense to implement everything in one app.

WeChat would disagree [1].

There is definitely a place for payments in a social app. Combine that with potential for increased user adoption because of that ("please download signal so I can pay you easily") and I don't see this as inherently bad. But they should have used a reputable coin instead of some scammy pyramid token.

https://www.businessofapps.com/data/wechat-statistics/#:~:te....

> There is definitely a place for payments in a social app.

Not in a country that has free, (de facto) instant bank transfers (Faster Payments).

If the problem there is that you need someone's bank details and not just their phone number, there's Barclays' Pingit.

The fact that there is a separate service providing instant payments does nothing to disprove my point - being that payments within a chat app is useful, if not preferred, by millions in China and elsewhere.

What exactly is the rationale that makes payments within a chat app 'inferior' or 'unneeded' just because there are separate services available (e.g. Barclays' Pingit)?

It's not in line with what people want in the app though. It's like using a text editor that all of the sudden implements a wiki on gardening preinstalled in the app. It's not relevant to the features you want in a chat app and there's no reason it couldn't be a separate app.
lol. why would this damage your trust in them?

if anything this is a progressive move that fits perfectly with their mission.

Having said that they should have used bitcoin or monero

They won't care until someone creates a competitive fork that differentiates on this point.
But is it worth it if users can simply not use the crypto feature?
Discussion from yesterday - https://news.ycombinator.com/item?id=26713827

Consensus - WTF?

This obsession with crypto killed Keybase for many of it's users and honestly this could be a bad news for Signal.
The problem with Keybase is that its UI should be a lot more polished. Other than that, how does using cryptocurrencies interfere with chat?
Keybase was a passion project that always had very limited development time. They churned out a lot of proof-of-concept grade features, but never really polished any of them. And then some of the features only would be really useful if they either were backed by a proper commitment or had a selfhostable plan B.

The wallet is just one of many parts of keybases focus thrashing.

I just remembered that Keybase sent me random Lumens a while ago that I never touched, and when I just checked back right now, they're actually worth a significant amount? I am sort of shocked. How do I spend this?
1) Convert to USDC or another token and spend using https://stellarterm.com or lobstr wallet and send to your bank account

2) Convert to BTC and spend

3) Buy a gift card directly with the xlm

4) Send to someone's bank account in Brazil, Nigeria, Europe, Argentina. Normally using stellarterm or lobstr or solar wallet.

5) Setup AchorUSD wallet, convert to USD and get 10% interest

I personally didn't get much ("much"), but have heard several people say how they can pretty much buy a high-end phone now.

You could get an account on an exchange, send the XLM there and then withdraw it to your bank account.

The blog post touches on it,

> It’s that adding a cryptocurrency to an end-to-end encrypted app muddies the morality of the product, and invites all sorts of government investigative and regulatory meddling: by the IRS, the SEC, FinCEN, and probably the FBI.

Personally I'd be most worried with the last part of that.

Being a purely communications application, governments (and their organisations) who want to interfere with it, regulate it, and track usage are clearly trying to interfere with/track speech.

They can block it, they can regulate it, but it's clear that it's about speech. There's still the issues around "Terrorists/Pedos might be using it", but so far that hasn't been hugely successful, at least to date.

With Signal adding cryptocurrency, well, now there's territory that governments can clearly stand on and say "No no, we're not trying to monitor/track/regulate speech... we just want to know that it's not being used to fund terrorists".

Australia, like the US and other countries, requires notification on large value transactions, or transactions that add up to a certain amount.

The Australian Tax Office treats cryptocurrency differently than cash[1], so you need to report your transactions and information on who the other party was.

Those are all things where Signal can be required to start reporting these things, and where Governments can start to impose regulation.

Sure, maybe Signal gives the Australian and US Governments a middle finger and says "We don't know, and we're not going to add capability to track it".

Non compliance will then result in Signal's application being removed from the appstore/google play store, and now your userbase drops to folks who can install an APK or like rooting iPhones. Effectively killing the utility of the network.

This is right on the back of Signal actually starting to gain popularity and having a chance of actually being able to use it to contact folks I know who I didn't directly tell to go install it.

[1] https://www.ato.gov.au/general/gen/tax-treatment-of-crypto-c...

I love keybase still, and the feature of sending money so quickly, easily and cheaply between my friends is fantastic.

