zlacker

Some of these things raise an eyebrow and I'd like them further broken down (but in the mean time, I'm still donating):

* $19 million for 50 staff

  - That's $338k/head on average. At face value for a nonprofit, I'd like these costs broke down as this seems excessive. There is far cheaper IT labor available outside SV.

* 20 petabytes per year of bandwidth, or 20 million gigabytes, to enable voice and video calling alone, which comes to $1.7 million a year

  - I'd drop these features if possible, or give them to donors.

* Storage: $1.3m, Servers: $2.9m

  - I was actually expecting this to be far higher

  - Long term storage should probably be donor-only

  - Servers could likely be optimized by going hybrid cloud with colocation and owning own hardware, but again, was surprised how "little" they're spending on this.

* Sms registration fees: $6m

  - Stop contributing and supporting the "Your phone number is your identity" problem.

  - Move towards helping educating society and establishing a set of encryption keys as their long term identity

It's easy to criticize from the bleachers. Still thankful for the app and I'll continue to donate.

>>exabri+(OP)
One thing I question with that is that if you gave features to donors only, wouldn't that mean that signal now needs to track users in ways that aren't privacy preserving? I.e. you'd be able to know if any given user using signal now has given payments to signal. I'm not sure that'd work with what they want to do as an organization.

>>exabri+(OP)
They need to dump sms entirely. Use on device private keys. If users mess it up, it’s on them. People need to get educated about how to manage private keys.

>>exabri+(OP)
It's easy to say that "you should do x" from the bleachers but when you're in the arena you run up against reality. For example, Signal had a blog a while ago about how they tried to avoid the sms features, actually for privacy reasons, but they found people just didn't use other alternatives. Here's a reddit thread of users advocating for SMS support https://www.reddit.com/r/signal/comments/y3ymfl/keep_sms_sup... .

So it was the best of all the available options practically, if they wanted to grow and retain the users.

>>exabri+(OP)

  - That's $338k/head on average. At face value for a nonprofit, I'd like these costs broke down as this seems excessive. There is far cheaper IT labor available outside SV.

You get what you pay for, though. $338k/year seems like a reasonable salary for people working on something as privacy critical as Signal – just because you're working for a nonprofit doesn't mean you have to work for less competitive wages.

>>asylte+k2
As someone technically savvy, I don't trust myself to manage my own private keys sufficiently for a service that's the point of contact for all my friends and family. I think it's a much taller order for someone without the technical knowhow – remember that Signal's audience includes very non-technical people who don't have time to learn the technical ins and outs but absolutely require its utility, like journalists and dissidents.

>>vore+f3
Also, employees cost more than just their salary.

>>asylte+k2
Then few will use it and Signal will die. There is this gap between the ideals of the technically-minded and the reality that users live in. They tried to dump SMS - and people responded by not using alternatives. The entire sales pitch of Signal is that it is easy and unobtrusive.

>>exabri+(OP)
costs for a nonprofit are the same as costs for a forprofit

there’s just a bunch of nonprofit employees or personnel that play on the pauper perception because its convenient, but “nonprofit” and no money is not correlated to anything

so if those employee costs were excessive for any organization, saying non profit doesn’t make them more or less excessive

I think tech talent is undervalued and should at least compete directly with FAANG, for many organizations this is not possible, for organizations with other liquid assets they create (like Signal) it is possible. All employment hasnt risen with cost of living, I’m not familiar with other sectors.

>>vore+f3
> $338k/year seems like a reasonable salary for people

That $19M/year was total employee costs which, as best I understand these things, can often work out to be double the raw salaries which would bring the average down to a slightly less excessive $170k/year.

>>exabri+(OP)
> That's $338k/head on average.

Oh come on. Just because the organization is non-profit, meaning that it's not out to make a profit for shareholders, is no justification for the staff to be paid below their market worth. In fact, they could definitely earn more by quitting and working at for profit companies. And that is especially true for those who are getting the higher end of the compensation.

And say that staff number was like, $5m/year less? It doesn't change the fact that costs of running are substantial and more donation is needed from those who want it to remain viable.

>>exabri+(OP)
< "* 20 petabytes per year of bandwidth, or 20 million gigabytes, to enable voice and video calling alone, which comes to $1.7 million a year - I'd drop these features if possible, or give them to donors."

How about they pull their socks up and use peer to peer technology instead? Messages are asynchronous so they need to be temporarily stored but routing real-time audio and video is a technology problem that they have chosen the expensive way to solve.

>>jallen+t4
I wouldn't be surprised if overhead turned out 1/3 of that figure.

>>exabri+(OP)
> far cheaper IT labor outside

This is a product that solves some of the harder problems of engineering, and has a staff of 50. Cheaper isn’t going to get you the best. If you had a staff of 1000, you could make that argument. Besides that’s not a lot of money to begin with. 340k is a senior engineer salary and I am sure the people running the company are far more capable than senior engineers.

