Signal’s mission and sole focus is private communication. For years, Signal has kept your messages private, your profile information (like your name and profile photo) private, your contacts private,…
To create a username, go to Settings > Profile.
Once you’ve created a username, you can share it with others who can use it to connect with you. To connect with someone via their username, simply open the New Chat screen on Signal and type in their username.
Since Signal does not provide a searchable directory of usernames, only people who have your exact unique username will be able to start a conversation with you. And you can share it with as few or as many people as you want.
You can also share a QR code or unique URL that shortcuts to your username in Signal. You can reset these at any time without having to change your username, much like a group invite link.
Usernames in Signal are designed to be easily changeable. For example, you can make a username to connect with people at a conference or to plan a group trip. Then, when it’s over, change it if you want to. Just click on your username from your Profile Details page to make the changes you want. When you change your username, your Signal contacts are not notified because your username is not visible to the people you are chatting with 1-1 or in groups.
To Recap
Starting soon, your phone number will no longer be visible to people you chat with on Signal, unless they have it in their phone’s contacts. You will also be able to configure a new privacy setting to limit who can find you by your phone number on Signal. And, you’ll now be able to create an optional username that you can share with the people you want to connect with on Signal.
For more information, you can take a look at our support center articles.
Currently these new features are in beta but will be rolling out to everyone in a few weeks.
Thanks to Nina Berman, Jun Harada, Ehren Kret, Joshua Lund, Jim O’Leary, Alex Ristevski, and Meredith Whittaker for helping to author and edit this post.
Each version of the Signal app expires after about 90 days, after which people on the older version will need to update to the latest version of Signal. This means that in about 90 days, your phone number privacy settings will be honored by everyone using an official Signal app. ↩
In order to authenticate that whoever you’re chatting with on Signal is the person they’re claiming to be, we encourage you to use tools like comparing safety numbers (ideally in person), or even checking in with them via another channel (DMs, a phone call, or similar). ↩
Usernames in Signal are protected using a custom Ristretto 25519 hashing algorithm and zero-knowledge proofs. Signal can’t easily see or produce the username if given the phone number of a Signal account. Note that if provided with the plaintext of a username known to be in use, Signal can connect that username to the Signal account that the username is currently associated with. However, once a username has been changed or deleted, it can no longer be associated with a Signal account. ↩
Read the original article
Comments
This is fantastic! I also love that there is the QR code generator. It'll make connecting easier.
I hope moving forward we can have multiple usernames and profiles. This would greatly increase privacy since we may have different identities in different social groups. Even on HN a lot of us have multiple personas. I find one of the big challenges is actually handling these different identities as most software only assumes you have one. Though it seems to be common on social media like twitter or instagram. But bitwarden still doesn't know how to differentiate microsoft logins lol
Edit: I'd love in the future to also see things like self destructing or one time links. I don't think these should be hard to implement, especially if one can have multiple usernames. Certainly a limit like 3 would be fine with the numbers, right? Personally I wouldn't be upset if multiple names became a premium feature but I'd strongly prefer if it wasn't. I get that signal still needs money (https://news.ycombinator.com/item?id=39446053)
> But bitwarden still doesn't know how to differentiate microsoft logins
To be fair to Bitwarden even Microsoft doesn't know how to differentiate between multiple Microsoft logins. As of at least a year ago, you can technically have different logins with the same username/email identifier, and different login prompts will behave differently.
By folmar 2024-02-210:33 Also nice to mention that some of those are connected and some are not. For example I have a personal account (that I did not create but appeared magically at some point; it behaves as totally separate), a work account (main work tenant) and three guest work tenants that share the password, but don't share the 2fa. For some apps you chose the tenant, but not for all.
By godelski 2024-02-2022:38 Oh yeah it was more a joke than anything. Microsoft is just creating such a shitty environment. I can be logging in from my company portal where they know the identifier yet I still have to add @company.com. I mean I got one for my job, for my university, for conferences (CMT), and I swear I'm forgetting 30 others that I only use once in a blue moon.
They also are real shady with yubikeys. You can't set them as default but you can set "security key." So the process ends up being it assuming you want to use Hello (which breaks my Outlook... wtf), clicking use another device, security key, clicking next, then finally typing in your credentials. The next part makes me real suspicious since all the other dialogues go to the next page without clicking next. Why just this page? It's some weird dark pattern bs.
I'd call it malicious, but I think maliciousness requires intent. A chicken running around with its head cut off isn't really malicious if it runs into you.
By mtnGoat 2024-02-214:59 You can use these “features” to hijack accounts too ;)
I’d call them bugs, but they’ve been reported and didn’t get fixed.
By smingo 2024-02-219:27 indeed, with an incoming Teams meeting invite, it should be determinable from the sender's context which account should work on the meeting. Instead there is 2 minutes of waiting, and what seems like pot luck with the account.
Telegram has had all of these features for a while… too bad it isn't as secure as signal or it'd be perfect, since it's also written in a real GUI toolkit and present in distribution repositories.
I do wonder how telegram and signal are planning to finance it long term. Telegram is adding absurd paid features like exclusive animations, which won't earn nearly enough to cover the costs.
I wonder where signal is about keeping the servers up, since they hate federation so much.
Telegram and Signal solves very different types of privacy issues.
Telegram is good, as you mention, to be relatively private in groups/chats/channels without a need to expose neither your phone nor even a nickname (unless you live in autocratic countries — will come to this later).
But it comes with costs. First, their p2p communication is not e2e encrypted by default. Not to say that all comments/group chats are not encrypted too, unlike let’s say WA.
Second, Telegram API. It gives too much information. You can do a lot with it: read history, track changes of usernames, etc. For example, it is quite easy to obtain an internal user ID and there are black market services and databases where they promise to connect that ID with phone number if that account ever had privacy settings switched off in the past.
Claimed that they kind of scrape all accounts and pair ID for those where privacy settings set poorly. Even if you change it later — your internal ID and that scrape will state forever.
Third, Telegram was funded by Russian government since Durov had issues with SEC. He raised money from different Russian state-owned banks like VTB, issued bonds which are traded in Saint-Petersburg stock exchange, and even take some money directly from Russian government though a Qatar proxy-company. Not to say, that there are cases when TG was involved in criminal charges against people (the most famous one is story with Ryanair plane being forced to land in Minsk to arrest Lukashenko’s critique) and it was never directly addressed and explained by company how exactly those people was caught and how company protect against “SIM card replacement” cases (Signal at least inform me everytime my peer logged to new device).
Selecting between Signal with AFAIK no known cases of charges in dictatorship countries like Russia, funded by non-profitable charity, and TG without default e2e encryption, public API and Russian-state funding, is quite obvious for me.
It was also banned and blocked in Russia for several years. It was only unbanned when they agreed to cooperate with security services.
https://en.wikipedia.org/wiki/Blocking_of_Telegram_in_Russia
By vld_chk 2024-02-210:13 More to this “lucky coincidence” it was unbanned exactly when Durov failed in trouble with SEC and raised Russian-state money to solve his problems. Around same time almost all official Russian institutions open TG accounts and Russian Parliament (if we can call that silly thing like this) representatives was saying like “we solved all problems with them”.
