It’s a good move; it shows they are no interested in popularity but Privacy and Security
me neither
In a statement to the publication, Signal president Meredith Whittaker says, “Our privacy standards are extremely high and not only will we not lower them, we want to keep raising them. Currently, working with Facebook Messenger, iMessage, WhatsApp, or even a Matrix service would mean a deterioration of our data protection standards.”
Ugh, okay Meredith, let's pretend it's impossible to handle this with user experience that makes the user acknowledge their conversation with a WhatsApp user is not secure. Meanwhile if the only viable way for this conversion to occur is to have WhatsApp on both ends, the situation less secure. So according to Meredith, the choice is between less overall security or not having conversations with people who don't use Signal. That could makes sense for her salary but it surely is a net negative for Signal users some of which will have to install WhatsApp since they won't be able to afford not to have those conversations.
It's the same argument they used when ditching SMS-support ☹️
I'm not nearly as salty about SMS because of the following differences from the WhatsApp scenario. Signal-SMS was only supported on Android, call it half of Signal users whereas a potential WhatsApp integration (or lack thereof) would affect nearly all Signal users. Then the Android users who have to reach others over SMS already have a built-in system app that does this, so they don't have to install third party app that exists to vacuum data. So the downgrade for the Android Signal user is in ease of use, not in overall security.
Except most people are not going to tolerate having a multiplicity of apps, and if people in your circle don't already use signal, they definitely won't now. Whereas previously, I was getting pretty decent traction from people slowly adding it.
In the modern age, it's getting easier to hard-line your messaging platform though.
If people are already used to having multiple messaging clients for multiple people, it's less of a jump to add one more.
This has been my experience as well. In the past friends and family were more reluctant to break away from whatever their default communication app was. These days most people are already familiar with the idea of using one thing to text, another to "message", and often more than that. I've had great success converting people to more secure platforms now that they understand the process.
Don’t the built in system apps also vacuum data?
This is Lemmy. Here we believe everything vacuums data!
The built-in apps get and send SMS from a system service on Android. In nearly every case the system app is from the same vendor as the system itself which means there's no significant opportunity for data disclosure that doesn't already exist within the system. If anything , the system has much larger opportunity to vacuum data. Therefore if you don't trust the system SMS app, you shouldn't trust the system either. If you trust the system, you can probably trust the system SMS app too. Third party SMS apps present net additional opportunity for data disclosure so one has to trust the one they use doesn't vacuum data.
a net negative for Signal users some of which will have to install WhatsApp since they won't be able to afford not to have those conversations.
I just had to do exactly this for a little league group 😭
Yeah we’re like super serious about privacy so we require you to make you’re account based on a unique, hard to change, personally identifiable, insecure data point and require you to show it to everyone you talk to. The fact that they’re only now starting to test hiding your phone number is beyond asinine. Any arguments signal has about security I might listen to but their concept of privacy is laughable.
Ugh, okay Meredith, let's pretend it's impossible to handle this with user experience that makes the user acknowledge their conversation with a WhatsApp user is not secure. Meanwhile if the only viable way
for this conversion to occur is to have WhatsApp on both ends, the situation less secure.
It is a privacy concern, not a security one.
So according to Meredith, the choice is between less overall security or not having conversations with people who don't use Signal.
Could you cite this please?
Because I do not see this beeing said or implied.
That could makes sense for her salary but it surely is a net negative for Signal users some of which will have to install WhatsApp since they won't be able to afford not to have those conversations.
Entirley different conversation, accusations and projections. So dropping this.
It's doable we are not in the kindergarten and school groups we might miss a few things but worked so fast for us. And I convinced both my job teams to use Signal
Ugh, okay Meredith, let's pretend it's impossible to handle this with user experience that makes the user acknowledge their conversation with a WhatsApp user is not secure. Meanwhile if the only viable way for this conversion to occur is to have WhatsApp on both ends, the situation less secure.
I don't agree with this. The only way to have the conversation is to have Signal at both ends.
while i see where you're coming from, being able to message WhatsApp users from a client app that respects privacy would be better than being forced to have WhatsApp installed on your device, with it snooping casually on your everyday device usage and your contact list and so on.
WhatsApp is the only Facebook app on my phone and i'd love to get rid of it without losing the ability to message all those buffons using it (which make up for 99% of my social circle)
Exactly. Let us choose if we want to interact with WhatsApp or not.
I’d be ready to sacrifice some security in order to not have WhatsApp installed on my phone.
Of course it would be cool to just get rid of WhatsApp but I can’t force my whole basketball team to go on Threema..
Signal refusing to federate with WhatsApp, even though meta says they will still use the signal protocol is the most bone headed decision I have ever seen from them.
There no better chance to break the network effect than this.
Yeah that sucks, Signal is my preferred app and I wish I could get rid of WhatsApp without having to convert everyone.
Yeah this is very stupid. But I never liked Signal anyway.
Is there a matrix protocol based app that is planning to "federate"?
Realistically there is going to be a bridge which you can either self host or use to federate matrix.
Every Matrix protocol server, excluding some experimental or internal for a company ones, are federating?
And it's not an app as you can choose an app, the protocol defines client<>server spec too.
I really wish my country didn't rely so much on whatsapp
This is why it annoys me every time someone brings up that SMS/iMessage is a US only problem. Whilst this may be true, for a lot of us WhatsApp is no different. Particularly now that Meta owns WhatsApp.
Whatsapp has been owned by Facebook since 2014. It was created in 2009. That's 5 years without Facebook, 10 with :/
It's been that long? Wow.
Meta wants to federate with the whole fediverse eventually. This is first up, then Threads. Remains to be seen if they’ll bother with a Lemmy instance but I wouldn’t be shocked.
So far though the response by the fediverse has been “nah”.
It's... I guess the ghost of their XMPP abandonment.
EEE at its finest, like they did to XMPP
Wasn't it google?
Both Google and Facebook.
This is a centralization problem. Come and force federation upon my SimpleX server in Iceland!
Indeed. I wish your comment was the most visible here.
Signal and Threema can be all about privacy, but they are still companies which can make money only by keeping their service as centralized as possible.
Decentralised messaging like Matrix, XMPP, Jami, have no issue with interoperability.
You'll be happy to know it's the top comment thread, at least in Sync
I'm using sync, it's the second top-most for me.
Signal is developped by a non-profit.
You are right.
upvote for SimpleX
SimpleX looked pretty intriguing...is it basically a better / private / more secure replacement for IRC?
pretty much, though it's pretty basic in terms of functionality at the moment
I was hoping to move to signal in the whatapp network. Unfortunately in Brazil you cannot live without whatapp.
You could try and run both
Keep whatsapp, and slowly switch contacts to Signal (it might just be close friends and family). That's what people around me are doing
My wife told me to fuck off when I installed signal on her phone 😔
Haha, that’s kinda funny. Then people are like.
Just tell your friends and family to stop using iMessage. Like everyone will be ok to switch their routine just like that.
It's definitely not for everyone. For me it's
some use signal with me / others exclusively, sending the occasional message elsewhere when on a certain device or sharing within a platform
some use signal for sensitive conversations, and use other platforms most of the time
some just don't. If I need to have a sensitive conversation with them, I do it in person
Sounds like you need some matrix bridges in your life.
Whatcha bridging to Matrix?
Honestly I started looking into a few of the easier ones and its a damn process so which one am I bridging? All of them. One at a time.
It's on my list of things to explore soon 😄
I managed to convince one long distance friend a few years ago. So now I need to keep Signal just to be able to communicate with him.
I have both WhatsApp and Signal installed.
In the 3 years or so since I installed Signal, I haven't had a single conversation on it. Only a handful of people from my Contact book are showing as Signal users, and none of them people I speak to regularly.
I live in anticipation of someone deciding to message me on there, but I'm not exactly optimistic at this point.
I met one person a few months ago who also used signal primarily. It did feel weird adding someone normally. Usually when I add someone it's their first time with signal
It's not about converting people close to you. In some situations, you're asking them to install an app just to talk to you, while everyone else they talk to is on WhatsApp. I personally have to use WhatsApp for work and for personal, otherwise I'd literally not get those messages. There's no option when, if you stop a random person on the street, regardless of what OS their phone is running, and ask to look at their phone, it's going to have WhatsApp installed. It's like your phone having email; who the fuck doesn't have email? It's the same with Whatsapp, it's just assumed you have it.
On the one hand I agree with them sticking to their guns re: adamantly protecting privacy.
On the other, the number of contacts I have using signal has dropped off a cliff, from 12 to just one. It certainly isn't rising. The people I know who used it have abandoned it and went back to WhatsApp.
Getting rid of SMS support was a mistake.
I'd personally prefer that when messaging with someone using WhatsApp, they make clear to you that Facebook can and will have some metadata, but not the contents of the chat itself. Shit, make it opt-in.
A big part of why nobody uses signal is because... nobody uses signal. If you could still talk to people on WhatsApp, the de facto standard in most of the world bar the US and China, more people might give it a try, and thus more people over time would be having signal-to-signal conversations.
IMO a good but imperfect solution is preferable to nobody using Signal, which is the realistic alternative.
I'll continue donating to Signal, but much like their SMS decision, I believe this to be a mistake that will severely hamper adoption.
I would state it even more generally, something like "when chatting with WhatsApp/Facebook Messenger users Signal can only ensure no data is shared with third parties from your device …" or something around the lines of that
they make clear to you that Facebook can and will have some metadata, but not the contents of the chat itself.
