[nothrabannosir]

If you consider PGP something that mostly works, and Signal the fringe contrarian view, then we have wildly different experiences around usability, and the relative popularity of those tools.

I couldn’t get any of my friends or family on PGP to save my life, and some of them are programmers. I am now at a 50/50 split in volume on Signal v WhatsApp, and most people I never even suggested it to. And they use it correctly (because that’s the only way you can).

Seriously: how is PGP something that mostly works, and how is Signal contrarianism? Isn’t it the other way around by now?

[sergiosgc]

Signal is non-federated. That, alone, is a showstopper as an email replacement.

Open and federated protocols and services should be our target. It is hard designing them, but if we could do that in the past, we should be able to do so today.

[nothrabannosir]

Two replies about email replacement; I feel like we’re getting off track. Signal is for secure, end to end encrypted communication. Ideally that would be all communication, but that isn’t realistic in today’s world.

TFA merely says: if you were gonna use PGP, use Signal instead. It’s a trade off. While we target these open and federated protocols, let’s not throw people who actually need encryption today under the bus.

So to the question of replacing email: unless all your email is currently PGP encrypted, you don’t need to drop your email just yet.

[sergiosgc]

> So to the question of replacing email: unless all your email is currently PGP encrypted, you don’t need to drop your email just yet.

You don't need to drop email at all. If you trade protocol openness for encryption, you are acquiring technical debt. How long are going to do this dance of switching between instant messenger protocols? ICQ -> AIM -> MS Messenger -> Hangouts -> WhatsApp -> Signal -> ???.

Open protocols (open in specs and federated in access) are the only way to stop this madness.

[Dolores12]

In the past Google and Facebook supported xmpp(jabber) protocol. That was real step in right direction. You could use your client and OTR plugin to encrypt all communications. It all ended in 2015.

[lvh]

Do you have an opinion on why that happened?

(I think a lot of useful Signal properties are much harder to do with federation, but that’s a subtle enough problem that it warrants a long form post, not a HN comment. I agree that ceteris paribus federation is better than not—but c.p. is doing a lot of work there :))

[pvg]

Is there some reason to believe it didn't happen (mostly) for the reasons stated by the respective parties at the time? 'federated' is often brought up as an unalloyed good so casually but as you point out yourself, there's a huge overhead, conceptually, operationally, etc.

[loudmax]

IMHO, Matrix currently has the best shot at becoming the standard for the open internet.

Those who value the freedom of choice should push for Matrix before Signal becomes the de-facto standard and is acquired by one of the tech giants looking to lock down control of communication.

[Andrew_nenakhov]

Matrix is too dependent on it's only vendor in existence, their only server in existence has performance issues. Also, a monolith standard is hardly viable for federated networks, where all nodes can't upgrade all at once.

[feanaro]

> [...], their only server in existence has performance issues.

This is either misinformed or disingenuous: https://www.hello-matrix.net/public_servers.php

[amdavidson]

Fortunately Signal is a well funded non-profit which reduces the likelihood of its acquisition significantly.

[pnutjam]

Anybody using keybase? I think they have excellent security, Superior to telegram and signal in some ways.

[robertony]

I'm still using ICQ...

[Andrew_nenakhov]

> Signal is for secure, end to end encrypted communication. Ideally that would be all communication, but that isn’t realistic in today’s world.

Do you seriously believe that ALL communication working through a single proprietary non-federated service would be a good thing? !

[nothrabannosir]

I’m having a hard time believing just how polar opposite of my point people are taking me, I must be explaining myself very, very poorly.

Let go of the idea of “good”, nothing is currently good. Everything is terrible. The only thing that’s “good” is a federated, open, and secure in practice protocol (I.e. not just for people who use it properly, but for people who is it full stop. Like HTTPS, for example.) Today, we don’t have that. Let’s work towards that. Let’s make it happen tomorrow.

But today: federated or secure, pick one. (See TFA)

Meanwhile , there are people , today, with a real need for encryption. (See TFA) A need that transcends our long term plans. These people look at what “techies” do and say, and they imitate it. That’s the way of the world.

It is currently PGP. That is not secure, in practice when used by those people (see TFA). Therefore, we need to stop using PGP, use Signal for now, until we have an actually good solution that is better than Signal and PGP.

That’s the summary of the article.

Nobody is talking about replacing all email. Nobody says the status quo is good. Heck, nobody is really arguing for Signal, as much as arguing against PGP, and signal winning by default. That’s all.

We’re all on the same side here, guys. It’s just a matter of temporary compromise.

[sergiosgc]

> We’re all on the same side here, guys. It’s just a matter of temporary compromise.

I get that, and I actually agree with you on almost this whole comment. The problem of the temporary compromise on Signal is that I don't believe it is temporary. Signal is actually good enough to prevent the transition to the optimum. Being non-federated, Signal will always have a single point of failure, but this will get masked until it is eventually exploited.

