Follow

Signal posted an update about the new cryptocurrency payment stuff.

My opinion is still pretty much the same. I'm not freaking out and calling them names, but taking on a project of this scale when they still have so much work to do on their original scope of messaging (like decoupling from phone numbers for one) does not seem like a smart idea. And the point about inviting regulatory and legal scrutiny still stands.
signal.org/blog/update-on-beta

Also they did an awful job communicating this. All of this should have been said in the initial announcement, not doing damage control after the fact.

And hiding the server source code for a year while working on this was a terrible move.

Does Signal really want to become the preferred way for paying for drugs and guns? That's not a good look to politicians and government bureaucrats, especially those who are clueless about technology, much less cryptography.

@be they risk "poking the bear" just as the whole EU (and its neighbours) debate how much encryption/privacy is desirable for citizens to have (and when there are genuine nasty crimes going on via some services (eg: Encrochat). Also telephone numbers (a finite public resource) are the property of each countries Communications Ministry, so govts tend to have a sense of entitlement about what they can be used for.

@be Integrating a cryptocurrency is high stakes, and could well be their undoing.

If they succeed then they effectively become a bank - i.e. a global method of payment. But not a bank which is auditable.

@be the crypto is separate from Signal. Marlinspike only serves as an "advisor". They have taken legal advice wrt regulatory issues which is why it is not available to US citizens for instance. The beta is UK only because they checked the laws allow for it.

I don't think it will distract much from Signal's goals because, as I said, MOB is a separate project run by a separate team. It's open source for any messenger to use.

Also look at Status. Messenger + crypto wallet. Been around for years.

@aspie4K I'm sure they consulted a lot with lawyers about this before rolling it out. But if this takes off the way they want it to, it could attract the ire of politicians wanting to change the law to ban it.

@aspie4K Signal could easily be shut down if the US government pressures Google and Apple to ban it from their walled gardens. As @pluralistic says, whenever companies build technology that gives them power over their users, authoritarian states will come asking to use it for their own purposes.

@be is there a history of the US government pressuring Apple or Google into banning apps from their stores? I've only ever seen this from Russia or China.

I have seen tabloids run with headlines that make it sound like E2EE apps will be banned any minute for many years, but there's a reason you only see that in tabloids.

@be

"A significant share of users of its systems were international crime organizations involved in drug trafficking, and the company management was suspected of collusion."

Yeah, trust me, that's a whole different thing from a normal E2E app.

Look up Encrochat as well, the reason those companies get taken down is they're run for the explicit purpose of selling "encrypted phones" to organised crime.

Obviously not the case with Signal as an open source messaging app.

@be @aspie4K @pluralistic
Amazon has a single switch to shut it down as they did with Parler. I encourage people to have contingencies such as XMPP and Matrix accounts already setup and known to their contacts.

@krock @be @pluralistic Signal has far better technical and monetary resources backing it than fucking Parler lol, if AWS kicked them off they just restore their server stack to a new host and point the domains to the new IPs. Even if the US gov seriously tried to scare all US hosts from serving Signal (highly unlikely but possible) there’s plenty of webhosts outside of the USA. If even darknet drugs markets can get hosted so can Signal.

@aspie4K @be I only mention Parler as an example of what AWS can and has done. It was backed by the billionaire Mercer family, and they were not able to move to new servers very easily. Iran and China have blocked connections to Signal. I certainly expect that Signal has contingency plans in case things go bad with their host, and all of us should too.

@krock @be the problem however was although Parler did have that backing it didn’t invest much at all in technical architecture. This is evident from the hack. Same is not true of Signal. Much more professional technical team behind it. They probably have failover servers at different hosts ready to go tbh. Would be shocked if not.

And yeah China and Iran are notorious for censorship. Signal put out an open source Docker package to set up proxies.

@aspie4K @krock Having contingency plans for hosting is a separate matter from getting removed from Google Play and the Apple app store.

@be I addressed that in my next toot. That is possible, yes, but Signal is backed by some pretty big money. They can fight that type of thing in court.

And can I just ask, if no one ever added this feature out of fear of regulations, how is that functionally different from it being banned?

Signal has a laudable goal here to create user friendly private crypto. I hope they succeed.

@aspie4K The problem is that it could take down the private messaging which is valuable separate from private money transfer.

@be if the US gov wanted to force Signal out of business by pressuring Apple/Google to ban them simply over private messaging, they would have done it already. Signal has been around for ages.

If the gov does take action, worst case is Signal has to remove the crypto functionality, same as Telegram. Notice Telegram didn't get banned when their crypto got them in trouble with the SEC. They just had to abandon the crypto project.

@aspie4K One thing that keeps Signal safe is that people inside government rely on it. But still, attracting controversy is not a great idea.

@be not only that but Facebook relies on it for WhatsApp, I really think Signal has enough money behind it that they can't just be got rid of.

@be it is possible that Signal may face extra legal scrutiny even staying out of the US for this feature because the nature of MOB is anonymous like Monero, but the Signal Foundation is backed by a co-founder of WhatsApp who threw $50 million at it... I am sure they can afford good lawyers.

@be to me it actually makes perfect sense and fits with Signal's vision. Mobile payments are being integrated into mobile messengers nowadays (this is already the norm in Asian markets, which are also the biggest crypto markets) but those transfers are all traceable. Allowing anonymous transfers on an encrypted messaging app just makes sense.

I've seen some people saying it's just a way for Signal to monetise their users. Even if true, as long as they keep respecting privacy I see no issue.

@be They didn't even include the "What about regulations?" question on "Beta feedback from the field", maybe because they don't care. 🤷

@avalos I'm sure in a way that they don't care because fuck the system, but that doesn't change that the system exists.

Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.