Signal is expensive and so is privacy

Donate to signal

Reading the blog post about Signal costs, really got me thinking I need donate to them because it is simply incredible and completely respect their stance on so many things.

I was thinking I do pay for Proton, Beeper and other systems which support my privacy why not Signal?

So I donated! I may even setup a yearly subscription…

Public Service Internet monthly newsletter (Oct 2023)

Person in trousers points a pen at paper work on a table

We live in incredible times with such possibilities that is clear. Although its easily dismissed seeing criminals creating their own ChatGPT clones, Fitbit becoming useless without data sharing and those Tiktok frenzies.

To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.

You are seeing aspects of this with the EU naming the gatekeepers, the 1.26 million Kardashion crypto fine and Signal’s CEO calling out AI surveillance technology.


Thinking about buying a creepy car?

Ian thinks: Thanks to Mozilla’s privacy not included project, its clear almost every major car brand is sharing your personal data without any consideration of privacy. Everything from race, weight and health is free shared without the drivers consent.

Cannabis could save the environment?

Ian thinks: This piece from German broadcaster DW really makes clear the positive potential impact of Cannabis in the fight for a greener more sustainable economy. Its a real eye opener and for reasons you didn’t think.

Regularly using the internet can half the risk of dementia

Ian thinks: When I first read this, I had looked through the paper taking it a part to see if there was something which could be wrong. However it’s solid and surprised it didn’t get much attention.

The big con, How the Consulting Industry Weakens society

Ian thinks: I started reading this excellent book, really digging into the 4 audit consultancy and Its ultimate affect on more than just businesses. I noticed DW’s mini documentary about most of the problems raised in the book is good start..

Is this the UK Government U-turn you wanted?

Ian thinks: In short no, it sounds like the UK government might have done a U-turn on the encryption in the new online safety bill. But it is still there waiting for the right moment.

Crypto was never really the saver

Ian thinks: Sex workers and adult entertainers are usually demonised by the mainstream, turned to crypto made sense. But like most things in the crypto space, its never so simple and the wired piece outlines some horrible and disturbing problem. There has to be a better way for the sake of so many.

Living Next Door to Russia, Ensh*ttification and Veilid explained at Defcon

Ian thinks: In the last few weeks, Defcon, Tech Open Air and Techcrunch disrupt have uploaded their conference videos. I found Mikko, Cory and the Veilid talks the best so far. Although I will give a nudge for the Opera and Vivaldi founder from TOA.

What people don’t know about the Luddites

Ian thinks: The word gets thrown around a lot and very few people know the history. In this podcast it becomes clear the luddites image of techbophic is very wrong. With thoughts for the future with generative AI and power, the Luddites image is due a rethink.

Learning from the Fediverse

Ian thinks: The fediforum is the unconference for the fediverse. I took part in the September one and learned a lot including how activitypub can become the plumbing channel between the usual (microblogging) and unexpected applications like event management (gath.io)


Find the archive here

Public Service Internet monthly newsletter (Dec 2021)

Morpheus with agent smith

We live in incredible times with such possibilities that is clear. Although its easily dismissed how Google & Deepmind used patients data without permissionhow aesthetics has dominated technology reviews and comparing social media’s effects to alcohol.

To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.

You are seeing aspects of this with seeing the EU’s first steps in creating a Interoperable Marketthe open source approach to solar power and the understanding technology won’t solve the coming climate collapse.


The metaverse is a zoo and a silicon valley surveillance dream

Ian thinks: I have many thoughts about the metaverse, but there is so much about the matrix which is apt for Silicon Valley’s metaverse, Agent Smith says “I hate this place, this zoo, this prison, this reality, whatever you want to call it.” While Morpheus says “What is the Matrix? Control.” Both fitting.

The absolute importance of trust and accountability

Ian thinks: As more and more of public services go online, the absolute importance of trust and accountability needs to be established. We can’t leave it to private enterprises as you see with meta, to provide trusted services

Rushkoff & Javis’s invite to redesign the internet

Ian thinks: I like the idea of the course, the reading list is very good. With such heavy weights I’m keen to see what may come from it?

