Thoughts and ideas of a dyslexic designer/developer
Reading the blog post about Signal costs, really got me thinking I need donate to them because it is simply incredible and completely respect their stance on so many things.
I was thinking I do pay for Proton, Beeper and other systems which support my privacy why not Signal?
So I donated! I may even setup a yearly subscription…
We live in incredible times with such possibilities that is clear. Although its easily dismissed seeing criminals creating their own ChatGPT clones, Fitbit becoming useless without data sharing and those Tiktok frenzies.
To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.”
You are seeing aspects of this with the EU naming the gatekeepers, the 1.26 million Kardashion crypto fine and Signal’s CEO calling out AI surveillance technology.
Ian thinks: Thanks to Mozilla’s privacy not included project, its clear almost every major car brand is sharing your personal data without any consideration of privacy. Everything from race, weight and health is free shared without the drivers consent.
Ian thinks: This piece from German broadcaster DW really makes clear the positive potential impact of Cannabis in the fight for a greener more sustainable economy. Its a real eye opener and for reasons you didn’t think.
Ian thinks: When I first read this, I had looked through the paper taking it a part to see if there was something which could be wrong. However it’s solid and surprised it didn’t get much attention.
Ian thinks: I started reading this excellent book, really digging into the 4 audit consultancy and Its ultimate affect on more than just businesses. I noticed DW’s mini documentary about most of the problems raised in the book is good start..
Ian thinks: In short no, it sounds like the UK government might have done a U-turn on the encryption in the new online safety bill. But it is still there waiting for the right moment.
Ian thinks: Sex workers and adult entertainers are usually demonised by the mainstream, turned to crypto made sense. But like most things in the crypto space, its never so simple and the wired piece outlines some horrible and disturbing problem. There has to be a better way for the sake of so many.
Ian thinks: In the last few weeks, Defcon, Tech Open Air and Techcrunch disrupt have uploaded their conference videos. I found Mikko, Cory and the Veilid talks the best so far. Although I will give a nudge for the Opera and Vivaldi founder from TOA.
Ian thinks: The word gets thrown around a lot and very few people know the history. In this podcast it becomes clear the luddites image of techbophic is very wrong. With thoughts for the future with generative AI and power, the Luddites image is due a rethink.
Ian thinks: The fediforum is the unconference for the fediverse. I took part in the September one and learned a lot including how activitypub can become the plumbing channel between the usual (microblogging) and unexpected applications like event management (gath.io)
Find the archive here
We live in incredible times with such possibilities that is clear. Although its easily dismissed how Google & Deepmind used patients data without permission, how aesthetics has dominated technology reviews and comparing social media’s effects to alcohol.
To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.”
You are seeing aspects of this with seeing the EU’s first steps in creating a Interoperable Market, the open source approach to solar power and the understanding technology won’t solve the coming climate collapse.
Ian thinks: I have many thoughts about the metaverse, but there is so much about the matrix which is apt for Silicon Valley’s metaverse, Agent Smith says “I hate this place, this zoo, this prison, this reality, whatever you want to call it.” While Morpheus says “What is the Matrix? Control.” Both fitting.
Ian thinks: As more and more of public services go online, the absolute importance of trust and accountability needs to be established. We can’t leave it to private enterprises as you see with meta, to provide trusted services
Ian thinks: I like the idea of the course, the reading list is very good. With such heavy weights I’m keen to see what may come from it?
Ian thinks: Its good to see some early positive public research about aspects of social we all take for granted. Look forward to further development.
Ian thinks: The EFF’s latest podcast on what the police and malicious actors do with the data on our phones once they have it for a short while is quite something to hear and think about.
Ian thinks: The Freakonomics give a balanced view on venture capital. I’m less positive but also hopefully with some of the details in the podcast.
Ian thinks: I’m personally deeply conflicted about crypto but very concerned at how its being pushed as a way to rebuild generational wealth within the black community. Especially by the community its self. Crypto and the Neo-liberalism narrative doesn’t seem to fit neatly.
Ian thinks: Sky suing the US Government is a interesting point of reference, but also begs the question of whats ok and not in the encrypted messaging future.
Ian thinks: The amount of IOT device in our home and their impact on our homes and human relationships is a ongoing concern, with no little good outcome on the horizon. On a similar branch Stacey outlines her problems with her IOT home.
Find the archive here
I am impressed…
I thought I had a blog post about Beeper but I didn’t write one. So in short this picture sums up Beeper in one go.