For my friendship groups, the worst thing by far about keybase is that it was acquired by Zoom.

I think there are 3 attitudes towards Signal:

1. Anger from purists who care about the fact it's not decentralised, and that Moxie runs the show, and that it uses phone numbers etc etc...

2. Indifference from those who have never heard of it

3. Joy from those who are extremely happy a decent, private, alternative to Facebook/Whatsapp exists

My worry is that group 1) try and ruin it for the rest of us.

Signal is literally the only product I can get my family to use which provides E2E messaging and prevents mass surveillance. But Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

There's no need to implement a payment mechanism via cryptocurrency. Signal can just create a "pro" version and sell that.
AFAIK crypto is the only way to get private and secure payments. Any other payment mechanism wouldn't fit the ethos of Signal.
What I meant was that Signal can solicit payments as part of their mission. Either through donations, or by selling access to more features. There's no need to involve financing through the use of the product itself, any proceeds of which will not go to Signal anyway.
Signal doesn't sell paid features, Signal is adding a payment platform. So future apps and/or users can exchange money/crypto.
Yes, and I would argue, with Schneier, that that's a bad idea, for all manner of reasons, not least that it will widen the legal attack surface by a lot.
And why exactly does Signal need to be a kitchen sink app? What's next, CandyCrush inside Signal?
The question is more whether it needs to support private and secure payments in the first place. That is, legally and ethically, a whole different beast than private communication.
(comment deleted)
You seem to be confusing paying for Signal (there is no way to pay for it, but you can donate to the foundation) and exchanging money with your friends.
As Schneier says, that could be implemented in a separate application, not the core Signal product.

Signal just added a bunch of crowbars to the people who want to crack it open. Money laundering and tax evasion are seen seriously and there's generally more people doing it than, for example, planning terrorism.

I think this is a strawman argument. Can't it be the users from group#3 who's sad to see Signal turn into WeChat? After all the lessons learned from Keybase are open for all to see.

WhatsApp doesn't include payment mechanism in many markets, why is Signal trying to waste developer resources on unwanted features?

WhatsApp payments isn't available yet in all markets, but you can be sure it's coming.
WhatsApps payment feature is only available in India where they implemented the feature in alignment with the Indian UPI initiative.

Src.: https://faq.whatsapp.com/general/payments/learn-more-about-p...

Therefore I'd argue that this specific feature can hardly be seen as waiting for a global rollout.

Payments was also launched in Brasil, and Facebook are on record as saying they want to expand it to more countries.
> you can be sure it's coming.

It's standing on the shoulders of UPI in India. Do they also plan to bring India's UPI to rest of the world?

I offer that if you think e2e encrypted messaging plus a simple cryptocurrency payment system is "turn[ing] into WeChat" that perhaps you are making a massive overgeneralization, or perhaps are unfamiliar with the scope and extent of WeChat.
Yep, I'm a group 3 user who has been defending Signal on HN for years. I probably won't be leaving the platform since it took so much effort to get friends/family to use it. But this whole scenario is inexcusable.

We've seen the failure of Telegram's ICO. The rise of spam accounts with Keybase's Stellar "space drops". FB's failed attempts at digital currency.

But what irks me the most is that the Github repo for their server was outdated for an entire year. They pushed up their commits around the time of this press release, likely to keep the integration of this cryptocoin a secret.

https://web.archive.org/web/20210117230947/https://github.co...

Edit: Yep, went through the commit history, and the very next commit on April 22nd, 2020 is when Signal first began working on crypto payments.

https://github.com/signalapp/Signal-Server/commit/95f0ce1816...

In other words, they new it was a bad idea that would draw backlash, but they did it anyway
> Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

This is thrown around a lot but I have difficulties to see how a wallet for an obscure alt coin might be in any way comparable to your standard payment app for the currency used in your region.

It's not that I can use it to pay in a shop (like I can with Google Pay) or on a website (like with PayPal). ... I can't even repay my friends for paying the round in a bar because it would mean their money is suddenly entangled in this obscure and completely novel network. The money wouldn't end up in their bank account and they could even suffer unpredictable losses.

I therefore think this argument is flawed. There's no upside next to the four payment apps I already have installed and none of my friends would prefer a messenger because it merged with a payment app for an almost unheard cryptocurrency. I would bet my social circle isn't a grave exception in this regard.

