[tazjin]

Signal, and in extension the other privacy-aware messengers (Threema etc), can not replace Telegram or iMessage because they lack basic features like multi-device sync.

The hard problem of messaging has not been solved yet, what people should build is a service like iMessage but with the public key pool per account publicly auditable and verifiable.

[lorenzhs]

Signal has multi device sync now, and it's cryptographically secure. It works by sending Signal messages to the other linked devices. This enables Signal-Desktop (the Chrome app that is now in beta). Sync is only implemented in the Android client at the moment though.

[tazjin]

That's quite literally multi-device >>sync<<, as in there is only one receiver and the rest is dependent on that.

Seems like a low effort solution and would not satisfy my requirements, but it probably works for some people.

[Johnny_Brahms]

I receive messages on my desktop regardless of whether my phone is connected to the internet or not.

Edit: just verified. Phone is in flight mode and chatting away on signal-desktop works just fine.

[exo762]

This is false. I've tested this possibility by turning off phone and Signal Desktop still receives messages. Description of plan around which protocol was build is here [0].

[0]: https://gist.github.com/TheBlueMatt/d2fcfb78d29faca117f5

[tazjin]

That's slightly better but still cumbersome to set up and with the primary device as a SPOF. What does the recovery procedure look like if you lose the master?

[exo762]

From what I've read in docs posted above, identity key is copied from S-Android to S-Desktop. If you lose S-Android, there are two possibilities.

1) Your keys are safe (device was encrypted and/or you've wiped it remotely, whatever). In such situation you could be able to transfer keys from S-Desktop to new mobile. AFAIK there is no such functionality yet (remember, its Beta).

2) Your keys are not safe. In such case no recovery is possible. Notify all contacts about the fact that they should "reset secure session", forgetting your Signal identity and establish new Signal identity.

Anyway, this is the only solution on market with secure chats and multi-device sync.

[lorenzhs]

No, your claim is false. This has been claimed about Signal multiple times now on HN and I've never understood how people came to this conclusion, because it's just not true and never was. All your messages arrive on all your devices, even if all of them are off at the time the message is sent. It's stored in an end-to-end encrypted fashion on Signal's servers until you switch on one of them, at which point the message will be delivered. When you switch on another one, the messages will be present at that device as well. The only thing missing right now is the sync of old messages when you link a new device, but that's only relevant in the first couple of days/weeks of use.

[evook]

Since when was it possible to sync whatsapp over multiple devices?

That unnecessary limitation really disgusts me, since I am the type who deletes his whole chat history weekly because I don't want to carry it around with me in case of another targeted stealing attempt. I'd love to integrate my whatsapp xmpp account into pidgin.

[exo762]

Signal is currently beta testing "Signal Desktop" which introduces (somewhat limited) multi-device sync capability. I use it and I'm happy about experience.

I basically don't need other communicators right now for close family and part of my friends.

Occasional video call can be made using other platforms.

[tomp]

> they lack basic features like multi-device sync

I've never used multi-device sync, ever. Not on iMessage, Viber, WhatsApp, ... The only one that I use across devices is Skype, but I don't use it except for video.

[atmosx]

Not even Telegram supports multi-device sync for 'locked' chats. So if you really care about security, multi-device sync is not a feature, it's a bug anyway.

I know only 1 guy who uses Signal and he is an AT&T systems administrator and linux addict. He understands the difference. The rest, use either iMessage or Telegram and don't really care about the rest.

[gtf21]

Telegram has the same problem with "Secret Chats" which can only be read on the device from which they are initiated.

[izacus]

People don't use Telegram (or whatsapp) for secret chats, but because it's a UX friendly messenger that replaces paid SMS services.

[tazjin]

Yes, but the amount of people who actually use secret chats is tiny.

It reminds me a bit of the CAP-theorem: Security, Device Sync and Usability. Pick two.

My personal preference is solving DU, because I can do security aware stuff with GPG.

[legulere]

WhatsApp also lacks multi-device sync. The feature that made people adopt WhatsApp was saving money in contrast to using expensive SMS (which is the reason why it doesn’t have much adoption in countries with reasonable prices).

Multi-device sync and privacy-awareness both are maybe reasons for a few individuals to switch but they both have problem with the number one feature of messengers: actually reaching other people.

Why something gets adopted is way more dependent on soft factors than on technical factors, as long as the basic requirements are satisfied.

[eertami]

>(which is the reason why it doesn’t have much adoption in countries with reasonable prices).

Huh? I don't think this is correct. WhatsApp is huge in Europe, nearly everyone I meet prefers to use WhatsApp over SMS yet almost everybody has "unlimited SMS" plans.

[legulere]

The unlimited texting plans came after whatsapp in most countries. In Sweden seemingly nobody uses Whatsapp. Here in Germany there are many people with unlimited texting, but it's far from everybody.

[hudell]

I just wanted MSN Messenger back. That was the only messaging app that worked well for me.

[RottenHuman]

What I want is a messenger which has all my friends in it.

Sadly at the moment that's only WhatsApp and Telegram to some extent. If only there would be some protocol or standard that would allow me to communicate across different providers.

But unfortunately such a standard must be technologically impossible, otherwise it would be implemented and widespread already.

[lqdc13]

This has to be a joke. Multi-device sync? Most people don't know what that is.

They just want a pretty GUI, their friends to be on it, and an easy way to send videos/photos/voicemails/whatever.

Granted, I've never wanted to send videos and sending photos works well on Signal right now. But until recently the GUI wasn't very polished.

[tazjin]

Of course they know what that is - and actively use it - just think of Facebook messenger.

[lqdc13]

They might actively use it but not because they want to.

In fact, Brazil's most popular chatting app that is recently banned there doesn't have multi-device sync. Hangouts does. Everyone could use hangouts, but not nearly as many people do.

[swah]

Using your phone number and address book to find contacts is what made it really easy for me. Also, iPhone users don't use Hangouts, but were somehow "forced" to use Whatsapp to talk to people on Android phones.

[Asmod4n]

multi-device sync means you have to store the private key in the "cloud", or something else which could directly identify you.

[tazjin]

No, iMessage for example generates a unique key pair per device and submits your public key to the key pool for your account. Devices can then sync old history using each other's keys and new messages will be encrypted for all devices.

The problem is that the key pool is in Apple's hands. You cannot guarantee that they don't go and add a key do the pool and get all your messages anyways.