https://www.cnn.com/2023/02/18/business/twitter-blue-two-fac...
Bonus: Session does not demand users' phone number. Also no bundled cryptocurrency.[1]
Not whether that's a good idea is more debatable; you're not wrong about discoverability.
It seems like Session relies on Oxen's network, so while there is no inherent coin it is blockchain backed.
> Session’s onion routing system, known as onion requests, uses Oxen‘s network of Oxen Service Nodes, which also power the $OXEN cryptocurrency. Check out Oxen.io to find more information on the tech behind Session’s onion routing.
Seems like all their stuff is open source.
Bravo to Signal for being easy enough for my family to use!
https://projects.propublica.org/nonprofits/organizations/824...
So it was the best of all the available options practically, if they wanted to grow and retain the users.
There are opensource self hosted solutions like BlueBubble that allow reasonably secure communication through iMessage to the other chat platforms on desktop/Android etc. I have zero affiliation, but I know others who happily use it. There are also less secure and paid solutions I can't speak to.
https://signal.org/blog/sms-removal-android/
edit: wording, forgot the word remove
1. https://www.wsj.com/articles/why-apples-imessage-is-winning-...
There is also a third alternative: Threema (https://play.google.com/store/apps/details?id=ch.threema.app...) is a privacy-focused messenger app that tries to cover its costs by *gasp* asking for money for the app! But of course those notoriously financially-conservative Swiss can't hold a candle to Signal, who first decided to give away their app, same as those other messenger-making companies flush with cash, and then found out that supporting all those users who download your free app actually costs money...
I was happy to note this about employee compensation since paying them well is a good thing apart from their personal motivation to work on this (even at a comparatively lower pay than in other companies/projects):
> When benefits, HR services, taxes, recruiting, and salaries are included, this translates to around $19 million dollars per year.
> We are proud to pay people well. Our goal is to compensate our staff at as close to industry wages as possible within the boundaries of a nonprofit organization.
That said, I really dislike Signal for a few reasons. The first is what many people have already talked about very often — forcing to use a phone number to register. Since the SMS or call costs are quite high, Signal could adopt the iMessage approach to verification, which is having the user send an SMS to the service (this will cost the user some money depending on which country the SMS is sent to). This could be decided based on the country code so that the current SMS OTP model can coexist.
Signal is obstinately user unfriendly on a few aspects on user experience, more so on iOS/iPadOS. Firstly, it refuses to provide a data backup mechanism for iOS/iPadOS. If someone loses their devices, there is no way to restore older messages. Even setting up a new device requires the old device to be in physical proximity to transfer the data. Signal does integrate with CallKit (to act like a phone app) and with Apple’s notification services, but refuses to allow the user to backup the data with a password to encrypt it.
Secondly, I found this paragraph in this post to be disingenuous:
> Such practices are often accompanied by “growth hacking” and engagement maximization techniques that leverage dark patterns to keep people glued to feeds and notifications. While Signal is also free to use, we reject this kind of manipulation, focusing instead on creating a straightforward interpersonal communications app. We also reject business models that incentivize such practices.
Signal on iOS/iPadOS wants the user to enable notifications and to share contacts. If notifications are disallowed and if contacts upload is disallowed, it will pester every few days about it. One might think this is a silly mistake that Signal isn’t aware of. But it was reported some years ago and Signal responded that it will not fix it because it believes this is the only way. [1] Not even an option where this is a toggle for those who want no notifications or don’t want to share contacts (Signal does have a toggle for contact joining notifications).
Signal is also not that reliable in delivering messages in a timely manner compared to other apps (the GitHub repo has many repetitive issues on this topic over all these years).
Finally, since Signal has poorer UX in general, which isn’t an easy or cheap thing to handle, I use it only with less than a handful of people who I know and who use it.
I’d donate occasionally so that Signal can continue to exist, but I don’t feel like supporting it every month with all these issues, some of which look like Signal ignoring the user and UX issues completely.
Edit: Removed some hard words.
[1]: https://github.com/signalapp/Signal-iOS/issues/4590#issue-72...
$7m Twilio
$4m Microsoft
$3m AWS
$1.3m Google
https://projects.propublica.org/nonprofits/organizations/824...