Don’t forget that any time you send or receive payments in this cryptocurrency, you would have to track either the basis (when receiving) or capital gain/loss (when sending) assuming this ever comes to the US. It’s a mess.
That seems wrong, is like if Mozilla forces crypto in Firefox. there will be many Firefox users that will not like it, it is not only the haters or Chrome users that will complain, hopefully maybe you can see the missing 4th perspective.
I don't believe the main competitors to Firefox (Chrome, Edge, Safari) offer a payment mechanism? So this wouldn't be required for core feature parity.

However the two main competitors to Signal (Telegram and Whatsapp imo) do have a payment mechanism.

Chrome has the Payments API and the most recent betas have the Digital Goods API which allows Play Store billing.
I had no idea WhatsApp and Telegram have cryptocurrency support, I only use WhatsApp because I need it for soem school parents group though... but even if Chrome would add Gopogle Coin support I still will not like if Firefox forces it and not make it an optional plugin (people still complain that Firefox added DRM support for media so this is not theoretical)
Neither Telegram nor Whatsapp have crypto support. Both of them have very limited payments support, that doesn't use crypto at all.
Keeping up with the Joneses is rarely a good motivation
Do Telegram have that now? I actively use Telegram but can't remember having seen it - nor an announcement that it is available.
(comment deleted)
> and prevents mass surveillance

A chain is only as strong as its weakest link. What if you somehow got malware on your device? That's all your Signal privacy out the window. Some phones are stuck on older versions and can't update to mitigate against so called 'zero click' attacks or attacks that require user action like clicking on a link sent via SMS which then spawns a malicious payload that's executed in the default browser. Malware on phones is rampant. It's not just 'spouseware' being installed behind your back or high-profile people being targeted. Millions of devices (billions even?) en masse are getting compromised with malware.

(comment deleted)
I have another attitude, which is suspicion that it is a honey trap. If the FBI can read messages (https://www.forbes.com/sites/thomasbrewster/2021/02/08/can-t...), it would seem like the perfect setup for them.

Why does everyone have so much faith in Signal? What if that faith is being misplaced?

Come on. The article you linked just shows that if the FBI can unlock an iPhone, they can read Signal messages. This is not exactly a surprising revelation.
(comment deleted)
Gov agencies can hack devices to read the contents - this is not specific to Signal or any weakness of Signal.

However Signal does provide secure e2e encryption which prevents mass surveillance.

> there are 3 attitudes towards Signal

I am in group 4. I didn’t care that Moxie calls the shots and requires a phone number. And I was thrilled to have a secure communication app, from when Signal was TextSecure. I hate this to the point that I’m dropping Signal.

The only reason to choose MobileCoin is Moxie’s personal affiliation to it. Meanwhile, this integration massively increases Signal’s regulatory cross section.

Most Americans strongly support free speech. That support doesn’t exist for dark money transactions. If the CFTC or New York DFS wanted to open a money laundering investigation into Signal, using the full AML/ATF toolkit in the process, there isn’t a great argument anymore for why they can’t or shouldn’t. Same for the Secret Service or FBI. Moxie just sold out Signal’s First Amendment credentials.

I suppose you’re also for banning cash? I don’t see the problem with being allowed to pay people money without having the government be involved.

That’s how things used to work before the US became a surveillance state, and the government and economy worked well enough.

"Moxie just sold out Signal’s First Amendment credentials."

Id argue he just created a new front:

freedom of association.

I still think you are right with your concerns.

You say he sold out credentials. I would say he bravely staked out a new claim.

> he bravely staked out a new claim

Culturally, sure. Legally, Signal becomes open season for law enforcement the moment this feature is implemented. And there will be zero law protecting them or any data they may have retained, properly or improperly, on their users. Given the MobileCoin's venality, I doubt they'll get public sympathy.

>But Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

A payment mechanism just isn't a core chat application feature.

This is like saying "a phone should just make phone calls!"

It was true in the past, but is no longer true today.

It's not. First of all, a phone is physical hardware, Signal is an application.

Does Signal also need a music streaming integration? Restaurant listings? A torrent client?

