 Same as Reshek, and I use Signal, as many of you here, and I've been using Signal for a long while. In fact, I have asked, pushed, convinced, and implored my friends, family, and colleagues to also use Signal, as many of you have here. Who has actually pushed their friends, family, et cetera, to use Signal? Yeah, okay. Was it easy? It was work, right? It was like, you had to put in some elbow grease. And I'm happy to say I was pretty effective at it, too. So that's good. And just to make it very clear, I do appreciate the free and quite solid service that Signal offers. And I still recommend it to people whose threat model has the shape that Signal kind of fits into. I also think that valid criticism is necessary for a healthy ecosystem, whether the ecosystem is moving or not. And criticizing Signal seems to often be wrought with peril. Talking about its problems often can end up in pushing people to way worse solutions. I'm not gonna name them Telegram, but this is a real problem, right? We cannot have those conversations very often in the public because there's a danger that people will misinterpret them and move to something that is actually actively putting them in danger. But thankfully, we are at a place and time where I think it is reasonable to assume that most of us can somehow figure out that maybe we can criticize a tool and still probably use it because it's still probably better or almost certainly better than most of the similar tools available and popular. So maybe we could have this conversation now. And when I say a conversation, I mean it. We're gonna have a conversation. You're not gonna be just sleeping through a bunch of slides. One of the reasons for this is because this is my only slide. That's all you get. Everything else is me talking and then hopefully you talking and then magic might happen. So just to make it very clear, if at any point during this exercise, anyone here gets an urge to switch to WhatsApp, Telegram, or I was not supposed to name them, sorry, to some other tools and platforms, please wait a bit and just let's have a conversation later because threat models differ and all of that, right? But I do consider most of those tools lesser to signal outside very specific circumstances. Yeah, okay, so I'm just a random guy from the internets. Hi, and I have my opinions. So I will lay out those opinions on you. It is very important to understand that I have not designed a global system of communication that hundreds of millions of people are using successfully to evade and stay private and all of that. So take all of everything that I say with a solid amount of salt. Salt also improves flavor, so it might make actually palatable what I'm saying. So I also have this crazy idea that this should not just be my opinions because that will be boring. Does anyone here have strong opinions about signal? Only that, yeah, okay, we'll see what happens after a little bit later. So in December 2019, at 3063 at the Congress, Moxie gave a talk imaginatively entitled Ecosystem Is Moving, which was exactly the same title he used for a blog post here three years prior about exactly the same subject and basically having exactly the same content. However, this talk came and went and then there was the Q&A session where five microphones had aligned each mile long. Or a kilometer long or however you want to measure the length of the line. And I think only three questions were asked and then the Q&A was shut down. So what I would like to do is to have this Q&A now. We didn't get to have this Q&A with Moxie, so I would like to give the opportunity to have this Q&A with me. I'm not going to answer like Moxie would have, but I think it's a conversation that we should have had and we never got to have. And I find that annoying. So I would like to propose somewhat of a reverse talk where the Q&A will start basically immediately. If anyone has an opinion to share already, please step up to the microphone and we'll go from there. I hope that this will offer a little bit of group therapy because I do feel that we were denied this conversation. I do feel we have things bottled in or inside about signal and I think it would be useful to share them. Last disclaimer, I promise, I know those disclaimers are mile long again. This is all I'm saying is my personal opinions. I'm not doing a threat analysis or threat modeling or a proper audit of signal in any sense of the word. This is just one guy from the Internet talking about his opinions about signal and hopefully more people will join and we will have this group therapy together. So I'll start because I already am with the microphone. I will say that personally my biggest gripe with signal is that it is a centralized service. It is a good service, it is a useful service, it is effective in what it does, but it's still a centralized service. Of course, Moxie has given very good reasons for it and all of those reasons boil basically down to control. He feels or that's what he says and writes that he just needs to have the control or signal developers have to have control over the ecosystem and over the app. And the basic argument goes something like this, making sure that signal keeps working on all the platforms it supports is already a lot of work and that's true. Adding federation to the mix, adding the ability to say, oh, anyone can set up a server and these servers will talk to any other signal server and you will be able to have accounts on your own server and talk to other servers. That adds a layer of complexity and it would make it even more difficult to roll out new features and important bug fixes and all of that. And the argument continues, in effect competing with WhatsApp and telegrams of this world would not be possible or would not be as easy or well as... It would be way more difficult. And of course, Moxie is not