When war started, and Russia banned a lot of services like FB, they created list of communication platforms they have questions about loyalty and cooperation with Russian government. TG was not on that list and through the whole war the only issue was about Telegraph — supplementary platform to publish long notes. AFAIK there was 0 questions or criticisms to TG in those 2 years.
As for me, it says a lot
By pcchristie 2024-02-210:532 reply I didn't know a lot of this. I thought Telegram was mostly funded through Durov's Bitcoin and VK money? It feels strange that he'd be so "in bed" with the Russian govt when the whole reason he left was because of his staunch opposition to taking down Navalny's VK page. But I haven't done extensive reading on this.
By vld_chk 2024-02-211:15 Durov was indeed an opposition to Russian govt for some time and TG was banned in Russia for some time.
But then “SEC-incident” happened. He and his brother wanted to build TON and fund it by kind of ICO (without naming it ICO). SEC decides enough is enough and blocked launch of TON with charging Durov for selling unregistered securities.
At the end, issue was settled, Durov returned all money and settle the deal with SEC, but it shrinks his finance by a lot and he ran out of money for TG.
Then he was seen in Russia and issued bonds for $1 bln. According to Russian financial press [1], bonds were underwritten by Russian banks closely affiliated with government or directly stated-owned (all of them are in sanctions list now), and even some money was invested by Russian Fund of Direct Investments [2]. Last summer he again issued bonds for TG for $270 mln. You can buy TG bonds at SPB stock exchange where they were listed 2 weeks after the issuing [3].
Surprisingly (repeating my comment below), around same time, Russian govt withdrew all their claims to Telegram and started to use as the official communication channel.
Not to say that other “transformations” happened like Duriv publicly denounce US declaring it is a “police state” [4]
All links in Russian, sorry:
[1] https://www.rbc.ru/finances/15/03/2021/604f11019a79478034130... [2] https://www.bbc.com/russian/news-56501991.amp [3] https://www.forbes.ru/finansy-i-investicii/424665-shirokiy-k... [4] https://te.legra.ph/7-prichin-ne-pereezzhat-v-Kremnievuyu-do...
By Lockal 2024-02-216:25 Durov personally blocked Navalny channels in Telegram during 2021 elections - https://www.rferl.org/a/telegram-navalny-smart-voting/314662... even though "technically" as a foreign legal entity they had no obligation to follow orders of Russian censorship agencies. Also, if you look up the results of court decisions in Russia, Telegram leads by a significant margin among other messengers. Yes, of course, it is the most popular messenger in Russia, but it is designed from the ground up to tie and control the circle of communication to specific people as precisely as possible.
Dictatorship exists in varous forms. Russia has democracy though in bad shape. There various flavours of democracy. But what about total dictatorship in China has no opposition and many countries with theocratic monarchy.
By vertis 2024-02-219:15 It's really easy to tell the difference between a democracy and a fake democracy. Democracies are messy, people never agree. Anywhere that get's consistent landslides for one person or party is not a democracy.
Take for example France vs Russia. In the 2022 election, Macron managed to get just ~30% of the voters that wanted him as President. In the second round where only two options remained, only 58%.
Without any serious opposition (with the murder of Boris Nemtsov and jailing/deregistration of Alexei Navalny), the 2018 was again a landslide for Putin with 76.69% of the vote.
There are of course other easy ways to tell, but this serves as a pretty easy heuristic.
This is, of course, a gross simplification, of everything that makes up a democracy. For example, the US is at best a flawed democracy because of all the lobbying, money and gerrymandering (and things like the Electoral College).
Disclaimer: Not American, I'm a Kiwi, so outsiders view of US politics.
By walteweiss 2024-02-217:421 reply Bullshit. Russia has no democracy, even in the minds of its citizens, not to say in the government. It never had and it may never have democracy. At least, until Russia exists in its current shape of form.
My bet is that they have a chance for democracy only when Russia becomes a set of little independent states. As Russia in a nutshell, is just a Muscovy that occupied other sovereign states. It was exactly like they’re trying it with Ukraine currently, again. Again, as the previous one was in 1918, when Russia ‘incorporated’ other states, what we know as ussr.
Russia had democracy back in the late 80s, 90s and early 2000s.
E.g. the Russian Comunist party leader Zyuganov have said many times that he lost the 1996 president elections in a fair way.
By walteweiss 2024-02-2116:46 Oh, that proves me so very wrong!
Don’t worry, telegram is now gatekeeping certain privacy settings behind the premium subscription like it’s 2003.
They also make it difficult to hide your pseudo identity from your phone contacts. I’ve had all the “discover contacts” settings turned off, and simply reinstalling the app caused people to be given my username without my consent. Settings somehow magically switched themselves back on and I couldn’t turn them off until after the damage was done.
There was no confirmation prompt. Pretty sure this happened to me more than once.
Please don’t ever compare Telegram with Signal.
By kome 2024-02-2022:42 i've been using Telegram on and off since 2015 or so, and i've never shared my contacts. never! re-installing Telegram has never changed that setting.
The real problem with cellphones is that a lot of privacy-threatening issues are literally one fat finger away. And clearly, that's a feature, not a bug. That's why I prefer to work and message on my laptop anyway.
but again, Telegram has been, in many practical ways, much more privacy-oriented than all the other messengers, exactly because you don't have to share your phone number to participate in groups and chats.
> telegram is now gatekeeping certain privacy settings behind the premium subscription
Such as?
For example, now you can’t restrict who can send you a message unless you have a premium. Also they added a “feature” that premium users can bypass non-premium users privacy setting “last seen and online” and TG will tell that info regardless of your choice unless you are premium too.
You're significantly misunderstanding the changes.
> now you can’t restrict who can send you a message unless you have a premium.
And before that you just weren't able to restrict that at all, there was no such feature. They didn't remove this feature for free users - it never existed. They just added it right now only for paid users.
> premium users can bypass non-premium users privacy setting “last seen and online”
That is absolutely not what the feature is. If you hide YOUR OWN last seen time, you won't be able to see last seen time of other users, even when they have it public. Now, premium users will be able to see public last seen times of other people if they hide their own. But they obviously still can't see last seen time of people who set it to private, that would've been very dumb.
Thanks for the clarification on last seen, I certainly misread it. About messages: hm, I was sure it existed before but maybe again my brain just lags.
As someone who for some time created and moderated fairly popular chat (200+ people) for anti-war Russians, I have very long and complicated history of relationship with this service and have a lot of different grey-zone stories where it is hard to understand whether it is a mistake from users and whether it is a leak from the service.
Hence I have a little low expectation and overreact on their recent changes
By flexagoon 2024-02-218:50 I have three Telegram channels with a few hundred subscribers each, and I also use the service daily, as I'm Russian as well.
I generally agree with you that Durov makes a lot of incredibly stupid decisions. I think pretty much everyone in the "Telegram community" (eg. channel administrators, bot/client developers, etc.) would agree that the changes Telegram is introducing are often bad.