You thought you're safe and private when the content is encrypted? LOL, no. Metadata are much more useful to Facebook, and to the intelligence services.
“We Kill People Based on Metadata.” -- General Michael Hayden, former Director of NSA and CIA
My point isn't that metadata isn't useful for them, there's no need to be condescending about things I never said.
My point is metadata should be protected as content does. While IM platform needs to know which message should be delived to whom, they don't need that after being delivered, nor have it profiled.
Agreed.
I disagree. When sending SMS you are leaking info like when, to whom and how big message you sent to a lot of spying agencies.
You do that regardless of which app you use to send SMS.
That's why I don't use SMS at all
Cool, but that's not an argument against SMS support in Signal.
I'd personally prefer that when messaging with someone using WhatsApp, they make clear to you that Facebook can and will have some metadata, but not the contents of the chat itself.
If you believe that, then I think you're one of Zuckerberg's proverbial "dumb fucks". Not that I mean to be insulting, but that's literally what he thinks of his users.
Facebook's WhatsApp is almost certainly filled with backdoors and exploits. In particular, with Android they often bypass Play Store checks by bundling system apps directly via the manufacturer.
Calling someone a dumb fuck, even indirectly by using Zuck's famous quote, is quite rude. People aren't dumb fucks because they are forced into using WhatsApp.
Maybe you're from the US or somewhere where iMessage, SMS, or WeChat dominate, but here, you either use WhatsApp, or you become an outcast. Whatsapp is de facto mandatory. Even half of my delivery notifications and 2FA comes to my WhatsApp, not SMS. When people say "just don't use WhatsApp", they may as well be saying "just don't use email".
I don't want to be one of Zuck's users. That's why I want an open and secure protocol for cross-client messaging. So I and others can use something else without being isolated from friends and family. Being lonely isn't pleasant.
Facebook's WhatsApp is almost certainly filled with backdoors and exploits
Perhaps it is. We can never know due to its proprietary nature... which is why I don't want to use it.
As it stands, I can use Signal with one contact. The rest refuse to use it, or used it and abandoned it.
It would be amazing if everyone woke up tomorrow and flocked to signal, but here in the real world, outside of my fantasies, I have to go with the standard, which unfortunately is WhatsApp.
The only other alternative is SMS which is far worse in terms of both security and privacy, and would also cut me off from talking with friends as I'd have no group chat access and because nobody uses SMS.
My choice is between:
being alone and unable to talk to anybody, but being a privacy purist.
conceding some metadata but retaining private chats and using a client I want to use. It would also bring more people to signal as they also won't be locked out from chatting with others. Overall I'd gain signal-to-signal contacts, as well as imperfect signal-to-whatsapp ones.
giving in entirely and using Facebook software.
To me, there's an obvious answer there. It's not perfect, but it's better than the others.
Extremely bad take in my opinion. Not supporting alternatives means you force users into installing the alternatives
People could be using WhatsApp if they cared about it, but they chose signal for a reason. And making signal weaken its privacy for the purpose of reaching more people is against everything they stand for.
The trouble is we end up having to install both when we could be only using Signal
Same goes for people who you convince to install Signal. They'll end up never using it because they just forget about it and they're not the ones who wanted to use it anyway. Being able to message people on WhatsApp through Signal would also make it a lot more easy to convince people to install it.
And once those people have it installed, they'll talk to each other using signal-to-signal as opposed to signal-to-whatsapp!
It pretty much solves the chicken and egg problem, and yet they're scoffing at it as a solution. IMO it's a big mistake.
Using only signal in such a scenario is like using only whatsapp today, to chat with whatsapp contacts. What are you hoping to gain?
But it's not the same - there's a community of people doing the same thing, and with those contacts you'll be using Signal.
I would use signal if I could convince people to use signal.
I could convince people to use Signal if all their conversations were on signal and they could talk to people on WhatsApp in a seamless way.
Right now you MUST have WhatsApp if you have any kind of social life. Signal is the other app that no one has because it's kind of a pain in the ass to have two messaging apps.
I would love to switch to Signal, but inter-compatibility with WhatsApp is a must. The EU is essentially handing them a golden opportunity on a silver platter to become a mainstream app, and they are like nah, we good wtf
This is correct, and everybody who complains about how "hard" it is to use more than one messenger app is pathetic. That's like the epitome of first world problems. People should be GLAD that they have the option of using Signal, instead of whining about how they didn't build it the way they wanted it to be.
Its hard to get others to do so, for seemingly no reason. I have Signal installed, have had it for years, have told all my contacts about it. Only like 3 installed it, but quickly forgot about it. I still have to have WhatsApp installed to not fall off the world so they end up texting me from WA anyway.
Its not like SMS vs Signal where there is a clear benefit to the average Joe to use Signal, there's no difference between Signal and WhatsApp to the average person so they will just keep using WhatsApp out of habit.
It's not hard for me to get others to use it. I simply don't have a Whatsapp account or anything else. If they want to contact me, they will use the right app.
Thats great, now try that with acquaintances, coworkeea, classmates or companies that only chat through WhatsApp. I wish I could go nuclear but WA is a necessity.
Your problem is you allow them to do that to you. I simply do not allow it, and it works out fine for me. Have never used WhatsApp a single time.
It is literally not a necessity. It's a convenience that you are making yourself dependent on.
I can only agree with you, it is a choice we’re making.
Still I don’t feel like I want to tell people other than my family or friends to give up on me or switch to threema.
I’m still thinking about it, but the downsides are bigger than the upsides for now.
Nope. Fuck people stupid enough to use FBInc at all.
Using whatsapp is an absolute necessity in most of the world, its the only way to communicate with coworkers, classmates, businesses and even some government services. Not using it means you are essentially disconnected from the world. Good luck convincing more than 2 close friends to install Signal just to talk with you. No one uses SMS. FB really is that dominant.
It's OK to be "disconnected."
Especially if "connected" implies dependency on one corporation which has shown general disregard for its customers' privacy and mental health.
I don't use Whatsapp, FB, Instagram, snapchat, google, and somehow manage to make my way through the world.
Believe it or not plenty of people still interact in meatspace, limited as it is.
If you don't live in a place with WhatsApp as the dominant chat app I don't think you could get it. I don't have FB, Instagram, Snapchat, Google, Outlook, or any form of social media, I am as disconnected as can be. But WA is truly inescapable.
Need to ask a very specific question about taxes? The government support person only answers through WhatsApp. Need to file an insurance report and even check if it was approved? WhatsApp. Need to schedule a certification exam? Whatsapp. Hell, more and more companies and government services are moving to WA only customer service/support, like not even help you if you show up in person and in some cases their phone lines (which are "always busy") just direct you to their WhatsApp.
Its also the only way of reaching coworkers/classmates. Not for like socializing or messing around, but for group work, file sharing, scheduling meetings, sharing important/urgent announcements, etc. And good luck getting mere acquaintances to install a secondary chat app just to talk to you, when we can barely get our friends to install adblockers in their browsers. Well, there are other secondary ways to reach them, Facebook Messenger and Instagram DMs, but we both likely agree on what to make of these ones.
I hate Facebook and am aware of their practices, but they have reached an absolute dominance over communication in most of the world. You can't just ignore them in day to day life.
The people who say "just don't use WhatsApp" really don't understand. They may as well be saying "just don't use email"
For millions, possibly billions of people, it's a straight-up requirement for partaking in modern society.
Like somebody else here said, the EU has handed Signal, on a silver platter, the chance to become a mainstream messaging app, and rather than embrace it, Signal have comprehensively rejected it.
Honestly, what are they doing?
It might be OK for you to be "disconnected", but some of us have got stuff to do.
It’s easy not to use Facebook, Snapchat or Instagram.
Even not using Google is easy as you can just use any other search engine like Ecosia.
Sadly, not using WhatsApp would be a real organizational problem for me with people I ain’t close enough to force them to use Threema.
So I’m forced to have both apps installed. Threema for 95% of the time and 5% with WhatsApp.
Doesn't give any reason to swallow that kind of sucker punch.
Clearly written by someone from somewhere where WhatsApp isn't de facto mandatory.
Yup and no fucks given.
Ooh you're hard.
If you think think such of no respect for the FBInc or fucking any closed source software then, yeah, duh.
There is one thing about interoperability that I don't see many people talking about:
Your messages going to and being handled by other services means you'd be subject to their TOS and privacy policy as well.
As long as services are transparent about it so users can make informed decisions based on it, that's generally fine.
But then services like Beeper, or just Matrix bridges in general, make it so anyone can setup such a connection between services without their contacts even knowing about it.
Your messages going to and being handled by other services means you'd be subject to their TOS and privacy policy as well.
This is true of literally every one of your contacts, too. When you send someone a message, they can screenshot, copy, archive, and forward however they see fit (and most people don't govern themselves by any kind of TOS or privacy policy). Which then means that if any one of your contacts chooses to use another service as a bridge, or as an archival tool, you're naturally going to expose your messages to that service, on that contact's terms.
But that isn't about interoperability per se. It's about how other people store and use their copy of data shared between multiple users. Apple iMessage isn't interoperable with anything, but users still have conversations archived all the way back to the beginning of the service over a decade ago, and can choose to export those messages to be saved elsewhere. (For example, I use a bridge for iMessage so that I can view them on my Android phone, but the mechanism is software that leverages the Mac's accessibility API).
Some of us are data hoarders. If you're gonna have a conversation with people like me, you'll have to trust that we don't use those archives in a way that either inadvertently/negligently or intentionally exposes that data to some bad actor. I'd like to think I do a good job of respecting my friends' privacy, and secure my systems, but I'm probably not perfect.
