u_tamtam @ u_tamtam @programming.dev

Posts

6

Comments

454

Joined

2 yr. ago

Hey, at least thanks for having done your research on the topic :-)

Re: "Signal technically cannot know your social graph" is more of "we, Signal, have got the information in our hands but we swear not to look at it". Essentially, your device is sending the data to Signal, and then the matching is done in a "secure enclave". One problem is that this step could totally be bypassed without your knowledge or consent. A second is that the technological underpinning of it (Intel SGX) has known unpatchable flaws. A third is that even if the build-up of your social-graph isn't stored initially, it can eventually be inferred from your usage patterns. A fourth is that even if you find good reasons to trust Signal today, they offer no definitive technological guarantee to enforce it in the future (the deal can change at any moment, being a non-profit isn't a guarantee either).

I will also say that, in a decentralised communication system, you are reliant on every party you communicate with, and the tools they use, to not expose such data about you either. It’s not a panacea.

No, in a decentralized system, you elevate your service provider to the same level of trust that you do today with Signal (with E2EE and maths taking care of the rest). The gotcha lies in the fact that you can be your own service provider in this case, or that you can establish other means to trust them (contractual, legal, moral, … obligations, that's up to you). And in the fact that changing service provider doesn't mean relinquishing all your contacts, histories, data, clients, etc…

it’s utterly ridiculous to claim that this is not a way forward

I don't disagree that Signal has some appeal over WhatsApp today. I only disagree that it represents a significant-enough step forward to justify having people massively migrate to it. From experience it is a doomed service that will deceive its users eventually (by design), and will cause more harm down the road (triggering another unorganized rush towards even worse services like Telegram) when it ultimately gets to this point. If you ask people old-enough to have known and used WhatsApp in its early days, they will depict a picture about as rosy as the one you paint today for Signal. All that to say, once again, that nothing is eternal. Especially in today's extremely consolidated internet (like, who would get in the way of Meta, Alphabet or Microsoft buying off Signal if they ever want to?).

Without delving into too many details, those presumed benefits of Signal matter very little in practice:

• Signal, just like WhatsApp, is centralized: as brokers of your messages, they do know your social graph. In the case of Signal, they "pinky swear" not to look at it, but that's not a technically enforceable guarantee (impossible by design). The same applies to metadata: Signal can absolutely infer from your usage patterns (frequency, time, volume, …) the nature of your social graph, or if you are rather at work or at home, in a romance or not. Signal can absolutely tell where you are based on your IP, or the device you are using. Worse, while they swear not look, not to care and not to log any of that, just by relying on third-party services and running in the cloud, they expose all this metadata to less trustworthy parties who will do the caring and logging as they are mandated by law.
• Nothing that can be said (or even proven) today about Signal is evidence that the same will remain true in the future. Signal can figure that it costs a lot to operate and might seek other financing schemes. Or its developers can be compelled by law enforcement to alter the service without public disclosure. It all boils down to "nothing is eternal" and while we can't tell when the demise of Signal will occur, history proves it's inevitable, and on this path it might turn as unlikeable as you find WhatsApp to be today.

The only way forward I see is to break away from the centralized model: by design, it can't guarantee your privacy ; by operating principle, it can't guarantee its sustainability.

Sorry to pollute this thread with my heretic use of the English language. I just wanted to add that any valid criticism against WhatsApp can be identically transposed to Signal: both platforms are centralized and rest in the controlling hands of a single entity, which may, on a whim, change the "social contract" under which it operates and ultimately deceives its users down the road. This is especially significant since operating at such a large scale puts an exponential (financial, technical, organizational, ...) pressure on the service.

Long story short, amongst the alternatives to this model, the most practical one is the federated model, where, like email, different accounts providers (such as hotmail, gmail, corp.com, ...) provide service to their users and broker messages to their recipients onto the larger network (pip@hotmail.com can send messages to posy@gmail.com). XMPP is a good example of that, and NLNet happens to regularly sponsor initiatives which, over the years, have made XMPP a compelling alternative to centralized services, Signal and WhatsApp included.

leftist activism like tiktok

Lol, you might have missed a few news cycles if that's your take. Tiktok has been well documented as a vector of foreign interference while propping up right wing populist movements.

One of them, for a 50% premium and worse finishing/less robust

Not in the way of ThinkPads being one of the last bastions of laptop durability and upgradeability, though

I've compared the two a while ago, seems to me like slightly different takes around the same core ideas. It's true that a couple of things in Ansel feel more natural, but it's not much, and it's probably not worth the risk (AFAICT the bus factor is one, compat with DT isn't a goal).