No. Not every app needs to become an operating system for life. We can have multiple apps on a device with little to no inconvenience. Carrying multiple devices is much more cumbersome.
Ideally they don’t, but they have - go live in Asia or South America for a bit and you’ll find spots where this is the model, and Signal can’t easily (or at all) reach those users without competing.
Are you saying people in those regions only able to use one app on their device / phone?
You know I'm not saying that. ;P

That's just how it winds up working there.

You'd be suprised, WeChat for example is almost a platform of its own.
So... Looks like the people on group #1 were right all the time. And you are posting this as an answer to somebody telling you that his pet idea will kill the platform and bring law enforcement all over the world into its users.

(What in my impression is the best case scenario, because when I've read about it I could only think about it bringing fraud and extortion into the users.)

What the world needs, though, is a decent, private alternative to Snapchat--which a lot of very normal non-technical people use specifically with the goal of "privacy" as they don't want to give their phone number to random people they meet at parties or while doing online dating or on services such as TikTok--not WhatsApp, which is already end-to-end encrypted (with the same protocol!). Signal needs to remain a viable alternative to WhatsApp to "keep them honest", but doesn't need to fight them and should move on to their next challenge (as the goal shouldn't be "get everyone to use Signal", but instead should be "get everyone to use an end-to-end secure messaging app"). This all happens to firmly fall into the first camp, which you incorrectly label as "purists" :(. Even the people I talk to who want to organize protests and the such are harmed by everyone pushing Signal as their main threat is a cop getting a list of all of the phone numbers in a chat off of someone's phone, something Signal doesn't solve... but, ironically, Snapchat and Telegram do, for all of their other faults: we need an end-to-end encrypted Snapchat/Telegram _stat_.
Why does the payment mechanism have to be a dodgy cryptocurrency?
>But Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

If anybody tried to onboard me on the basis of a 'payment mechanism' feature -- the answer will be a flat out no, as most of the payment flow in my professional and personal life does not involve a messaging platform, in order to achieve that objective.

I have Coinbase/Binance for crypto. Revolut/Transferwise to cover micropayments, foreign transactions, currency exchange etc., same with PayPal albeit a higher threshold. Monzo for cloudnative/FinTech banking. I have personal accounts with two out of four traditional banks, and a business account with another. I use Google Pay and Apple Pay, interchangeably.

> But Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

What it needs is not reaching feature-parity (although that will appeal to the mass, can't blame the), but to keep privacy as the central feature of the platform, and always move toward improving that feature.

And yes, the fact that Signal uses a phone number as the main identifier is a problem regarding privacy. And they did update their Signal-Server repo, but it took a while before it was and that's likely because they were trying to finalize that cryptocurrency feature before announcing it, but an apparent lack of transparency can lower the user-base's trust toward the platform.

Maybe it's the American in me, but I have almost no use for a payment mechanism in my messenger, I have too many. Venmo, Cash, Apple's thing, Google Wallet, whatever -- these all provide everything I need when I need to send money to people. Frankly the idea that I suddenly might have to have another goddamn thing is a bit irritating but I've resigned myself to it.

I think the other thing is that it's just a complete misread of how normal people even think about crypto. Literally every "normie" I know who has interest in cryptocurrency, even if they tow the line and say that "crypto is the future of money" or whatever, treat it entirely as a speculative asset when it comes down to it and that's what their usage of it revolves around. It's a thing they put $5 and that $5 becomes $10 later on and now they have $10. Sending it to other people is literally the last thing they want to do. As far as they're concerned, it's the exact same way the stock market works, only faster. None of them care about deflation or border politics or monetary privacy or whatever; it's practically just a way of flipping a bullshit asset into fiat cash, which is what matters. If they want to give people or their drug dealer money in a way that isn't on the record, they don't pull out their instant messenger and say "Let's use a blockchain to preserve our privacy during this transaction", they "pull cash from an ATM and do it in the bathroom of a bar" or whatever. They arrange this over SMS, probably, or maybe Signal already if you're lucky.

Finally there's people like me, people who neither care that Signal is non-federated and don't care that it uses phone numbers, but who just think the cure is worse than the disease here. I'm not even talking about the politics of money exchange or privacy or anything; I just literally mean cryptocurrency invites fraudsters and scammers and all kinds of bullshit along with it, that ends up causing external harm to people. I don't want Signal to expend resources on this stuff because even if it aligns with their goals on paper or is something their competitors might do, I literally think it's turf they shouldn't be on because fundamentally the people who play that game have other goals in mind.

