this post was submitted on 03 Dec 2023
216 points (100.0% liked)

Technology

37603 readers
609 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
alyaza@beehaw.org
TheRtRevKaiser@beehaw.org
gyrfalcon@beehaw.org
rs5th@beehaw.org
SemioticStandard@beehaw.org
TheRtRevKaiser@kbin.social
Los@beehaw.org
coldredlight@beehaw.org
remington@beehaw.org
216
Privacy is Priceless, but Signal is Expensive (signal.org)
submitted 9 months ago* (last edited 9 months ago) by fer0n@lemm.ee to c/technology@beehaw.org
87 comments fedilink hide all child comments
 

We estimate that by 2025, Signal will require approximately $50 million dollars a year to operate—and this is very lean compared to other popular messaging apps that don’t respect your privacy.

top 50 comments
sorted by: hot top controversial new old
[–] helenslunch@feddit.nl 56 points 9 months ago* (last edited 9 months ago) (4 children)

I love Signal but this is one of many problems with centralized servers. Not only can they be disabled by the gov but they cost, as seen here, tens of millions of dollars to keep running at scale.

What is the advantage? Why are we not using P2P systems? If I can download a 30GB video problem-free over and over again, shouldn't it be simple enough to do with a 1mb text file?

A huge part of their costs is just verifying phone numbers, which is something the service does not need and shouldn't even have.

[–] Saik0Shinigami@lemmy.saik0.com 35 points 9 months ago (1 children)

to do with a 1mb text file

God you must be like my wife and write fucking novels as text messages.

[–] thanks_shakey_snake@lemmy.ca 12 points 9 months ago (1 children)

Lol I think they probably mean like an entire chat history (or page of one), but yeah that's pretty big.

[–] helenslunch@feddit.nl 6 points 9 months ago

I was just rounding up

[–] u_tamtam@programming.dev 23 points 9 months ago (2 children)

If you are curious, you should give XMPP a shot, it's equivalent to Signal in terms of encryption, but anyone can host their own. Signal is ideologically opposed to anyone but themselves being in control of your account, and because of that I don't want to trust them.

[–] helenslunch@feddit.nl 20 points 9 months ago (4 children)

That's great except barely anyone I know uses Signal, much less XMPP

[–] admiralteal@kbin.social 14 points 9 months ago (3 children)

And now here I am, nostalgic for the good old days of having one chat app that could connect you to everyone over XMPP/jabber.

load more comments (3 replies)
[–] squeakycat@lemmy.ml 7 points 9 months ago (6 children)

Indeed. Xmpp is lost as a general purpose chat app for everyone. I have many issues with matrix but it's the best chance we have, particularly with bridges.

[–] kpw@kbin.social 8 points 9 months ago (1 children)

XMPP is the IETF Internet Standard while Matrix is just another custom IM protocol managed by a venture capital funded startup which keeps losing money.

load more comments (1 replies)
load more comments (5 replies)
[–] u_tamtam@programming.dev 4 points 9 months ago* (last edited 9 months ago) (1 children)

Neither XMPP nor Matrix will ever become “the next WhatsApp”: the current internet has seen too much consolidation for the tech majors to permit it (and open and federated protocols can’t compete, do not have the marketing budget nor the platforms to promote their software, but I salute the EU’s Market Act attempt to shake-up the status quo).

But that doesn’t really matter IMO. What (I believe) is important in the grand scheme of things is that such protocols remain alive, maintained and secure, so that:

  • small-scale instances can flourish and contribute to a more resilient/efficient internet (think of family-/district-level providers ; this is the kind of service I personally offer: family members and friends at large appreciate that the messages and data that we exchange aren’t shared over some cloud or facebook server for no good reason)

  • IM identities can persist over time: if you are a business or an individual, you may want to look into having a stable/lasting contact address, that will survive the inevitable collapse of facebook/whatsapp/instagram/… If you are old enough, your current email address probably existed before facebook. Why not your IM address?