You're not wrong but a friend (maybe even inadvertently) being negligent with my message, and a business structurally sending my message (received from my friend's app) to third parties seems like a different ballpark.
What sort of irks me is what a mixed bag EU regulation is. Some is good (GDPR), not denying that. Some is annoying (you're going to be accepting cookies 100 times a day until you're dead thanks to them), and Whatsapp runs on all devices, so while interoperability nice, even as a free-software, Linux person I don't really care.
However, if you have to deal with friends or family in the US and you don't have an iPhone though, god help you. They don't care about this.
I guess my complaint is that EU regulation may seem legally elegant, but I think it is sometimes quite blind to the real situation on the ground.
It looks good on the books but we still, say, don't have a standard ARM boot process for smartphones that would help users not be dependent on whatever shitty ROM the OEM wants them to have. That would be life changing, but it will never even be talked about.
I partially agree with you, and of course I hate those cookie banners, they're completely annoying.
But please remember that it's not the EU's fault is every website is trying to violate your privacy.
If websites weren't tracking everything you do, then cookie banners wouldn't be needed.
I think we should collectively ask for websites to stop spying on us, not changing the cookie banners regulation.
That's already a solution to cookie banners: the "do not track" setting. It's been tested in court in Germany and confirmed to count as rejected permission for GDPR purposes. Websites dinky have to obey it.
It's currently slowly gaining traction, there's a privacy advocacy group suing high profile targets over this to create awareness.
We also need a formal change to the cookie law/GDPR to acknowledge "do not track" as the preferred method. Then the banners will slowly go away.
Yep, all the EU done is forced websites to have consent if the website want to process personal data.
There are many analytics that does not process IP address or fingerprint and so does not require consent banner.
Be annoyed on the websites, not this law.
And yet we live in a world where consent spam is actually harder to deal with than tracking, if you're smart.
The cookie consent also has a huge fail whale of unintended consequences - training users to click [accept], or really [anything], to make the annoyance just go away.
Nefarious actors have their run of the place now. They can slip onerous terms into EULAs and know they will largely be accepted.
That wont hold in court tho
Wait and see what happens when Google removes traditional tracking from Chrome and every sites start requiring registration to access content !
Right. That's a very different business model. I don't necessarily have an opinion about whether it would be better or worse. It is easier to look at our current problems and say it would be better. But, eh, I can block most trackers and be a leach off of websites that stay up by selling other people's data. shrug
Whatsapp runs on all devices
Nope. Android, iOS, Windows and Mac are not all devices. And web versions are far from ideal (some may suggest expanding web capabilities, but please don't).
Mimimimimimimimimi
If you have nothing to say, say nothing at all.
Same to you, bud
just get an extension and adblocker filters to automatically dismiss/block cookie dialogs and use an allowlist for sites from which you actually need to persist cookies in your browser's settings and set your browser to delete everything else on exit. With Firefox and browsers based on it you can, in addition to that, use container tabs (try sticky containers extension) for even better context isolation.
Obviously. But that is very difficult on mobile.
on Firefox if a desktop addon has no mobile version you can look up how to add custom add-ons collections when it comes to cookie prompt blockers, but ublock origin and adding filters to it work out of the box. Recently also some apps started showing cookie prompts with no option to decline unless you pay, if they can work offline, make them so
Interesting. I'll check it out. I didn't know that.
(BTW from my understanding of the law sites cannot block functionality if you decline cookies. But it is rarely enforced)
Matrix will implement a bridge using the new api, that's enough for me.
I understand her point and imho that's what makes signal a superior option to the others but because of these extreme choices I've seen the usage of signal gradually go down (might be wrong for the total number of users) around me. Now I don't anyone who uses signal anymore.
it's a real shame it's ridiculous to be using whatsapp but I have whatsapp installed on my phone not signal because that's what everyone uses.
Signal were fools to remove the SMS support from their app. That was a good way to get people in to use the system - they could have insecure SMS chats with those not on signal, and secure signal chats with those on it. The app would warn you when someone didn't have signal and the chat was insecure.
It was a really good "trojan horse" route into people's lives. I was using signal every day and it was easier encouraging others to make the switch because it was a convenient app.
Then the devs removed that and dumped all their users back onto other SMS apps.
Now I have 3 apps - an SMS app, Signal and WhatsApp. I barely ever use Signal now. I want to use it more but so few people I know use it, and it's not the first place people message me from.
Removing SMS support was a huge strategic misstep. They should have been the bridge for people to move from SMS to secure chat.
While I do think you are correct, you have to remember a few things:
SMS really isn't used outside the US (and iMessage pretty much was the death of text messages and now iMessage also supports RCS)
Open source projects can be strict about following a moral code
Anything more than just sending secure messages is just an attack vector and more layers of code to maintain
Idk about other countries. But in India, SMS is pretty big for businesses to send updates to the customers. Like 2FA for bank transactions, delivery tracking, govt alerts etc. Customer to customer is almost nil except on rare occasions when maybe the internet is down and you need to send an urgent text.
And I should mention that domestic SMS is free (included with any active cellular plan)
A bit offtopic, but, are SMS free on the US?
Indeed, in my country SMS are not used at all. Too expensive compared to alternatives.
Here I pay 1 euro per month extra for unlimited calls+SMS. Still no one uses it.
I got my whole family on it, and generally all my closest friends have it as at least a backup. As the other chat apps falter it's been easier to convert people.
So then it seems completely absurd signal is "not interested" in allowing any integration. They could just notify their users communications with WhatsApp users are unsecure.
I tried switching to Signal a couple years ago but I had to return to WhatsApp since literally no one of my friends and acquaintances did the jump. It wasn't even considered an option by many. So it was either returning to Whatsapp or being cut off from everyone.
If people were a bit more open-minded Signal could be a good alternative. But alas...
can't have 2 apps installed?
It's still installed but it's kind of difficult to use if no one I know is even willing to try.
That's a bummer. Means I have no alternative but to keep using WhatsApp then.
you're getting downvoted for not being American 💀
I've had this conversation before. The consensus last time was that I should tell every single person on my contacts list to download Signal if they want to stay in touch and if they refuse it means they're shitty people that don't care about me but I'm totally not a shitty person for forcing my preferences onto others.
People don't realize that in most of Europe WhatsApp is more popular than iMessages are in the US. Not having WhatsApp means you're not texting to anyone.
Yep. And it's not just a Europe thing. WhatsApp is basically the only messaging app in South Asia, West Asia, south America and a lot of parts in Africa. Telling someone to stop using WhatsApp here is like telling an American to stop using E-Mail ans SMS.
Well for me it works and I have most of my people on either Signal or threema though threema is getting slowly obsolete
Americans have something even worse: SMS
A huge amount of them, and the vast majority of younger people, have iMessage.
I'm indifferent, since I've got both installed, there's no escaping having to use WhatsApp in many countries around the globe. If I want to keep in touch with family/friends then only one or two contacts use signal, for everyone else it's WhatsApp or the alternative is SMS.
I'm also indifferent though because of I want the interoperability, Beeper is doing fine.
It's different, because not being forced to use their app and have WhatsApp account to still talk to someone there?
It's certainly different, but for signal users who want to maintain that level of privacy, it's probably something they want, right? From their perspective this is probably a good decision.
I'm indifferent because I'd personally rather have interoperability and Beeper gets the job done.
That is one good thing about america, whatsapp never caught
Yeahhh it's amazing, your choices are a closed platform that forces you to buy their expensive devices, or SMS, or another proprietary platform ran by a notorious privacy predator.
sms is fine.
SMS sucks. Not private and it handcuffs you to a phone. Who wants to type on a phone when you're at a real keyboard?
Sms has been god awful since the beginning, both the standard and the business implementation. Remember bullshit pricing models for texts? 10center per text over your limit. Even today, the standard hasn't kept up with modern times.
That's the only reason I started using Telegram. It might not be secure or whatever, but it sure is nice to have voice and video calling on a nice-looking desktop app. It's the only one I was able to get my family to use, and that I already had some friends using.
But I could never get them to use advanced shit like SimpleX or something similar lol. "But this already works?" Yeeeaaah but... Nah, it'll never fly. 😑
Sms is not encrypted, your service provider can read all your texts.
Theoretically anyone at the right point can read all your SMS texts.
A great example being the police "stingray tower" system that masquerades as a cell tower that your phone will happily (and quietly) connect to.
Convince a phone that you're just another authorized relay, have a target in mind, and it's like reading postcards before they hit the mailbox.
This is also why it's an absolute joke for 2FA, but institutions like banks still happily use it because it's easy to understand.
Not only easy to understand but for a while it was the only way to do 2fa that was usable by lots of people. Smartphones aren't as ubiquitous as people think, even today.
SMS's fall from grace wasn't actually that it could be intercepted, it was the fact it started being used as an excuse to ask for a phone number and use that to track people.
Google still won't allow you to use any form of 2fa if you don't give them a phone number. Twitch/Amazon too. Facebook used to (until they got Whatsapp, now they don't need to ask.) LinkedIn used to (until they got broken into so many times it became a humongous liability).
give whatsapp users green bubbles
😂
NP using Ublock Origin, goes right in and no ads.
Also got nextdns running on my router
Ghostery works too for me
seriously, don't use the ddg browser, it sucks ass. just get firefox and install ublock origin.
Use matrix, setup bridge (defederate from matrix network if you want), meet your friends where theyre at.
I tried to make a bridge to my telegram and Whatsapp account, but I didn't get it to work. Do you have any guide to follow?