> Maybe it's the American in me, but I have almost no use for a payment mechanism in my messenger, I have too many. Venmo, Cash, Apple's thing, Google Wallet, whatever -- these all provide everything I need when I need to send money to people.

All of those require doxxing yourself to the vendor, submitting to financial (suspicionless) mass surveillance systems, and can be trivially censored without any burden of proof or even probable cause to suspect wrongdoing by the entire machinery of the state. We saw this when Visa and Mastercard and PayPal willingly shut down donations to Wikileaks simply because the state asked - no legal compulsion was even necessary.

I hold US citizenship and don't use any of the aforementioned services for those reasons. I don't like providing identity information to services where I don't have to, because I value my privacy: same reason I use Signal, same reason I pay in cash.

Cryptocurrencies are censorship resistant and are open to use by everyone with an internet connection, just like Signal.

There is a huge benefit to the service provider not having your identity or being able to see the contents of your messages: to the user, to the service provider, and to society.

I don't think you should be getting downvoted. You clearly hold strongly to your values. There's nothing wrong with that. And you're adding to the discussion by providing your perspective, not being rude or attacking anyone.
There’s a set of people on HN that downvote and flag anything that they disagree with. I don’t really understand the mindset, but have noticed they usually agree with whatever the US government, FAANG or other authority is pushing for. (Maybe they’re authoritarian, and that’s why they think anything outside approved narratives needs a downvote? That’s my best guess.)

Anyway, it’s best to treat them like trolls: just ignore them. Upvote anything that renders in gray and isn’t violating site guidelines. I’ve found my best comments tend to wildly oscillate around zero for a while, then end up slightly positive. :-)

My assumption is that sneak is not being downvoted for his views, which for the most part seem reasonable and informative, but for his rhetoric.
> Cryptocurrencies are censorship resistant

Rubber hoses are a thing.

> Maybe it's the American in me, but I have almost no use for a payment mechanism in my messenger, I have too many. Venmo, Cash, Apple's thing, Google Wallet, whatever -- these all provide everything I need when I need to send money to people.

Don't forget Zelle, which is similar to Venmo but is already built into the apps and websites of a large number of US banks. It's owned indirectly by Bank of America, BB&T, Capital One, JPMorgan Chase, PNC Bank, U.S. Bank, and Wells Fargo. Other major banks, including Chase and Citi, also include it.

That means that a very large number of Americans can do quick and easy US to US payments by phone number of email just using their normal banking apps and sites.

I find Zelle super frustrating. I needed to transfer money from a local credit union to Citizen's bank because there isn't a Citizen's near me. Both support Zelle, except that you can only have one account set up in Zelle. So I literally couldn't even transfer money to my other account through Zelle. Instead, I have to mobile deposit a check to myself.
I think there are 3 attitudes towards Matrix:

1. Anger from purists who care about the fact it's fragmented, and that a lot of users will use matrix.org anyway, and that they think Signal has better UX

2. Indifference from those who have never heard of it

3. Joy from those who are extremely happy a decent, private, alternative to Facebook/Discord exists

My worry is that group 1) try and ruin it for the rest of us.

Fully agree, group 1 should just focus on pushing Element.io and perhaps try to make it as easy (by default at least) as Signal. Signal is a drop-in replacement for Whatsapp (except for that nagging for a pin that really nobody of my normy friends/family understands and I help them turn it off, none of them expect continuity from phone to phone anyway) and that is it's strength.
> Anger from purists who care about the fact it's not decentralised

You can call me a purist if you like, but every single project starts failing when it becomes too big, unless it's decentralized. You simply cannot afford to serve millions of users without a profit. Telegram now has to include ads.

>My worry is that group 1) try and ruin it for the rest of us.

Maybe you should be worried Moxie is ruining it for the rest of us? After spending the better part of the last decade telling us how all you care about is giving end-users easy to consume privacy - adding a payment option that will make you and your buddy rich isn't a great look. Hard to take the rest of what you say seriously when you sell out in this fashion.

