We estimate that by 2025, Signal will require approximately $50 million dollars a year to operate—and this is very lean compared to other popular messaging apps that don’t respect your privacy.

You are viewing a single thread.
View all comments
67 points
*
Deleted by creator
permalink
report
reply
17 points
*

I‘m not an expert on this topic, so someone correct me if I’m wrong. Signal is only storing stuff temporarily to pass it on, so I’m assuming you’d have the exact same costs even if it weren’t centralized. Maybe even more as it’s probably cheaper to have it managed in one place. I’m assuming all this would do is distribute the cost, but otherwise be the same?

permalink
report
parent
reply
12 points
*
Deleted by creator
permalink
report
parent
reply
3 points

XMPP maybe. Matrix is a bloated protocol which costs a lot more to host.

permalink
report
parent
reply
7 points
*

The difference is that there’s enough unused capacity on your personal device to handle all the traffic any typical user needs to handle in a day many times over, for simple messaging. Likely, that load is so little it won’t even affect your battery life.

permalink
report
parent
reply
5 points

Wouldn’t you still need a server in between to temporarily store the messages if the other person isn’t available?

permalink
report
parent
reply
11 points
*

You’re not wrong. Federation would have higher costs but distributed over more people. Even with pure P2P a-la BitTorrent things might not be significantly cheaper because you’d likely still need to host authentication centrally or federally. You’d only eliminate the message bandwidth costs.

The thing is, we already have a way to distribute the costs - people subscribe to support Signal. Some pay more, others less. Whether I run a node that serves 100 people or subscribe for $10/month, it’s somewhat equivalent. So the practical takeaway should be - if you want for Signal to keep signalling - subscribe if you can afford it.

permalink
report
parent
reply
27 points

If you are curious, you should give XMPP a shot, it’s equivalent to Signal in terms of encryption, but anyone can host their own. Signal is ideologically opposed to anyone but themselves being in control of your account, and because of that I don’t want to trust them.

permalink
report
parent
reply
23 points
*
Deleted by creator
permalink
report
parent
reply
8 points

Indeed. Xmpp is lost as a general purpose chat app for everyone. I have many issues with matrix but it’s the best chance we have, particularly with bridges.

permalink
report
parent
reply
18 points

And now here I am, nostalgic for the good old days of having one chat app that could connect you to everyone over XMPP/jabber.

permalink
report
parent
reply
4 points
*

Neither XMPP nor Matrix will ever become “the next WhatsApp”: the current internet has seen too much consolidation for the tech majors to permit it (and open and federated protocols can’t compete, do not have the marketing budget nor the platforms to promote their software, but I salute the EU’s Market Act attempt to shake-up the status quo).

But that doesn’t really matter IMO. What (I believe) is important in the grand scheme of things is that such protocols remain alive, maintained and secure, so that:

  • small-scale instances can flourish and contribute to a more resilient/efficient internet (think of family-/district-level providers ; this is the kind of service I personally offer: family members and friends at large appreciate that the messages and data that we exchange aren’t shared over some cloud or facebook server for no good reason)

  • IM identities can persist over time: if you are a business or an individual, you may want to look into having a stable/lasting contact address, that will survive the inevitable collapse of facebook/whatsapp/instagram/… If you are old enough, your current email address probably existed before facebook. Why not your IM address?

And yes, I hear you, this is rather niche, but what got me there (and on XMPP in particular) is having been long-enough on the internet to become tired of the never-ending cycle of migrations from service to service. More and more people will have a similar experience as time goes, so this niche will only grow :)

permalink
report
parent
reply
2 points

If you need to convince your friends to use some app it might as well be XMPP compatible instead of another walled garden. If you can get your friends on board, you win, even if nobody else uses it.

permalink
report
parent
reply
9 points

Ten years ago sure, the days I’d suggest matrix instead.

permalink
report
parent
reply
1 point

I assessed XMPP vs Matrix about 8 years ago, and strikingly, the basis on which it didn’t make the cut still applies today. Here’s what I responded to a sibling post: https://programming.dev/comment/5408356

In short, Matrix dug themselves into a complexity pit with an inadequate protocol, survived for a while on venture capital money (upscaling servers and marketing at all cost), all of it dried up, and now they are in financial trouble. Matrix won’t disappear overnight, but is definitely losing the means to run the managed instances and the client/server ecosystem.

permalink
report
parent
reply
38 points

to do with a 1mb text file

God you must be like my wife and write fucking novels as text messages.

permalink
report
parent
reply
12 points

Lol I think they probably mean like an entire chat history (or page of one), but yeah that’s pretty big.

permalink
report
parent
reply
6 points
*
Deleted by creator
permalink
report
parent
reply
20 points

It’s difficult to maintain privacy in a P2P environment. In naive implementations, your IP address will be visible to all the peers you connect to. This is the case in e.g. BitTorrent.

Signal has this issue with video/voice calls as well; by default they operate on a P2P basis for performance reasons, and they expose your IP address to the second party. Signal has an option in the settings to relay voice/video calls through their servers specifically to mitigate this.

There are some workarounds for anonymizing P2P, like routing through Tor or I2P. Tor, however, has known exploits and is probably not suitable if you need to hide your activity from advanced adversaries like world governments (e.g. political dissidents, journalists, etc.)

I2P sounds interesting but I’m not deeply familiar with it. I understand that I2P clients also act as relay nodes, which puts an additional bandwidth burden on users. I’m not sure if I2P is more resilient against government-level attacks than Tor. I’d be interested to hear from anyone who is more familiar with the protocol.

permalink
report
parent
reply
10 points
*
Deleted by creator
permalink
report
parent
reply
3 points

A MitM sniffer would be able to see the source and destination IP addresses, not just the person you’re chatting with. Even if the data is encrypted, P2P is still vulnerable to a layer 3 attack.

permalink
report
parent
reply
11 points

If you’re using it for personal correspondence with people you know and trust, that’s probably fine. However, a secure and private communications platform should support more extreme use cases as well.

If you’re a journalist, for example, you might need to communicate with people you do not know or trust. You could realistically be talking to someone who wants to kill you, or who is being monitored by people who want to kill you, particularly if you are covering high-profile political issues or working with whistleblowers (or are yourself a whistleblower). Even revealing information as broad as what city you’re in (which would be revealed by your IP address) could be a risk to your physical safety.

Even though I do not personally face such high-level threats in my life, I feel better using services that allow for the possibility. Privacy is a habit, and who knows what tomorrow might bring?

permalink
report
parent
reply
1 point

Will the same apply if you’re in a lot of open group chats though?

permalink
report
parent
reply

Technology

!technology@beehaw.org

Create post

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

Community stats

  • 2.8K

    Monthly active users

  • 2.9K

    Posts

  • 54K

    Comments