> drop those features

That’s a valid argument, but 1.7M for that 20PB of bandwidth is not a lot of money. Dropping or making the features paid, defeats the purpose. If you’re trying to be the privacy first app that competes with WhatsApp and others, this would make it harder to be a viable alternative.

> sms registration fees

Education is a harder problem to solve, but offloading some of the costs to users may make sense here.

>>exabri+(OP)
> $19 million for 50 staff. That's $338k/head on average.

How did you compute this? 19/5 is 3.8

>>mushuf+I2
That was for sending SMS via Signal, not for verifiyng users via sms and they did remove that.

https://signal.org/blog/sms-removal-android/

edit: wording, forgot the word remove

>>vore+f3
IIRC, employees cost the business ~150% of their salary. That means we're looking at more like a $220k/yr salary on average. For a bay area company, that seems completely reasonable.

>>vore+f3
Nonprofits, as with for-profits, must pay competitive wages or they will have trouble getting the expertise that they need. $338k/head seems reasonable when you also consider taxes the company must pay for each employee.

>>vore+f3
Whilst competitive salaries are important, it's fair to say that, outside of the US, you can get good people for a lot less than $338k/year.

To give one example of a (not that cheap) market, outside of London average developer salaries are probably under $50k in the UK. Even accounting for additional costs like taxation and equipment, that's likely to be under $100k fully loaded.

>>davidh+C5
If signal adds username only accounts it makes sense to relay calls if users don’t want their IP leaked to the other person.

>>exabri+(OP)
> I'd drop these features if possible, or give them to donors.

They can't really do that, it deters adoption of something with a network effect.

The real issue here is that direct connections have privacy implications (maybe you don't want the other party to know your IP address), so they relay everything. If they could solve that they could save a lot of money.

For example, detect if the user is connected via a known VPN service (which is likely given Signal's user base) and then let the VPN hide the user's IP address instead of Signal having to pay for it. Or make a deal with popular VPNs to put the relay servers in their data centers, which gives a similar advantage and they might be able to get better pricing from them in general because the VPNs already have a lot of bandwidth, are sympathetic to what Signal does and could use it as PR.

>>vore+f3
"just because you're working for a nonprofit doesn't mean you have to work for less competitive wages"

Actually it does usually. Because when people see real meaning in their work, as opposed to find yet another way to manipulate people on other peoples behalf, then you don't have to buy their consciousness as well.

So sure, it is awesome, that signals employers get to have meaning and money. But I would bet, you would find competent people working for less. (And maybe somewhere else)

But .. they do have a working app and organisation right now and drastic changes could destroy that.

>>raesen+o8
> outside of London average developer salaries are probably under $50k in the UK

For top-notch security developers, I call bullshit. Signal would be worthless if it started offshoring development to nickel and dime.

>>Anthon+xb
Making it so that only one party need to have a pro account might help a bit

>>hutzli+2c
Why shouldn't we want to pay people working at non-profits the same for their labor than they would get at for-profits? If they are doing just as or even more important work, why do we want to bend over backwards to justify them getting paid less for it?

>>vore+sh
Because funding is limited. And the goal is to maximize the impact, not make some people happy.

>>davidh+C5
They are peer-to-peer by default between people in their contacts list. That is for when calling someone that isn't in your contacts list or for people that have enabled the relay all calls option.

>>JumpCr+Vd
I said Average for a reason :D I didn't say you can get "top-notch" security developers for that.

I don't think there's industry numbers for that set of people in the UK, as it's not a big enough set. However I'd be surprised if they were 150K plus though, that's a very rare salary in the UK.

Also there are cheaper countries than the UK who have great devs.

>>olejor+cg
Still doesn't work. Any two people don't have a pro account and they stop using it in favor of a competitor, and then their other contacts use the competitor too. You can't charge for something WhatsApp has for free.

>>raesen+uu
There's definitely top-notch software and security engineers making well north of £150k in the UK. As you go up in levels, it's indeed a small set of people, but FB / Google comp for a top L7 engineer working in the same space as Signal engineers can be $700k+ in the UK. Just have a look at levels.fyi, and you'll see that even finance will pay over $500k in London. Furthermore, given how small the group of people are at the top of these companies, very few will self-report their incomes publicly, which is why you'll rarely hear about the engineers making $1M+ – but those cases do exist.

The people behind Signal pioneered end-to-end encryption, and as is pointed out in the blog post, there's still a lot of novel cryptography development involved in building a privacy-first messenger. You can't do that without top-notch talent.

>>contac+rl
Thanks, very interesting. IMO, that is an insane amount of money to pay for a non-default feature of a free product.