What comes after the social feed?

Ian thinks: Its good to see some early positive public research about aspects of social we all take for granted. Look forward to further development.

The goldmine of data on our phones

Ian thinks: The EFF’s latest podcast on what the police and malicious actors do with the data on our phones once they have it for a short while is quite something to hear and think about.

Is Venture Capital as harmful as we suspect?

Ian thinks: The Freakonomics give a balanced view on venture capital. I’m less positive but also hopefully with some of the details in the podcast.

Can crypto provide wealth to black communities or is it all a trap?

Ian thinks: I’m personally deeply conflicted about crypto but very concerned at how its being pushed as a way to rebuild generational wealth within the black community. Especially by the community its self. Crypto and the Neo-liberalism narrative doesn’t seem to fit neatly.

Whats the difference between Sky, Whatsapp, Anom, Signal, etc?

Ian thinks: Sky suing the US Government is a interesting point of reference, but also begs the question of whats ok and not in the encrypted messaging future.

The enemy in the home breaking relationships?

Ian thinks: The amount of IOT device in our home and their impact on our homes and human relationships is a ongoing concern, with no little good outcome on the horizon. On a similar branch Stacey outlines her problems with her IOT home.

 


Find the archive here

Beeper makes Matrix bridges into a business model

After the long wait and some wonder if anything was going to happen. On Monday I got my invite to join a very small number of people on Beeper.

I am impressed…

I thought I had a blog post about Beeper but I didn’t write one. So in short this picture sums up Beeper in one go.

Beeper bridges

Imagine if you could use one client to access all these different networks, but unlike pidgin or trillian which needs software plugins to connect to them all. Beeper is actually a Matrix client which connects to specific Matrix bridges (server based, instead of client based) to other messaging networks.

Its one of the thing which blew me away when I saw Matrix at Mozfest 2017.

Matrix is open source and you can run it on your own infrastructure (we will get back to that soon). You can even install your own bridges.

In short Beeper is the Matrix dream in a managed service which you pay $10 a month. You can self host it and its something I may do after a while but right now I’m happy to give some money to get use to things

First thing I did is install the appimage for Linux, set it up using the code I had received via email. Then setup a few networks. Within a few minutes I was replying to friends

I tested Slack using Storyteller United and was quite impressed, although I ended up disabling it due to the amount of channels and how busy the slack can be.

I may enable it again for a few slacks I am part of but don’t want the whole of slack on. Currently I have the Slack app on my laptop and work phone but I like the idea of the messaging parts without the heavy slack app.

I noticed you can input Gifs, emoji’s, attachments, etc in almost every single message in a unified way. I haven’t hooked up my SMS yet (mainly because there is no RCS bridge yet which I would miss). I also would like to see scheduling as I’m so use to it now.

Of course the phone interface for beeper is similar, Gif and all. You can use the unified inbox which puts everything in one timeline. The spaces cuts everything by network.

To be frank, Beeper is impressive and if I could change a few things they would be.the ability to have multiple accounts. For example I would love to be able to finally have one client for the multiple Signal accounts (I have one for my personal and work mobiles). This might be a limitation of Signal, but it would be great if I could spin up 2 bridges. I say this as I added 2 slack accounts and could add more with ease.

Right now Beeper is very much work in progress, but its got most of the key features.  I don’t feel like I have fully added the networks yet as I hold on to apps like Android messages due to RCS and scheduled messages. I could add Twitter and Discord but I’m quite happy with my Mastodon clients and cross posting to Twitter. Although I might hook up my ianforrester account on twitter just to see what its like in beeper. I even consider setting up Telegram, i-message, etc accounts just because I can now without the stress.

I forgot, Beeper doesn’t replace the existing messaging systems, meaning when I finally hooked up Android messages, I can still send scheduled messages and RCS from the app. But reply and send general messages from Beeper.