Imagine if you could use one client to access all these different networks, but unlike pidgin or trillian which needs software plugins to connect to them all. Beeper is actually a Matrix client which connects to specific Matrix bridges (server based, instead of client based) to other messaging networks.
Its one of the thing which blew me away when I saw Matrix at Mozfest 2017.
Matrix is open source and you can run it on your own infrastructure (we will get back to that soon). You can even install your own bridges.
In short Beeper is the Matrix dream in a managed service which you pay $10 a month. You can self host it and its something I may do after a while but right now I’m happy to give some money to get use to things
First thing I did is install the appimage for Linux, set it up using the code I had received via email. Then setup a few networks. Within a few minutes I was replying to friends
I tested Slack using Storyteller United and was quite impressed, although I ended up disabling it due to the amount of channels and how busy the slack can be.
I may enable it again for a few slacks I am part of but don’t want the whole of slack on. Currently I have the Slack app on my laptop and work phone but I like the idea of the messaging parts without the heavy slack app.
I noticed you can input Gifs, emoji’s, attachments, etc in almost every single message in a unified way. I haven’t hooked up my SMS yet (mainly because there is no RCS bridge yet which I would miss). I also would like to see scheduling as I’m so use to it now.
Of course the phone interface for beeper is similar, Gif and all. You can use the unified inbox which puts everything in one timeline. The spaces cuts everything by network.
To be frank, Beeper is impressive and if I could change a few things they would be.the ability to have multiple accounts. For example I would love to be able to finally have one client for the multiple Signal accounts (I have one for my personal and work mobiles). This might be a limitation of Signal, but it would be great if I could spin up 2 bridges. I say this as I added 2 slack accounts and could add more with ease.
Right now Beeper is very much work in progress, but its got most of the key features. I don’t feel like I have fully added the networks yet as I hold on to apps like Android messages due to RCS and scheduled messages. I could add Twitter and Discord but I’m quite happy with my Mastodon clients and cross posting to Twitter. Although I might hook up my ianforrester account on twitter just to see what its like in beeper. I even consider setting up Telegram, i-message, etc accounts just because I can now without the stress.
I forgot, Beeper doesn’t replace the existing messaging systems, meaning when I finally hooked up Android messages, I can still send scheduled messages and RCS from the app. But reply and send general messages from Beeper.
The network diagram at the very top is actually slight wrong because Beeper sits within the Matrix network and once I understood this via the support channel. It became clear I could easily share things between all my mobiles and laptop with ease. Bit like how I use Signal’s personal space/notes to yourself. I haven’t tried connecting to any of the Matrix systems I’m part of like publicspaces, sdeps or redecentralise. But I’ll give it a try over the next few days.
I like Beeper, but do long to setup my own bridges in a docker container or rasberrypi in the near future. Is 10$ a month quite a bit expensive for this? Maybe but only because I am still getting use to it and not fully using it. I think if I was using it for everything, 10$ a month would great value. Its a good business model, as most won’t or can’t run their own bridge server. (I have already looked to see if Yuno host has support or not)
I look forward to the regular updates and seeing it mature into something unique.
Funny enough I heard Beeper on Twit.TV’s all about android too. The person who wrote in didn’t blur any of his conversations and contacts which I would say is super brave or not thinking things fully through? However its interesting to see someone else also using Beeper and the reaction to it from people not fully aware of
We live in incredible times with such possibilities that is clear. Although its easily dismissed, seeing the de-platforming and even the royals snubbing social media.
To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.”
You are seeing aspects of this the privacy first search engine duck duck go surpassing 100 million daily searches, the move to Signal messager from Whatsapp causing it to fall over temporarily and Facebook forced to rethinking their strategy.
Ian thinks: Mozilla’s well researched look at the state of the internet is a one of those reports which spurs thought and action for the coming year. Its been a tricky year with lots of up and downs, nicely documented in this massively detailed report/playbook. You might recognise someone in the report.
Ian thinks: on 11-12 March a online conference by a number of partners including BBC R&D bring together organisations and vendors who are interested in the development of a public stack in line with the principles of democratic, sustainable etc. This is all part of the Mozilla Festival 2021 which is in Amsterdam for the next 3 years. Tickets are now available for Mozfest. and the publicspaces conference.
Ian thinks: A deep dive but also accessible look at the current state of decentralised technology like self sovereign identity. Maybe one of the better summaries.
