[Beretta_Vexee]

The article confuses confidentiality with anonymity/pseudonymity.

Signal has always aimed to ensure confidentiality in the simplest way possible. People forget that there are anonymous systems or systems that do not require a telephone number but they are incredibly painful to set up. You either have to go through physical checks with QR code exchanges to validate participants or have some kind of web of trust (no one has fond memories of PGP key signing parties).

The same goes for decentralization. On paper, everyone wants decentralization. But when it comes to interconnecting hundreds of servers with different rules, moderation and legislation, and protocol versions, it becomes hell and no one wants to have to manage it (e.g. Mastodon).

There are objective reasons why these systems are not popular.

The other problem is that the very use of this type of software becomes a marker. I am convinced that the majority of Olvid users work for the French government, for example.

Iranian activists who are checked at the border or elsewhere with any uncommon communication application have already lost, regardless of the security of the application.

Crypto-punks are a niche group that can accept this type of usage constraint. My grandmother cannot, but she can use Signal and she will be one user among millions.

[noduerme]

Precisely. It's a bit like the browser fingerprinting dilemma. The greater lengths to which you go to hide your fingerprint, the more unusual your total profile becomes.

May I humbly suggest the thing I've done for 25 years, when I need to pass sensitive data like a slate of passwords or API keys or confidential business logic... I just PGP encrypt a zip file and attach it to a normal email.

This does nothing to address the anonymity issue, as you point out. But I'm really not sure that any set of measures I could take would truly keep me anonymous at this point in the race between governments and the well-funded organizations trying to evade them. I assume that no matter what I do to hide my identity, someone with enough money and motivation would be able to unmask it. To believe otherwise would be foolish.

[tchalla]

The amount of times I have Signal dunked on for confusing confidentiality versus anonymity is just too high.

[Beretta_Vexee]

People don't learn to tell the difference.

A number of people take advantage of this to push unrealistic and inconsistent threat models. ‘I need an anonymous, decentralised solution that can resist the NSA so I can send my shopping list to my wife. I'm not going to consider hardware access or coercion because I'm a law-abiding citizen.’

Some people forget that many things have already been tested. Do you want a file-sharing network and forums that are completely anonymous, decentralised, and resistant to censorship? It exists: Freenet. It's so overrun with paedophiles that even the most fervent advocates of anonymity have fled.

[ezst]

> The article confuses confidentiality with anonymity/pseudonymity.

sure, but let's not pretend that the distinction is lost on Signal and serves to fuel their security theatre.

> My grandmother cannot, but she can use Signal and she will be one user among millions.

And she will not be better-off than on WhatsApp. Even assuming that Signal is a good actor today (and, surprise, it very much is *not*: using a 3rd party client is against their T&C, they have a history of pushing their crypto to your face, their marketing is based on blatant lies, …), she will be back to square one the day inevitably Signal flips.

The case I'm making here is for federation. I skipped the whole Signal stage. My family and friends (including grandmother) are now on XMPP instead. It has all the guarantees you might desire from Signal without the hanging sword of Damocles hanging over your head.