The issue, though, is that there isn't any alternative right now - Telegram is the best messenger out there in terms of general usage. So while I do hate what they're doing sometimes, I still use the product and even pay for Telegram Premium. It's bad enough to be mildly annoying, but not bar enough to actually make people leave the platform.
Edit: just as I was writing this, Telegram introduced a new feature. I'm not sure if I love it or hate it to be honest, it's a smart way for them to save money, but it is pretty weird: https://t.me/tginfo/3942
If you consider Telegram as a product to be a logical continuation of the VK message system, then all of these "features" existed.
Restricting of incoming messages existed (cloned from Facebook as usual).
Restricting of "last seen and online" existed in third-party clients. Later on VK started to actively destroy this functionality, by moving manual "is online" management from designated API into all data-fetching APIs.
Not to mention that VK and Telegram are now actively fighting with third-party clients. In which world they would not fight Ninjagram/AyuGram/Plus Messenger/other forks, which allow to add multiple accounts, hide online/reading (to some extent), show message editing history and so on?
By stavros 2024-02-219:53 If you consider technology to be a logical continuation of earlier technology, then all features existed.
By danShumway 2024-02-2118:091 reply > And before that you just weren't able to restrict that at all
This is a really basic security feature though that every single platform should support. If Telegram didn't support messaging restrictions before, that doesn't mean they're not currently gating a basic privacy/safety feature behind a paywall. It just means they should be embarrassed that they used to be doing something even worse, ie not even offering a basic privacy/safety feature at all.
Correct that this would not technically count as removing a feature, but I feel like that's possibly a distinction without a difference. I'm not coming out of reading this explanation feeling more charitable about Telegram's security or willingness to gate off security features. It's a bad look for a company to put basic blocklists behind a paywall, that is not a company I trust not to start degrading security for free users.
How is message restriction a "basic privacy/safety" feature? It's at most a basic "anti-annoyance" feature, I'm not sure what security you gain from preventing everyone from messaging you. The ability to block users was always there and it still there for free.
By danShumway 2024-02-2417:57 > It's at most a basic "anti-annoyance" feature, I'm not sure what security you gain from preventing everyone from messaging you.
This could be a long conversation. The short version is there are plenty of articles online by marginalized groups talking about the consequences of having no ability to block arbitrary groups from harassing them online. If someone is calling that "just an annoyance" they've likely never been the target of an extended public harassment campaign.
A slightly longer answer is that the consequences to privacy and security are in a practical sense -- in the sense that someone coming into my house is a violation of my security and privacy. Privacy is not just about hiding information, it's also about why we hide information. It's about the ability to be private; to not be forced to constantly listen to a bunch of people shout at you. Similarly, security exists for a reason, we have security in our homes in the sense that people can't just walk into them and start yelling at us and harassing us. And DMs should be thought of as analogous.
Your DMs are not secure if you have no way to turn them off or restrict them.
> The ability to block users was always there and it still there for free.
If you recognize that is important to privacy and security to be able to block individual users, it's not too hard to recognize that the requirement to individually block users leaves a huge gaping hole in security for a network that supports open registrations.
I use disposable email addresses rather than just blocking individual spammers in my email client. The reason is because there are a near-infinite number of spammers and blocking them one-by-one is ineffective. Being able to turn off a leaked email address is much more valuable to me. It's something that actually cuts down on spam.
And the same is true on social media -- being able to go private and turn off messages or restrict messages to certain subgroups is critically important for people who are stuck in the middle of public harassment campaigns.
----
Regardless, the lack of a feature that is pretty much standardized across most other platforms, and that is pretty widely recognized as a safety feature -- it doesn't make me feel better about Telegram's willingness to gate these kinds of features behind paywalls.
You're saying that the ability to block users is free, but there is no bright line between blocking users and setting general messaging restrictions. That is the same category of safety feature. There's no reason to believe that Telegram wouldn't make blocking users into a paid feature in the future, especially since it has demonstrated that blocking/moderation/lockdown features are something it is willing to monetize.
By Systemling0815 2024-02-2023:26 Last online status
Come on signal until today had no way to keep the phone number private. Which is the topic here.
By fidelramos 2024-02-2023:001 reply Because unlike Telegram they strive to do things in a privacy-respecting way, and that's hard to get right.
By guappa 2024-02-2110:08 Wasn't the saying "perfect is the enemy of good"?
While waiting to have it perfect you don't have it good either.
I don't get why people who are so paranoid about someone associating their Telegram handle with their phone number simply don't go and grab a burner SIM at Tesco.
I mean I'm all down with the idea of tech companies respecting our privacy. But here we are, complaining that corporations that are at least trying (and that are operating at a loss since their conception for our convenience) aren't giving us "Snowden hiding in Russia" level of security out of the box, for free, just because we deserve it. All while we could easily implement it ourselves for like $8 and with no online trace whatsoever.
It's like, Tails Linux exists, but FUCK GOOGLE for forcing me to Ctrl+Shift+Delete in Chrome if I want to erase a cookie. I'm so significant and certainly not a criminal, why do they hate me so much??
It's not always that simple. In many countries, like Brazil, you need a valid ID document to buy a SIM card, and the number is then and always linked to your government ID. This is the case for quite a few relatively free countries as a means to fraud prevention (not that it's particularly effective though).
By kojoru 2024-02-215:54 Specifically for telegram there's a (rather expensive) crypto-based no-sim option: https://telegram.org/blog/ultimate-privacy-topics-2-0/ru?set...
Keeping your username from phone contacts is quite a different problem than keeping your name from the government.
Why is there such a pervasive crowd of people who chock this kind of thing up to a lost cause? From my prespective, if it can be done, we should, we must, do it. Is there something special about hiding something from a government thats qualitatively different than hiding it from any other criminal? That they can levy greater amounts of violence? Isnt that even greater justification to privacy?
I'm fully in agreement; we have policies around warrants, etc that have been long-running and should in general treat the government as a quasi-malicious actor.
However, just because the government forces something for them doesn't mean we should just give up entirely for everything - the fact that the government knows your SIM purchase doesn't mean that random users on HN should be able to find it.
By Geisterde 2024-02-220:34 That I can agree with, we arent there yet, make use of the tools you have.
By JohnFen 2024-02-2215:34 > I don't get why people who are so paranoid about someone associating their Telegram handle with their phone number simply don't go and grab a burner SIM at Tesco.
I could not hate the phone number requirement more, and it's one of the main reasons why I don't use these applications.
With one exception: I have an overseas friend who only communicates through WhatsApp. For him, I did go out and get a burner phone for this purpose. But the friction level of doing that is unnecessarily high and I doubt I'd do it for anyone else.
By palmfacehn 2024-02-217:12 I've tried 4 different sim cards in telegram. None of them seem to work. Not sure why a "privacy" app is asking for a phone number in the first place.
Ah, the good ol “just get a burner sim bro” argument. Tried that once, they did KYC.
I hadn’t used a burner in years, last year my phone broke on a trip and I just wanted to grab a phone, to get me through the week. I can say it’s not like it used to be! Can’t just grab one at the gas station and pop it in a phone. Gotta give ID, sign up for accounts, etc.