Ian thinks: The post has quite a few errors within it, like how they keep referring to Mastodon as a single network and missed the memo how Gab removed themselves off Mastodon. BlueSky sounds only slightly interesting, but the core of this post is focused around the risk of extreme groups using decentralised technology.
Ian thinks: A truly real rethink of AI ethics based around Buddhist ethos is something worth pursuing. There is a lot of modern life which could be re-thought with a eastern view.
Ian thinks: Will the name change from Libra to Diem make any difference? Its still got Facebook behind the scenes and almost all the original backers have left.
Ian thinks: Its later in the video when Ian talks privacy and luxury but also luxury and personalisation. Its good to hear these discussions happening in the retail world too.
Ian thinks: Although this well written paper focuses on public service broadcasting, I would consider the wider question of publicservice full stop. Its clear the likes of Uber, Airbnb, Amazon, Facebook etc are aiming to replace public utilities Of course I think so but publicservice needs to double down on things which break silicon valley
Ian thinks: Mark Pesce is interviewed by Douglas Rushkoff for team human, and its quite a fascinating interview linking all these topics together.
Ian thinks: Well its about time, but expect more E2E and Zero-knowledge buzz words to be thrown around this year. Question will always be, are they actually doing what they say they are? Looking at you Zoom.
Find the archive here
Happy to see Google messages getting schedule messages at long last. Its been a long time in coming after Gmail’s schedule send last year.I have been using the beta and enjoying sending messages at 1am for a quite some time now.
Be great if Signal also added scheduling, although I did buy tasker to solve the scheduling of text and signal but haven’t sat down and played with it yet.
For the longest time people have asked why I don’t use Whatsapp? As someone who sees the flaws and reads the terms/conditions, I was never happy with the use of data. In the last few days its become much clearer with Whatsapp privacy change forcing you to accept the changes or stop using it (no opt out).
The core issue with the change is…
“As part of the Facebook family of companies, WhatsApp receives information from, and shares information with, this family of companies,” the new privacy policy states. “We may use the information we receive from them, and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings.”
In some cases, such as when someone uses WhatsApp to interact with third-party businesses, Facebook may also share information with those outside entities.
Ok so they can’t read your (signal) encrypted messages but like we learned a long time ago, the metadata is sometimes tells more than the actual message.
Surely its time to switch?!
No? Remember this… dumb f**ks.
We live in incredible times with such possibilities that is clear. Although its easily dismissed seeing the next big social network using the exact same centralised model as the existing ones; while us privileged dive into our exit pods.
To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.”
You are seeing aspects of this happening with do not track being rethought and getting some legal muscle.
Ian thinks: Good to hear more about the mysteries figure which is Signal’s CEO Moxie Marlinspike. His views of taking back our privacy, moving systems into the public infrastructure category and making encryption the default; is quite telling looking at his past. Unlike most, he has the knowledge and system to actually implement with others the reality he thinks about.
Ian thinks: This interview with Marina Gorbis from the institute of the future with Douglas Rushkoff is full of status-quo busting thoughts. The centre idea is how the allure of scale is actually the main problem the human race faces.
Ian thinks: Openschufa a project which aggregates your GDPR requested financial data with others to reveal bias, is the type of services I was hoping would come out of GDPR’s data portability rules. Look forward to seeing more like this.
Ian thinks: This video is excellent and one of the reasons I have always been keen to use fediverse services like Mastodon and Pixelfed. This is another good talk from the Activity pub conference
Ian thinks: When I visited Ghent last year I did notice the city centre was very quiet from the lack of cars. I had no idea but it felt like a place to live and walk. Lessons for other European cities?
Ian thinks: I personally have been following the web monetization protocol and grant for the web project for a while. Even adding it to my own personal blog, but its great to see Techdirt taking up the same protocol. Web monetization is growing and growing.
Ian thinks: This is a impressive list of 7 design based innovations which have helped and aided during the pandemic. All very different and all inspiration.
Ian thinks: Centralised digital identity is easy to understand, but self-sovereign identity is being pushed as the way forward. However this essay by Philip Sheldrake, really shakes up the notions of identity in a way I’m still struggling to think about now.
Ian thinks: I thought Facebook would ignore the social dilemma as its not that great compared the great hack or after truth, plus there are many issues. But Facebook have hit back claiming the documentary as sensationalism. Seems to have touched a nerve I think?