[1] https://www.theguardian.com/technology/2016/jan/18/whatsapp-...
[1] >>38117385
(via >>38291490 , but we merged the comments hither)
In curious Googling to see if there was an explanation for how their structure works, I stumbled on this interesting Glassdoor review:
> The bonus structure promised up to a 100% match with salary, but in practice the system was set up so that nobody got more than 50%, if that. Had I understood this I probably would have taken a competing offer that ultimately would have had much higher comp.
> The quarterly cliff on the bonus system, where a feature failing to ship within the quarter specified (even if just by a single day) was counted as if you hadn't done it at all. This led to death marches each quarter as everyone scrambled to try to finish unrealistic goals. It wasn't possible to get help from anyone else at these times since of course they too had the same problem.
> Nominally, the quarterly goals were set in a collaborative process. In practice it was a 2 day full day meeting where we were told what Moxie had decided we were going to do - our input wasn't really considered at all, including if it was even viable to complete in a quarter. I'm fine with top down control, that's how most corps work, but I disliked the false patina that this was some democratic process.
> Internal communications are a disaster, because Signal uses Signal for everything, including things Signal isn't at all designed for or good at. Bug tracking is literally done in a giant group chat. I have a newfound appreciation for JIRA.
https://www.glassdoor.com/Reviews/Signal-Messenger-Reviews-E...
Easy google , but no it doesn't
All pricing was entirely optional
Here's one reference to a different price (can't find lifetime except for people complaining that Facebook didn't honor it on original ToS)
Here is more information about what I meant when I used the term "bundled".
Any chance at all it has something to do with the fact that they've acquired an RCS infrastructure provider that they can sell to telcos?
https://support.signal.org/hc/en-us/articles/360031949872-Do...
The last one available is from 2020, though. They tend to lag a few years behind. They're required to report key employees plus top-five compensated who aren't "key." Brian Acton and Meredith Whittaker both earn no salary at all. Their COO got $290 in 2020. Moxie Marlinspike and their top five developers/managers were all in the 400-600 range.
I'm sure they pay well (don't have much choice if you're going to be based in San Francisco), but I highly doubt 400 is an average salary. The expense being reported is total cost of employment, which includes FICA taxes paid by the employer, 401k matches, and probably most notably healthcare, but all benefits and in-kind compensation.
This is incorrect, reportable compensation on a 990 is the amount in box 5 of the employee's W-2, which does not include health insurance, taxes, etc.
https://www.irs.gov/charities-non-profits/exempt-organizatio...
It reminds me of the "Blue eyes/Brown eyes" exercise (https://en.wikipedia.org/wiki/Jane_Elliott) so let's say this was a real psychology experiment. Middle-schoolers and high-schoolers are encouraged to communicate via a chat application with rich multimedia functionality. But any conversation that includes even a single individual who belongs to an arbitrarily-defined "out-group" has its functionality degraded and the application highlights who the out-group member(s) are. After a year you compare the mental, social, physical, and academic well-being of both groups. Would your university's IRB approve such an experiment?
I initially gave Apple the benefit of the doubt that this was simply a technical limitation. And of course kids will always bully each other about something. But at this point it does indeed seem like a billion-dollar company is intentionally amplifying and leveraging this sort of bullying to drive marketshare. If you don't find this immoral then I'm not sure what to say.
https://community.signalusers.org/t/proper-secure-value-secu...
If you're a Signal user and this is the first time you're hearing about this, that should tell you everything you need to know about how trustworthy Signal is.
Thanks for that, I did a one off 300 euro donation back in '21 during the bubble market; Meredith has been doing the rounds [0] and she hits on lots of good points, and even went to the UK over their now failed bill during the Summer.
RCS is better than SMS no doubt but lets not pretend it is on the same level as iMessage. Lack of end to end encryption alone makes RCS a dated standard
Source: https://venturebeat.com/mobile/whatsapp-subscription/
https://www.techradar.com/phones/iphone/breaking-apple-will-...
I'll just say Session had to meet a lot of criteria merely to have a wikipedia entry that Signal's entry did not meet at the time.
To this day Session's hard-won wikipedia entry is saddled with a "limitations" entry best summarized as "Session is not Signal".