By prmoustache 2024-02-218:33 It depends of the country. You can buy a sim card at an Oxxo in Mexico like you would buy a bag of doritos. I did it precisely last year.
Having said that if you leave the country I am pretty sure that sim card and number would be deactivated after a few months if not connected. I am not sure how fast a number can be reused.
By snotrockets 2024-02-2023:481 reply Telegram isn't a messaging service. It's a social network with a messenger UI. Quite ingenious, if you'd ask me, but a social network and a private messenger can't really be reconciled into a single product.
What would you classify Signal as, with its stickers, cryptocurrency (MobileCoin), etc.?
By hunter2_ 2024-02-218:54 I think "social" in this context refers to frictionless friend finding, not stickers. Good privacy involves a certain level of friction, with PGP verification being a classic example of the UX problem space.
By snotrockets 2024-02-256:17 Signal is one-to-one or many-to-many.
Telegram is mostly few-to-many.
By contact9879 2024-02-2021:491 reply You're in luck because Signal had a whole blog post about long term financing a couple months ago.
By brewdad 2024-02-210:06 I kick in $5 a month because that's about what I figure self-hosting a messaging service would cost me. I don't want the hassle of self-hosting and I trust Signal more than the other remote hosted options.
I’m not who you replied to, but I agree with his sentiment about signal being superior to telegram in terms of security (or more specifically, privacy).
For me, there’s two big reasons for this:
Signal chats are E2E at all times, while Telegram is only E2E when you explicitly create a “secret chat” with whoever you’re conversing with. I don’t fault Telegram too much for this, because they still provide the option to use E2E for everything, but Signal gets brownie points in my book because they just do it by default without getting in the way of the User.
Secondly, as far as I know, Telegram uses their own in house encryption techniques as opposed to industry standards. I am not at all knowledgeable about encryption or cryptography— I only know what’s required of me in my job (basically the bare minimum), and so I don’t actually know whether this is anything of serious concern. It could very well be that Telegram’s encryption techniques are just as effective as the established norms, but I do see the general consensus trending towards “roll your own encryption = bad, use established norms = good”, which is primarily what I am basing my opinion on here.
To further detract from my own point, it actually seems like Telegram might be using “established norms” for encryption nowadays anyways [1], although I couldn’t really tell from the brief description I read on Wikipedia.
Overall, I think Telegram is perceived as being less secure than Signal primarily because of the reputation Telegram has for implementing their own in house encryption techniques, even if they don’t use those techniques anymore— their name has become associated with their known history of using ad hoc encryption.
[1]: https://en.m.wikipedia.org/wiki/Telegram_(software)#Architec...
By _Algernon_ 2024-02-2114:57 Also, Telegram does not even have e2ee as an option for group chats while Signal does. That's a pretty big deal!
Chats are not e2e encrypted by default, they are just encrypted in transit. However this allows chats to be synced across many devices, so it is very very convenient.
Telegram has e2e encrypted chats but only on mobile and not on desktop for some reason.
By Moldoteck 2024-02-2110:23 telegram is e2ee only for secret chats, all other chats & group chats are not e2ee (which means telegram can access their content at will on the servers) Synced chats across devices is possible with e2ee, even signal has this, it's just one edge that's poorly implemented: initial sync of the chat history and afaik they haven't fixed this yet, but all messages after setting up a new device are in sync as far as i know
By fsflover 2024-02-219:00 > However this allows chats to be synced across many devices
I use Matrix with e2e encryption, and my chats are synced just fine.
Matrix might interest you, but it doesnt solve telephone numbers (i think)
I don't want to be too dismissive of Matrix, but I also see these types of comments as understanding what problem Signal is actually addressing: security for the masses. There's no way I'm getting my grandma on Matrix and you're delusional if you think she can setup a server. But it isn't hard to get my grandma on Signal and that's a much better security feature than federation or even not having phone numbers. If I want extreme security, you're right that there are better tools. But my threat model isn't trying to avoid nation state actors, it's mostly about avoiding mass surveillance, surveillance capitalism, and probably most importantly: sending a message to the gov to fuck off with all this spying. At the end of the day, there's no other app that's even close to fulfilling those needs.
I didn't realize my comment rose to the top. When I had written this I had also written this comment[0] which was the grandchild of the top comment at the time. It has a bit more details on my thoughts/reservations of federation. tldr is mostly about avoiding centralization. This remains an open problem and I think it is far too easily dismissed. But federation isn't solving the problems people want it to if it's federated like email and web browsers. That's just mostly centralization with all the headaches of federation.
And to anyone complaining about lack of federation, what's stopping you from running your own Signal server? Sure, it won't connect to the official channel, but is that a roadblock? Even Matrix started with one server. This is a serious question, is there something preventing this? Because if the major problem with Signal is lack of federation, I don't see why this is not solvable building off of Signal and not needing to create a completely different program. Who knows, if it becomes successful why wouldn't Signal allow a bridge or why can't apps like Molly allow access to both the official and federated networks?
By Geisterde 2024-02-212:08 Oh, I agree completely with everything in the top paragraph, and I certainly have seen a natural trend towards central nodes/relays in all the federated networks I can think of. I think the appeal is that for the average user its about as good security as anything else available, and it has the option to work off the centralized network.
By BlueTemplar 2024-02-217:562 reply > There's no way I'm getting my grandma on Matrix
Why ? Have you tried ?
lol I can barely get my grandma to text. My parents don't even get Signal. Most of it is will power though, no one gives a fuck. In fact, most of the people in my CS grad program think both are too hard to use and don't see the point of using encrypted messengers. Even people studying security aren't using Signal. Yes, I think its odd too.
By BlueTemplar 2024-02-226:04 The willpower bit can be countered with your own : refuse to use the software you deem harmful. (It's easier to never start a bad habit than to stop it.)
By staunton 2024-02-218:48 Indeed, my grandma is on Martix (I did help her set it up though)
> Note that even once these features reach everyone, both you and the people you are chatting with on Signal will need to be using the most updated version of the app to take advantage of them.
> Each version of the Signal app expires after about 90 days, after which people on the older version will need to update to the latest version of Signal. This means that in about 90 days, your phone number privacy settings will be honored by everyone using an official Signal app.
Which is also an example of a challenge for open ecosystems where everyone can create apps.
I understand that it doesn't outweigh the benefits to everyone, but it is a valid reason.
Is Signal considered to be (or attempting to be) an open ecosystem?
My understanding is that Signal (the app) is private, not anonymous, centralized, and closed.
The underlying protocol is open and could be used for an open ecosystem, but I didn't think Signal aspired to do that.
The apps and most of the backend are open source too, not just the protocol.
The important distinction is that it's not decentralized like XMPP or email, which is a conscious decision: it would become very difficult to change it to add new features and they'd be left behind by closed-source competitors (see: XMPP).
