• PhobosAnomaly
    link
    fedilink
    English
    511 months ago

    I’m torn on it. I love that everything is geared towards privacy, but location sharing seems to go against the grain of the program’s principles.

    I’d make use of it if it was included, but I understand why it doesn’t and Google Maps does a similar thing.

    • @ArbiterXero
      link
      English
      1011 months ago

      Location showing only goes against privacy If it’s not done right.

      It’s expensive to encrypt it and forward it through the servers or proxies, but revealing if done peer to peer. (And less reliable)

      But by the time I’m giving “live location” I don’t think my ip address is THAT private 😝

      • @[email protected]
        link
        fedilink
        English
        4
        edit-2
        11 months ago

        How is location expensive to encrypt? I share my location all the time but to do that I have to write an entire sentence to other people where I am. Just introduce a new message type (like with edits) frontend to enable location sharing. Location is sent every 5min or if the other person requests an update, than location is updated again (send location update request message to trigger response on the other side). Same encryption as everything else and easy to implement. Of course the devil is in the detail but the basis are trivial.

        The “hardest” part would be to show the location on a map without leaking data but just add a warning dialog and open externally. Every link in Signal you press has the same privacy issues.

        • @ArbiterXero
          link
          English
          411 months ago

          Encryption isn’t hard, the service to stream live data over an hour is what costs money.

          Continuous data

          • @teolan
            link
            English
            411 months ago

            It’s peanuts compared to video calls, which signal already supports.

          • @Serinus
            link
            English
            111 months ago

            It’s not continuous, and it’s not much data. It’s GPS coordinates once every five minutes and when it’s requested.

            • @ArbiterXero
              link
              English
              -211 months ago

              When you’re looking at the map, it’s continuous.

              And it doesn’t sound like a lot of data until you compare it to text messages that are 2kb a couple times per day

              • @[email protected]
                link
                fedilink
                English
                211 months ago

                The amount of data is a joke for location “streaming”. There is no need to update the location every second, most people on earth don’t travel with rockets. Updating the location at most every 30 seconds is probably more than enough for most usecases. Let’s make it 15s. Let’s be generous and just use two 32bit floats (could probably get away with 16bit half precision or fixed point). The size of the entire message (without meta data and encryption) is just 8 bytes. There are emojis that need more than that. And in practice people that can’t share their location often just end up sending images, so the amount of data is definitely not the issue with location sharing. A single image you send on Signal uses more data than streaming the location ever 15s for a few days.

      • PhobosAnomaly
        link
        fedilink
        English
        6
        edit-2
        11 months ago

        Oh I totally get why it’s useful, but it seems sharing more than intended goes against the privacy-focussed principle of the app.

        Though I do now see that if done correctly, it could be a bonus.

        • @teolan
          link
          English
          511 months ago

          The purpose of an app like Signal is specifically to be able to share stuff with people.

          What makes it private is that you are in full control over who can see what you send. You’re arguing that for something to be private it must prevent you from sending what you want to send.

          • PhobosAnomaly
            link
            fedilink
            English
            111 months ago

            Yeah you’re right, with your viewpoint I can see the hole in my almost cyclic logic, so I appreciate your take on things.

            I’m not too bothered about what is being sent with user consent - another user made a facetious comment about sending SSNs which is fair enough, if that’s what someone wants to send then wire in - but I think the key worry for me is the constant sending of identifiable and locatable data, something a little more than a single instance of encypted data sent at a user request, but the idea of a stream of data broadcast in the background which doesn’t sit right with me.

            That said, I’m not overly arsed either way, it’s not a deal-breaker for me and it was a useful feature when I was a WhatsApp user when on holiday with family and friends.

            • @teolan
              link
              English
              011 months ago

              I’m not too bothered about what is being sent with user consent

              For an app to be private, it shouldn’t be about “consent”, but it should be about “demand”. Send something only if the user demands it, not if they agreed to it. This goes with the principle of least surprise and the idea that the app should only act for the interest of the user.

              the constant sending of identifiable and locatable data

              Have you ever used such feature? I don’t think you understand what is being asked. We’re not talking about constant background location sharing (like I think snapchat is doing). We are talking about live location sharing with a contact or a group, for a limited period of time.

              Here how it works in Facebook Messenger. The location is shared explicitly with a specific group of people for a limited time period, and the UI should make it pretty hard to forget, and deactivate automatically after a certain time.

        • @[email protected]
          link
          fedilink
          English
          111 months ago

          But if I specifically want to share my position, live, I’m absolutely not sharing more than intended.

    • @[email protected]
      link
      fedilink
      English
      411 months ago

      I mean I can type out my social security number in Signal but sending text doesn’t go against Signal’s principles