I just used the guides by mautrix for the respective bridges. https://docs.mau.fi/bridges/go/setup.html
there are instructions for a bunch there that work well. What was the issue you faced?
Hi, average idiot here, whats matrix?
Its an open standard for communications (like xmpp, but the new hotness) with a focus on federating IRC chat. (lot of cool work on state resolution by them wrt that). So you can communicate with people on different matrix servers as long as they federate with each other. Additionally, they have built in support for bridges that let you connect to other people via matrix giving you a seamless experience on that service via matrix. Lemme know if you need more clarifications.
This is what I hate most about the privacy community, too fanatical and purist to allow extremely useful optional features that would allow them to reach more people.
I use Signal whenever I can because I'm not comfortable with Meta harvesting metadata of my conversations with people. guess what would happen if Signal made it possible to talk to Whatsapp accounts?
You could go on without doing it. I would like to use signal to signal, but there are literally zero people interested in my environment :-(
Using signal just me would be much better than using whatsapp directly, and would reduce the data collected.
If signal suddenly stopped being mostly a geek desert and people could still talk to all their contacts, don't you think they would be much more willing to move? The more people, the more people interested in migrating, and the less data for meta.
don't you think they would be much more willing to move?
no, why would they, if they could talk to Signal anyway?
Because when you give most people the choice of convenience vs privacy, they'll choose the thing that they can feel 99 times out of 100(convenience ). Most people don't care about metadata because first of all they have no idea that's even a thing, let alone what it does. And they're not visibly affected by it. The difference between using signal and Whatsapp for the vast majority of people is the fact that one is green and has everyone you know on it and the other is blue and nobody besides me uses it.
But, if you give signal the convenience of being able to use it with everyone, then the choice becomes "do I wanna use this app that my friend is saying is spying on me or do I wanna use the secure, hacker app?"
And hopefully, more and more people will switch and we can be rid of fucking meta
If the user base is signal's big draw, I'm afraid we're screwed with such a tiny one against those titans.
Signal users are far more likely to need to use whatsapp than the other way around, and migrating to signal is a huge loss with not very popular gains. I don't see how it could compete on a level playing field, but that's where the opportunity to eliminate signal's huge disadvantage comes in.
If it's an optional feature why are you complaining that the other businesses are refusing their option to federate with Facebook?
The issue is simple: Facebook will work to leech users away from other services, strengthening their position into a monopoly (if it isn't already in some places). It is not a good thing for Facebook to get access to more users and steal their data.
Using Threema is not an option. This is paid software and it is too difficult to purchase a license for this software when Google does not allow us to pay for purchases through their Android app store. No one from my entourage will bother paying for a license for this software using cryptocurrency. They will just install another messenger.
Know many people who bought Threema on Google Play
I think you can buy keys for Android on the threema website
You can buy a license directly from Threema via credit card, btc or cash in the mail.
I’ve bought Threema for my whole family on iOS and Androids. Never paid in crypto but always with my normal credit card.
It works perfectly fine and I love it👍
Honestly would love to use signal to chat with my whatsapp contacts.
Signal could just throw in privacy notice when messaging with someone whatsapp or facebook messenger.
Currently I have signal installed and used to use it to message with my so but we have both moved to discord and use whatsapp to communicate with those that do not use discord. Still holding on to signal if and when some oddball from my contacts decides to use it instead.
moving from signal to discord is not going to be exactly helpful for your privacy, discord is completely unencrypted
I am aware of that but when all our friends or communities either use whatsapp or discord then it's just more convenient.
Honestly messaging these days is a mess
Teams and Slack for work
Whatapp and Discord for family, friends and interests/communities
Signal for the techsavy friends
I really miss that fleeting moment when all messaging apps were using either open protocols or at least they weren’t hostile against alternative clients. It was really nice to be able to use one client to log in to gtalk, msn etc. at the same time.
Then too bad.... Dont talk to them. If people want to talk to me they have to install signal.
If.
This is the only path forward.
This is the way!
Threema seems to solve a problem signal has that is it does'nt need a phone number to open account . But i haven't used any of them so can't say . (If anyone wanna know i use telgram foss which is a debloated fork of the original client)
That's not really a problem. The biggest problem Signal has is people not caring about privacy enough to use another messaging app.
If Signal dropped the phone number requirement they'd get a handful more users. If people started to care about privacy they'd get millions of new users.
Doesn't signal now have username support? I thought i saw it released a week or so ago.
It still needs a phone number for registration. You just don't need to share it with people you want to talk with.
You can use Session (getsession.org) without any phone number. It is based somewhat on the Signal code base, and it's a decent alternative for some.
That doesn't solve the issue that you have to give them a phone number to start an acc.
or even a Matrix service would mean a deterioration of our data protection standards
Why? They use same algos, same scheme. Just add support for matrix message format in your app.
WhatsApp is closed source, and obviously it must be able to decrypt messages for the end user to read them. Anything could happen to the unencrypted data at this point. Therefore it's less secure allowing conversations to flow into that app.
Re-read my comment please. I'm talking about Matrix, not whatsapp. Not downvoting because you are correct, but it is out of context.
Thanks for clarifying, my bad!
I believe Matrix doesn't have nearly as strong (if any) metadata encryption as Signal
Unfortunetly no. Can be shown when you reset the encryption keys, relogin and see that times of messages, who you are talking with and even reactions are visible.
But I know for reactions and replies they are working on it.
Same
Me neither lol
Both Signal and Threema can now theoretically ask Meta to open access for basic messaging interoperability
Why is it a one-way thing? Would Meta ever be in a position to force Signal to interoperate?
Maybe eventually, it has to do with market share and if the service is a "core platform". Signal doesn't have enough market share to warrant it yet, even iMessage wasn't forced to since it's not that popular in EU. The law was mainly targeted at WhatsApp as that's THE messenger in the EU.
WhatsApp is end-to-end encrypted. How does all the data magically show up when you change phone which doesn't have the same private key as the old phone? It's like having a lock on your front door and giving the keys to a random neighbour. Most folks trade convenience for privacy or security. That trade is looking less and less appealing by the day.
Ehm, they don't show up magically.
You have to backup directly to your new phone, otherwise it won't get transfered.
I just did this, and I can 100% confirm that not backuped data won't go to the new phone.
Which is also exactly how Signal works too; I migrated both two days ago. Process was virtually identical.
I much prefer Signal, but can't judge WhatsApp to harshly on this tbh.
It better be the same because WhatsApp uses the Signal encryption protocol!
Doesn't necessarily have to be the same. Afaik the signal protocol is for sending messages, not for transferring backups of chats.
Whatsapp actually lets you back up all your chats, unencrypted, to Google Drive or iCloud. Definitely not the same as Signal.
Also when logging in on the website version on pc, you need to keep whatsapp open on your phone to sync old messages and media to your pc if you want to be able to see them there.
Thanks. I stand corrected. I was one of those that paid $1 for life when WhatsApp was a new kid on there block but haven't used it since news broke that Facebook acquired them like a decade ago. At the time, you had a new phone, your messages would transfer. Dunno how it is today after all those years but seems to be similar to Signal.
Based on the stories coming up on Facebook and their lack of moral / humane boundaries I still won't trust them not to have access to a private key when their app is so invasive. Their whole model is based on behind the curtain trafficking.
If you get a new phone and don't import anything from your existing phone, then messages you receive will be unable to be decrypted. Since WhatsApp uses the Signal encryption protocol, it's fairly detailed how receiving a message which can't be decrypted can start an initialization to the sender to retry sending the messages: https://signal.org/docs/specifications/sesame/#retry-requests-and-delivery-receipts
The signal app will prompt you when a contact's public key is updated, but IIRC, by default Whatsapp will not do this, and it will automatically happen under the hood, which is why it appears like magic.
Thanks. Haven't used them in like a decade so things seem to have changed. At the time, new phone meant your messages transferred automatically.
At the same time, even if Facebook requires a backup for the messages to show up, as the app is close sourced, how would one know for sure whether the app doesn't harvest the private key anyway?
With regard to private key, for backups, this relies on the HSM in Apple and Android devices, so the private key is engineered to never be accessible by Facebook. Here's how they say they use the HSM to encrypt the backups: https://engineering.fb.com/2021/09/10/security/whatsapp-e2ee-backups/
There's no way to be 100% certain, but if Whatsapp were found to have access to the private keys, it would be huge damaging news, so why would they risk it? Security researchers can watch the traffic going to/from the app and the OS APIs being called, and can see the HSM being invoked. Despite it being closed source, that doesn't mean it's less secure and there's no one verifying the security claims.
Thanks for explaining. It's interesting and outside metadata there could be a case for data being secure. However, this is the same company that lied and got fined in the EU when they asserted that they wouldn't be able to link WhatsApp and Facebook identities. This allowed the merger to happen. Security and privacy being something that the average Joe doesn't care that much, it wouldn't be too much of a negative impact when they already have so much bad press on other matters. Finally, from an ethical perspective, I'll give this corp a miss. Values don't really align with my personal ones even if privacy and security were beyond reproach.
With Signal's default settings, Google reads your Signal messages when they come in through push notifications.
Correct me if I'm wrong.