I see that it is a ton of wishful thinking and FUD on the side of Signal to claim that: XMPP is alive and kicking, has all the features one needs, runs everywhere, at scale, offers the same or better crypto, better privacy, better resilience and is more sustainable. When Signal will inevitably fail/turn against its users/enshittify itself or get acquired, all federated and P2P protocols will keep on going. For decades. That's the kind of communications systems we should be demanding in the present era, nothing less.
Yet I'd wager most HN readers have a grand total of zero XMPP contacts. Myself included. Proving the GPs point.
Because of what Google did with Google Talk. https://ploum.net/2023-06-23-how-to-kill-decentralised-netwo...
XMPP is underrated. A lot of people are imagining Pidgen in 2011, but the protocol has been extended, the actively developed clients are good, and it avoids the heavier parts of Matrix (both client and server side.) I wouldn't be surprised if Slack's replacement when Salesforce inevitably fucks it up will be XMPP based rather than Matrix.
By smt88 2024-02-212:59 Slack's replacement is going to be Teams. No corporation chooses internal chat clients based on interoperability or openness of source code.
"The protocol has been extended" has been XMPP's theme for decades, and also its problem. Name your favorite client, it probably won't have several extensions, and a lot of useful things require support on both ends plus the server. Lots of things that should be ubiquitous are not, including s2s auth. There needed to be more structure, like AIM back then or Signal now. Also the XML stuff is a nightmare.
Even if Google Talk kept XMPP, they weren't going to save it, cause nobody used Google Talk. Facebook was by far the biggest XMPP-supported platform (though it wasn't federated), and they stopped probably cause they didn't see enough clients. Even Slack supported XMPP for a while, did you use that?
By freeAgent 2024-02-2121:29 My entire friend/acquaintance group used Google Talk in the late-‘00s.
I kicked out all the walled-garden apps like Signal and went standard XMPP only. I have a lot of XMPP contacts now. You just need to commit to it.
By zaik 2024-02-215:17 Not really, my friends are still using proprietary apps besides their XMPP client.
By WhyNotHugo 2024-02-2111:571 reply Did you set up bridges for contacts on legacy networks?
By zaik 2024-02-2118:52 Only Biboumi for IRC.
By hot_gril 2024-02-2116:22 Is it really a wish if it's already come true? I can't name a single person who uses XMPP. If a federated chat protocol ever wins, it'll probably be something more modern like Matrix. At least there's email too.
By faiD9Eet 2024-02-2123:51 > My understanding is that Signal (the app) is private, not anonymous, centralized, and closed.
You are right about that. There used to be an open source build called LibreSignal
Moxie Marlinspike made clear [1]: You may inspect the code. You are even allowed to compile it. You are not allowed to connect your self compiled client to our message servers. We are not interested in a federated protocol. Make sure your fork creates its own bubble that does not overlap with Open Wisper Systems. Stop using the name Signal.
[1] https://github.com/LibreSignal/LibreSignal/issues/37#issueco...
By kaanyalova 2024-02-2019:491 reply Both the app and the server is open source
https://github.com/signalapp/Signal-Android https://github.com/signalapp/Signal-Server
There are forks like Session which doesn't require a phone number to sign up
I understand this, but Signal doesn't attempt to tolerate third-party apps on their servers as far as I know. They don't support interoperability.
You can run Signal app forks on the Signal server. Molly is a popular one. You just can't create new servers. I wish you could, but I get the reasoning of not wanting honeypots. But that doesn't stop you from running your own network of Signal servers. So I don't see anything stopping anyone. I mean Mullvad runs their own stuff and I don't see half the complaints about them. I've always been curious why Signal is so unique here. If 1/100th the people that made these concerns developed a open community of signal servers, I'm sure we'd have a viable alternative network. What's stopping everyone?
One of the big lessons from Twitter and Reddit was third party apps are tolerated or even encouraged until they are not. Unlike, for example Discord, I haven't see any indication that third party clients are causing account bans, yet.
The status of open source, privacy respecting messaging apps looks really healthy to me, compared to where we've been over the past 30+ years (thinking starting with ICQ.) Signal was a big leap toward getting average people using much more secure messaging, although it is pretty clear even most 'tech' people don't grasp what is going on or why it is important to be able to use e2ee separate from a combined client+server provider.
By godelski 2024-02-210:54 Yes, but my argument is more in the realms of "why are there no projects to create an open network using the existing architecture" not "we shouldn't have an open network and completely rely on Signal forever."
The Signal devs have been very clear that they consider forked or third party clients freeloaders and will cut them off, sooner or later.
Source? Sounds like even a bigger reason to create a parallel network
I'd still appreciate a source. There's things I'm aware of that I think could be confused with this, but I've seen no indication of them actually wanting to or even caring about forks. Only in the servers.
In fact, in this thread they are discussing how you can, with Molly, use both the official and staging servers with the same number: https://community.signalusers.org/t/signal-fork-with-passphr...
A mod recommends Molly here: https://community.signalusers.org/t/how-to-use-signal-on-3-d...
A list of forks: https://community.signalusers.org/t/list-of-unofficial-forks...
And here's people arguing: https://community.signalusers.org/t/on-forking-signal/31651/...
As far as I can tell, Signal's policy is more "Do what you want, but server costs are high so we don't want to pay for your product. But if you do, here's all the code to give you a start." That's a very different policy from blacklisting.
And as I keep asking others, what's stopping everyone from making a federated Signal? If you can use the same account on both the production/official server and the staging server, why can't you on the production server __and__ a community federated server?
And if they ban you from the production server, so what? Now you're on par with literally every other federated service. Like what is Signal going to do? Stop open sourcing code? That'd be like trying to kill a mosquito by stabbing yourself in the heart. If they're willing to do that, I'd rather it be sooner than later anyways.
So I want a source because I just don't get what you all are complaining about. Is it just that someone else didn't make the thing you want? Sure, I get frustrated, but the comments more come off as Signal being nefarious and I just don't see Signal acting in any way malicious. In fact, hosting links to forks and being a common place for those forks to discuss seems like they are actively supporting them.
Who is complaining? This is confusing. The whole idea about Signal is to compete with mainstream, as well as with the federated, ecosystems by having a single implementation of both client and server, I believe the argument is that only by moving faster is it possible to compete with the more mainstream commercial messengers for the masses and still have reasonable cryptography.
Moxie wrote several articles about this and expanded on this idea in his conference talks. You are very welcome to take the code and write your own messing system, but do not connect to Signal's servers because that costs them money and they will need to take action, sooner or later.
They were very clear that LibreSignal had no future. They have also been very clear that they discourage any non-official distribution of builds. They have repeatedly told the F-Droid project that they will not publish using their reproducible build system, and any user doing the same will be kindly asked to take down their copy. The F-Droid project has complied.
This seems to be a strange thing to discuss. If the above links are representative it may be a popular subject among a subset of users, which seems misguided. Signal does not wish to be xmpp or matrix and neither should they. It must be their right to decide. There are so many chat software projects. If you don't agree with the goals of one of them, you energy is better spent elsewhere.
