248
Privacy is Priceless, but Signal is Expensive
(signal.org)
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
I‘m not an expert on this topic, so someone correct me if I’m wrong. Signal is only storing stuff temporarily to pass it on, so I’m assuming you’d have the exact same costs even if it weren’t centralized. Maybe even more as it’s probably cheaper to have it managed in one place. I’m assuming all this would do is distribute the cost, but otherwise be the same?
XMPP maybe. Matrix is a bloated protocol which costs a lot more to host.
You're not wrong. Federation would have higher costs but distributed over more people. Even with pure P2P a-la BitTorrent things might not be significantly cheaper because you'd likely still need to host authentication centrally or federally. You'd only eliminate the message bandwidth costs.
The thing is, we already have a way to distribute the costs - people subscribe to support Signal. Some pay more, others less. Whether I run a node that serves 100 people or subscribe for $10/month, it's somewhat equivalent. So the practical takeaway should be - if you want for Signal to keep signalling - subscribe if you can afford it.
The difference is that there's enough unused capacity on your personal device to handle all the traffic any typical user needs to handle in a day many times over, for simple messaging. Likely, that load is so little it won't even affect your battery life.
Wouldn’t you still need a server in between to temporarily store the messages if the other person isn’t available?
Wouldn’t that mean both have to have a connection at the same time? What if one is offline?
If you have a static IP address, if you want to bother with securing and maintaining it, if you're willing to deal with downtime when something inevitably breaks, if you're willing to deal with lost data or also maintaining a backup solution, if... a dozen other things that most people don't want to deal with.
Sure, but you also just... don't have to do that. None of that is necessary fore core functionality of a messaging service, IF you stipulate that both devices must be online at the same time to ping each other.
The only thing you need is some very basic addressing service so they can find each other, and there are entirely P2P solutions for this that already exist and work without issue. See: bittorrent.
The ONLY drawback of having no server, fundamentally, is that the two devices need synchronicity. If they both aren't online at once, messages won't get delivered. Which is not a big deal for a modern smartphone given that most of them are online close to all of the time.
I'm not really going to get into the technical aspect since I feel neither of us know enough to tell how feasible it is (although I think you're wrong since you do need trackers in order to find at least one other member of the swarm), but this part
I just a horrible take. You can't base your business model on "modern phones being online close to all of the time". You can't have random data loss whenever someone goes out of service area, has to turn on airplane mode, runs out of battery, has a software error or just an update or some other kind of temporary downtime? That's not how you design any software, less alone a dependable messaging service. You can't just "stipulate that".
Nothing gets lost. Not having every packet get delivered is already entirely normal on any internet application, and already solved.
Solving that "problem" is as simple as sending an acknowledgement back when a message is received, and retrying when acknowledgement isn't received. Routing P2P is more (but not very) complicated than that is.
What business model? Why does a messaging app need to be a business? And again, how is someone who doesn't have service supposed to be receiving/sending messages? Makes no damn sense.
Basically all bittorrent programs include allowing a peer to act as a tracker directly.
Keet is closed-source app with built-in crypto, I am not touching it with a 10ft pole. Holepunch does sound like interesting technology at first glance. It doesn't solve any of the issues mentioned above besides connectivity however.