wrong, right? It would make it more difficult. Adding federation to the mix would in fact make things more complicated and it would make it harder to innovate fast. That said, anyone is familiar with the phrase move fast and break things? Does it have a good vibe? It has... It leaves a bad taste in your mouth, I think. I don't think tools and services as important as signal and I think we can all agree that signal is pretty important and maybe some of us can agree that signal is effectively infrastructure for many of us. It's not just a service we use. For many of us, it is part of our infrastructure that we're using every day. I don't think we want our infrastructure to be managed in the move fast and break things manner, right? I think we might agree on that. And also, yes, not using... Not adding federation makes things a little bit easier, but you know what would also make things easier? Not adding encryption, right? It would be way easier to write signal if there was no encryption in it. That's a level of complexity, so I think it's not a question of shying away from complexity. It is a choice that was made, right? And I don't think that's a very good choice. Of course, Moxie says that these things are difficult and complex and to some extent impossible, perhaps. And then there's matrix and then there's the FedEverse like plenty of federated decentralized protocols that are able to innovate, right? Are able to move on, are able to add things, you know, have multiple clients that are not tightly controlled by a single organization, can have multiple servers that are controlled not by a single organization, and yet they move on, they add features, they make exciting things, right? And of course, neither matrix or FedEverse are exactly in the same niche as signal, but they are still an example of protocols that are able to do this, right? Another thing that was mentioned in his talk at 3063 was reliability as a reason for centralization, right? He gave this convoluted example of, oh no, what if one server goes down and then pulls all the servers down together? And that's a weird example to give if you're talking about a federated service, because I don't know about you, but if an email server goes down somewhere randomly in the world, and I'm pretty sure this happens all the time, that doesn't really affect my ability to use email unless it is my email server or the email server that my account is on or the person that I'm talking to, right? So it is interesting to me that the argument of reliability is used in the context of a centralized service, which is in effect a monoculture, right? Monocultures are not resilient. Monocultures tend to have problems because they are a monoculture, whereas a decentralized ecosystem of servers and services that talk to each other but are not run by the same organization are not using exactly the same software tends to be a little bit more resilient even if some part of those servers are always perhaps down, right? And finally for this part, as much as Moxie likes to use email as an example of a protocol, quote-unquote, stuck in the 90s, the fact that it is a protocol that has been serving us for half a century already, like email has been with us for half a century. Is there here anyone who is older than that? Okay, that's a bad question. Ignore that. Let's ignore that. So the fact that this is a protocol that has been serving us well for what it is used for, for half a century, that's some staying power, right? Meanwhile, we can, I think, all imagine or remember many, many different protocols and systems and centralized services that went away over the last 10 years, 20 years, right? Like text secure, thank you. Wait, oh no. Thank you. No, like Google+, for example, right? Anybody remembers Google+,? Yes, anybody remembers Google+, fondly? Thank you. I'll arrest my case. So, hey, you are warned, this is a rant. So, there is also a comment from Moxie. This was supposed to be about signal and it's about Moxie. Well, that happens. A comment from Moxie in a GitHub thread about liver signal. So do you remember, anyone remembers liver signal? Anybody used liver signal? Anyone? Yeah, okay, there are people. Anyone remembers liver signal fondly? Yeah, there's a hand, there's a hand. Yay, okay, okay, yes. So the comment is, and that was about blocking liver signal from using signals servers, right? The comment is, I'm not okay with liver signal using our servers and I'm not okay with liver signal using the name signal. Okay, fair. You're free to use our source code for whatever you would like under the terms of the license, but you're not entitled to use our name and the service that we run. If you think running service is difficult and expensive, you're right. Ask yourself why you feel entitled for us to run them for your product. I have an answer to this, actually, that I came up with finally. And the answer is, again, who here has pushed, talked, conversed, suggested, et cetera, people to use signal? And how much work was this? Who here was paid by signal to do this? Thank you. Again, I rest my case, right? This is, the point is, this is an ecosystem, right? This is a community. And I think makers of signal try to treat this as a product and customers. Yes, we get the service for free. That is absolutely true. Many of us donate to signal also, right? Who has donated to signal? Yay. Okay, right? So not everyone gets this for free, but there's also a lot of work that we have put into making signal what it is today, right? This is not a one-sided thing. This is not a company that makes a product that people use or not use, right? This is supposedly a community. This is a free and open-source software project. And this is one of the reasons why many of us have been suggesting it, pushing it, et cetera, et cetera, et cetera, to other people. And that