Exactly. Especially after tooting his "we're a non-profit, we can never sell out" crap all over the place.
There are other decent private alternatives to Facebook and Whatsapp beyond Signal,so your argument smells as someone that is trying to rationalize away a horrible decision that they made.

In any case, rest assured that as a "purist" who argues against Signal's centralization, you shouldn't worry about us in the group 1. We are not going to ruin anything "for the rest of you". Signal will do it themselves.

We are vocal and "angry" because history has shown time and time again that systems that centralize power end up corrupt and self-destruct. The "purists" are only warning you about it. Blaming "us" about it feels a little bit too much like Stockholm's Syndrome.

> But Signal needs to keep core feature parity to remain competitive with WhatsApp, Telegram etc. And that includes a payment mechanism.

It's still not possible to italicize text using any of their clients. The desktop app feels rough compared to Telegram's -- try reducing the size of the messages preview column. Which group of users was actively requesting MobileCoin support?

I convinced quite a lot of my friends to switch to Threema. No phone number required, and really open source (https://threema.ch/en/faq/source_code)
Except the server it seems? I only see the various clients on github.
Like signal, their server code on github is not what they are running.
With signal, there is at least the occosional server code dump. The threema server is closed source.
I would like to do the same, but most of my friends aren't even on Signal. There is no chance in hell that they buy a messenger.
Let's stop making the same mistake over and over again. It is centralized, not federated, and therefore Threema is likely to suffer the same fate.
DeltaChat, it's encrypted email that present itself as a chat. You can use your own smtp, or use a existing one. It only needs to be able to create a folder locally and use GPG. ( the smtp, the client app has passed the mom test of installation )

Experience is below signal, but decent.

> really open source

Yeah, except that pesky server, right.

To be fair, Signal hadn't released source code for their server for over a year before today ;P.
True, which is why you should have switched to Matrix.
With the demands for KYC and the legislation for intermediaries handling money this will not end well unless they use a public ledger with private (and not anonymous) chain of signatures that can be audited.
Could somebody elaborate the animosity towards being able to pay in Signal, or and perhaps also the animosity towards Signal itself?

I use it, seems like an e2ee and uncluttered messaging app that just works.

With regards to the first, you see, it's an

> uncluttered messaging app that just works.

Cryptocurrency turns it into a cluttered messaging app, one that gives hackers extra financial incentives to compromise it.

Perhaps there will be a tab for your wallet, and an extra button to pay. Apart from that - you don't need to use the cryptocurrency parts.
I don't need to use any cluttered features, yet they are still clutter.
Because instead of supporting the coins that exist (Bitcoin, Bitcoin Cash, Ethererum, Monero etc.), some better than others, they did their own coin and the creators of that coin own most of it.

They could also have just have added a payment API and let anyone develop against that.

Well it doesn't 'just work' on all platforms or contexts. That's why it's a bit annoying for them to spend dev time on stuff like this, especially when they could have used whatever pre-existing/established coin.
If you are looking for alternatives to Signal, check out Threema.
Does it have encryption yet?
When did it not have encryption?
Forever.
I mean, I think has at least had strong end-to-end encryption since I first heard about it three years ago. What is new as of maybe six months ago is that it is finally open source, but it was always highly secure.
Are you maybe confusing Threema and Telegram?
Threema does not have federation, therefore it suffers from the same fundamental design flaw which allows Signal to abuse its position like this.
PGP doesn't have this problem
Do you regularly send email with PGP with a circle of friends? How did you get this established? Are you satisfied with the entire procedure?
I do communicate with non technical friends thought encrytped email. I made them install DeltaChat. It's a encrypted chat relying on mail
Ugh, I hate PGP so much. It's keeping people from interacting securely for over two decades The UI is bad, integration is hard, the chain of trust (it never was a web) is broken, the CLI tools are annoying... but hey let's do crypto parties with other nerds and exchange passports.
What do you mean the UI is bad? Which one? https://www.openpgp.org/software/

Sounds to me like you used a specific piece of PGP software you didn't like or understand.

How can you folks care so much about your privacy, but absolutely refuse to understand the tools you are provided that ensure your privacy? You're never going to get it if you demand it be provided in a blackbox app you don't have to think about.

ProtonMail uses the PGP standard. Its UI is simple and easy. There's still one issue: You're trusting someone else to do your encryption for you.