The network diagram at the very top is actually slight wrong because Beeper sits within the Matrix network and once I understood this via the support channel. It became clear I could easily share things between all my mobiles and laptop with ease. Bit like how I use Signal’s personal space/notes to yourself. I haven’t tried connecting to any of the Matrix systems I’m part of like publicspaces, sdeps or redecentralise. But I’ll give it a try over the next few days.

I like Beeper, but do long to setup my own bridges in a docker container or rasberrypi in the near future. Is 10$ a month quite a bit expensive for this? Maybe but only because I am still getting use to it and not fully using it. I think if I was using it for everything, 10$ a month would great value. Its a good business model, as most won’t or can’t run their own bridge server. (I have already looked to see if Yuno host has support or not)

I look forward to the regular updates and seeing it mature into something unique.



Funny enough I heard Beeper on Twit.TV’s all about android too. The person who wrote in didn’t blur any of his conversations and contacts which I would say is super brave or not thinking things fully through? However its interesting to see someone else also using Beeper and the reaction to it from people not fully aware of

Public Service Internet monthly newsletter (Feb 2021)

Survillence everywhere
Photo by Matthew Henry on Unsplash

We live in incredible times with such possibilities that is clear. Although its easily dismissed, seeing the de-platforming and even the royals snubbing social media.

To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.

You are seeing aspects of this the privacy first search engine duck duck go surpassing 100 million daily searches, the move to Signal messager from Whatsapp causing it to fall over temporarily and Facebook forced to rethinking their strategy.


Its the Internet’s health check up time!

Ian thinks: Mozilla’s well researched look at the state of the internet is a one of those reports which spurs thought and action for the coming year. Its been a tricky year with lots of up and downs, nicely documented in this massively detailed report/playbook. You might recognise someone in the report.

How can we achieve public spaces online?

Ian thinks: on 11-12 March a online conference by a number of partners including BBC R&D bring together organisations and vendors who are interested in the development of a public stack in line with the principles of democratic, sustainable etc. This is all part of the Mozilla Festival 2021 which is in Amsterdam for the next 3 years. Tickets are now available for Mozfest. and the publicspaces conference.

The new state of the self sovereign internet

Ian thinks: A deep dive but also accessible look at the current state of decentralised technology like self sovereign identity. Maybe one of the better summaries.

Some of the challenges to decetralisation

Ian thinks: The post has quite a few errors within it, like how they keep referring to Mastodon as a single network and missed the memo how Gab removed themselves off Mastodon. BlueSky sounds only slightly interesting, but the core of this post is focused around the risk of extreme groups using decentralised technology.

Imagine a Buddhist-inspired AI

Ian thinks: A truly real rethink of AI ethics based around Buddhist ethos is something worth pursuing. There is a lot of modern life which could be re-thought with a eastern view.

Do Facebook really think we won’t notice?

Ian thinks: Will the name change from Libra to Diem make any difference? Its still got Facebook behind the scenes and almost all the original backers have left.

The future of shopping faces the same dilemma as everyone else

Ian thinks: Its later in the video when Ian talks privacy and luxury but also luxury and personalisation. Its good to hear these discussions happening in the retail world too.

(How) will Public Service survive Silicon Valley?

Ian thinks: Although this well written paper focuses on public service broadcasting, I would consider the wider question of publicservice full stop.  Its clear the likes of Uber, Airbnb, Amazon, Facebook etc are aiming to replace public utilities  Of course I think so but publicservice needs to double down on things which break silicon valley

How eXistenZ, Pizzagate, Qanon and Augmented reality all fit together?

Ian thinks: Mark Pesce is interviewed by Douglas Rushkoff for team human, and its quite a fascinating interview linking all these topics together.

Ring doorbells get on the E2E train

Ian thinks: Well its about time, but expect more E2E and Zero-knowledge buzz words to be thrown around this year. Question will always be, are they actually doing what they say they are? Looking at you Zoom.


Find the archive here

Schedule messages on Android

This slideshow requires JavaScript.

