Slashdot Mirror
Signal, WhatsApp Co-Founder Launch 'Open Source Privacy Technology' Nonprofit (thenextweb.com)
An anonymous reader quotes The Next Web:One of the first messaging services to offer end-to-end encryption for truly private conversations, Signal has largely been developed by a team that's never grown larger than three full-time developers over the years it's been around. Now, it's getting a shot in the arm from the co-founder of a rival app. Brian Acton, who built WhatsApp with Jan Koum into a $19 billion business and sold it to Facebook, is pouring $50 million into an initiative to support the ongoing development of Signal. Having left WhatsApp last fall, he's now free to explore projects whose ideals he agrees with, and that includes creating truly private online services.
"Starting with an initial $50,000,000 in funding, we can now increase the size of our team, our capacity, and our ambitions," wrote Signal founder Moxie Marlinspike (a former Twitter executive).
Acton will now also serve as the executive chairman of the newly-formed Signal Foundation, which according to its web site will "develop open source privacy technology that protects free expression and enables secure global communication."
"Starting with an initial $50,000,000 in funding, we can now increase the size of our team, our capacity, and our ambitions," wrote Signal founder Moxie Marlinspike (a former Twitter executive).
Acton will now also serve as the executive chairman of the newly-formed Signal Foundation, which according to its web site will "develop open source privacy technology that protects free expression and enables secure global communication."
I heard that at least one of the people who created WhatsApp (I think it was Koum) grew up in the former USSR, and knew exactly why privacy was important. And so he made WhatsApp with end-to-end encryption and all that, focusing on user privacy.
And then Facebook bought WhatsApp.
It makes sense that Koum didn't change his worldview just because Facebook decided to buy him out.
Correct me if I'm wrong, but didn't at least one of WhatsApp's founders (I think it was Koum) grow up in the former USSR? And that's why originally WhatsApp had end-to-end encryption and prioritized user privacy.
And then Facebook bought them out.
It makes sense that Koum didn't change his worldview just because of that.
Reading stuff like this makes me very happy, and restores some of the hope that I've been losing as I age.
'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
Since you are requested to confirm an account with an SMS, and the mobile phone number used (which is associated with an actual person) is permanently stored and associated with every Signal account, you only have partial privacy with Signal. What you say cannot be read by anyone, but who you are, when you talk, and who you talk to is divulged. This is highly valuable (and sensitive) meta data, and a serious privacy breach.
There is no valid technical reason for requiring the revelation of a mobile phone number for enabling an account instead of f.e. using e-mail, and since the application is not monetized in any way - no ads, no end-user costs what so ever - people should ask themselves what the true gain is from pouring millions of dollars into SMS costs etc. to keep Signal running without a single end-user dollar going back to the operation.
Whoever tries to sell such a thing in our country would go straight to jail - unless it has a facility for wiretapping all 'private' conversations.
It is insane that Signal traffic for most people has to cross so many vulnerable systems and borders, go to an unstable country, and come back through it all again to the recipient.
Decentralisation would reduce the metadata collected by all entities, increase reliability, resilience, and security.
Please stick it at the top of the wish list.
A proudly anonymous coward
You're kidding yourself if you think that you can do anything on a smart phone with any level of privacy. Between the cell providers and the OS providers, you're owned as soon as you turn it on.
I don't respond to AC's.
First, Signal doesn't run over SMS at all; it routes over IP and calls are VOIP.
Second, call metadata is already retrievable by any mass surveillance operation. Signal does offer an option to relay all calls through their server, obscuring the metadata. Because it runs over IP, you can also route Signal through a VPN or even Tor (though probably not reliably).
Third, and perhaps most importantly, the mission of Signal is make encryption and privacy easily available to the MASSES. 99% of the global population are not security enthusiasts or tech professionals; this stuff has to actually WORK and work easily in order to make sense for the typical user. Signal has done more to promote secure, private, easy communication than almost any other group in recent history.
Federation is precisely why it is virtually impossible that we will ever see encrypted e-mail in mainstream use. It is now almost guaranteed that the proper protocols cannot be updated in such a way as to allow it, all because of federation.
Everyone else who has tried to do so has failed, but the market needs it, and with tens of millions of dollars and a reputable brand, maybe Signal can make it work. We need something with Apple-like security, the flexibility of Android, and FOSS.
I don't think the Purism Librem 5 is going to succeed. The hardware specs are too old and the direction they're going is too niche and non-functional to work for the typical user.
CopperheadOS's secure, FOSS fork of Android is a good place to start, though it's a very small operation as of now and it's being run for-profit. If Signal could create a fork of Android, maybe call it Signal OS, and make use of the security features of Copperhead plus their own enhancements, then it could work. Google would already be doing most of the heavy lifting on building the OS, and Signal's engineers would just focus on hardening its security. With a proper marketing and business development team, they could start selling Signal OS flashed phones as a revenue model, potentially even in deals mainstream carriers.
Building on Android is much more plausible than trying to create a whole new mobile OS from scratch; that's where Ubuntu phone and Firefox phone failed, and where Purism will also likely fail. Fork from Android, adapt Copperhead's code, ramp up security hardening, sandbox every app in isolation, and run without Google Play (perhaps using a combination of F-droid and a Signal repository).
...Micro$oft is putting Signal's technology into future versions of $kype. It has absolutely nothing to do with being free and open source. This is about leaving a company in trouble and probably more so when folks realize there's never been any real privacy since WhatsApp was purchased. It's about money and dodging a bullet. Not only do should you have zero confidence in the privacy of ANYTHING owned by Facefarm, but now Signal should also not be trusted. If either company uses a technology, just assume it's been compromised because data collection of users is essential for those like Facefarm, Micro$oft, Goolag, and Amazon. Use a Tox client.
1) The data will not be sold but shared with partners
2) The company can't sustain itself and will be bought by another company
Signal has been heavily audited by leading cryptographers and even endorsed by Edward Snowden. As long as it's open source, to claim it suddenly is "untrustworthy" is ridiculous and simply based on anti-corporate grandstanding.
Sensibly speaking, the adoption of high-security, open source technologies by major corporations would indicate to most people a VICTORY for users. Somehow you've managed to make it seem like a loss. There isn't always an enemy to fight; it's okay to win.
I say the title of this post is seriously misleading.
Brian Acton is only co-founder of WhatsApp, in other words, a direct competitor of the FOSS Signal application.
That he (only now) consider Signal as better than WhatsApp is good ; that he now donates to Signal is even better (as long as he doesn't take control, e. g. through new hired friends) -but definitely Acton never was a 'Signal, WhatsApp Co-Founder'.
And now the message diffused by /. title to the general crowd is : 'so, after all, WhatsApp and Signal are roughly the same kind of cool, no need to change'...
From a guy that spent years explaining to his management that they should switch from WhatsApp to Signal...
Herve S.