And yes, I hear you, this is rather niche, but what got me there (and on XMPP in particular) is having been long-enough on the internet to become tired of the never-ending cycle of migrations from service to service. More and more people will have a similar experience as time goes, so this niche will only grow :)

[–] helenslunch@feddit.nl 3 points 9 months ago (5 children)

the current internet has seen too much consolidation for the tech majors to permit it

While that may or may not be true, it's really not important for several reasons.

  1. All current XMPP clients I have seen are janky as fuck.

  2. No one is going to spend the billions of dollars necessary to advertise XMPP clients to end users who aren't actively looking for them.

  3. The vast majority obviously doesn't care about their privacy.

Just seems like a fruitless endeavour.

load more comments (5 replies)
load more comments (1 replies)
[–] master5o1@lemmy.nz 7 points 9 months ago (6 children)

Ten years ago sure, the days I'd suggest matrix instead.

load more comments (6 replies)
[–] GenderNeutralBro@lemmy.sdf.org 16 points 9 months ago (1 children)

It's difficult to maintain privacy in a P2P environment. In naive implementations, your IP address will be visible to all the peers you connect to. This is the case in e.g. BitTorrent.

Signal has this issue with video/voice calls as well; by default they operate on a P2P basis for performance reasons, and they expose your IP address to the second party. Signal has an option in the settings to relay voice/video calls through their servers specifically to mitigate this.

There are some workarounds for anonymizing P2P, like routing through Tor or I2P. Tor, however, has known exploits and is probably not suitable if you need to hide your activity from advanced adversaries like world governments (e.g. political dissidents, journalists, etc.)

I2P sounds interesting but I'm not deeply familiar with it. I understand that I2P clients also act as relay nodes, which puts an additional bandwidth burden on users. I'm not sure if I2P is more resilient against government-level attacks than Tor. I'd be interested to hear from anyone who is more familiar with the protocol.

[–] helenslunch@feddit.nl 10 points 9 months ago (4 children)

I am not concerned with the people I'm actively chatting with having my IP address.

[–] GenderNeutralBro@lemmy.sdf.org 10 points 9 months ago

If you're using it for personal correspondence with people you know and trust, that's probably fine. However, a secure and private communications platform should support more extreme use cases as well.

If you're a journalist, for example, you might need to communicate with people you do not know or trust. You could realistically be talking to someone who wants to kill you, or who is being monitored by people who want to kill you, particularly if you are covering high-profile political issues or working with whistleblowers (or are yourself a whistleblower). Even revealing information as broad as what city you're in (which would be revealed by your IP address) could be a risk to your physical safety.

Even though I do not personally face such high-level threats in my life, I feel better using services that allow for the possibility. Privacy is a habit, and who knows what tomorrow might bring?

[–] I_am_10_squirrels@beehaw.org 3 points 9 months ago

A MitM sniffer would be able to see the source and destination IP addresses, not just the person you're chatting with. Even if the data is encrypted, P2P is still vulnerable to a layer 3 attack.

load more comments (2 replies)
[–] fer0n@lemm.ee 13 points 9 months ago* (last edited 9 months ago) (3 children)

I‘m not an expert on this topic, so someone correct me if I’m wrong. Signal is only storing stuff temporarily to pass it on, so I’m assuming you’d have the exact same costs even if it weren’t centralized. Maybe even more as it’s probably cheaper to have it managed in one place. I’m assuming all this would do is distribute the cost, but otherwise be the same?

[–] helenslunch@feddit.nl 10 points 9 months ago* (last edited 9 months ago) (1 children)

I’m assuming all this would do is distribute the cost, but otherwise be the same?

Exactly. I can locally process the 1-3 messages/day I send on my device rather than having billions of messages processed on a single server.

I can even host my own Matrix or XMPP encrypted server on a $100 machine consuming ~7W and host several hundred users easily.

load more comments (1 replies)
[–] avidamoeba@lemmy.ca 8 points 9 months ago* (last edited 9 months ago)

You're not wrong. Federation would have higher costs but distributed over more people. Even with pure P2P a-la BitTorrent things might not be significantly cheaper because you'd likely still need to host authentication centrally or federally. You'd only eliminate the message bandwidth costs.