is free work, right? That we're donating to signal. Another thing, and another thing, another side of centralization is not just the federated side, right? It's not just, like, can I run my own server? But it's also, can I run a different client for signal? Like LibreSignal, right? Like WhisperFish on selfish OS, which there is no official signal client for selfish OS, right? Like many other potential, I think there was a MOLI-IM, which was also a signal-compatible client, right? It isn't anymore, unfortunately. And so the other side of centralization is the client side, right? I would like to be able to choose a different client, right? Why would I like to maybe perhaps be able to choose a different signal client, especially on the desktop? I don't know. I don't know. I remember sitting and staring at this screen for five minutes once. Like five minutes, there was no major update. It just decided, you know what? We have time. It's fine, right? No rush, your messages will arrive eventually, you know, let's be a little bit zen about this. So I would like to be able to choose a different client because maybe a different client will have also additional features, right? Wait, innovation can happen in a situation where there are other players? That is shocking to me, I think, right? But also I would like to be able to choose a different client in a situation where the client that I am using has removed some features or changed its behavior in a way that I find annoying, right? Let's say a feature gets removed that you've relied on for whatever reason, right? Signal developers decide, you know what? It's too difficult to keep it in the code right now for us. But why block this ability, like why block other developers from doing this, right? Why say, you know what? It's too difficult for us, but hey, you know, go ahead. Why not, right? It's not big of a deal for us. No, you cannot do this, right? Or let's say a signal client removes a translation in the language, in your native language, right? And you cannot, you do not have the option of choosing a different client that maybe perhaps supports this particular translation. Suddenly, depending on your ability to use different other languages, you might not be able to use Signal fully. The third thing that I'm going to say is, again, Signal Desktop. Signal Desktop is the bane of my existence sometimes. And it is obviously an electron app, so you cannot run it on a machine that has less than four gigabytes of RAM dedicated specifically to it, right? You have to have enough RAM for the operating system, you have to have enough RAM for everything else you're doing, which will be about a gig, and then you have to have four gigs for Signal specifically, right? But, like, okay, that's fine. I guess those images are heavy and all of that. But why can't we have a native client, right? Why can't we have a client that is not based on a browser and is usually tracking this browser, what, two versions behind? How much time? Ten minutes, okay. I'll be wrapping up so that we can have more questions. Why can't we have a client that is not tracking a browser, a very well-known, let's say, target for people who might want to do bad things? So the fact that Signal basically tracks a browser, a few versions behind, means that there are probably known vulnerabilities that are fixed in the browser, but then they have to be fixed in Electron and then they get fixed in Signal, right? There's a bigger window of opportunity here for, let's say, malicious behavior. And I would like to have a native client instead, right? That does not have this particular problem, right? But what the bright side is, at least we got stickers, right? So I guess that's good. One last thing I will throw at you before I will invite people to crowd the one microphone, I guess, one, one, is Feature Creep. Feature Creep is real, right? And I started wondering a while ago, is Signal still an encrypted messaging app, or is it becoming a social network? And the reason why I started asking this is because groups are becoming big and, I mean, it's great that groups can be great and huge, but I feel like more and more features are slowly being added that gravitate Signal towards a social network more than an IM. And these are two different tools. And I need Signal, for example, me personally, again, my opinion, guy from the Internet, I need Signal to be the encrypted IM that it was supposed to be from the start. Because if it stops being a good IM to become a good social network, I will have to switch. I will have to have a good IM somehow. And I will not have this, or nobody will have this opportunity because those clients are, you know, only the blessed clients can be used. So my question is at which point the Feature Creep becomes too much, right? And maybe it would make sense to focus more on making this work, allowing some independent native clients to emerge and thrive instead of focusing on Feature Creep. I guess one can hope that Briar will get better and stuff, but yeah. So anybody has opinions? Yes, please. Yay! I wasn't wrong. I thought people will have opinions. Now let's see if the opinions are about Signal or me. Great review. So I would like to add furthermore that if you go to Signal web page and press Get Up, it gets you to Google Play or App Store, and that's the only way to get the app. You cannot just download the app or build it, okay, you could build it. The thing is, it's not distributed by Android. It includes Google services and not everyone is okay with them. And as we know, Signal blocks third-party clients, so yeah. So I'm gonna, I will vehemently agree with you with one different, one caveat is that you can download the app. I think it's Signal.org slash Android slash something. If you know the URL, you can download the APK. Sometimes ago I was trying, and I