Your payment info is not connected to your account.
https://support.signal.org/hc/en-us/articles/360031949872-Do...
Note that the "solution" of disabling pins mentioned at the end of the article was later shown to not prevent the collection and storage of user data. It was just giving users a false sense of security. To this day there is no way to opt out of the data collection.
There's a lot more information about it in various places, but Signal went out of their way to be as confusing as possible in their communications so it caused a lot of people to get the wrong idea (see for example https://old.reddit.com/r/signal/comments/htmzrr/psa_disablin...)
The forums were in an uproar for months asking Signal to not start collecting data or at least give people a means to opt out. Here's a good thread with links to a bunch of the conversations people were having at the time: https://community.signalusers.org/t/mandatory-pin-is-signal-...
https://projects.propublica.org/nonprofits/organizations/824...
There was (and still is, so far as I know) no upfront warning to users that if they don't first sync with a desktop client, and their phone gets lost or stolen, their iTunes backups do not (unlike most iPhone applications) contain their Signal chats. And furthermore, there's no way to export those chats in backup format from an old phone.
(You can transfer, but the transfer deletes the data from the original source, which is extremely foolish and dangerous IMO, and anyways isn't a proper export accessible from other applications. Furthermore, so far as I know there's no support for transferring from very old versions of the Signal client.)
This has been a critical bug for years [1], it's one of the most complained about issues, and Signal has done (and intends to do) absolutely nothing to fix it. It is absolutely unacceptable to have our own data held hostage by them in this way, especially without any upfront warning.
[1] https://community.signalusers.org/t/ios-backup-keeping-messa...
- There were times (e.g. during the introduction of MobileCoin) when the Github repositories hadn't seen any update for months, while they were still releasing new app versions on a regular basis. Heck, last time I checked there were not even public changelogs for any of the apps. Calling Signal "open-source" is a stretch at best.
- The Signal team time and again has failed to react to criticism of the usage of Intel SGX, or of how they completely messed up the introduction of the Signal PIN. And let's not talk about MobileCoin. Yes, being "open-source" or "nonprofit" doesn't imply they need to ask their users for permission or respond to every complaint. However, a minimum amount of openness and debating critical features in public would go a long way here.
- I would like to see some transparency regarding the overall foundation and corporate structure, beyond just silently filing form 990 years with significant delay. For instance, it seems Brian Acton can elect and dissolve the entire board just by himself[0, 1]?
Long story short, before donating to Signal I'd like to see a proper and continuous commitment to transparency, not just a once-in-time blog post.
[0]: (German) https://www.spektrum.de/news/mythos-signal-licht-und-schatte...
[1]: https://projects.propublica.org/nonprofits/organizations/824...
Just sign up with a Twilio number (using voice call) and you can make your own bot.
edit: it was called MobileCoin right
edit2: they do
https://support.signal.org/hc/en-us/articles/360057625692-In...
is that generating any revenue?
Privacy tools can make you stand out. Unless methods are used to obfuscate your data.
I don't think they ever confirmed that this was why they stopped updating, or did a postmortem on how poorly that launch went. I vaguely recall there was also an unexplained spike in MobileCoin trading shortly before the public launch that looked quite a bit like insider trading, though right now the stories I can turn up about it here are about similarly disconcerting and unexplained issues in its provenance: https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
It's hard to take this fundraising plea seriously when this financial disaster is never even mentioned. I hope I've just missed whatever Signal has done to try to repair trust after the, but the fact that they haven't even removed it from the app is not promising. Can anyone share updates?
But if you have Desktop client(s) registered, then they need to hold onto those messages until you open your client(s).
That is why they have a 30 day login limit on Desktop clients. If they didn't they'd potentially have to hold onto messages forever.
https://github.com/signalapp/Signal-Desktop/issues/4730 https://community.signalusers.org/t/dont-unlink-devices-afte...
FB acquired them next year and if my memory is correct there were 19 in the team then.
[1]: It was a copy of this cat video: https://www.youtube.com/shorts/8Ud1Cr76j8s
When the PR was thoughtfully created long after it was clear that they wouldn't be honoring their own announcement, they said (approximately a year ago) that they would review and implement it with credit. After 6 months of darkness and petitioning, it was dismissed as being harder to review than to implement while disingenuously counting things like SVGs and license text as LOC. When some specific concerns were finally provided, the author responded point-by-point in how they were already researched and addressed, with a polite request for evidence so that they could correct any misunderstandings. The subsequent response ignored everything in that but the suggestion to update the contribution guide to align with their previously-unstated intent.