Edit: For those in doubt, last year, I started seeing content-aware auto-reply options in my Signal message notifications; that is not a function of Signal, but a function of Google's Android. One could escape it by using a de-Googled Android like Lineage or Graphene, or by hiding the message content (which is not the Signal default) and would surely hurt Signal's adoption, when you have to unlock the app to read each message.
that's not how push works. usually, google would only know you received a notification, but not it's contents. that "dummy" notification wakes the app up, which decrypts and shows the real notification.
content aware stuff runs entirely locally on your phone, so no data is sent to google (unless you have telemetry enabled, in which case the reply or action you used will be sent to google together with the next telemetry data upload)
yes, some apps actually push the content directly through the push system, but that's not how this is handled in most apps that handle private data in notifications.
Or... And hear me out, Molly FOSS with Unified Push notifications. Problem solved!
I'm looking in to this, thank you!
Edit: Molly (UnifiedPush) isn't something I can reasonably expect friends and family to set up.
You need the right flavor of Molly to use UnifiedPush: https://github.com/mollyim/mollyim-android-unifiedpush.
You can install MollySocket via:
Docker/Podman: docker pull ghcr.io/mollyim/mollysocket:latest
Crates.io: cargo install mollysocket (see INSTALL.md for the setup)
Direct download: https://github.com/mollyim/mollysocket/releases (see INSTALL.md for the setup)
A distributor app (easiest is ntfy)
You can optionally install your own push server like ntfy or NextPush. For beginners, you can use a free service like ntfy.sh (do consider donating if you have the means).
It’s a good move; it shows they are no interested in popularity but Privacy and Security
me neither
Ugh, okay Meredith, let's pretend it's impossible to handle this with user experience that makes the user acknowledge their conversation with a WhatsApp user is not secure. Meanwhile if the only viable way for this conversion to occur is to have WhatsApp on both ends, the situation less secure. So according to Meredith, the choice is between less overall security or not having conversations with people who don't use Signal. That could makes sense for her salary but it surely is a net negative for Signal users some of which will have to install WhatsApp since they won't be able to afford not to have those conversations.
It's the same argument they used when ditching SMS-support ☹️
I'm not nearly as salty about SMS because of the following differences from the WhatsApp scenario. Signal-SMS was only supported on Android, call it half of Signal users whereas a potential WhatsApp integration (or lack thereof) would affect nearly all Signal users. Then the Android users who have to reach others over SMS already have a built-in system app that does this, so they don't have to install third party app that exists to vacuum data. So the downgrade for the Android Signal user is in ease of use, not in overall security.
Except most people are not going to tolerate having a multiplicity of apps, and if people in your circle don't already use signal, they definitely won't now. Whereas previously, I was getting pretty decent traction from people slowly adding it.
In the modern age, it's getting easier to hard-line your messaging platform though.
If people are already used to having multiple messaging clients for multiple people, it's less of a jump to add one more.
This has been my experience as well. In the past friends and family were more reluctant to break away from whatever their default communication app was. These days most people are already familiar with the idea of using one thing to text, another to "message", and often more than that. I've had great success converting people to more secure platforms now that they understand the process.
Don’t the built in system apps also vacuum data?
This is Lemmy. Here we believe everything vacuums data!
The built-in apps get and send SMS from a system service on Android. In nearly every case the system app is from the same vendor as the system itself which means there's no significant opportunity for data disclosure that doesn't already exist within the system. If anything , the system has much larger opportunity to vacuum data. Therefore if you don't trust the system SMS app, you shouldn't trust the system either. If you trust the system, you can probably trust the system SMS app too. Third party SMS apps present net additional opportunity for data disclosure so one has to trust the one they use doesn't vacuum data.
I just had to do exactly this for a little league group 😭
Yeah we’re like super serious about privacy so we require you to make you’re account based on a unique, hard to change, personally identifiable, insecure data point and require you to show it to everyone you talk to. The fact that they’re only now starting to test hiding your phone number is beyond asinine. Any arguments signal has about security I might listen to but their concept of privacy is laughable.
It is a privacy concern, not a security one.
Could you cite this please? Because I do not see this beeing said or implied.
Entirley different conversation, accusations and projections. So dropping this.
It's doable we are not in the kindergarten and school groups we might miss a few things but worked so fast for us. And I convinced both my job teams to use Signal
I don't agree with this. The only way to have the conversation is to have Signal at both ends.
while i see where you're coming from, being able to message WhatsApp users from a client app that respects privacy would be better than being forced to have WhatsApp installed on your device, with it snooping casually on your everyday device usage and your contact list and so on.
WhatsApp is the only Facebook app on my phone and i'd love to get rid of it without losing the ability to message all those buffons using it (which make up for 99% of my social circle)
Exactly. Let us choose if we want to interact with WhatsApp or not.
I’d be ready to sacrifice some security in order to not have WhatsApp installed on my phone.
Of course it would be cool to just get rid of WhatsApp but I can’t force my whole basketball team to go on Threema..
Signal refusing to federate with WhatsApp, even though meta says they will still use the signal protocol is the most bone headed decision I have ever seen from them.
There no better chance to break the network effect than this.
Yeah that sucks, Signal is my preferred app and I wish I could get rid of WhatsApp without having to convert everyone.
Yeah this is very stupid. But I never liked Signal anyway.
Is there a matrix protocol based app that is planning to "federate"?
Realistically there is going to be a bridge which you can either self host or use to federate matrix.
Every Matrix protocol server, excluding some experimental or internal for a company ones, are federating? And it's not an app as you can choose an app, the protocol defines client<>server spec too.
I mean "federate" with whatsapp. Apparently there is a bridge https://github.com/tulir/whatsmeow
Okey
I really wish my country didn't rely so much on whatsapp
This is why it annoys me every time someone brings up that SMS/iMessage is a US only problem. Whilst this may be true, for a lot of us WhatsApp is no different. Particularly now that Meta owns WhatsApp.
Whatsapp has been owned by Facebook since 2014. It was created in 2009. That's 5 years without Facebook, 10 with :/
It's been that long? Wow.
Meta wants to federate with the whole fediverse eventually. This is first up, then Threads. Remains to be seen if they’ll bother with a Lemmy instance but I wouldn’t be shocked.
So far though the response by the fediverse has been “nah”.
It's... I guess the ghost of their XMPP abandonment.
EEE at its finest, like they did to XMPP
Wasn't it google?
Both Google and Facebook.
This is a centralization problem. Come and force federation upon my SimpleX server in Iceland!
Indeed. I wish your comment was the most visible here.
Signal and Threema can be all about privacy, but they are still companies which can make money only by keeping their service as centralized as possible.
Decentralised messaging like Matrix, XMPP, Jami, have no issue with interoperability.
You'll be happy to know it's the top comment thread, at least in Sync
I'm using sync, it's the second top-most for me.
Signal is developped by a non-profit.
You are right.
upvote for SimpleX
SimpleX looked pretty intriguing...is it basically a better / private / more secure replacement for IRC?
pretty much, though it's pretty basic in terms of functionality at the moment
I was hoping to move to signal in the whatapp network. Unfortunately in Brazil you cannot live without whatapp.
You could try and run both
Keep whatsapp, and slowly switch contacts to Signal (it might just be close friends and family). That's what people around me are doing
My wife told me to fuck off when I installed signal on her phone 😔
Haha, that’s kinda funny. Then people are like.
Just tell your friends and family to stop using iMessage. Like everyone will be ok to switch their routine just like that.
It's definitely not for everyone. For me it's
Sounds like you need some matrix bridges in your life.
Whatcha bridging to Matrix?
Honestly I started looking into a few of the easier ones and its a damn process so which one am I bridging? All of them. One at a time.
It's on my list of things to explore soon 😄
I managed to convince one long distance friend a few years ago. So now I need to keep Signal just to be able to communicate with him.
I have both WhatsApp and Signal installed.
In the 3 years or so since I installed Signal, I haven't had a single conversation on it. Only a handful of people from my Contact book are showing as Signal users, and none of them people I speak to regularly.
I live in anticipation of someone deciding to message me on there, but I'm not exactly optimistic at this point.
I met one person a few months ago who also used signal primarily. It did feel weird adding someone normally. Usually when I add someone it's their first time with signal
It's not about converting people close to you. In some situations, you're asking them to install an app just to talk to you, while everyone else they talk to is on WhatsApp. I personally have to use WhatsApp for work and for personal, otherwise I'd literally not get those messages. There's no option when, if you stop a random person on the street, regardless of what OS their phone is running, and ask to look at their phone, it's going to have WhatsApp installed. It's like your phone having email; who the fuck doesn't have email? It's the same with Whatsapp, it's just assumed you have it.
On the one hand I agree with them sticking to their guns re: adamantly protecting privacy.
On the other, the number of contacts I have using signal has dropped off a cliff, from 12 to just one. It certainly isn't rising. The people I know who used it have abandoned it and went back to WhatsApp.
Getting rid of SMS support was a mistake.
I'd personally prefer that when messaging with someone using WhatsApp, they make clear to you that Facebook can and will have some metadata, but not the contents of the chat itself. Shit, make it opt-in.
A big part of why nobody uses signal is because... nobody uses signal. If you could still talk to people on WhatsApp, the de facto standard in most of the world bar the US and China, more people might give it a try, and thus more people over time would be having signal-to-signal conversations.
IMO a good but imperfect solution is preferable to nobody using Signal, which is the realistic alternative.
I'll continue donating to Signal, but much like their SMS decision, I believe this to be a mistake that will severely hamper adoption.
I would state it even more generally, something like "when chatting with WhatsApp/Facebook Messenger users Signal can only ensure no data is shared with third parties from your device …" or something around the lines of that
You thought you're safe and private when the content is encrypted? LOL, no. Metadata are much more useful to Facebook, and to the intelligence services.