The thing is, we already have a way to distribute the costs - people subscribe to support Signal. Some pay more, others less. Whether I run a node that serves 100 people or subscribe for $10/month, it's somewhat equivalent. So the practical takeaway should be - if you want for Signal to keep signalling - subscribe if you can afford it.

[–] admiralteal@kbin.social 6 points 9 months ago* (last edited 9 months ago) (1 children)

The difference is that there's enough unused capacity on your personal device to handle all the traffic any typical user needs to handle in a day many times over, for simple messaging. Likely, that load is so little it won't even affect your battery life.

[–] fer0n@lemm.ee 5 points 9 months ago (3 children)

Wouldn’t you still need a server in between to temporarily store the messages if the other person isn’t available?

load more comments (3 replies)
[–] TWeaK@lemm.ee 30 points 9 months ago (10 children)

They could save a lot on infrastructure costs if they decentralised their network and stopped using phone numbers as unique identifiers.

[–] fer0n@lemm.ee 4 points 9 months ago* (last edited 9 months ago) (1 children)
[–] noodlejetski@lemm.ee 4 points 9 months ago

the phone number is still going to be required for making an account, you can just choose to not share it with others and give them your username instead.

[–] maxprime@lemmy.ml 4 points 9 months ago (3 children)

How?

[–] GenderNeutralBro@lemmy.sdf.org 6 points 9 months ago

Quote from the blog post:

Registration Fees

Signal incurs expenses when people download Signal and sign up for an account, or when they re-register on a new device. We use third-party services to send a registration code via SMS or voice call in order to verify that the person in possession of a given phone number actually intended to sign up for a Signal account. This is a critical step in helping to prevent spam accounts from signing up for the service and rendering it completely unusable—a non-trivial problem for any popular messaging app.

SMS verification is expensive.

Obviously, running the infrastructure to support the entire user base is also expensive. Decentralized protocols like Matrix sidestep this problem by allowing anyone to host their own infrastructure to use the network. Even if the largest Matrix server shuts down, the network will live on, and people can migrate to another server or host their own. This distributes the costs and allows for different business models to support those costs -- commercial, non-profit, cooperative, whatever. Corporations can (and do) host their own Matrix servers for their employees, for instance. I wouldn't be surprised to see universities do the same, like they frequently do with email.

[–] kpw@kbin.social 4 points 9 months ago

There's an IETF internet standard for federated messaging called XMPP. Just be compatible with the standard. It also allows for extensions if you offer more than the core spec.

load more comments (1 replies)
load more comments (8 replies)
[–] onlinepersona@programming.dev 29 points 9 months ago (3 children)

In total, around 50 full-time employees currently work on Signal

[...]

When benefits, HR services, taxes, recruiting, and salaries are included, this translates to around $19 million dollars per year.

That's 380k/employee on average. Even if half of that went to taxes and other expenses, on average they're paying their employees around 190k/year.

Bro, as a European dev, that's triple my salary! They could possibly double or triple their workforce if they hired from outside of the US.

[–] snrkl@lemmy.sdf.org 20 points 9 months ago (2 children)

When running a business, you need to budget 3x salary for actual TCO of a staff member:

1x covers their direct salary 2x covers retirement fund, electricity, office space, and infrastructure items unlike server and laptops for corporate use etc.

The 3x multiplier is for when you're a services company, and that represents a possibly profit margin.

So for signal, your $380k becomes $190k which in my experience is average for a US tech sw dev at a mid to early senior level.

I donate to signal monthly and I have no problems with the costs they're posting. I work in SV tech and I've seen 20x worse numbers.

[–] bradorsomething@ttrpg.network 10 points 9 months ago (1 children)

I’m extremely curious where you get those numbers from, I operate businesses and that doesn’t pass the sniff test.

[–] snrkl@lemmy.sdf.org 5 points 9 months ago

I've used the 3x multiplier for staff planning at services companies since the early 2000s.

