Was that the punch in the face, or was it all the morons intentionally misinterpreting this argument and saying “but why would u want to send nonsecure messages are you aware SMS isn’t secure it’s like so insecure to send SMS bro it’s not secure it’s like literally a security risk bro SMS isn’t secure at all and also are you aware SMS security is poor”
Well, I happen to disagree. I’m a privacy-conscious person, but I’m not an activist. Most of my contacts in real life (i.e the people I need a messaging app to talk to) are non-technical, and not really privacy-conscious. They’re not going to install a different app just to talk to me. The big draw of TextSecure (before it became Signal) was that they could just set that as their default SMS app, and it’d magically start to send encrypted messages if the other end was also using TextSecure, and they had to change exactly 0 of their habits.
I guess it depends on how you view it:
Move as many people as possible over to encrypted comms with the least friction possible, or
Provide a niche secure messaging platform for niche activists with niche needs.
I thought the goal was 1, but turns out it was 2. All my contacts are now back to Facebook Messenger…
It sounds like you’re slightly mis-remembering this oft-cited Hacker News comment from Moxie from 2015. I’m going to quote the main bit here because honestly a lot of people in this thread could stand to think about it:
If we were going to rank our priorities, they would be in this order:
Make mass surveillance impossible.
Stop targeted attacks against crypto nerds.
It’s not that we don’t find #2 laudable, but optimizing for #1 takes precedence when we’re making decisions.
I wasn’t actually quoting this, but yeah, I think that’s the point. Supporting SMS was helping adoption by promoting a seamless transition for users. Dropping it feels like prioritizing #2 to me. (All this comment thread about opsec, compartimentalization, activism, etc is really about #2, IMO)
You literally made up an argument no one made in this thread.
The fact of the matter is that it is unwise to have both secure and insecure messaging side-by-side. Depending on where you live, this could translate to a simple mistake resulting in imprisonment or worse. It’s very important that a “secure messaging app” only allow secure messaging.
You, like myself, probably live in an area where accidentally sending a message critical of the government over an insecure message would not have any tangible consequences, so perhaps you’re weighing the convenience as more important due to lack of perspective.
By that logic tho, you can also accidentally open a different app and send an sms, because on Android all the apps need to look and behave basically exactly the same for some reason.
I don’t feel that it’s me being intentionally dense here because, again, you’ve concocted an irrelevant scenario to argue your tenuous position - which I already agreed is possible, but irrelevant in this context.
App is app. Other app is other app.
In one app, it was possible to send both SMS and encrypted messages. In the other, just SMS.
Strawman, one of those big words people use when they can’t make a decent argument.
Would it be that difficult to have two versions of the app then? One without sms for the more security conscious and easily distracted people, and one with sms, that I could install on any grandma’s phone?
Difficulty of implementation was never an argument, only ideological ones, with which Signal fucked over so many people. Literally all of my Signal contacts have gone offline soon after they axed the sms support, and so I have no use for Signal at all.
So, mission accomplished I guess. Secure messaging has won- oh wait, everyone is back on WhatsApp.
All my friends and familiy are still on signal.
This is a you problem not a signal problem.
Maybe you should have told your familiy why facebook is bad instead of being “look fancy chat”
I never needed the sms tool(who writes sms anyways?) what i need is more secure coms that I can use.
One thing that still bothers me is that with the phone number…. I am still waiting for uniq identifiers to uncouple my phone from my messenger!
I’m not here to do Signal’s marketing for them, especially since I never liked it in the first place (due to the phone number thing). They had a good thing going for being an acceptable alternative, and they fucked it up. Definitely not my problem.
You literally made up an argument no one made in this thread.
I literally was not confined to this thread, which is blatantly obvious if you know how context works.
The fact of the matter is that it is unwise to have both secure and insecure messaging side-by-side.
Skill issue. If it’s too hard for some people to pay attention to what they’re doing and use a tool correctly, they can buy a Vsmile. This is all ignoring the fact that no human being could possibly fuck it up on Signal unless they’re too illiterate to send text messages—or indeed use a cell phone—in the first place.
I literally was not confined to this thread, which is blatantly obvious if you know how context works.
Making up an argument no one in the discussion has made is called the “Strawman Fallacy”. Why should anyone in this thread care that you talked to someone (allegedly) that was so dense that they made a bad argument that you got frustrated with?
If it’s too hard for some people to pay attention to what they’re doing and use a tool correctly
Ah, so much hyperbole. If I’m successfully stripping all of it away, is seems that your argument is that it is impossible (P=0) to accidentally send an SMS message in Signal, thinking it was a secure message. Is that really your stance? Admittedly, there was a lot of hyperbole so I might have missed the actual point. Please correct me if I’m wrong.
A fallacy is just pointing out that your argument isn’t likely to arrive at the truth. As I explained, your “I met a dumb person and so all arguments against this are dumb” stance isn’t useful, even if we agree you’re not just making that all up.
I asked for clarification. Is that your stance? That it’s fundamentally impossible that someone could accidentally send a SMS in Signal while thinking it is secured? I’m going to assume that you don’t believe it’s fundamentally impossible, so that mean your real stance is that if that happens and someone gets sent to jail or worse, that’s a small price to pay for your convenience of not having to *checks notes* switch between two apps.
Do you see how your lack of perspective might be leading you to make a poor argument?
Totally agree. Good opsec is all about building good habits. Having 1 app for secure and a different app for normal creates a healthy compartmentalization in the mind for ease of building and maintaining habits.
Was that the punch in the face, or was it all the morons intentionally misinterpreting this argument and saying “but why would u want to send nonsecure messages are you aware SMS isn’t secure it’s like so insecure to send SMS bro it’s not secure it’s like literally a security risk bro SMS isn’t secure at all and also are you aware SMS security is poor”
Not doubting that pushy idiots are going to pushy idiot, but I think you’ve strawmanned the actual reason hard enough.
