• @fubo
    link
    English
    137 months ago

    I believe them when they say that one reason to drop SMS was that some vulnerable users were mistakenly sending SMS when they thought they were safe by using Signal. That’s a serious problem where a person having Signal on their phone could cause them to expose themselves to attacks. That person’s life is more important than my momentary inconvenience when my mom is using SMS and my friend is using Signal.

    I really wish that there were better options; some sort of incrementally-built web-of-trust like the old PGP model. But right now, Signal is still in a sweet spot for me: yes, it’s centralized, but it gets certain specific benefits of centralization while also credibly assuring that the server owners can’t do evil with it even if they want to … and they credibly don’t. I can get my family and my housemates to use it, instead of something from Zuckerberg.

    • @[email protected]
      link
      fedilink
      English
      57 months ago

      Those are definitely all valid points, though I feel a bit of UI work making it abundantly clear that it’s not encrypted in case of SMS and an option perhaps to fully disable SMS in settings if you really don’t want it would have helped further adoption. I feel like they are optimizing for a rather small subset of users and thereby hurting the rest.

      • @fubo
        link
        English
        1
        edit-2
        7 months ago

        I think it’s a good idea from a security standpoint to have a UX space in which everyone can be confident that everyone’s stuff is encrypted; with a very distinct and (yes) inconvenient barrier — in this case, a different app — between encrypted and unencrypted spaces.

        Everyone is using lots of different messaging systems: SMS/MMS; specific systems like Signal, Telegram, or WhatsApp; email; maybe Facebook Messenger; etc. It’s really important for some users’ actual lives that it be totally clear when you’re crossing from a secure space to an insecure space. Having the insecure space not be in the same app is one way to accomplish that.

        When we need to move data between the secure space and the insecure space, we can do that through copy-and-paste, or even screenshots. It is inconvenient, but that’s because it’s explicit and intentional, which also means you can’t move data from one to the other by accident. That’s good.

        As a privacy hobbyist, I want to notice what works for the people whose lives depend on privacy: the journalists, activists, sex workers, LSD dealers, etc. I don’t have their risks, but I want to contribute to a world where they can be safe.

        However, there are definitely lots of different needs and comfort levels. What’s a sweet spot for me might be an uncanny valley for you.

        • @[email protected]
          link
          fedilink
          English
          37 months ago

          You didn’t have to enable SMS in Signal if you didn’t want to.

          It’s a user-level decision, and again, it was very clear in Signal when it was going SMS already.

          It certainly killed adoption. It was the only app I had any success converting people, because it was seamless.

    • @[email protected]
      link
      fedilink
      English
      37 months ago

      That’s a pretty poor excuse, since Signal made it very clear when a message was going SMS.

      If they felt it wasn’t obvious enough, make it more obvious.

      I can’t find any reason to remove SMS support, other than something they’re not telling us.

      I read some BS about it costing Signal more to support… It couldn’t be much, because SMS is handled by the OS, Signal just hands it off via standardized API.

    • @[email protected]
      link
      fedilink
      English
      27 months ago

      I think all personal messages ahould be encrypted! This should be a standard, not optional.

      • @fubo
        link
        English
        27 months ago

        Yes, but my mom has an old phone and can’t install stuff.