Happy to see Google messages getting schedule messages at long last. Its been a long time in coming after Gmail’s schedule send last year.I have been using the beta and enjoying sending messages at 1am for a quite some time now.

Be great if Signal also added scheduling, although I did buy tasker to solve the scheduling of text and signal but haven’t sat down and played with it yet.

Public Service Internet monthly newsletter (Nov 2020)

How the fediverse deals with trolls

We live in incredible times with such possibilities that is clear. Although its easily dismissed seeing the next big social network using the exact same centralised model as the existing ones; while us privileged dive into our exit pods.

To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.

You are seeing aspects of this happening with do not track being rethought and getting some legal muscle.


The curious past and future of Signal CEO

Ian thinks: Good to hear more about the mysteries figure which is Signal’s CEO Moxie Marlinspike. His views of taking back our privacy, moving systems into the public infrastructure category and making encryption the default; is quite telling looking at his past. Unlike most, he has the knowledge and system to actually implement with others the reality he thinks about.

Is scale the enemy of human kind?

Ian thinks: This interview with Marina Gorbis from the institute of the future with Douglas Rushkoff is full of status-quo busting thoughts. The centre idea is how the allure of scale is actually the main problem the human race faces.

How to fight black box algorithms together

Ian thinks: Openschufa a project which aggregates your GDPR requested financial data with others to reveal bias, is the type of services I was hoping would come out of GDPR’s data portability rules. Look forward to seeing more like this.

Decentralized Social Networks vs. The Trolls

Ian thinks: This video is excellent and one of the reasons I have always been keen to use fediverse services like Mastodon and Pixelfed. This is another good talk from the Activity pub conference

How Ghent removed cars from the city

Ian thinks: When I visited Ghent last year I did notice the city centre was very quiet from the lack of cars. I had no idea but it felt like a place to live and walk. Lessons for other European cities?

Techdirt experiments with web monetization

Ian thinks: I personally have been following the web monetization protocol and grant for the web project for a while. Even adding it to my own personal blog, but its great to see Techdirt taking up the same protocol. Web monetization is growing and growing.

The role of design during Covid19

Ian thinks: This is a impressive list of 7 design based innovations which have helped and aided during the pandemic. All very different and all inspiration.

Understand digital identity beyond self-sovereign

Ian thinks: Centralised digital identity is easy to understand, but self-sovereign identity is being pushed as the way forward. However this essay by Philip Sheldrake, really shakes up the notions of identity in a way I’m still struggling to think about now.

Facebook won’t take the social dilemma lying down

Ian thinks: I thought Facebook would ignore the social dilemma as its not that great compared the great hack or after truth, plus there are many issues. But Facebook have hit back claiming the documentary as sensationalism. Seems to have touched a nerve I think?


Find the archive here

Signal or Threema or how about both?

I have been a fan and person encouraging the use of signal over the likes of whatsapp. Its been good to me but like every piece of software there are things I would change about them. For example the whole pin code thing is not only concerning but also a real challenge for casual users.

The pin code thing and phone number thing is not that much of a concern for most but I’ve been keeping an eye on others coming into the space. Threema is one such messaging app which seems to have all the privacy and security needed backed with its strong European base in Switzerland.

I wrote it off in my mind because it didn’t have a open code base for security  experts to view openly. However that recently changed with them opensourcing the code base.

Because of this change I’m relooking at the Threema, although I don’t think I’ll be dumping Signal as a result but rather using both?

Signal’s catch 22 problem?

I have been introducing Signal to friends as a proper alternative to Whatsapp. Its mainly been ok but my friend Hannah has hit a catch 22 problem, in her own words…

Signal should be a great app. It’s secure, easy to use and even my most skeptical and tech-suspicious friend uses it. But since I forgot my pin, I’ve not been able to get onto the app, not been able to reset my account or even been able to delete my account to start again!

