MCH2022 Curated content Playlists: 'MCH2022' videos starting here /
audioThis is a rant about how moving ecosystems are not a good reason for centralizing a crucial service, how stickers are no substitute for a desktop client that does not crash, and how effectively shutting out less popular OS platforms is just not cool.
In his seminal work ["The ecosystem is moving"](https://ift.tt/SK9QgTM), Moxie Marlinspike laid out clearly the reasons why it's impossible to do what [Matrix](https://ift.tt/lqygQHk), or [the Fediverse](https://ift.tt/b9zJaj3), or for that matter the Web, have done: create a dynamic, quickly-evolving ecosystem without centralizing it.
For years, as a person responsible for information security of at-risk reporters and their sources, I have been advocating Signal as a secure Internet messaging service. And with good reasons.
Criticizing a security-sensitive tool like Signal is tricky, as it might be misconstrued as a call to abandon it, and move to alternatives that might be in fact worse. But here, at a hacker conference and with little risk of causing confusion and diverting users towards less secure platforms, can we please have an honest conversation about Signal's problems? And how 5 years after that blogpost, moxie's centralization has not solved them?..
There are good reasons to exert a level of control over what connects to a communication network. But effectively shutting out a community of developers that would love to implement Signal clients [for](https://ift.tt/q2m0Yct) [less](https://ift.tt/7iQFAJB) [popular](https://ift.tt/KBG0pQt) [OSes](https://ift.tt/6DaXOjT) (many of which happen to attract the kind of infosec-aware crowd that used to be the core pushers of Signal) is not a good outcome.
Opening up more on the client side and providing some form of independent client development program (starting with a stable API) would already help a ton. Even if it's just the desktop client that gets re-written in something that is not in essence a packaged browser [trailing it's upstream on security patches](https://ift.tt/bahcMzi).
Finally, we need to talk federation. Does it make moving fast and breaking things more difficult? Yes, yes it does, and that can be a good thing. It also makes the resulting federated service more resilient (one [service provider experiencing issues](https://ift.tt/uZ32g9y) does not bring the whole network down). And, it lets others innovate without being locked out.
Download
Tags
from Hacker News https://ift.tt/xFiL3sb
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.