I started with PGP in the Nineties, under DOS. Back then it made sense. Though, it certainly was not for everybody. And despite all the crypto parties and what not, it's still not mainstream.

And yes it's great that some tools manage to hide PGP, it's not easy to do.

The problem, maybe it's not us, maybe it's PGP?

In particular PGP running on email or XMPP doesn't have this problem. The advantage comes from the base federated messaging system.

Don't get me wrong. PGP is great as a simple standardized cryptography protocol intended for messaging. It should be used just for the standardization. The cryptography of encrypted messaging is an easy problem and has been well solved. We need to move on to the problem of how to explain it to the rest of the world well enough so they can use it.

Sending payments across the world is going to get as simple as sending a text message with or without signal. While I don't agree on the details, Signal is heading in the right direction.
Does Moxie want to just make it really easy to buy cocaine on a night out?
Signal is really just another in a long line of siloed messengers. Eventually the people running the system do something obnoxious. Such things do not have a future.

Any system that has not reached the point that the bits and pieces are controlled by different entities should be considered just a technology demonstration. Signal has never even been close to "the best app we have out there".

Among people I know, most individuals send money to each other via Venmo. This presents two problems: how to be sure you're sending money to the right person, and, the transaction is data-mined by Paypal. So, having payments inside of Signal actually would solve both those problems (if both people are using Signal).

It could also be, that Signal is trying to turn their app into a platform, like WeChat.

1. Do most people actually care enough about PayPal knowing about their Venmo transactions to sacrifice ease-of-use and use a cryptocurrency instead? Is it worth having to endure volatility and have to deal with exchanges just to hide that split restaurant bill?

2. How does using a Cryptocurrency connected to Signal ensure greater confidence that you are transacting with the correct person than using Venmo connected to PayPal?

1. I care enough to pay cash when possible, even if it means rounding up my share for something like a split restaurant bill.

I would hope Signal's implementation makes it so you don't have to worry about volatility or exchanges.

2. This assumes you and your friend are both communicating with each other via Signal.

I go to a restaurant with some friends. The bill comes and it’s in USD because of course it’s in USD. One guy puts down his card because he plays cc miles games and anyway the waitress doesn’t want to deal with multiple cards. He gets home, logs on to Venmo and requests my share from me—-in USD. I click accept, the money comes out of my bank account, which is in USD because of course it is, and goes into his Venmo account. That’s the last I ever have to think about it. There’s no 1099B coming.

Crypto makes this story much, much worse for very little gain.

I am suffering from messaging app fatigue, using WhatsApp, Signal, Telegram and iMessage on Android and/or iOS. No sooner than witnessing a significant portion of my contact list migrating to Signal from WhatsApp, after the ToC/privacy debacle, now there is another spanner in the works.

Telegram failed with the TON project, trying to mix oil with water, in their attempt at cryptofying their platform. Signal should focus on solidifying their lead, and provide core messaging features with robust privacy, instead of a scattergun approach. Elsewhere, WhatsApp is already attempting to make a come-back with new cross-platform/multi device features, to eat away at all the gains.

https://www.androidcentral.com/whatsapp-will-soon-let-you-tr...

Remember 20 years ago when everyone was fatigued from running ICQ, MSN Messenger, AOL Instant Messesnger, and Yahoo! Messenger? At least we had Trillian which let us pretend they were all one app.
...and we need to get back to open standards.

Imagine having 5 different email providers, GMail, Hotmail, etc... that didn't talk to each other.

This current situations is dumb.

Why oh why was it not the first priority to move from phone numbers to random user IDs (like Threema) for identification? And instead come up with a crypto currency integration?

This whole crypto coin focus, the BS about the server code and the total inability to address criticism or be transparent about development made me lose hope in the project.

It should be obvious by now that signal is aiming for a different balance of user friendliness and privacy. At this point it seems unlikely that they'd change their minds on phone numbers.
> It’s that adding a cryptocurrency to an end-to-end encrypted app muddies the morality of the product

As digital currencies are just digital speech, seems that Schneier has muddied communication vs communication. Although I would have chosen a different cryptocurrency, I don't think they're doing any harm to themselves here.

Sounds interesting. Signal already has the roster and all. I'm happy this won't be another app, that no one will use.

I might be able to put off installing the paypal app forever.

(comment deleted)