Sign in with Twitter


Moxie Marlinspike @moxie California, USA

146 Following   61,836 Followers   5,478 Tweets

Joined Twitter 9/24/09

@MartuhaLo I agreeWatching the intense videos of brave people taking to the the streets in Belarus, it's also chilling to notice that…
@c4i @csf_333 @notdan Is there something you don’t like about that? You’re sending a message to yourself, and the m…
@csf_333 @c4i @notdan Wait sorry I don’t get it, what is it you don’t like here?
@monsterlemon @withzombies @computerality More here:
@paul66766 Looks like SMS spam, not going through signal. If you tap the avatar icon for the sender in that chat, y…
In the US right now, people are not wearing masks while committing crimes. That's the situation we're in.
@mrkit2u The prompt is designed to be unobtrusive and easily dismissable, but do you have feedback on better ways to solve the same problem? @mrkit2u People will unknowingly disable notifications (or reflexively on install), and are then very frustrated wh… @aesdeluca @rainhardF @the_mullinator The purpose of this work is to enable non-phone number based identifiers. In… @ScPowell7 @eschipul We can say "it's your fault, you should understand the complexities of how all this works," bu… @ScPowell7 @eschipul To give you an example: if we have a 60 second outage, roughly 10-30k people reinstall in 60 s…
@VTeagueAus But with all the reflexive SVR critique here, it will probably be harder to get other organizations to… @VTeagueAus If you check out the plans for future work we outline in the SVR post, MPC is a part of that. First we… @VTeagueAus Problem with MPC is that there would have to be several other organizations that have the same resource… @Gustav_Fring @maettig Honestly I just don't think Signal is what you want. There are a bunch of ways in which Sign… @Gustav_Fring @maettig Just toggle the address book permission on Android or iOS. Or when you first install and it… @Gustav_Fring @maettig There is no "partial access" API supported by Android or iOS that I know of. You can use Sig… @Gustav_Fring @maettig Will be interested to hear if you find something that works well for you which does not invo… @Gustav_Fring @maettig You can also use Signal without giving it access to your address book, in which case it won'… @Gustav_Fring @maettig If you grant Signal access to your address book, it will use those contacts for private cont… @Gustav_Fring @maettig You seem to consider encryption of no value, in which case I can appreciate your position. W… @Gustav_Fring @maettig If you don't want Signal servers to have access to your ciphertext, even when encrypted usin… @Gustav_Fring @maettig I think the reason it's confusing for me is that you apparently consider encrypted data to b… @VTeagueAus Do you have suggestions for a better way to implement SVR without replication? @Gustav_Fring @maettig Signal servers process and store encrypted data for a lot of different functionality. Device… @Gustav_Fring @maettig I don't understand what you mean. If you disable PINs, SVR won't be used for anything. If y… @Gustav_Fring @maettig What is the question? Last thing I heard was that I "don't understand encryption," which I d… @geofurb If you disable PINs, you're disabling SVR. It won't be used for anything. @bajabanjo You can turn off reminders in settings if you don't want them. @MaxFactsB I think all the attention SGX is getting is great. Unlike other TEEs, a lot of people are looking at it… @AussieSamizdat Not sure I understand what you're asking. Signal doesn't have access to user data in either case. E… @eschipul That's the problem we're trying to solve, in addition to improving security for the majority of people wh… @eschipul This work is to enable non-phone # identifiers. Right now if you reinstall Signal for any reason, your me… @XwCypher Nah, there are no analytics or trackers in Signal of any kind. And since it's OSS, you don't have to rely…
@kuschku This past winter, a stranger on a flight asked for help enabling "airplane mode" on their phone. When they… @maettig @nonformality Signal can provide encryption, but if what you want is "no servers" or servers that don't ev… @maettig @nonformality Encrypted data is stored and transmitted through Signal servers, even without SVR, as I ment… @maettig @nonformality If you don't like SVR you can disable PINs in settings, but it sounds like you want somethin… @maettig @nonformality I see, unfortunately Signal needs to encrypt and transmit data in order to function. Your en… @maettig @nonformality Can you help me understand what it is that you're concerned about, and maybe I can answer yo… @maettig @nonformality If not then it'll use a local key on device for the sync process instead. @maettig @nonformality The attributes of contacts you communicate with on Signal are encrypted & synchronized acros… @Gustav_Fring Key management for which keys? Maybe I can point you in the right direction. All the protocol specs… @maettig @nonformality I'm not sure I understand. Private contact discovery has always been a part of Signal (eg.