[tialaramex]

In the case of Slack though these are "private" communications only in the same way that say, email to colleagues at work is "private". Lots of people certainly could snoop this, and more probably would be able to if they really wanted to. You would not be told about that, it'd just happen and everybody involved would convince themselves that it's fine. Is it fine though?

Signal's rationale is that if we actually secure this type of conversation, we can tell people not to accept insecure conversations because they're trading something you might want (actual privacy) for... not very much.

We've been here before on the Internet, at least twice now. When I was still (barely) a teenager Tatu Ylönen invented SSH and connecting to another machine was now secure instead of hopelessly insecure. And at almost the same time a bunch of people at Netscape invented SSL (which became TLS) and made the World Wide Web secure. It only took a few years for ordinary (relatively) people to _expect_ SSH not telnet and it took a bit longer for HTTPS but in both cases we got to a place where secure was the default and expected condition.

[wpietri]

Yes, thanks, I understand the technical difference. What I'm saying is that from a user perspective, many people don't care, or don't care very much. Otherwise they wouldn't be using SMS, telephones, or email.

If Signal wants to be broadly successful, they have to be as good from the perspective of the broad base of users.