Find the archive here
I have been a fan and person encouraging the use of signal over the likes of whatsapp. Its been good to me but like every piece of software there are things I would change about them. For example the whole pin code thing is not only concerning but also a real challenge for casual users.
The pin code thing and phone number thing is not that much of a concern for most but I’ve been keeping an eye on others coming into the space. Threema is one such messaging app which seems to have all the privacy and security needed backed with its strong European base in Switzerland.
I wrote it off in my mind because it didn’t have a open code base for security experts to view openly. However that recently changed with them opensourcing the code base.
Because of this change I’m relooking at the Threema, although I don’t think I’ll be dumping Signal as a result but rather using both?
I have been introducing Signal to friends as a proper alternative to Whatsapp. Its mainly been ok but my friend Hannah has hit a catch 22 problem, in her own words…
Signal should be a great app. It’s secure, easy to use and even my most skeptical and tech-suspicious friend uses it. But since I forgot my pin, I’ve not been able to get onto the app, not been able to reset my account or even been able to delete my account to start again!
I did email to get some advice about this problem but what I got back (after nudging to get a response) wasn’t really helpful. Apparently, you can reset your pin once you’re in the app but since I don’t know my pin, I can’t get into the app to reset the pin I don’t know. I also need to be in the app to delete my account. So basically, in order to access the information I need, I need the information I need. And yes, I did query the logic of this advice but it was just repeated to me!
This is really frustrating because even after deleting the app and waiting 7 days as suggested, the problem remains. In fact, I’ve done this a few times, waiting longer periods and it still hasn’t worked. Signal is effectively holding my phone number hostage, not allowing me to use it to create a new account or access the numerous messages I’m informed I’m missing (through other less secure – but at least reliable – platforms).
I get that not revealing my pin to me is a security thing but to be honest, it seems daft that I can’t even reset that pin using other means. For example, Signal already texts me a confirmation number when I try to sign in – surely this is enough to know that I’m the owner of the phone? They also have my email address.
If I really can’t reset my account, I would be more than happy to delete the current account and start over again. But until there’s a way for me to do this without entering the app in the first place, I’m stuck in limbo.
I’ve sent one last email to try and sort it out… fingers crossed!
If anyone has a solid answer what Hannah can do, that would be massively helpful. Even I’m lost to what she can do now.
I love Signal and never used Whatsapp because of many reasons included in this great opinion piece. Its gotten better and better but the recent pin number is a worry. I’m not the only one.
“Notably, things we don’t have stored include anything about a user’s contacts (such as the contacts themselves, a hash of the contacts, any other derivative contact information), anything about a user’s groups (such as how many groups a user is in, which groups a user is in, the membership lists of a user’s groups), or any records of who a user has been communicating with,” Signal wrote in 2016.
That, according to critics, has now changed.
“They should have a dumb network that knows nothing because it can’t be compromised then,” The Grugq told Motherboard. “[Having contacts] is a lot. It isn’t messages, sure. But I don’t like it. I don’t want them to have anything. Make the networks dumb and the clients smart.”
I do understand why they have done it, but I don’t know where its going next. Marlnspike (head dev of Signal) replies.
Marlinspike defended the decision to enable PINs and give users a way to migrate to a new device and keep certain data, and will increase the security of users’ metadata, “new features Signal users have been asking for.”
“The purpose of PINs is to enable upcoming features like communicating without sharing your phone number. When that is released, your Signal contacts won’t be able to live in the address book on your phone anymore, since they may not have phone numbers associated with them,” Marlinspike told Motherboard. “For most users, this also increases the security of their metadata. Most people’s address book is syncing with Google or Apple, so this change will prevent Google and Apple from having access to your Signal contacts.”
The changes Signal has made show how there can be a tension between messenger usability and feature set and security. It’s too early to say whether you should stop using the messenger. For most users’ threat models, it’s still one of the best options. But one of the key things that set Signal apart—that it collects almost no information about its users, appears to be changing.
Convenience is the enemy of security and I would say privacy. I wouldn’t be surprised if signal gets forked.
It was always clear to me Twitter direct messages was never secure in anyway, hence why I tried to move private conversations over to another medium. If thats not email or signal what else? Recently I have been looking at a couple others…
Session which is decentralised messaging and Criptext, which is actually secure email. Both need work but have decent security.
We live in incredible times with such possibilities that is clear. Although its easily dismissed by looking at the sorry state of the UK during our EU withdrawal or the tech press panic over the corona-virus.
To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.”
You are seeing aspects of this happening with the rise in unions and labor rights in the gig economy.