Serially mishandled. I'm not moving off of that position.
1: https://signal.org/blog/giphy-experiment/ 2: https://github.com/signalapp/Signal-Desktop/issues/1862 3: https://community.signalusers.org/t/add-gif-search-giphy-to-... 4: https://github.com/signalapp/Signal-Desktop/issues/4841
It seems that with uBlock origin enabled in Firefox, I was unable to fill out either of the 2 donation forms on the page. It wouldn't let me fill in my Name in the first form, nor would it let me enter a custom amount in the 2nd form.
Disabling uBlock origin seems to resolve.
Compensation Key Employees and Officers Base Related Other
Jim O'leary (Vp, Engineering) $666,909 $0 $33,343
Ehren Kret (Chief Technology Officer) $665,909 $0 $8,557
Aruna Harder (Chief Operating Officer) $444,606 $0 $20,500
Graeme Connell (Software Developer) $444,606 $0 $35,208
Greyson Parrelli (Software Developer) $422,972 $0 $35,668
Jonathan Chambers (Software Developer) $420,595 $0 $28,346
Meredith Whittaker (Director / Pres Of Signal Messenger) $191,229 $0 $6,032
Moxie Marlinspike (Dir / Ceo Of Sig Msgr Through 2/2022) $80,567 $0 $1,104
Brian Acton (Pres/Sec/Tr/Ceo Sig Msgr As Of 2/2022) $0 $0 $0
Seems almost mundane, as if they’re running a very effective foundation that’s actively achieving their goals. See the recent Cambridge study that explored how their governance has been effective at promoting moderate discourse while suppressing misinformation and hateful content: https://www.cambridge.org/core/journals/american-political-s...
[1]: https://themarkup.org/pixel-hunt/2022/11/22/tax-filing-websi... [2]: https://github.com/the-markup/meta-pixel-taxes
In general, pricing varies widely by destination (country and sometimes carrier), US and some other places are < $0.01, up to $0.10/message isn't uncommon, and some places are $0.20-$0.30/message. Voice calling was usually mor expensive (Twilio should have a price list somewhere for that too; if you can get 6 or 1 second billing, assume a voice verification call is about 30 seconds, but you might have to pay for a whole minute even if you don't use a whole minute).
Those SMTP -> SMS gateways sometimes work in the US, but they don't work much in other countries, and they're not good enough to rely on if your product requires an SMS during the new user flow. SMS costs are real and it's frustrating, but if it costs too much, you need to use something other than phone numbers for ids; I don't think skirting by with email gateways is going to work. But, if you build dynamic routing, I guess you could try.
Also, you've got the use the right email gateway for the user's carrier, and a carrier lookup is on the order of $0.01, unless you have tons of volume, so for the US, you might as well pay for the SMS.
[1] https://assets.cdn.prod.twilio.com/pricing-csv/SMSPricing.cs...
https://en.wikipedia.org/w/index.php?title=WhatsApp&oldid=11...
(Small difference is that WhatsApp had a profitability of –93 %.)
https://support.signal.org/hc/en-us/articles/360007060632-Wh...
Using signal without verifying contacts is like bit like using HTTPS without verifying certificates. It prevents passive monitoring.
And from the link: https://projects.propublica.org/nonprofits/organizations/824...
- Other Salaries and Wages $9,665,761 - Executive Compensation $744,037
So about $10,400,000 a year in compensation and wages, or about 21% of their running costs.
They're currently in the testing phase of allowing phone numbers not be known by your conversation partners: https://community.signalusers.org/t/public-username-testing-...
Then again, instant C2C and C2B digital payments using mobile phones is growing extremely fast in most of the global south.
[1] https://www.app.com.pk/national/pta-introduces-9999-sms-code...
It's the Microsoft 90's playbook https://en.wikipedia.org/wiki/Embrace,_extend,_and_extinguis...
Edit: check out https://en.uncyclopedia.co/wiki/Krispy_Kreme XD