[kasey_junk]

But if you rule out Signal there isn’t another choice for the users in question.

There is not a federated messenger that provides the same security as Signal.

Your argument reduces to (for the user segment under question) “don’t use electronic because I value federation”.

I value it too but that seems incredibly selfish.

[Quiark]

You mean gmail?

[FabHK]

> TFA merely says: if you were gonna use PGP, use Signal instead.

The article mentions Magic Wormhole, age, and Signal, IIRC.

[tptacek]

So ergonomics trump security for you. That's fine. Stop telling people that they can safely follow your lead, because you've prioritized things other than their safety.

[sergiosgc]

An incremental evolution may cause us to get stuck in a local maximum. You are correct that the incremental step is necessary. You are ignoring that this incremental step sets us onto a path of closed protocols. In time we'll be worse off.

[tptacek]

So that's two things you think we should prioritize over people's safety: ergonomics and technological progress. You're digging the hole deeper for your argument.

[sergiosgc]

Only one. I never mentioned ergonomics.

[tptacek]

That's what federation is. All else being equal, you'd prefer people use less secure messaging so that you can have greater choice of clients and servers, and run your own server.

[emilsedgh]

Nobody talked about usability or widespread adoption.

Article was targeted at people who are using PGP and urged them to stop using it without, offering a viable alternative and the parent comment called it out.

[soraminazuki]

> Nobody talked about usability or widespread adoption

This directly contradicts the original comment.

> Article was targeted at people who are using PGP and urged them to stop using it without, offering a viable alternative and the parent comment called it out.

The article has an entire section explaining alternatives. The first link in the article [1], also written by the same author, has an even longer list of alternatives. It's hard to miss.

[1] https://latacora.micro.blog/2019/07/16/the-pgp-problem.html

[rstuart4133]

> Seriously: how is PGP something that mostly works

The entire Debian infrastructure is secured with PGP. PGP emails, PGP signatures, PGP encryption.

Seriously: it doesn't just "mostly work". It's rock solid battle tested for 20 years, and thousands of people use it without needing hand holding.

[nothrabannosir]

The topic here is “PGP in e-mail”, not PGP full stop. It’s all in the TFA, including a comprehensive list of reasons why it does not just work. Even with handholding, let alone without. If you disagree with any of those specific examples, please do elaborate, but at least address them. They’re good points.

Nobody is suggesting people switch to Signal for distributing .debs...

[eitland]

There's a lot of good things to say about Signal, but if it should replace email:

How do I export it for long time storage and for auditing?

Edit: to avoid confusion, I read in the help files that I can export my chats, but it seems clear that those exports are only supposed to be imported into another instance of Signal.

[tptacek]

I don't think Signal should replace email. I don't think email is going anywhere.

[eitland]

Edit:

So, your point over the last couple of years can be distilled down to:

- use Signal if you need actually secret mesaging.

- otherwise: anything goes, including iMessage and email.

- don't participate in security theatre

?

(Was:

------ So, again if I read correctly:

- unencrypted mail good,

- encrypted mail bad

?

------

But this is a not so subtle reference to Animal Farm and while it is probably funny it goes far beyond what I mean. )

[aquabeagle]

If you consider PGP something that mostly works, and Signal the fringe contrarian view

We're talking about email here, so yeah, the number of encrypted emails I've received with PGP is non-zero and through Signal is zero.

[ColanR]

I don't think either are good options. I was reading on here recently about the $2.1M that the US gov paid (indirectly) to Signal, with the implication of the associated compromise of integrity. And PGP is so labyrinthine that most of the mail tools implementing it had been compromised for more than a decade. [1]

Whatsapp? It's owned by Facebook, as we know, and I wonder if we can believe that we put on there is actually safe. I think that would be naive.

[1] https://arstechnica.com/information-technology/2018/06/decad...

[westmeal]

Hi, I'm having trouble finding any information on the 2.1M that you said the US gov paid Signal Foundation. Do you have a source? I'd love to know if this is true.

[dunkelheit]

The OP is probably referring to financing that Open Whisper Systems (precursor to the Signal foundation) received from Open Technology Fund (https://www.opentech.fund/results/supported-projects/open-wh...) which according to the Wikipedia has ties to the US government (https://en.wikipedia.org/wiki/Open_Technology_Fund). I guess the idea was to provide encrypted means of communication to dissidents in US-hostile countries.

Though I think it is a moot point. Signal foundation is a US organization and its officers are US citizens. I don't think the US government will have any trouble coercing them to do its bidding regardless of whether it financed them or not.

[westmeal]

I see. Since the PATRIOT act was put into place the US government can pretty much justify anything at this point so i tend to share the same viewpoint. Thanks for the sources man.

[upofadown]

>None of the vulnerable programs enables verbose by default,...

So the compromise is mostly theoretical...