Ian thinks: I always thought this was going to happen, once out of the EU our data privacy laws won’t be respected by the GAFFA’s and why would they?
Ian thinks: Signal as a behemoth is concerning but its clearly made the best use of open source licenses to keep itself in check. Love the new systems which are being built on the protocol, real opportunity for something very new.
Ian thinks: All public service is under treat and hearing the words of the CEO of the CBC, really sends the message loud and clear
Ian thinks: Following the previous link, a look at the sorry state of American’s public service broadcasting. The up lift of donations is good but for how long, how sustainable is public donations?
Ian thinks: 3 words – Transparency, auditing, diversity.
Ian thinks: The comparisons are spot on and its clear podcasting is going through a massive change right now. Spotify’s play to commodify and dominate is hard to break unless there is experiences they can not own.
Ian thinks: The writer makes a good point about Spotify taking decentralised open media and locking inside a closed proprietary system. Lessons to be learned for future services we use.
Ian thinks: I like Airbnb, I’m even a host but its clear there isn’t just a problem but its fundamentally broken and actively exploited by too many.
Ian thinks: Been using Firefox containers for the last 6-8 months and find them incredibly useful. The user experience is a mess and provides an opportunity for design disruption.
Whatsapp, never used it never will. But I know many many of my friends do – please do update! Or even better dump it and use Signal messenger.
A security flaw in WhatsApp can be, and has been, exploited to inject spyware into victims’ smartphones: all a snoop needs to do is make a booby-trapped voice call to a target’s number, and they’re in. The victim doesn’t need to do a thing other than leave their phone on.
The Facebook-owned software suffers from a classic buffer overflow weakness. This means a successful hacker can hijack the application to run malicious code that pores over encrypted chats, eavesdrops on calls, turns on the microphone and camera, accesses photos, contacts, and other information on a handheld, and potentially further compromises the device. Call logs can be altered, too, to hide the method of infection.
The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.
I noticed Arriva trains (now Transport for Wales) have changed their policy on board wifi usage. I had problems with it in the past…
Had to optimise picture down because uploading it is eating into my left over data on Arriva Trains. Note I'm got 3hrs left of my journey pic.twitter.com/7KZ9rOLpi5
— Ian Forrester | @cubicgarden (@cubicgarden) September 18, 2017
Have to say the Free wifi 20meg limit on Arriva trains seems to be something of a joke? Hit 15meg before I hit Stockport!
— Ian Forrester | @cubicgarden (@cubicgarden) September 18, 2017
Now instead of cutting you off when you hit the shocking amount of 20meg (yes you heard me right – 20meg!) They throttle the internet to your device at 20meg.
Its still not ideal but I do feel its a better compromise that cutting the internet completely. Especially because frankly the signal from tethered phones during the journey through south Wales can be pretty poor for miles and miles.
I looked at Wire a while ago but stuck with Signal. Some friends think I’m insane when I say I’m not using Whatsapp, but I have many reasons.
Herb asked me why I use Signal and not Wire, then a few people at Thinking Digital put the final shot in the social cannon. So I re-looked at it again and installed it alongside Signal.
They are quite different, for example Signal is very tied to a phone number while Wire is but isn’t (well you can only register one phone number which is a shame). I can login with the email across devices and it doesn’t seem to offer its self as a sms/mms client. While Signal does offer to be a sms/mms client if you accept it. But you can’t run Signal on multiple phones as it locks to that phone number.
I originally didn’t see the 64bit Ubuntu/Debian package, so ran it through Wavebox which makes websites act like native apps. But today I saw the deb.
@cubicgarden Yes, Linux is experimental and community based – feel free to pitch in! https://t.co/vvbnjIPnBJ
— Wire (@wire) May 16, 2017
Generally I’m thinking of Wire as something more like Ubuntu, while Signal is more raw like Debian. I’m sure some will hate that comparison but I look forward to seeing where they both go next, both are secure, open and run across all platforms.
But as they move forward with features, will they keep the same data ethics (privacy, security, data ownership, identity, permission) in mind? I really hope so..
Updated
Old friend Gabby has been talking to me on Wire and pointed me at this blog post which pretty much sums up the difference I found with Wire & Signal.
One of the biggest differences compared to other secure messengers like WhatsApp or Signal, is that Wire does not require a phone number to sign up. Anyone can register with an email on desktop or tablet and then decide if they want to use the same account on their phone or not.