couldn't. Anybody remembers the URL? Slash Android slash APK. There you go. So yeah, but like it's like in the basement, the second door to the left, the tiger, you know, this kind of stuff, right? Meanwhile, the Avril Telegram lets you have third parties, lets you download from wherever you want. Even Telegram itself releases on fDroid, and they're okay with that. Absolutely. I would love to see Signal on fDroid, but please, please, also leave some time for the next, thanks. So several comments. So there's wire, which I believe is generally, they're very engaged with the MLS project. MLS is the Message and Signal Air Security project. It's essentially trying to come up with, anyway, if you're interested in this stuff, you should know about MLS. And there's, okay, anyway, but about Signal itself, I mean, Moxie has a certain position in whatever it is, but my objection was much more narrow, was always specifically that Moxie was complaining about the upgrade problem. Essentially, that was his core objection, was that he wasn't going to be able to upgrade the thing, and that the nature of the software is complicated enough that he did need to be able to upgrade it. The second statement here is true. It's absolutely true that he did need to be able to upgrade it. He did need to be able to kill off third-party clients to do something complicated. That's just going to be inherent in being able to change cryptography. Can you get to the point because this is a lie? Anyway, the thing is, is that if you want a perfect example of somebody who does this and makes it work, is Tor, they do have an upgrade path, and there's others with complex upgrade paths. Yeah, there are ways to do this, right? Yes, it adds a little bit of complexity, but it is possible. It doesn't stop you completely from doing it, and I agree. Yes. Well, add another thing. I like your shirt. Thank you. And also, I don't like having to use my phone number to use Signal. Yes. And the reason I don't like that is because I don't want to use the same identity for all of my communications. And I find that people are picking up Signal more and more. We're using it for all sorts of things. We're using it for socializing. We're using it for work. We're using it for this, that, and the other. I want to have different personas. And obtaining new phone numbers is hard. Fully agreed, but since now I'm on the receiving end of this, I will defend it a little bit. There is now a way to migrate between phone numbers, at least, so yay. And there is now, I think Signal is slowly moving towards a phone less identity. Let's hope this happens. But, yeah. Could have been prioritized, maybe? Yes. So, while I agree that Signal does have some weak points, I want to play the devil's advocate a bit and say that I don't think the comparison with email is fair at all. Moxie used it, I took it straight from his talk and straight from his blog post. Yes, but like, from a concrete perspective, email evolved in a very different system and we only still use email because all the alternatives somewhat dies. So we will only know which messaging system will survive in 50 years, in 50 years. And also another small point I want to make is that there is this ugly truth that cryptography is hard and usability matters. And Signal did manage to make a usable product with excellent cryptography. And that's why you use it. Yeah, absolutely, we agree. As I said at the beginning, I appreciate the product, I use the product. I strongly suggest the product to signal to many people. But just we need to air this stuff and Moxie didn't give us the chance, so I must end in. Yes. So, fun fact, people really think that because of the stuff with Libre signal a while ago that third-party clients really aren't allowed, but there's a lot of them right now. There's GERC. It's closer to the mic. Sorry. GERC is a desktop client written in Rust for the terminal. There's also Signal CLI and Signal D. Then there's this other guy with Mali.am. Yeah. A bunch of forks with, like, different. I also help maintain a signal client for the command line in Rust. They're all a huge pain because in fact the ecosystem does keep moving. But they're not as frowned upon as they used to be and also Moxie isn't that signal anymore. Many of the things that have been taken for a given for a while have changed. Also, yeah, hopefully user names launch before Fusion happens. But the social aspects aren't going to go less. There's a bunch of stuff in the code for stories and stuff like that. Thank you. One more response to the previous question. In the blog post, Moxie clearly says that there's no technical reason why Signal cannot be federated. It is a choice. The protocol is designed to be federated. There's a choice that blocks that. Yes. We're running overtime, so this is the last one. Sorry. Can we have two? Can we have two? No, please. Otherwise I get injured. Let's have two. But otherwise there's sufficient time after this. Please be quick. I'm just wondering what will happen to the clear Earth which currently ships a fork of Signal and or even calls it clear Signal or something like that. So if Moxie does the same thing as he did five or six years ago with the Libre Signal, he will also shut them down. I wonder if that happens. We'll see. You had a question. Be quick. I just wanted to say quickly that my main gripe with Signal is that it's too much of a Silicon Valley tech bro vibe to it. Thank you. You just called it a product. I have a feeling that except for being run by a non-profit it would have been Facebook, it would have been Google. It tries to control it just as much as they do and tries to feature match those products like WhatsApp and that kind of stuff. I agree. Thank you very much for that comment. I fully agree. And on that note we have to give a great round of applause to Vitek. Thank you.