I did email to get some advice about this problem but what I got back (after nudging to get a response) wasn’t really helpful. Apparently, you can reset your pin once you’re in the app but since I don’t know my pin, I can’t get into the app to reset the pin I don’t know. I also need to be in the app to delete my account. So basically, in order to access the information I need, I need the information I need. And yes, I did query the logic of this advice but it was just repeated to me!

This is really frustrating because even after deleting the app and waiting 7 days as suggested, the problem remains. In fact, I’ve done this a few times, waiting longer periods and it still hasn’t worked. Signal is effectively holding my phone number hostage, not allowing me to use it to create a new account or access the numerous messages I’m informed I’m missing (through other less secure – but at least reliable – platforms).

I get that not revealing my pin to me is a security thing but to be honest, it seems daft that I can’t even reset that pin using other means. For example, Signal already texts me a confirmation number when I try to sign in – surely this is enough to know that I’m the owner of the phone? They also have my email address.

If I really can’t reset my account, I would be more than happy to delete the current account and start over again. But until there’s a way for me to do this without entering the app in the first place, I’m stuck in limbo.

I’ve sent one last email to try and sort it out… fingers crossed!

If anyone has a solid answer what Hannah can do, that would be massively helpful. Even I’m lost to what she can do now.

Signal what are you up to?

I love Signal and never used Whatsapp because of many reasons included in this great opinion piece. Its gotten better and better but the recent pin number is a worry. I’m not the only one.

“Notably, things we don’t have stored include anything about a user’s contacts (such as the contacts themselves, a hash of the contacts, any other derivative contact information), anything about a user’s groups (such as how many groups a user is in, which groups a user is in, the membership lists of a user’s groups), or any records of who a user has been communicating with,” Signal wrote in 2016.

That, according to critics, has now changed.

“They should have a dumb network that knows nothing because it can’t be compromised then,” The Grugq told Motherboard. “[Having contacts] is a lot. It isn’t messages, sure. But I don’t like it. I don’t want them to have anything. Make the networks dumb and the clients smart.”

I do understand why they have done it, but I don’t know where its going next. Marlnspike (head dev of Signal) replies.

Marlinspike defended the decision to enable PINs and give users a way to migrate to a new device and keep certain data, and will increase the security of users’ metadata, “new features Signal users have been asking for.”

“The purpose of PINs is to enable upcoming features like communicating without sharing your phone number. When that is released, your Signal contacts won’t be able to live in the address book on your phone anymore, since they may not have phone numbers associated with them,” Marlinspike told Motherboard. “For most users, this also increases the security of their metadata. Most people’s address book is syncing with Google or Apple, so this change will prevent Google and Apple from having access to your Signal contacts.”

Smartphone use
Photo by Gilles Lambert on Unsplash

The changes Signal has made show how there can be a tension between messenger usability and feature set and security. It’s too early to say whether you should stop using the messenger. For most users’ threat models, it’s still one of the best options. But one of the key things that set Signal apart—that it collects almost no information about its users, appears to be changing.

Convenience is the enemy of security and I would say privacy. I wouldn’t be surprised if signal gets forked.

It was always clear to me Twitter direct messages was never secure in anyway, hence why I tried to move private conversations over to another medium. If thats not email or signal what else? Recently I have been looking at a couple others…

Session which is decentralised messaging and Criptext, which is actually secure email. Both need work but have decent security.

Public Service Internet monthly newsletter (Mar 2020)

Microphones on a desk

We live in incredible times with such possibilities that is clear. Although its easily dismissed by looking at the sorry state of the UK during our EU withdrawal or the tech press panic over the corona-virus.

To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.

You are seeing aspects of this happening with the rise in unions and labor rights in the gig economy.


Google users in UK dropped into GDPR limbo

Ian thinks: I always thought this was going to happen, once out of the EU our data privacy laws won’t be respected by the GAFFA’s and why would they?

Signaling to the masses, leave whatsapp

Ian thinks: Signal as a behemoth is concerning but its clearly made the best use of open source licenses to keep itself in check. Love the new systems which are being built on the protocol, real opportunity for something very new.

A future without public service media?

