[ycmbntrthrwaway]

The problem with federated approach is that it leaks metadata. When you take centralized system apart and expose internal communications to the Internet, you reduce anonymity. Extreme case is when everyone uses his own homeserver and information on who calls who and when is completely exposed.

It is not enough to make the system distributed, you need to exploit the fact that different parts of the network are controlled by different parties to build self-enforcing protocols that ensure anonymity.

For comparison, see how bitcoin is just distributed and zerocoin is anonymous. Gnutella is just distributed and FreeNet is anonymous.

[tptacek]

That's not the only problem, or the most important problem. The most important problem of federation is that it generates lowest-common-denominator security. For instance:

https://whispersystems.org/blog/giphy-experiment/

This is how Signal provides Giphy search (spoiler: they tunnel a TLS connection through their own server, with TLS negotiated end-to-end from the Signal app to the Giphy server, so that Giphy can't tell what client is searching for what GIF while at the same time Signal's server's can't see what people are searching for).

Does anyone believe that in a world where 90% of Signal-network client installs weren't Signal.app, that this is how features like this would work? It's not an unknowable question. All you have to do is look and see how Signal's competitors, like Wire, tackle this problem.

It's true that in a federated Signal-network, you might get clients that have security features Signal itself lacks. But because it's far easier to produce an insecure client than a secure one, insecurity will dominate, and be a boat anchor around any efforts to improve security down the road.

Call it "the libpurple problem".

[comex]

All true, but I think the situation looks a little worse for centralization if instead of 'security features', you think in terms of 'vulnerabilities' (almost but not quite an antonym). Signal probably has a lower vulnerability rate than competing software, but if someone finds an implementation bug, it can be used against every user on the network. Compare to, say, IRC, where there are a lot of really poorly written clients, but the sheer number of clients in use would limit the fallout of any one exploit.

Likewise, Open Whisper Systems is pretty trustworthy, but if someone gets access to their servers, either by hacking or by coercion, and starts, say, logging metadata (who's chatting with who), all Signal users are compromised. When I chat on a private (and SSL-only) IRC server, the security guarantees are awful compared to Signal - and I'm not saying that's not a problem - but at least I know that my conversations will only be compromised if someone really has it out for my group in particular; they won't show up in some massive leak and/or government database.

This also applies to binary distribution. When software is compiled by N different distros or package managers or by users directly, that does make it hard to get security updates out in a timely manner. But with a centralized system like Signal's, if the binaries are compromised, everyone is pwned. Yes, measures like reproducible builds can reduce the risk, but they're far from perfect. Is there even anyone who verifies Signal builds on a regular basis/automatically?

[mirimir]

> Gnutella is just distributed and FreeNet is anonymous.

That's a dangerous meme to be spreading. FreeNet is not anonymous. Peers know your IP address. And malicious peers can learn what chunks your node is handling. Sure, there's "plausible deniability". And common probabilistic attribution arguments are bogus. But that's cold comfort after the SWAT team has impounded all of your gear.

[ycmbntrthrwaway]

> And malicious peers can learn what chunks your node is handling.

They can't however tell if you are serving them or if you cached them due to their requests.

[mirimir]

That's true. But it's a long way from "anonymous".

[caf]

It seems like short messages are a perfect case for onion routing (not The Onion Router, but the general idea of onion routing).

[kuschku]

Signal leaks more metadata.

All the metadata of Signal is available in one single system, transmitted across the globe into a foreign, and hostile country.

In fact, we have to assume every bit that ever goes through the US is logged and stored by the NSA, and that makes Signal entirely untrustworthy.