[wpietri]

Why would a group communication tool be compared with another group communication tool? What's the part you're missing there?

I have some friends I talk to in Signal groups. I have others I talk to in Slack. In both cases, the goal is the same: communicate privately with a known group of friends.

[tialaramex]

In the case of Slack though these are "private" communications only in the same way that say, email to colleagues at work is "private". Lots of people certainly could snoop this, and more probably would be able to if they really wanted to. You would not be told about that, it'd just happen and everybody involved would convince themselves that it's fine. Is it fine though?

Signal's rationale is that if we actually secure this type of conversation, we can tell people not to accept insecure conversations because they're trading something you might want (actual privacy) for... not very much.

We've been here before on the Internet, at least twice now. When I was still (barely) a teenager Tatu Ylönen invented SSH and connecting to another machine was now secure instead of hopelessly insecure. And at almost the same time a bunch of people at Netscape invented SSL (which became TLS) and made the World Wide Web secure. It only took a few years for ordinary (relatively) people to _expect_ SSH not telnet and it took a bit longer for HTTPS but in both cases we got to a place where secure was the default and expected condition.

[wpietri]

Yes, thanks, I understand the technical difference. What I'm saying is that from a user perspective, many people don't care, or don't care very much. Otherwise they wouldn't be using SMS, telephones, or email.

If Signal wants to be broadly successful, they have to be as good from the perspective of the broad base of users.

[juped]

Please recall that earlier in the thread, the following was posted:

"[Signal is] really an engine for revealing people's true preferences for messaging, which, for many people, tend to be that they want all the ergonomics of Slack a lot more than they want cryptographically sound secure messaging."

This comparison to Slack makes no sense - Signal replaces texts and makes them end-to-end encrypted. It's a straight upgrade to texting (except, apparently, on iphone, where apple won't let the app send plain old texts and the "drop-in replacement" quality is neutered). It requires a phone number to use, and is linked to that phone number.

Signal is right to be what it is, and if Apple got out of the way, I would insist on replacing all texts with Signal. Replacing my Slacks with Signal or my Signal messages with Slack fails to type-check.

[wpietri]

The comparison doesn't make sense to you, because you value privacy highly. It makes plenty of sense to people who don't.

People do literally compare them when deciding what group messaging app to use: https://news.ycombinator.com/item?id=21746863

For people like that, end-to-end cryptographic security is at best a nice-to-have. And I'd guess that's circa 90% of people.

Signal's true value comes when lots of people are using it. I never bother with secure email, because almost nobody I know has it set up. But I use Signal for the great bulk of my texting, because most of my friends are on it. If Signal wants that to be more and more true, they have to compete with the other tools people use for group communication.