By godelski 2024-02-2218:29 Lots of people are complaining. It's why Moxie wrote those many articles. It's why there's so many comments bringing up Matrix and others. People were even doing this before Matrix was E2EE! So yeah I'm tired of hearing it so calling people's complaints out. If you don't like it, fix it. It's HN and people are devs here.
They've described what they're attempting to be here: https://signal.org/blog/the-ecosystem-is-moving/
By rstuart4133 2024-02-2022:54 Moxie's post looks solid, but there is a counter example: bitcoin nodes. They are a very loose federation of nodes that go through regular upgrades in the protocol. So it is possible.
But yes, it's also very hard. The bitcoin protocol didn't start out that way. It took a lot of knocks and bruises to get to the point they could upgrade all the servers in the federation.
Interestingly, the method bitcoin came up with allows protocol changes to fail, meaning the bulk of the federation never takes them up. Everyone gets a vote, and it only succeeds if the bulk of the federation upgrades. Perhaps from Moxie's point of view that's unacceptable, as it means he is no longer the dictator of the protocol.
Nonetheless, it is possible to design a protocol so it can be upgraded relatively quickly. Even if you don't do add "quick transition" features to a protocol transitions can still haven. IPv6 will replace IPv4. But as Moxie says, it's painfully slow.
The author is no longer CEO, though, and there are a lot of "I" statements in the post. Is it still accurate? Has the current CEO made any comment on it?
By sdenton4 2024-02-2022:03 It's a great encapsulation of why Signal is not federated, and, unless you find the current CEO stating otherwise, is unlikely to change. Changes like the one detailed in the link simply wouldn't be possible to roll out efficiently in a federated ecosystem.
Signal has consistently focused on helping /most/ users do what they want with the app without sacrificing security. This change - away from requiring phone numbers - helps plug one of the biggest criticisms, both on the security and product side. Nothing about their mission requires federation, so I respect that they haven't sacrificed their mission in order to do it.
Matrix debunked these arguments: https://matrix.org/blog/2020/01/02/on-privacy-versus-freedom...
I tested matrix in 2021 and found the experience pretty darn awful outside the main client. And by a cursory glance the ecosystem is still pretty much controlled by the matrix.org folks. When I was using it there was a lot of accusations that Synapse did not follow the specification and that server implementera had to reverse engineer what Synapse did to be able to federate.
And talking about that: does federation work properly yet? I used a third party provider and it made my life miserable.
I am all for federation, but in my experience the "federated" part of matrix was a lot worse than the jabber one they want to replace.
By fsflover 2024-02-2115:39 I'm using a non-matrix.org server. It works fine.
By WhyNotHugo 2024-02-2111:55 It's not [attempting to be an open ecosystem]. Their ToS used to forbid using third party clients. I don't think this has changed. They haven't banned anyone for using third party clients (to the best of my knowledge), but they're openly against an open ecosystem.
It's private, centralised and the network is closed (e.g.: non-federated), but the source code is public and open source. I think that for the server implementation they do code dumps every once in a while, rather than continuously keep it public.
By unethical_ban 2024-02-2018:462 reply I wish it were more obvious that Signal expires its apps every 90 days.
My mom couldn't receive signal calls on the backup phone I gave her. I had disabled auto-updates since apps break UI sometimes and she gets confused by things moving around.
When I visited, I opened the signal app and was told I had to update.
I have been bitten by this in the past. At least now they give warnings in-app that the app will expire soon. But if you don't use the app regularly, you wouldn't even know. Also, I'm not aware of any other apps that die in this way, so it's not like people are in the habit of periodically checking the app to make sure they're still on a version that can receive incoming messages.
By int_19h 2024-02-216:28 This has more sinister implications in some places. For example, Apple app store in Russia can get banned at any time. So if I understand this correctly, if that happens, Signal will stop working for all iPhone owners in Russia in 6 months. And guess where you really need something like Signal?
By KennyBlanken 2024-02-2019:304 reply It's patently unforgivable that a message would not be delivered because the client is out of date.
The Signal team is incredibly clueless and arrogant toward its userbase. It seems to simply not have occurred to them that many people rarely/never have wifi, may not be on AC power when they are on wifi which means the phone may not check for / apply updates, etc.
In the US, cellular is often expensive and slow.
In underdeveloped countries where software like Signal could be really important, all this is even more true.
We get shit crammed down our throats to protect the most obscure edge cases for the smallest percentage of the most vulnerable users - such as not being able to sync messages between devices - but then they pull shit like this which has a huge impact for people in rural areas and underdeveloped countries?
By __MatrixMan__ 2024-02-2019:463 reply Delivering a message to a client which is known to be less secure than the sender expected it to be is unforgivable.
Refusing to deliver is inconvenient.
> Delivering a message to a client which is known to be less secure than the sender expected it to be is unforgivable.
That is inconsistent with the threat model of a messaging system!
Inherently, a messaging system will deliver a plaintext copy of the message to the recipient(s). Wouldn't be much of a messaging system otherwise.
Once you sent something and it was delivered in plaintext to the recipient, the information disclosure risk is completely out of your control (and out of control of the application in use). The recipient is free to leak it however they wish.
If you don't trust the recipient to keep it private, don't send it.
By joshuamorton 2024-02-2023:35 > That is inconsistent with the threat model of a messaging system!
I disagree, the worst thing that a messaging system that aims to be "private" can do is to actually not be private. Sending to a known-insecure client is a violation of, like, the one thing signal claims to do.
> If you don't trust the recipient to keep it private, don't send it.
My threat model is some combination of "third party actors who I don't trust" and "second parties who I trust but who are non-experts"[1]. I would like Signal to protect me from the first (by not delivering things to known-insecure clients that can be middlemanned or otherwise discovered) and the second, by having privacy-respecting and mistake-preventing defaults. Things like disappearing messages and such. Keeping my trusted-but-nonexpert peers from making mistakes that can harm either of us in the future is a key part of my threat model.
For example, disappearing messages prevent me from being harmed by my friend, who I trust to discuss things with, not having a lockscreen password and getting warrented by the police. An outdated or third party client that lets you keep them forever, even if well intentioned, can break that aspect of the threat model. And yes, a peer who is actually nefarious can still do that, but that's not my threat model. I think my friends aren't privacy-experts, I don't think they're feds.
[1]: This is, for example, the reason that I think PGP is not a good tool. Even if I do everything right, a well meaning peer who is using the PGP application can unintentionally leak my plaintext when they don't mean to, because of the tool's sharp edges.
By __MatrixMan__ 2024-02-2023:26 But you don't know, at the time of sending, which version of the client will show up to retrieve it. Otherwise both clients would need to be connected at the same time before you were allowed to send.
Just curious, since I'm not really active in this space, but wouldn't the threat model of most concern be that an external actor breaks (maybe an outdated version of) the app or protocol? This would leak data without you or the recipient being any the wiser. It seems like that's the threat the app-expiry policy is intended to address.
You could update the protocol version if and when a protocol weakness is discovered and then stop talking the previous protocol version after a transition period.
No need to continuously expire apps in the absence of a protocol breach.
By eszed 2024-02-217:01 What if there's a vulnerability in the app itself?