My point isn't that metadata isn't useful for them, there's no need to be condescending about things I never said.
My point is metadata should be protected as content does. While IM platform needs to know which message should be delived to whom, they don't need that after being delivered, nor have it profiled.
Agreed.
I disagree. When sending SMS you are leaking info like when, to whom and how big message you sent to a lot of spying agencies.
You do that regardless of which app you use to send SMS.
That's why I don't use SMS at all
Cool, but that's not an argument against SMS support in Signal.
If you believe that, then I think you're one of Zuckerberg's proverbial "dumb fucks". Not that I mean to be insulting, but that's literally what he thinks of his users.
Facebook's WhatsApp is almost certainly filled with backdoors and exploits. In particular, with Android they often bypass Play Store checks by bundling system apps directly via the manufacturer.
Calling someone a dumb fuck, even indirectly by using Zuck's famous quote, is quite rude. People aren't dumb fucks because they are forced into using WhatsApp.
Maybe you're from the US or somewhere where iMessage, SMS, or WeChat dominate, but here, you either use WhatsApp, or you become an outcast. Whatsapp is de facto mandatory. Even half of my delivery notifications and 2FA comes to my WhatsApp, not SMS. When people say "just don't use WhatsApp", they may as well be saying "just don't use email".
I don't want to be one of Zuck's users. That's why I want an open and secure protocol for cross-client messaging. So I and others can use something else without being isolated from friends and family. Being lonely isn't pleasant.
Perhaps it is. We can never know due to its proprietary nature... which is why I don't want to use it.
As it stands, I can use Signal with one contact. The rest refuse to use it, or used it and abandoned it.
It would be amazing if everyone woke up tomorrow and flocked to signal, but here in the real world, outside of my fantasies, I have to go with the standard, which unfortunately is WhatsApp.
The only other alternative is SMS which is far worse in terms of both security and privacy, and would also cut me off from talking with friends as I'd have no group chat access and because nobody uses SMS.
My choice is between:
being alone and unable to talk to anybody, but being a privacy purist.
conceding some metadata but retaining private chats and using a client I want to use. It would also bring more people to signal as they also won't be locked out from chatting with others. Overall I'd gain signal-to-signal contacts, as well as imperfect signal-to-whatsapp ones.
giving in entirely and using Facebook software.
To me, there's an obvious answer there. It's not perfect, but it's better than the others.
Extremely bad take in my opinion. Not supporting alternatives means you force users into installing the alternatives
People could be using WhatsApp if they cared about it, but they chose signal for a reason. And making signal weaken its privacy for the purpose of reaching more people is against everything they stand for.
The trouble is we end up having to install both when we could be only using Signal
Same goes for people who you convince to install Signal. They'll end up never using it because they just forget about it and they're not the ones who wanted to use it anyway. Being able to message people on WhatsApp through Signal would also make it a lot more easy to convince people to install it.
And once those people have it installed, they'll talk to each other using signal-to-signal as opposed to signal-to-whatsapp!
It pretty much solves the chicken and egg problem, and yet they're scoffing at it as a solution. IMO it's a big mistake.
Using only signal in such a scenario is like using only whatsapp today, to chat with whatsapp contacts. What are you hoping to gain?
But it's not the same - there's a community of people doing the same thing, and with those contacts you'll be using Signal.
I would use signal if I could convince people to use signal.
I could convince people to use Signal if all their conversations were on signal and they could talk to people on WhatsApp in a seamless way.
Right now you MUST have WhatsApp if you have any kind of social life. Signal is the other app that no one has because it's kind of a pain in the ass to have two messaging apps.
I would love to switch to Signal, but inter-compatibility with WhatsApp is a must. The EU is essentially handing them a golden opportunity on a silver platter to become a mainstream app, and they are like nah, we good wtf
This is correct, and everybody who complains about how "hard" it is to use more than one messenger app is pathetic. That's like the epitome of first world problems. People should be GLAD that they have the option of using Signal, instead of whining about how they didn't build it the way they wanted it to be.
Its hard to get others to do so, for seemingly no reason. I have Signal installed, have had it for years, have told all my contacts about it. Only like 3 installed it, but quickly forgot about it. I still have to have WhatsApp installed to not fall off the world so they end up texting me from WA anyway.
Its not like SMS vs Signal where there is a clear benefit to the average Joe to use Signal, there's no difference between Signal and WhatsApp to the average person so they will just keep using WhatsApp out of habit.
It's not hard for me to get others to use it. I simply don't have a Whatsapp account or anything else. If they want to contact me, they will use the right app.
Thats great, now try that with acquaintances, coworkeea, classmates or companies that only chat through WhatsApp. I wish I could go nuclear but WA is a necessity.
Your problem is you allow them to do that to you. I simply do not allow it, and it works out fine for me. Have never used WhatsApp a single time.
It is literally not a necessity. It's a convenience that you are making yourself dependent on.
I can only agree with you, it is a choice we’re making.
Still I don’t feel like I want to tell people other than my family or friends to give up on me or switch to threema.
I’m still thinking about it, but the downsides are bigger than the upsides for now.
Nope. Fuck people stupid enough to use FBInc at all.
Using whatsapp is an absolute necessity in most of the world, its the only way to communicate with coworkers, classmates, businesses and even some government services. Not using it means you are essentially disconnected from the world. Good luck convincing more than 2 close friends to install Signal just to talk with you. No one uses SMS. FB really is that dominant.
It's OK to be "disconnected."
Especially if "connected" implies dependency on one corporation which has shown general disregard for its customers' privacy and mental health.
I don't use Whatsapp, FB, Instagram, snapchat, google, and somehow manage to make my way through the world.
Believe it or not plenty of people still interact in meatspace, limited as it is.
If you don't live in a place with WhatsApp as the dominant chat app I don't think you could get it. I don't have FB, Instagram, Snapchat, Google, Outlook, or any form of social media, I am as disconnected as can be. But WA is truly inescapable.
Need to ask a very specific question about taxes? The government support person only answers through WhatsApp. Need to file an insurance report and even check if it was approved? WhatsApp. Need to schedule a certification exam? Whatsapp. Hell, more and more companies and government services are moving to WA only customer service/support, like not even help you if you show up in person and in some cases their phone lines (which are "always busy") just direct you to their WhatsApp.
Its also the only way of reaching coworkers/classmates. Not for like socializing or messing around, but for group work, file sharing, scheduling meetings, sharing important/urgent announcements, etc. And good luck getting mere acquaintances to install a secondary chat app just to talk to you, when we can barely get our friends to install adblockers in their browsers. Well, there are other secondary ways to reach them, Facebook Messenger and Instagram DMs, but we both likely agree on what to make of these ones.
I hate Facebook and am aware of their practices, but they have reached an absolute dominance over communication in most of the world. You can't just ignore them in day to day life.
The people who say "just don't use WhatsApp" really don't understand. They may as well be saying "just don't use email"
For millions, possibly billions of people, it's a straight-up requirement for partaking in modern society.
Like somebody else here said, the EU has handed Signal, on a silver platter, the chance to become a mainstream messaging app, and rather than embrace it, Signal have comprehensively rejected it.
Honestly, what are they doing?
It might be OK for you to be "disconnected", but some of us have got stuff to do.
It’s easy not to use Facebook, Snapchat or Instagram.
Even not using Google is easy as you can just use any other search engine like Ecosia.
Sadly, not using WhatsApp would be a real organizational problem for me with people I ain’t close enough to force them to use Threema.
So I’m forced to have both apps installed. Threema for 95% of the time and 5% with WhatsApp.
Doesn't give any reason to swallow that kind of sucker punch.
Clearly written by someone from somewhere where WhatsApp isn't de facto mandatory.
Yup and no fucks given.
Ooh you're hard.
If you think think such of no respect for the FBInc or fucking any closed source software then, yeah, duh.
There is one thing about interoperability that I don't see many people talking about:
Your messages going to and being handled by other services means you'd be subject to their TOS and privacy policy as well.
As long as services are transparent about it so users can make informed decisions based on it, that's generally fine.
But then services like Beeper, or just Matrix bridges in general, make it so anyone can setup such a connection between services without their contacts even knowing about it.
This is true of literally every one of your contacts, too. When you send someone a message, they can screenshot, copy, archive, and forward however they see fit (and most people don't govern themselves by any kind of TOS or privacy policy). Which then means that if any one of your contacts chooses to use another service as a bridge, or as an archival tool, you're naturally going to expose your messages to that service, on that contact's terms.
But that isn't about interoperability per se. It's about how other people store and use their copy of data shared between multiple users. Apple iMessage isn't interoperable with anything, but users still have conversations archived all the way back to the beginning of the service over a decade ago, and can choose to export those messages to be saved elsewhere. (For example, I use a bridge for iMessage so that I can view them on my Android phone, but the mechanism is software that leverages the Mac's accessibility API).
Some of us are data hoarders. If you're gonna have a conversation with people like me, you'll have to trust that we don't use those archives in a way that either inadvertently/negligently or intentionally exposes that data to some bad actor. I'd like to think I do a good job of respecting my friends' privacy, and secure my systems, but I'm probably not perfect.
You're not wrong but a friend (maybe even inadvertently) being negligent with my message, and a business structurally sending my message (received from my friend's app) to third parties seems like a different ballpark.
What sort of irks me is what a mixed bag EU regulation is. Some is good (GDPR), not denying that. Some is annoying (you're going to be accepting cookies 100 times a day until you're dead thanks to them), and Whatsapp runs on all devices, so while interoperability nice, even as a free-software, Linux person I don't really care.