Darktable developers pride themselves for their non-destructive processing pipeline and use it as an excuse for how quirky and inflexible their UX is. I believe they are highly competent on the highly technical bits that ultimately very few people see or understand. Personally I can use it to an extent if I unlearn what other software have taught me over decades of UX conventions.

Isn't that the essence of the issue, that those models are loaded with biases, that might or might not overlap with dominant ones in inscrutable ways, hence producing new levels of confusion and indirection?

This is Microsoft enshittifying the platform they acquired to squeeze more revenue. But this is totally fine, because as user hostile and evil as the Microsoft corporation measurably is, they made a cute jpg few years ago about loving opensource or something (yeah, I know, those are different things, but I'm calling out their PR bullshit and the usual bootlickers)

I’ll bet people said the same thing when Intellisense started suggesting lines completions.

I'm sure many did, but I'm also pretty sure it's easy to draw a line between code assistance and LLM-infused code generation.

Telegram never was private, group chats never were encrypted (and that's not an opinion: the feature simply is missing). If anything, they are just removing their false and deceiving claims. That they remained there for so long is something I can't wrap my head around.

I'd argue XMPP is less ideal than Matrix because groups are located on a single server, which makes them easier to take down than Matrix' replicated state.

That is true, but it's never been a problem in my relatively long experience with XMPP: some server software can be used as a cluster and distributed, making it highly available (basically, the whole of WhatsApp runs on a fork of ejabberd), and the comparatively tiny resource usage of XMPP contributes to its stability.

XMPP does have a spec for F-MUC (distributed rooms somewhat like Matrix, many years before Matrix) and my rationale as to why it never picked up despite a whole decade of "competition" from Matrix is that it's a problem that just doesn't need solving. The price to pay for it is hefty: Matrix resource usage (bandwidth, CPU, RAM) is insane, its protocol complexity makes it a single-vendor implementation (which is risky on very practical grounds), and it's not even bulletproof for the niche use-case it set to tackle: in the end, your identity server on Matrix remains centralized.

You can tell that I'm partial to XMPP, but that's only after having been a service operator for years, with my original expectations largely favouring Matrix.

I think you should give Trilium(Next) Notes a try:

• it has the hierarchical notes structure that you are familiar with in obsidian
• it has better ways of keeping things organized (attributes can be values or references, can be shared and inherited, which provides a flexible framework for having notes "types" as templates that can be extended, e.g. people vs. colleagues, businesses vs. companies, etc)
• it has the concept of note hoisting (which lets you focus on a note and its sub-notes, so other projects/spaces don't come in the way of autocomplete and placing references), and workspaces that builds further on top of that
• it can be used standalone (local client/offline-only, like obsidian) but coupling it with a remote-server opens more interesting use-cases (synching, sharing notes with others by public URLs, one-user/multi-client editing) which gives the best of both worlds (local-first/online-first) and lets you access your personal notes on devices you don't necessarily own (which obsidian doesn't). The mobile app story isn't great (it's a PWA with limited offline capabilities at the moment), but isn't worse than the alternatives either (I can't really work and think long form on a handheld, no matter the editor experience, but perhaps that's just me).

You need to list out your requirements. What do you want to do? Where do you need your data? Do you care about open source? Self-hosting? Do you have an idea how your content will be organized? Will you ever need to tap into it as data? Etc

Have you tried trilium notes? Not as hyped and polished, but does extraordinarily well IME.

I didn't like obsidian's lacking in attributes structuring/typing and the fact that it cannot serve over a web UI (for wherever you cannot install the heavy client or just to share notes via URL), and found trilium notes to be doing that perfectly, and much much more. Highly recommend.

You can host (tens? of) thousands of XMPP sessions on a RPi at the back of your router or in a field hooked to a PV panel and sim card, and none of "the wealthy" knowing or caring about it, though. The difference with signal is that everyone can do that, and everyone doing it expands the network and makes it more resilient for the benefits of all.

How it works (to simplify) is them giving up on matrix clients ever becoming performant and well behaving on handheld devices (because of the absurd complexity of the protocol), and, instead of doing something about that, just decided to shift the client logic onto the server and castrating the clients (esp. for offline features). It's also good short-term business because it makes hosting Matrix even more cumbersome and expensive, giving a compelling reason for the type of midscale/corporate deployments previously on the fence about their self-hosting costs (due to poor design and scalability) to just pay Element for that (while probably contemplating an alternative future).

Matrix has the tendency to require all participants's servers to replicate all of the room state (who joined when, who said what when, whose avatar changed to what when, ...) practically forever, and is sucking a ton of bandwidth and CPU for the privilege. It's pretty bad, unfixable, and, if you ask me, over hyped.