I have no idea if that's what they're concerned about - they may just be being arseholes in this case - but from the outside it seems like a legit reason to build in the capability for app expiration.
By JohnFen 2024-02-2215:41 If the app has to be updated on a 90 day schedule, then it's likely that most of those updates aren't making anything more secure. So it's not "known" that someone running last quarter's version is less secure than the sender expects.
By sunshowers 2024-02-2023:27 I think this is the tradeoff that Signal makes versus the messenger most similar to it, WhatsApp. Though of course everyone in a group chat must pick one or the other, so it's not much of a free choice. (My friend group in the bay area is entirely on Signal, for example, though I also have a WhatsApp account.)
> In the US, cellular is often expensive and slow.
Mint will sell you a plan for 5GB of data for $15/mo. Its not that expensive to have a basic cellular plan. And that's assuming you're not poor enough to have your cellular plan almost entirely subsidized. And also assuming you're pretty much never anywhere with wifi.
In the vast majority of markets in the US it'll take a minute or less to download, it'll probably take more time unpacking on your device and installing.
5gb for $15USD/mo is expensive relative to other areas of the world. in aus, for example, my phone plan is $30AUD/mo for 55gb
By vel0city 2024-02-210:45 Sure, but the thing I was responding to was "in the US".
There's cheaper per-gig plans in the US. Visible has unlimited plans for $30/mo which is cheaper per-gig if you use a lot but more if you're using less than 5GB anyways. And if 200MB/yr currently seems like an expensive amount of data to you, you're probably already using less than 5GB a month.
By Klaus23 2024-02-2021:15 We are talking about 85 MB four times a year to keep the application up to date and running smoothly. Don't be ridiculous.
By sneak 2024-02-2021:16 [flagged]
By vlovich123 2024-02-2018:27 Protocol ratcheting, but 90 days would be quick if there’s a lot of apps.
Does this mean the protocol still exposes your phone number and it's hidden only by the client side?
The answer is almost certainly no. It means the old APIs that expose phone numbers will stop working in 90 days. And old clients along with them.
I have not investigated this at all, but I have enough faith in Signal/Whisper Systems to be optimistic.
Found out the hard way that the old versions do stop working. You don't even get message notifications if your app is out of date.
By jcollins1991 2024-02-2018:491 reply Yup, I was on an international trip with hardly any data allowance when all of a sudden my messages stopped sending, and I couldn't receive any new ones... That'll never happen with SMS. I love Signal, but some of their product decisions have been questionable.
Their decisions seem right for the use case of a secure messaging app, but I don't care about that use case and would rather use a non-e2ee app that'll be reliable, not lock me out, and work seamlessly across devices. Also, for those who truly care about e2ee, it's pointless if you aren't checking all the safety numbers out-of-band.
By freedomben 2024-02-2019:251 reply Yes, this is a compromise on the CIA triad. It prefers integrity and confidentiality over availability.
That is a fine decision to make for a security-minded app, but signal has always presented themselves as a full alternative to SMS and other messaging systems where availability is prioritized over confidentiality and integrity. It should really be made more clear so that users are making an informed decision. They could also do wonders for the user experience by having the app inform the user of the problem and how to remedy it.
By hot_gril 2024-02-2020:47 Yeah, but I wouldn't call SMS super available either since it relies a lot on the ends too. Had a lot of those drop when I traveled. Something like Facebook Messenger has a whole server storing messages, so it's solid, you'll receive them later even if your phone breaks.
By londons_explore 2024-02-2018:382 reply The way they say "privacy settings will be honored by everyone using an official Signal app." kinda suggests they're gonna let third parties keep getting this info...
By contact9879 2024-02-2021:54 They won't. It'll be similar to message timers or delete for everyone. You can revoke sharing your number and it will be hidden in official apps but third party apps won't magically forget the number that was previously shared. However if you choose not to share your number from the start, no one will be able to see your number.
By pyramid301 2024-02-2019:54 [dead]
By verandaguy 2024-02-2019:232 reply This is a common, but terrible argument. Anyone can (mis)use, make, or weaponise technology given enough time and funding. Following this reasoning to its logical extreme, nobody should ever do anything.
The problem something like this solves is to raise the bar somewhat and discourage a fraction of those who would.
Done right, that fraction will be significant.
By hot_gril 2024-02-2020:41 It's not a big expensive task to look at what data an app is sending/receiving. Anyone with minimal reverse-engineering skill will know how to intercept HTTPS to/from their own phone in 5 minutes. Signal uses some other protocol, but it's also doable, also it's open source anyway.
The conclusion isn't that Signal should be closed-source, it's that Signal's servers should not trust the clients not to be tampered with. So after 90 days, they will remove phone numbers from the protocol for users who have hidden them, breaking old clients, which is fine. What is the alternative solution you're thinking of?
By saurik 2024-02-213:32 I mean, if WhatsApp said this about the privacy of messages, Signal would be running billboard ads about how they don't care about privacy and look at how much better Signal is, right? This is the company that goes out of their way to pile on advanced encryption and insists on using dangerous secure enclaves to get this kind of thing right... until they are asked the hide phone numbers, at which point they are selling people a false bill of goods that WILL confuse someone into giving their phone number to someone who they really shouldn't have. It isn't as if it is somehow impossible to hide anyone's number at the protocol level: hell... even Snapchat does this, right?
I like the idea, but they should have called it something else instead of ‚usename‘. Maybe ‚connection string‘ or ‚discovery phrase‘. Right now they have to explain at length in what ways it’s different from regular usernames.
Is ,comma-backtick` some personal quirk of yours, or is it some standard I'm not aware of?
European quotation marks commonly have the left one down low and the right one up high. The same applies for single quotes. But using comma-backtick is deeply unorthodox.
Germany != Europe.
The French use « », Italians use ‘regular’ “quotes”, etc.
Strangely enough, this is the first time I see your style of quote, in two decades on the Internet.
By replwoacause 2024-02-214:022 reply Yeah I’m surprised at how rare this is to see. I guess that means all Germans don’t follow this convention?
By fredoliveira 2024-02-2022:542 reply > European quotation marks commonly have the left one down low and the right one up high
Wouldn't say it's "common", because IIRC that's only the case in Germany and Austria.
By FinnKuhn 2024-02-2214:10 however in German you would use two tick quotation marks like „this".
By Jenda_ 2024-02-2023:34 And some others. https://en.wikipedia.org/wiki/Quotation_mark#Summary_table
By replwoacause 2024-02-214:04 Interestingly, the author does not follow this convention on his personal site (first link in profile) … instead option for the ‘single quote’ form instead.
By lock-the-spock 2024-02-219:29 To give a definite answer to the discussion below - it seems Czech, Slovak, German, Slovenian and Croatian sometimes use this format. Here an authoritative source: the EU publications office:
https://op.europa.eu/en/web/eu-vocabularies/formex/physical-...
By tcmb 2024-02-216:42 It‘s what my phone made out of two presses of the same (single quote) button.
,comma-apostrophe'? Only place I've see the backtick used for apostrophe is latex. And even then half the people don't know about it.
