There are big wishes for Signal to adopt the perfectly working Flatpak.
This will make Signal show up in the verified subsection of Flathub, it will improve trust, allow a central place for bug reports and support and ease maintenance.
Flatpak works on pretty much all Distros, including the ones covered by their current “Linux = Ubuntu” .deb repo.
To make a good decision, we need to have some statistics about who uses which package.
My parents are approaching 60. I told them that the signal text message app would work a lot like iMessage if we both used it. And it did. It was great. For the other people that used signal, the experience was generally better. For other people that didn’t, SMS was fine because that’s how I was going to talk to them anyway.
The thing is, My parents are not going to go to more than one app to communicate with other people. Since it no longer sends and receives text messages, it doesn’t work with 99% of the other people in their lives.
They own and run a pretty large business. There’s no way that they’re staying on more than one messaging platform. You can talk all day about what they “should” do, but at the end of the day just getting them to switch to another app was a huge lift for me. Not only did they switch back to regular SMS, I burned a lot of credibility with them on tech related stuff through no fault of my own.
Repeat this story for the 90 or so people I had converted. There was no critical mass, so adoption evaporated overnight because my social graph is not enough to provide any sort of critical mass and adoption.
That sucks I am very sorry to hear that.
The thing is just that nobody should use SMS really. If they have a business they may have experience with it and whatever but really, dont use SMS at all…
Then it is just a single messaging app.
It makes no sense to include unencrypted SMS in an encrypted messaging app over secure protocols. Like, SMS are all scanned, surveilled and can easily be manipulated.
SMS is also the common standard for talking to people.
For the vast, vast majority of people, the technical security of, ‘hey, you want to catch a movie next saturday’, is far less important then the message actually getting through.
Qute simply, it is far more important for a communication method to be easy and universal then to be secure against attacks the vast majority of people do not think they will ever encounter. When most people want to tell their neighbor two houses down that the dog has gotten out again being able use the app they already use to communicate is far more important to them then then a bunch of technical jargon about end to end encryption.
I hate that the developers of secure messaging apps in particular are deaf to this. It’s so easy to just add SMS as a fallback and yet they refuse to.
Thats email too, which is less bad
Why is email less bad than SMS? It’s about as (in)secure.
Email also fulfills a different role, as it is for longer, more formal, and less time sensitive messages. Nevertheless, more modern and technical encrypted email clients go out of their way to still work with unencrypted messages insteand of being deliberately incompatible as Signal is.
Email uses modern TLS, SMS uses some ancient encryption from the 90s or so, that just doesnt work.
If you trust the servers email is fine.
You can use Deltachat to chat over email. The protocol is universal its just how you use it.
Trust me a signal/xmpp/matrix message could look like an email too.
Email + Encryption is poorly optional yes. But you are asking for an internet chat service to support a different, ancient, insecure and unprivate protocol that has nothing to do with it.
Deku SMS supports encrypted and unencrypted SMS, this makes sense.
Yes, you could technically use email like SMS, while the standard allows for up to five days for the message to go through that’s pretty rare, in practice it’s primarily used to send long messages from one computer to another, not a single sentence or two between phones.
In practice, it is about as secure as SMS, as both require similar levels of dedicated effort to interpret. Most of the actors with the hardware used to intercept and decrypt SMS are the same actors who can compromise a server, or outright have acess to the backdoor they paid 10 million to put in RSA. Not that they need it, as the largest email providers by far do often work with law enforcement anyway. Both SMS and email attacks are seen at about the same rate and scales, which is to say rarely outside of government agencies where both are unfortunately routine.
Signal is primarily designed and marketed to fufill the same basic role as SMS, as evident from just how much of an afterthought anything but the mobile app is, how said app copies the same format as SMS for messages, how it required an phone number to use and sync phone contacts, and how it did support SMS for quite some time. It is emently reasonable for Signal to have continued to have featured the messaging format most of the people it could talk with used.
Agree that in practice SMS are intercepted just as much as Emails. But its entirely different and SMS does not use RSA afaik.
The last paragraph stressed for me how confusing this would be for noobs. A messenger that seems to do exactly the same but differently. People would not get it and think if they use Signal for SMS this would be secure somehow.
Whatsapp never integrated SMS and its used everywhere. Okay, there are video conference platforms that allow to log in via the phone network, but yeah, dont do that.
I think they just gave very valid reasons to include sms in signal, adoption. It took me years to get my contacts on signal and I was finally at the point that >80% of my messages were encrypted, that dropped to <10% the day sms was dropped. If I refused to use sms I would effectively be cutting contact with my family.
In the US on Android, unencrypted SMS messaging comes default. How do you propose getting a technologically illiterate boomer to not use SMS?