However, if you have to deal with friends or family in the US and you don't have an iPhone though, god help you. They don't care about this.
I guess my complaint is that EU regulation may seem legally elegant, but I think it is sometimes quite blind to the real situation on the ground.
It looks good on the books but we still, say, don't have a standard ARM boot process for smartphones that would help users not be dependent on whatever shitty ROM the OEM wants them to have. That would be life changing, but it will never even be talked about.
I partially agree with you, and of course I hate those cookie banners, they're completely annoying.
But please remember that it's not the EU's fault is every website is trying to violate your privacy.
If websites weren't tracking everything you do, then cookie banners wouldn't be needed.
I think we should collectively ask for websites to stop spying on us, not changing the cookie banners regulation.
That's already a solution to cookie banners: the "do not track" setting. It's been tested in court in Germany and confirmed to count as rejected permission for GDPR purposes. Websites dinky have to obey it.
It's currently slowly gaining traction, there's a privacy advocacy group suing high profile targets over this to create awareness.
We also need a formal change to the cookie law/GDPR to acknowledge "do not track" as the preferred method. Then the banners will slowly go away.
Yep, all the EU done is forced websites to have consent if the website want to process personal data. There are many analytics that does not process IP address or fingerprint and so does not require consent banner. Be annoyed on the websites, not this law.
And yet we live in a world where consent spam is actually harder to deal with than tracking, if you're smart.
The cookie consent also has a huge fail whale of unintended consequences - training users to click [accept], or really [anything], to make the annoyance just go away.
Nefarious actors have their run of the place now. They can slip onerous terms into EULAs and know they will largely be accepted.
That wont hold in court tho
Wait and see what happens when Google removes traditional tracking from Chrome and every sites start requiring registration to access content !
Right. That's a very different business model. I don't necessarily have an opinion about whether it would be better or worse. It is easier to look at our current problems and say it would be better. But, eh, I can block most trackers and be a leach off of websites that stay up by selling other people's data. shrug
Nope. Android, iOS, Windows and Mac are not all devices. And web versions are far from ideal (some may suggest expanding web capabilities, but please don't).
Mimimimimimimimimi
If you have nothing to say, say nothing at all.
Same to you, bud
just get an extension and adblocker filters to automatically dismiss/block cookie dialogs and use an allowlist for sites from which you actually need to persist cookies in your browser's settings and set your browser to delete everything else on exit. With Firefox and browsers based on it you can, in addition to that, use container tabs (try sticky containers extension) for even better context isolation.
Obviously. But that is very difficult on mobile.
on Firefox if a desktop addon has no mobile version you can look up how to add custom add-ons collections when it comes to cookie prompt blockers, but ublock origin and adding filters to it work out of the box. Recently also some apps started showing cookie prompts with no option to decline unless you pay, if they can work offline, make them so
Interesting. I'll check it out. I didn't know that.
(BTW from my understanding of the law sites cannot block functionality if you decline cookies. But it is rarely enforced)
Matrix will implement a bridge using the new api, that's enough for me.
If only those apps could have the ability to use an open protocol they were actually built on, that would allow this exact interoperability needed instead of a proprietary half-assed solution, what was its name again...?
I understand her point and imho that's what makes signal a superior option to the others but because of these extreme choices I've seen the usage of signal gradually go down (might be wrong for the total number of users) around me. Now I don't anyone who uses signal anymore.
it's a real shame it's ridiculous to be using whatsapp but I have whatsapp installed on my phone not signal because that's what everyone uses.
Signal were fools to remove the SMS support from their app. That was a good way to get people in to use the system - they could have insecure SMS chats with those not on signal, and secure signal chats with those on it. The app would warn you when someone didn't have signal and the chat was insecure.
It was a really good "trojan horse" route into people's lives. I was using signal every day and it was easier encouraging others to make the switch because it was a convenient app.
Then the devs removed that and dumped all their users back onto other SMS apps.
Now I have 3 apps - an SMS app, Signal and WhatsApp. I barely ever use Signal now. I want to use it more but so few people I know use it, and it's not the first place people message me from.
Removing SMS support was a huge strategic misstep. They should have been the bridge for people to move from SMS to secure chat.
While I do think you are correct, you have to remember a few things:
Idk about other countries. But in India, SMS is pretty big for businesses to send updates to the customers. Like 2FA for bank transactions, delivery tracking, govt alerts etc. Customer to customer is almost nil except on rare occasions when maybe the internet is down and you need to send an urgent text.
And I should mention that domestic SMS is free (included with any active cellular plan)
A bit offtopic, but, are SMS free on the US?
Indeed, in my country SMS are not used at all. Too expensive compared to alternatives.
Here I pay 1 euro per month extra for unlimited calls+SMS. Still no one uses it.
I got my whole family on it, and generally all my closest friends have it as at least a backup. As the other chat apps falter it's been easier to convert people.
So then it seems completely absurd signal is "not interested" in allowing any integration. They could just notify their users communications with WhatsApp users are unsecure.
I tried switching to Signal a couple years ago but I had to return to WhatsApp since literally no one of my friends and acquaintances did the jump. It wasn't even considered an option by many. So it was either returning to Whatsapp or being cut off from everyone.
If people were a bit more open-minded Signal could be a good alternative. But alas...
can't have 2 apps installed?
It's still installed but it's kind of difficult to use if no one I know is even willing to try.
That's a bummer. Means I have no alternative but to keep using WhatsApp then.
you're getting downvoted for not being American 💀
I've had this conversation before. The consensus last time was that I should tell every single person on my contacts list to download Signal if they want to stay in touch and if they refuse it means they're shitty people that don't care about me but I'm totally not a shitty person for forcing my preferences onto others.
People don't realize that in most of Europe WhatsApp is more popular than iMessages are in the US. Not having WhatsApp means you're not texting to anyone.
Yep. And it's not just a Europe thing. WhatsApp is basically the only messaging app in South Asia, West Asia, south America and a lot of parts in Africa. Telling someone to stop using WhatsApp here is like telling an American to stop using E-Mail ans SMS.
Well for me it works and I have most of my people on either Signal or threema though threema is getting slowly obsolete
Americans have something even worse: SMS
A huge amount of them, and the vast majority of younger people, have iMessage.
I'm indifferent, since I've got both installed, there's no escaping having to use WhatsApp in many countries around the globe. If I want to keep in touch with family/friends then only one or two contacts use signal, for everyone else it's WhatsApp or the alternative is SMS.
I'm also indifferent though because of I want the interoperability, Beeper is doing fine.
It's different, because not being forced to use their app and have WhatsApp account to still talk to someone there?
It's certainly different, but for signal users who want to maintain that level of privacy, it's probably something they want, right? From their perspective this is probably a good decision.
I'm indifferent because I'd personally rather have interoperability and Beeper gets the job done.
That is one good thing about america, whatsapp never caught
Yeahhh it's amazing, your choices are a closed platform that forces you to buy their expensive devices, or SMS, or another proprietary platform ran by a notorious privacy predator.
sms is fine.
SMS sucks. Not private and it handcuffs you to a phone. Who wants to type on a phone when you're at a real keyboard?
Sms has been god awful since the beginning, both the standard and the business implementation. Remember bullshit pricing models for texts? 10center per text over your limit. Even today, the standard hasn't kept up with modern times.
That's the only reason I started using Telegram. It might not be secure or whatever, but it sure is nice to have voice and video calling on a nice-looking desktop app. It's the only one I was able to get my family to use, and that I already had some friends using.
But I could never get them to use advanced shit like SimpleX or something similar lol. "But this already works?" Yeeeaaah but... Nah, it'll never fly. 😑
Sms is not encrypted, your service provider can read all your texts.
Theoretically anyone at the right point can read all your SMS texts.
A great example being the police "stingray tower" system that masquerades as a cell tower that your phone will happily (and quietly) connect to.
Convince a phone that you're just another authorized relay, have a target in mind, and it's like reading postcards before they hit the mailbox.
This is also why it's an absolute joke for 2FA, but institutions like banks still happily use it because it's easy to understand.
Not only easy to understand but for a while it was the only way to do 2fa that was usable by lots of people. Smartphones aren't as ubiquitous as people think, even today.
SMS's fall from grace wasn't actually that it could be intercepted, it was the fact it started being used as an excuse to ask for a phone number and use that to track people.
Google still won't allow you to use any form of 2fa if you don't give them a phone number. Twitch/Amazon too. Facebook used to (until they got Whatsapp, now they don't need to ask.) LinkedIn used to (until they got broken into so many times it became a humongous liability).
give whatsapp users green bubbles
😂
NP using Ublock Origin, goes right in and no ads.
Also got nextdns running on my router
Ghostery works too for me
seriously, don't use the ddg browser, it sucks ass. just get firefox and install ublock origin.
Use matrix, setup bridge (defederate from matrix network if you want), meet your friends where theyre at.
I tried to make a bridge to my telegram and Whatsapp account, but I didn't get it to work. Do you have any guide to follow?
I just used the guides by mautrix for the respective bridges. https://docs.mau.fi/bridges/go/setup.html there are instructions for a bunch there that work well. What was the issue you faced?
Hi, average idiot here, whats matrix?
Its an open standard for communications (like xmpp, but the new hotness) with a focus on federating IRC chat. (lot of cool work on state resolution by them wrt that). So you can communicate with people on different matrix servers as long as they federate with each other. Additionally, they have built in support for bridges that let you connect to other people via matrix giving you a seamless experience on that service via matrix. Lemme know if you need more clarifications.
