Humans are too stupid to switch from convenience to slightly less convenience even if they get privacy for free. Any amount of discomfort is too much and changing an app is basically death.

Spam isn't a binary issue, where it either exists or doesn't. It could very well be the case that, without requiring a phone number, there'd be far more spam (since it'd be far easier to automatically create new accounts).

Again, do you have a better suggestion for spam & abuse prevention?

And still, aside from that - it doesn't really make sense to expect Signal to offer SMS integration just because it requires a phone number for spam prevention, when offering this integration would be detrimental towards the mission of Signal (offering secure messages).

They see no value in it. They don't see that privacy is proactive measure that can protect you.

On Facebook, especially in my family, accounts get lost and hacked. One fine day, it might be someone with more influence in the family who's attacker might make off with stolen bank information or passwords.

but "that'll never happen", right?

I believe in it,... for now.

I moved my family group to xmpp to have more personal control over our chats. Signal seems benevolent, but I've seen this play out before. Will it stay that way? We treat online forums with the idea that federstion works to stop enshittificstion. I believe XMPP is a good model for federating secure chatrooms for the same reason: People should control the voices of the people, not companies.

Can I ask why are you so attached to your message history? I recently lost my entire WhatsApp history and it hasn’t made any difference in my life to be honest.

Xmpp is far lighter on resources and not ran by a company with funding issues.

SimpleX as well!

Your reasoning would hold up if 80% of xmpp wasn't running on Conversations or forks of it, that all support OMEMO and OpenPGP.

Your criticisms are too broad with few serious negatives. What makes extensions powerful is that they can easily change the rules without breaking the underlying system. If your client sucks, get another?

You have choices, but if your problem is metadata, whoooo boy.

If you're privacy focused, do not use matrix… The amount of metadata it leaks is... | Hacker News

(news.ycombinator.com)

Encryption on metadata · Issue #9133 · matrix-org/synapse

Timestamps, emoji reactions, message sender, read receipts, and possibly files are not encrypted in encrypted DMs and rooms. Please have encryption cover all of these things and not just the message itself.

GitHub (github.com)

(www.reddit.com)

Matrix fits the bill.

Unless you don't like the federated nature.

WhatsApp is pretty much the first app anyone installs on their phone

Is this really the case?

Maybe it's a regional thing. I'm in the northeast US, and nearly everyone I know uses Facebook Messenger as their main form of communication, even people who don't touch Facebook at all. I hate Messenger for the same reasons that people hate WhatsApp, but I still have to use it because my entire social circle does. If I want to message someone outside Messenger without giving my phone number out, I use my Google Voice number.

I've only ever used WhatsApp to talk to work contacts overseas, and I've only ever used Signal to talk to paranoid drug dealers, which is a use case that's mostly been replaced by Telegram now.

The problem is there's no one on signal that I want to talk to. So "just ditch the app" isn't actually helpful.

XMPP/Jabber via a web client like movim.eu sounds like it ought to work!

You can also look into Snikket as a host for small groups like friends or family, but can continue to use the Movim web client even if you're hosting with Snikket rather than Movim itself.

IMO the best on-boarding I have seen in a chat app. Just scan each other's QR codes or click a link. No account management because ID is unique to each conversation.

Signal and WhatsApp need a phone number, Matrix/Element is needlessly messy, XMPP/Conversations is sensible IIRC (ID + password)

So much cope you didn't even notice no one mentioned matrix. We are comparing XMPP with Signal.

Your reasoning would hold up if 80% of xmpp wasn't running on Conversations or forks of it

Also, you really think saying only 20% of your chats are insecure is somehow making it better?

I will use the opportunity to remind that Signal is operated by a non-profit in the jurisdiction called "the US". This could have implications.

A somewhat more anarchist option might be TOX. There is no single client, TOX is a protocol, you can choose from half a dozen clients. I personally use qTox.

Upside: no phone number required. No questions asked.

Downside: no servers to store and forward messages. You can talk if both parties are online.

America is not a monolith. Signal's developers are very much aware of the risks of operating there and probably already have several escape plans given recent developments. I also think five-eyes probably has access but getting it might be computationally expensive.

Just got the app. Really like the idea!

FYI, while Threema front-end clients (apps) are open-source (and offer reproducible builds, which is surprisingly uncommon in open-source land), the server component, though supposedly audited, remains closed-source.

EDIT: for comparison, the Signal server code is mostly open source, but things like the spam filter are closed.

TIL I have no family I care to keep in touch with and I have no friends.