Most people who want it back don’t need, want, or understand why secure messaging exists.
Here’s the simple facts:
SMS is not secure, or private.
Signal is for secure, private comms.
As mildly inconvenient as it is, Signal explained their reasoning in great detail, and I happen to agree: There should never have been an insecure option on a secure messaging app.
Well, I happen to disagree. I’m a privacy-conscious person, but I’m not an activist. Most of my contacts in real life (i.e the people I need a messaging app to talk to) are non-technical, and not really privacy-conscious. They’re not going to install a different app just to talk to me. The big draw of TextSecure (before it became Signal) was that they could just set that as their default SMS app, and it’d magically start to send encrypted messages if the other end was also using TextSecure, and they had to change exactly 0 of their habits.
I guess it depends on how you view it:
I thought the goal was 1, but turns out it was 2. All my contacts are now back to Facebook Messenger…
It sounds like you’re slightly mis-remembering this oft-cited Hacker News comment from Moxie from 2015. I’m going to quote the main bit here because honestly a lot of people in this thread could stand to think about it:
I wasn’t actually quoting this, but yeah, I think that’s the point. Supporting SMS was helping adoption by promoting a seamless transition for users. Dropping it feels like prioritizing #2 to me. (All this comment thread about opsec, compartimentalization, activism, etc is really about #2, IMO)
Question: are you missing the point deliberately, or is it genuine obliviousness?
You literally made up an argument no one made in this thread.
The fact of the matter is that it is unwise to have both secure and insecure messaging side-by-side. Depending on where you live, this could translate to a simple mistake resulting in imprisonment or worse. It’s very important that a “secure messaging app” only allow secure messaging.
You, like myself, probably live in an area where accidentally sending a message critical of the government over an insecure message would not have any tangible consequences, so perhaps you’re weighing the convenience as more important due to lack of perspective.
By that logic tho, you can also accidentally open a different app and send an sms, because on Android all the apps need to look and behave basically exactly the same for some reason.
I don’t feel that it’s me being intentionally dense here because, again, you’ve concocted an irrelevant scenario to argue your tenuous position - which I already agreed is possible, but irrelevant in this context.
App is app. Other app is other app.
In one app, it was possible to send both SMS and encrypted messages. In the other, just SMS.
This is not a very thoughtful response.
I recognize you’re probably not the original commenter, but this is the same flavor of strawman.
App is app. Other app is other app.
In one app, it was possible to send both SMS and encrypted messages. In the other, just SMS.
Strawman, one of those big words people use when they can’t make a decent argument.
Would it be that difficult to have two versions of the app then? One without sms for the more security conscious and easily distracted people, and one with sms, that I could install on any grandma’s phone?
Difficulty of implementation was never an argument, only ideological ones, with which Signal fucked over so many people. Literally all of my Signal contacts have gone offline soon after they axed the sms support, and so I have no use for Signal at all.
So, mission accomplished I guess. Secure messaging has won- oh wait, everyone is back on WhatsApp.
All my friends and familiy are still on signal.
This is a you problem not a signal problem.
Maybe you should have told your familiy why facebook is bad instead of being “look fancy chat”
I never needed the sms tool(who writes sms anyways?) what i need is more secure coms that I can use.
One thing that still bothers me is that with the phone number…. I am still waiting for uniq identifiers to uncouple my phone from my messenger!
I’m not here to do Signal’s marketing for them, especially since I never liked it in the first place (due to the phone number thing). They had a good thing going for being an acceptable alternative, and they fucked it up. Definitely not my problem.
I literally was not confined to this thread, which is blatantly obvious if you know how context works.
Skill issue. If it’s too hard for some people to pay attention to what they’re doing and use a tool correctly, they can buy a Vsmile. This is all ignoring the fact that no human being could possibly fuck it up on Signal unless they’re too illiterate to send text messages—or indeed use a cell phone—in the first place.
Making up an argument no one in the discussion has made is called the “Strawman Fallacy”. Why should anyone in this thread care that you talked to someone (allegedly) that was so dense that they made a bad argument that you got frustrated with?
Ah, so much hyperbole. If I’m successfully stripping all of it away, is seems that your argument is that it is impossible (P=0) to accidentally send an SMS message in Signal, thinking it was a secure message. Is that really your stance? Admittedly, there was a lot of hyperbole so I might have missed the actual point. Please correct me if I’m wrong.
“muh fallacy”
I didn’t know this was reddit
You deliberately missed the point, and seem to think I can’t tell you’re being deliberately obtuse.
A fallacy is just pointing out that your argument isn’t likely to arrive at the truth. As I explained, your “I met a dumb person and so all arguments against this are dumb” stance isn’t useful, even if we agree you’re not just making that all up.
I asked for clarification. Is that your stance? That it’s fundamentally impossible that someone could accidentally send a SMS in Signal while thinking it is secured? I’m going to assume that you don’t believe it’s fundamentally impossible, so that mean your real stance is that if that happens and someone gets sent to jail or worse, that’s a small price to pay for your convenience of not having to *checks notes* switch between two apps.
Do you see how your lack of perspective might be leading you to make a poor argument?
Being this obnoxious is practiced and you’re clearly conversing in bad faith, that’s the only response you get
Totally agree. Good opsec is all about building good habits. Having 1 app for secure and a different app for normal creates a healthy compartmentalization in the mind for ease of building and maintaining habits.
Indeed.
It’s a very basic trade that it seems few understand. You MUST trade a bit of convenience to increase your security, or mistakes will happen.