Perhaps there are regional differences, but they've rung true for planning billable rates of return at every services company I've worked at in the last 20 years here in AU.

I realise that the services aspect isn't relevant, but having the sum of indirect staff costs equivalent to staff salary cost when office space is involved isn't a massive stretch in my experience. (Indirect costs would include office rent, utilities, infrastructure and a share of shared functions such as IT, HR, facilities etc...)

load more comments (1 replies)
[–] papertowels@lemmy.one 11 points 9 months ago (3 children)

As an American dev, you should check out other silicon valley salaries. After hearing what some folks there make 190k doesn't make me bat an eye.

load more comments (3 replies)
load more comments (1 replies)
[–] Vlyn@lemmy.zip 14 points 9 months ago (3 children)

Is it just me or is $19 million per year for 50 full-time employees insane?

Even for US salary standards.

[–] phoenixes@beehaw.org 7 points 9 months ago

My guess: People who can be as competent with security as they need are very expensive.

[–] avidamoeba@lemmy.ca 6 points 9 months ago* (last edited 9 months ago) (1 children)

Not at all. That's $380K per person if everyone is making the same. Engineers with a few years of experience at Meta make $400K+.

[–] EinfachUnersetzlich@lemm.ee 4 points 9 months ago (1 children)

Don't forget the employer taxes, insurance, recruitment costs and so on. It wouldn't surprise me if the employees are earning on average half that.

load more comments (1 replies)
[–] TheChurn@kbin.social 6 points 9 months ago

Role of thumb is an employee costs roughly twice their base salary, as the employee still needs to cover insurance, taxes, sick time, and other benefits.

That leaves an average salary of 190K for the 50 employees. That isn't much for tech.

[–] meteokr@community.adiquaints.moe 11 points 9 months ago (2 children)

Would be interesting to see how this compares to XMPP or Matrix. Obviously the development costs something for each of those, but the hosting costs are spread out across each of those hosting an instance.

[–] u_tamtam@programming.dev 4 points 9 months ago (1 children)

Yup, that's a big reason why centralized protocols aren't sustainable. XMPP is 25 years old (which is older than almost anything else on the contemporary internet) and thriving. Unfortunately, judging by the cycle of messengers coming and dying, and people still being eagerly part of that, this isn't something that people value very much.

[–] helenslunch@feddit.nl 5 points 9 months ago

this isn't something that people value very much.

More likely something people don't even know about since no one is out there spending billions of dollars singing the song of XMPP.

load more comments (1 replies)
[–] pineapplelover@lemm.ee 8 points 9 months ago

They should do a charity stream event or something. Do Q&A stuff, get interest of more people, and raise money?

[–] visnudeva@lemmy.ml 7 points 9 months ago (3 children)

Are decentralised apps like element much less expensive ?

[–] Zworf@beehaw.org 9 points 9 months ago

The costs are distributed as there is not one single instance. Just like with Lemmy.

Although there is one huge instance on matrix (matrix.org), a bit like lemmy.ml here. But it doesn't have to be like that, they can close signups or discourage them similar to the way lemmy.ml is doing that now.

[–] amki@feddit.de 6 points 9 months ago (1 children)

The load distributes across more shoulders automatically.

If you only host a server for yourself and 10 friends it costs next to nothing, if you have a big operation it can get just as expensive, it depends on what you are willing to do.

With centralized systems there is no choice but for the one centralized host to host everything.

[–] visnudeva@lemmy.ml 4 points 9 months ago* (last edited 9 months ago)

Then is it better to use element over signal as decentralised apps may be more sustainable for long term use ?

[–] justJanne@startrek.website 3 points 9 months ago (1 children)

Element has the same costs as Signal. So far, Element has been lucky in being able to raise money by selling support contracts to governments or companies using Matrix, but even that isn't enough, which is why Element has been raising money for the Matrix Foundation for almost a year now (with little success).

load more comments (1 replies)
load more comments
view more: next ›