Hacker News new | ask | show | jobs
by Certhas 3409 days ago
Yes it is:

https://github.com/WhisperSystems/Signal-Server

It's sure become fashionable to hate on Signal/OWS. The price of actually successfully bringing good encryption mainstream?

Edit: The comment I replied to originally included a question on whether Signals server is even open source.
3 comments
nileshtrivedi 3409 days ago
Signal is not mainstream. And you can't verify that Whatsapp/Allo have implemented the whisper protocol the way they claim to. We are being asked to "just trust them".
link
Certhas 3407 days ago
I have had success with getting lots of people on it. And the key selling point that it is no more difficult than WhatsApp makes that possible.

And that "no more" is really important. "Just slightly more" won't do. Especially not if it's "slightly more to someone who frequents HN". Because that's likely already prohibitive to most.

Take a person that just barely knows how to operate the play store. I can instruct that person over phone how to start chatting with me securely in a minute or two:

Go to the play store, download signal, open signal, I'm already there in your contact list. Write me a message. Done.

That's an amazing achievement. The much maligned fact that phone numbers are used as identifiers is key to that experience, too, because my phone number already is on that persons phone.

And yeah, I can't verify Whatsapp, but I still trust that Moxie et.al. have checked their implementation. Still that's why I push people to switch to Signal rather than stay on WhatsApp. Doubly so as WhatsApp belongs to Facebook now (I loved their original 1 Dollar a year business model, and if they still had that I would trust them a lot more).

Even with doubts about Facebook, it almost certainly is a massive win that WhatsApp implemented this. It makes WhatsApp immune to being subpoenaed for conversations, and thus they have a clear motive to implement it properly, too.

link
dublinben 3409 days ago
Signal is mainstream enough to have been used by the Clinton campaign in 2016 for internal communication. That's pretty mainstream.
link
mverwijs 3409 days ago
A presidential candidate (and team) of one of the more powerfull countries in the world using Signal is not "mainstream". It's "due diligence".
link
problems 3409 days ago
> The comment I replied to originally included a question on whether Signals server is even open source.

Sorry about that, I had looked it up just a second after I posted and then removed that line.

> hate on Signal/OWS

I don't mean to hate on them, just their stance on getting away from Google, using F-Droid, federating their service and many other things has been more than a bit of a mess or disappointment. I'm glad they finally made a step in the right direction and I hope this will continue.

link
Certhas 3407 days ago
The thing is, they gave good reasons on all these points. It's certainly valid to disagree with the trade offs, but people don't acknowledge that there are trade offs at all.

As I said in another reply, I can get a completely non-technical user to start using Signal with me in a minute, and have them have an experience that is as accessible as WhatsApp. That's simply not true for any of the other options I'm aware of (and it relates directly to most of the points you raise, with the notable exception of F-Droid. There I also find their reasoning weakest).

link
yagni3 3409 days ago
You can host a server, but you can't talk with people on the official Signal server or any other Signal server, as far as I am aware. This is not federated, just allowing of other isolated centralized clusters.
link
temprature 3409 days ago
The Signal server software has federation support. It's not enabled (anymore) on the official server but anyone could set up a server and federate with other federation enabled Signal servers.
link