This is what I hate most about the privacy community, too fanatical and purist to allow extremely useful optional features that would allow them to reach more people.
I use Signal whenever I can because I'm not comfortable with Meta harvesting metadata of my conversations with people. guess what would happen if Signal made it possible to talk to Whatsapp accounts?
You could go on without doing it. I would like to use signal to signal, but there are literally zero people interested in my environment :-(
Using signal just me would be much better than using whatsapp directly, and would reduce the data collected.
If signal suddenly stopped being mostly a geek desert and people could still talk to all their contacts, don't you think they would be much more willing to move? The more people, the more people interested in migrating, and the less data for meta.
no, why would they, if they could talk to Signal anyway?
Because when you give most people the choice of convenience vs privacy, they'll choose the thing that they can feel 99 times out of 100(convenience ). Most people don't care about metadata because first of all they have no idea that's even a thing, let alone what it does. And they're not visibly affected by it. The difference between using signal and Whatsapp for the vast majority of people is the fact that one is green and has everyone you know on it and the other is blue and nobody besides me uses it.
But, if you give signal the convenience of being able to use it with everyone, then the choice becomes "do I wanna use this app that my friend is saying is spying on me or do I wanna use the secure, hacker app?"
And hopefully, more and more people will switch and we can be rid of fucking meta
If the user base is signal's big draw, I'm afraid we're screwed with such a tiny one against those titans.
Signal users are far more likely to need to use whatsapp than the other way around, and migrating to signal is a huge loss with not very popular gains. I don't see how it could compete on a level playing field, but that's where the opportunity to eliminate signal's huge disadvantage comes in.
If it's an optional feature why are you complaining that the other businesses are refusing their option to federate with Facebook?
The issue is simple: Facebook will work to leech users away from other services, strengthening their position into a monopoly (if it isn't already in some places). It is not a good thing for Facebook to get access to more users and steal their data.
Using Threema is not an option. This is paid software and it is too difficult to purchase a license for this software when Google does not allow us to pay for purchases through their Android app store. No one from my entourage will bother paying for a license for this software using cryptocurrency. They will just install another messenger.
Know many people who bought Threema on Google Play
I think you can buy keys for Android on the threema website
You can buy a license directly from Threema via credit card, btc or cash in the mail.
I’ve bought Threema for my whole family on iOS and Androids. Never paid in crypto but always with my normal credit card.
It works perfectly fine and I love it👍
Honestly would love to use signal to chat with my whatsapp contacts. Signal could just throw in privacy notice when messaging with someone whatsapp or facebook messenger.
Currently I have signal installed and used to use it to message with my so but we have both moved to discord and use whatsapp to communicate with those that do not use discord. Still holding on to signal if and when some oddball from my contacts decides to use it instead.
moving from signal to discord is not going to be exactly helpful for your privacy, discord is completely unencrypted
I am aware of that but when all our friends or communities either use whatsapp or discord then it's just more convenient. Honestly messaging these days is a mess
I really miss that fleeting moment when all messaging apps were using either open protocols or at least they weren’t hostile against alternative clients. It was really nice to be able to use one client to log in to gtalk, msn etc. at the same time.
Then too bad.... Dont talk to them. If people want to talk to me they have to install signal.
If.
This is the only path forward.
This is the way!
Threema seems to solve a problem signal has that is it does'nt need a phone number to open account . But i haven't used any of them so can't say . (If anyone wanna know i use telgram foss which is a debloated fork of the original client)
That's not really a problem. The biggest problem Signal has is people not caring about privacy enough to use another messaging app.
If Signal dropped the phone number requirement they'd get a handful more users. If people started to care about privacy they'd get millions of new users.
Doesn't signal now have username support? I thought i saw it released a week or so ago.
It still needs a phone number for registration. You just don't need to share it with people you want to talk with.
You can use Session (getsession.org) without any phone number. It is based somewhat on the Signal code base, and it's a decent alternative for some.
That doesn't solve the issue that you have to give them a phone number to start an acc.
Why? They use same algos, same scheme. Just add support for matrix message format in your app.
WhatsApp is closed source, and obviously it must be able to decrypt messages for the end user to read them. Anything could happen to the unencrypted data at this point. Therefore it's less secure allowing conversations to flow into that app.
Re-read my comment please. I'm talking about Matrix, not whatsapp. Not downvoting because you are correct, but it is out of context.
Thanks for clarifying, my bad!
I believe Matrix doesn't have nearly as strong (if any) metadata encryption as Signal
Unfortunetly no. Can be shown when you reset the encryption keys, relogin and see that times of messages, who you are talking with and even reactions are visible. But I know for reactions and replies they are working on it.
Same
Me neither lol
Why is it a one-way thing? Would Meta ever be in a position to force Signal to interoperate?
Maybe eventually, it has to do with market share and if the service is a "core platform". Signal doesn't have enough market share to warrant it yet, even iMessage wasn't forced to since it's not that popular in EU. The law was mainly targeted at WhatsApp as that's THE messenger in the EU.
WhatsApp is end-to-end encrypted. How does all the data magically show up when you change phone which doesn't have the same private key as the old phone? It's like having a lock on your front door and giving the keys to a random neighbour. Most folks trade convenience for privacy or security. That trade is looking less and less appealing by the day.
Ehm, they don't show up magically.
You have to backup directly to your new phone, otherwise it won't get transfered.
I just did this, and I can 100% confirm that not backuped data won't go to the new phone.
Which is also exactly how Signal works too; I migrated both two days ago. Process was virtually identical.
I much prefer Signal, but can't judge WhatsApp to harshly on this tbh.
It better be the same because WhatsApp uses the Signal encryption protocol!
Doesn't necessarily have to be the same. Afaik the signal protocol is for sending messages, not for transferring backups of chats.
Whatsapp actually lets you back up all your chats, unencrypted, to Google Drive or iCloud. Definitely not the same as Signal.
Also when logging in on the website version on pc, you need to keep whatsapp open on your phone to sync old messages and media to your pc if you want to be able to see them there.
Thanks. I stand corrected. I was one of those that paid $1 for life when WhatsApp was a new kid on there block but haven't used it since news broke that Facebook acquired them like a decade ago. At the time, you had a new phone, your messages would transfer. Dunno how it is today after all those years but seems to be similar to Signal.
Based on the stories coming up on Facebook and their lack of moral / humane boundaries I still won't trust them not to have access to a private key when their app is so invasive. Their whole model is based on behind the curtain trafficking.
If you get a new phone and don't import anything from your existing phone, then messages you receive will be unable to be decrypted. Since WhatsApp uses the Signal encryption protocol, it's fairly detailed how receiving a message which can't be decrypted can start an initialization to the sender to retry sending the messages: https://signal.org/docs/specifications/sesame/#retry-requests-and-delivery-receipts
The signal app will prompt you when a contact's public key is updated, but IIRC, by default Whatsapp will not do this, and it will automatically happen under the hood, which is why it appears like magic.
Thanks. Haven't used them in like a decade so things seem to have changed. At the time, new phone meant your messages transferred automatically.
At the same time, even if Facebook requires a backup for the messages to show up, as the app is close sourced, how would one know for sure whether the app doesn't harvest the private key anyway?
Sounds like you used Whatsapp pre Signal which happened in 2016: https://signal.org/blog/whatsapp-complete/
With regard to private key, for backups, this relies on the HSM in Apple and Android devices, so the private key is engineered to never be accessible by Facebook. Here's how they say they use the HSM to encrypt the backups: https://engineering.fb.com/2021/09/10/security/whatsapp-e2ee-backups/
There's no way to be 100% certain, but if Whatsapp were found to have access to the private keys, it would be huge damaging news, so why would they risk it? Security researchers can watch the traffic going to/from the app and the OS APIs being called, and can see the HSM being invoked. Despite it being closed source, that doesn't mean it's less secure and there's no one verifying the security claims.
Thanks for explaining. It's interesting and outside metadata there could be a case for data being secure. However, this is the same company that lied and got fined in the EU when they asserted that they wouldn't be able to link WhatsApp and Facebook identities. This allowed the merger to happen. Security and privacy being something that the average Joe doesn't care that much, it wouldn't be too much of a negative impact when they already have so much bad press on other matters. Finally, from an ethical perspective, I'll give this corp a miss. Values don't really align with my personal ones even if privacy and security were beyond reproach.
With Signal's default settings, Google reads your Signal messages when they come in through push notifications.
Correct me if I'm wrong.
Edit: For those in doubt, last year, I started seeing content-aware auto-reply options in my Signal message notifications; that is not a function of Signal, but a function of Google's Android. One could escape it by using a de-Googled Android like Lineage or Graphene, or by hiding the message content (which is not the Signal default) and would surely hurt Signal's adoption, when you have to unlock the app to read each message.
https://www.reuters.com/technology/cybersecurity/governments-spying-apple-google-users-through-push-notifications-us-senator-2023-12-06/
that's not how push works. usually, google would only know you received a notification, but not it's contents. that "dummy" notification wakes the app up, which decrypts and shows the real notification.
content aware stuff runs entirely locally on your phone, so no data is sent to google (unless you have telemetry enabled, in which case the reply or action you used will be sent to google together with the next telemetry data upload)
yes, some apps actually push the content directly through the push system, but that's not how this is handled in most apps that handle private data in notifications.
Or... And hear me out, Molly FOSS with Unified Push notifications. Problem solved!
I'm looking in to this, thank you!
Edit: Molly (UnifiedPush) isn't something I can reasonably expect friends and family to set up.