As a digital self-defense trainer for activists, I’m often asked what app should we use for instant messaging. The easy answer is Signal. Signal is very good at what it does, but I’m afraid activists think about it as “the perfect solution” or “a secure messaging platform”, without taking the time to understand why it is not, and what are the issues in Signal.
And that makes me a little angry sometimes, especially when some friends are giving them money while activism scenes already have a hard time funding their own projects and Signal has not.
So here is an undetailed list of things I don’t like about Signal:
I have to say that I really like that signal has really strong crypto and invents new and good ways to keep metadata safe. And that it is the least worse we have when we are ok to share our phone number (or have a way to use a number not related to our civil identity).
But well, they wanna be a social network, and I think it’s so dangerous… It looks like they want customers, not users… I’ve been a Signal for many years now (probably around 10, it was not called Signal then but there was Textsecure and Redphone), and i’m so grateful of the work they did and still do, but they missed it at some point and turned into a “wannabe better social network IM” instead of “a very good IM platform for activists”. And Moxie has left Signal so the original strong connexion that existed between anarchist and activist scenes and Signal is wearing out (does it still exist? i don’t know).
Someone else recently wrote “I don’t inherently trust Signal”, which has a lot in common with what I wrote here (french version here).
I still recommend Signal over of pretty much anything else currently though. But I think we are currently in an hera of IM tries and attempts, and I hope soonish something will come out of all the work done in the past years and surpass them all!
I’m keeping an eye on these apps, hopefully one will be very good at some point:
More about Signal in Signal Fails(en)(fr)
I think we should try to use the least tech messaging systems as we can and (re)learn face-to-face communication as much as possible. Technology is inherently bad as it requires human exploitation. See Aurore Stephant from SystExt work (fr), see the conference « Nabil Hassein - Computing, Climate Change, and All Our Relationships » (en), and see other work about how technologies are built and (not) recycled at all. Plus all the bad with surveillance that we can only dodge a little…
(SimpleX dev message are in italic)
Groups aren’t really limited, I’m just limiting them not to create too much traffic for senders. It’ll be hugely improved this year.
Can you provide some example of a VC-funded project that has gone wrong?
Owncloud? But yeah my point was rather that if investors invest on a product, they expect a gain. At some point SimpleX will have to find a way to make money for these investors. Donation aren’t gonna be enough. So what will happen then? A nonprofit like signal cannot turn bad like that. (But signal has other issues iknow, its just an example)
Non-profits certainly can turn bad, and quite a few people believe it did. From not sharing server code for some years, to refusing decentralise the network, to adding closed-source components, to creating some smoke and mirrors instead of real protections for connections graph…
Non-profits, in my view, have as big if not bigger chances to turn bad. Ultimately, any organisation needs funds. There are only two sources - customers and either investors for commercial companies and sponsors for non-profits. The terms of investment and the influence that investors have on the company is quite limited, in comparison with non-profits. Investors can ask for some degree of control, and founders can agree or disagree, but this control is executed via a board, within rather strict parameters of the law. It doesn’t mean it can’t go bad. But non-profit sponsors, unlike investors, can request the same control mechanisms plus attach other conditions of providing the grant - if anything, it seems less regulated than investment.
So it seems to be a misconception that non-profits give any better guarantees to the users than companies without considering other factors. It’s conventionally believed to be the case, but I see lots of examples to the contrary.
In any case, we will be splitting the structure to use both commercial entity and several non-profits to achieve what we want to achieve. Organisation form is a tool, nothing more.
One more example of non-profit going bad - Linux foundation claiming that SSPL is not a real open-source license. Even though it benefits literally everybody - from license owners to users communities. And the only entities that don’t benefit from it are large big tech companies that offer cloud services - that are coincidentally the largest sponsors of Linux foundation.