Sure, but there's no backtick in the GP's comment. Only an apostrophe.
Wait what? I see
,comma-backtick` whereas I wrote ,comma-apostrophe'
I copy pasted both btw. You see them both as '? I see GP as having ` and me having '
tcmb used ‚comma-apostrophe‘. nsxwolf asked "Is ,comma-backtick` some personal quirk of yours, or is it some standard I'm not aware of?"
I'm pointing out that nsxwolf was wrong to ask about comma-backtick, because tcmb used comma-apostrophe.
Both are wrong. tcmb didn’t use ‚comma-apostrophe’ – they opened with , U+201A SINGLE LOW-9 QUOTATION MARK (not U+002C COMMA) and closed with ‘ U+2018 LEFT SINGLE QUOTATION MARK (otherwise known as an open single quotation mark).
This matches the German convention described on https://en.wikipedia.org/wiki/Quotation_mark#German.
Sorry I was quoting nsxwolf. But now that you point it out, I can see the difference. It's subtle so I'll copy paste so others can see.
tcmb: ‚usename‘
nsxwolf: ,comma-backtick`
stavros: ‚comma-apostrophe‘
godelski: ,comma-apostrophe'
Though while copy pasting I see tcmb and stavros as having the same character which is different from the longer character you pasted. Seems my clipboard doesn't like that character. I also seem to have crashed OSX's emoji and symbol tray. No longer pops up if I press the button (bottom left) or select from firefox but got it back by opening safari.
Fuck man, I do not envy you people working on ligatures. Or timezones. I'm always impressed by these random rabbitholes and complexities in things that always look very simple. It's beautiful in a weird way.
By crazygringo 2024-02-211:33 Wow this is like the most HN thread I've ever seen, I love it! It's almost like a punctuation version of "Who's on first?"
Everybody's arguing, then finally all is revealed, and I learned a ton of stuff along the way about German quotation marks and the subtle difference between backticks and opening curly quotes, and low quotation marks and commas, in the Verdana font!
(If this had been a serif font with actual curly quotes the differences would have been much more obvious...)
Maybe "contactcode" would be better in this situation, as it doesn't imply any specific relationship between participants.
HellDivers 2 LFG rn is all about sharing Friendcodes... you can get a ton of them on discord or reddit... but then you end up haveing a "friendcode" cybermentally-distributed DNS system for them over time.
Six degrees will still exist.
(funny weird thing is that with HD2's server issues due too demand, one way to harvest this would be to create a fake LFG host game and have tons and tons of accounts bang against your HellDiver-Pot - and get whatever you can scrape from that?
---
OK - I actually went down this hole the other daty... you look at the reddit thread on helldrivers for LFG - or the discord...
So on reddit, you just put .json at end of thread - DL the entire thread as json, now you have reddit id, location, play style, etc, details AND their friendcode on HD2... but since they can individually generate random friend codes on any game/system that allows such... you have a breadcrump (with enough attention span to just correlate all the shared info between these friend codes and data received...
still - even with random friend codes - six degrees is still available, easily.??
---
I deeply hope they do a Tech Talk on the post-mortem of this lauch success spiral - its fascinating....
But one thing I am really interested in, this is based on the Autodesk Engine, I know they co-dev-dog-fooded, but I hadnt really known of this engine at all... what little I do know, is that - its amazing...
But I'd really like to know more about the arch and overall traffic flows etc of this game.
Its beautiful see "problems" like this explode in like ~2 weeks.
What do internet traffic graphs look like since growth, per carrier?
The developers last game had an all time peak of 7,000 users. They planned worst case scenario of 250,000 users for the sequel expecting more realistically 50,000 users.
They're currently at 394,686 players on steam alone - not including Playstation players. The servers are doing their best right now.
Sorry, I don't quite understand this in the context of "friend code" vs "matchmaking". Are you saying that friend codes bypass their servers, allowing peer-to-peer play even when the servers are overloaded (the way direct IP addresses used to do in old PC games)?
I apologize for not asking a clearer question. I was actually just interested in buying the game, but only if it has public matchmaking built-in for finding anonymous pick-up groups, instead of needing an external Discord server to swap friend codes on.
Friendcode is basically a token: lets have a game - call me on this burner number. we have game.
.>..x###.////3~~E`~,~X>>----- XXNXN x0x
then I know that youre solardev.. and we can be friends in future
(but this model is exploitable in ways, which is premise of many threads here)
I get that, but how does that help with overloaded servers? Unless the friend code is actually an IP address for peer to peer networking (which is rare in online games because of cheating), it still has to go through some central server.
At a minimum, the server would connect the tokens to players in a database. But usually I think they do more than that, such as hosting lobbies, punching through NAT, and in many cases, actually hosting the games themselves and being the authority for all the state.
In that case I don't see how tokens would save any load over matchmaking.
By samstave 2024-02-2117:39 >>the server would connect the tokens to players in a database*
the additional telemetry data for such connections and also unknown tracking from the clients is what is load.
unless you know what is coming going from to each client, and reqs of that connection btwn clients on the DB... have a bad time?
--
Or am I an idiot.
By duxup 2024-02-2020:44 Yeah that seems to be the standard and very descriptive.
By weikju 2024-02-2022:06 Not everyone I connect to on signal is a friend. same for e.g. journalists or government people who use Signal.
By pests 2024-02-2119:41 Why not "invite code" like Discord does it? This is literally the same thing.
Its a code, inviting other people to speak to you.
By denton-scratch 2024-02-2110:461 reply > they have to explain at length
My reaction to the article was that they're using a lot of words to explain this change. That suggested to me that maybe they aren't being completely candid.
I've never used Signal, because (a) I don't want to rely on a smartphone, and (b) I don't want to use my phone-number as my ID, because it's traceable. I can't work out from the TFA verbiage whether this change addresses my concerns or not. That in itself is concerning, to me.
By Tmpod 2024-02-2113:34 Regarding (a), apart from the inicial account setup, you can actually use the desktop client fully standalone.
Regarding (b), yeah that's still a bummer, though, depending on your country of residence, you can get throwaway SIM cards for free and use that.
By WolfeReader 2024-02-2020:511 reply "Connection string" already means something else. I'm partial to "Identifier", myself.
But identifier already means something else (i'm used to identifiers being unique, constant, and useful for actually identifying someone).
By WolfeReader 2024-02-2022:05 Good point!
The former C++ programmer in me wants to call them "user pointers" but that would just confuse people who haven't learned pointers.
By WhyNotHugo 2024-02-2111:53 Indeed. And apparently you'll still log in with your phone number (not the username).
By crossroadsguy 2024-02-2110:12 They also missed the opportunity, like many times they have done over the years, to actually make it something rather like 'Hide My Number' in true sense, after spending years sitting on this feature. That would have been the true case of "caring for privacy". This is just a lazy (too lazy!) copy from Telegram (however, with one good thing -- getting rid of username vanity)
By jamwil 2024-02-213:06 I like “handle”. It’s short and conveys some mutability.
By networkchad 2024-02-2021:23 [dead]