Ian thinks: All public service is under treat and hearing the words of the CEO of the CBC, really sends the message loud and clear

Governments who lockout their Public service broadcasters

Ian thinks: Following the previous link, a look at the sorry state of American’s public service broadcasting. The up lift of donations is good but for how long, how sustainable is public donations?

Making the digital economy working for the 99%

Ian thinks: 3 words – Transparency, auditing, diversity.

Spotify’s plans to take over podcasting?

Ian thinks: The comparisons are spot on and its clear podcasting is going through a massive change right now. Spotify’s play to commodify and dominate is hard to break unless there is experiences they can not own.

Centralising podcasting with trapping techniques

Ian thinks: The writer makes a good point about Spotify taking decentralised open media and locking inside a closed proprietary system. Lessons to be learned for future services we use.

The utopian vision of Airbnb vs the harsh reality

Ian thinks: I like Airbnb, I’m even a host but its clear there isn’t just a problem but its fundamentally broken and actively exploited by too many.

Could containers for web browsing benefit you too?

Ian thinks: Been using Firefox containers for the last 6-8 months and find them incredibly useful. The user experience is a mess and provides an opportunity for design disruption.

If you are using whatsapp… update now and consider swapping to Signal!

Whatsapp on a mobile phone

Whatsapp, never used it never will. But I know many many of my friends do – please do update! Or even better dump it and use Signal messenger.

A security flaw in WhatsApp can be, and has been, exploited to inject spyware into victims’ smartphones: all a snoop needs to do is make a booby-trapped voice call to a target’s number, and they’re in. The victim doesn’t need to do a thing other than leave their phone on.

The Facebook-owned software suffers from a classic buffer overflow weakness. This means a successful hacker can hijack the application to run malicious code that pores over encrypted chats, eavesdrops on calls, turns on the microphone and camera, accesses photos, contacts, and other information on a handheld, and potentially further compromises the device. Call logs can be altered, too, to hide the method of infection.

The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.

Arriva trains changes to their onboard wifi service

transport for wales terriable wifi

I noticed Arriva trains (now Transport for Wales) have changed their policy on board wifi usage. I had problems with it in the past…

Now instead of cutting you off when you hit the shocking amount of 20meg (yes you heard me right – 20meg!) They throttle the internet to your device at 20meg.

Its still not ideal but I do feel its a better compromise that cutting the internet completely. Especially because frankly the signal from tethered phones during the journey through south Wales can be pretty poor for miles and miles.

I joined Wire… slightly under peer pressure

Wire on Linux

I looked at Wire a while ago but stuck with Signal. Some friends think I’m insane when I say I’m not using Whatsapp, but I have many reasons.

Herb asked me why I use Signal and not Wire, then a few people at Thinking Digital put the final shot in the social cannon. So I re-looked at it again and installed it alongside Signal.

They are quite different, for example Signal is very tied to a phone number while Wire is but isn’t (well you can only register one phone number which is a shame). I can login with the email across devices and it doesn’t seem to offer its self as a sms/mms client. While Signal does offer to be a sms/mms client if you accept it. But you can’t run Signal on multiple phones as it locks to that phone number.

I originally didn’t see the 64bit Ubuntu/Debian package, so ran it through Wavebox which makes websites act like native apps. But today I saw the deb.

Generally I’m thinking of Wire as something more like Ubuntu, while Signal is more raw like Debian. I’m sure some will hate that comparison but I look forward to seeing where they both go next, both are secure, open and run across all platforms.

Whisper disappearing messages

But as they move forward with features, will they keep the same data ethics (privacy, security, data ownership, identity, permission) in mind? I really hope so..

Updated

Old friend Gabby has been talking to me on Wire and pointed me at this blog post which pretty much sums up the difference I found with Wire & Signal.

Wire vs other intant messeagersOne of the biggest differences compared to other secure messengers like WhatsApp or Signal, is that Wire does not require a phone number to sign up. Anyone can register with an email on desktop or tablet and then decide if they want to use the same account on their phone or not.