… @Gustav_Fring You don't have to trust me - everything is documented online, and the software itself is also open so… @SteBjoerne Can you help me understand exactly what your concern is or what you're trying to solve for? Private con… @Gustav_Fring I'm not sure what you mean. A 501(c)(3) has no equity, there is nothing to invest in. If you or anyon… @Gustav_Fring It's encrypted data, as with your messages, profile, groups, etc. But if you don't want it you can disable it. @SteBjoerne Not very well unfortunately! Tons of problems with multi-device consistency. @maettig @nonformality Signal is a free app developed as a 501(c)(3) non-profit, so we don't have customers. Our mo… @Gustav_Fring As of yesterday's betas you can disable a PIN if you don't want to have one. Give it a shot and let u… @Gustav_Fring Signal is a 501(c)(3) non-profit, so we have no investors. Our only responsibility is to build someth… @tavianator To link a new device you scan a QR, which includes the public portion of an ephemeral key pair. This is… @SteBjoerne The same data still needs to be sync'd across your devices, but if you remove a PIN it does that with a… @dncosta @signalapp We try to be as communicative as possible about technology we build for Signal. You can read mo… @kapsi_r Not messages, we're using SVR for synchronizing encrypted Signal contacts, block lists, settings between d… @Natanael_L @mlarkin2012 We mention that direction in the SVR post, but hard to find N other parties willing to spe… @mcflyhh Do you have other suggestions for how we should support non phone number based addressing, or are you sayi… @kuschku Hmm, honestly I feel the opposite. It would be the easiest thing in the world to make everything an option… @miketanderson You mean by trying to enable non-phone number based addressing? I think a lot of people just want to… @Megagator Seems like there could be something there! But the low hanging fruit (from what I've seen) does not seem… @tavianator The same data still needs to be sync'd across your devices, but if you remove a PIN it does that with a… @SteBjoerne If you don't want a PIN, though, you can remove it as of yesterday's betas. Please give it a shot if you want to help test. @SteBjoerne Technology has developed such that mobile devices need servers in order to function. Many actions withi… @Daniel_J_Stern You can disable PINs as of yesterday's betas. Give it a shot and help test it out if you can. @seanodiggity I still feel like we might be talking about different things. This work has nothing to do with message history. @RaphMim @tenacioustek Signal team members create a thread in the forum for every beta release, including changes /… @supersat Looked at it a little, but it seems like it would take a lot of work to productionize still, and that the… @seanodiggity Sure, maybe we can live with losing your message history, although plenty of people don't like that e… @seanodiggity If we're going to implement a feature, we have to anticipate what happens when people use it. The con… @mlarkin2012 @Magic_CAD Only one has affected our use of SGX. Another way to look at it is that all tech has bugs,… @mlarkin2012 We've tried to document things in a digestable format along the way: Lots of… @chr1xzy @axi0mX It does spaced repetition. The more often you correctly enter, the less often it asks. You can als… @seanodiggity You think every time someone reinstalls Signal, they should lose all of their contacts? The reinstall… @seanodiggity Hmm I think we might be talking about different things. We can make the transition so that people can… @okdistribute You can read more about how SVR works here: @mlarkin2012 SGX is only used for rate limiting in SVR. What are your suggestions for an alternate approach? @buffermet @andywingo @taviso I'm not sure I understand. What I heard from you is that you want this to be optional… @seanodiggity Your recommendation is that we continue to require phone number based addressing? @buffermet @andywingo @taviso First comment from me in this thread is that we're making encrypted storage of your s…
@jasongreen We've tried to detail the project as much as we can online, but it's difficult to convey complex concep… @EdgarArout For sure, and we've done a bunch of iterations around that: timing on spaced repetition, making the rem… @haroldsmith3rd Technology has developed such that mobile clients need servers in order to function. We can't chang… @iximeow It's often difficult to convey complex concepts in the five words of copy you can put into an app. We try… @seanodiggity SVR uses SGX for a rate limiter. It's additive: if you don't trust the rate limiter, you can set a BI… @danielgross Have you started making VPN investments yet? 😂...into a common basis for discussion. I almost wish there were some way that we could open up Signal user support… It is sometimes difficult for me to have design discussions with people who work in infosec, in part because of… can do that, and folks can take comfort that there are no analytics/trackers in Signal, but it can periodically… we got to the end of the rollout and it became a blocking flow, that's when we realized some people have been… there's copy we can A/B to make things less confusing, or how often people are looking at it, or what people'… whole project was a long rollout. To get everyone a PIN, we had a non-blocking "create PIN" flow that everyone… addition to being the basis for non-phone # based addressing, the other big benefit for most users is that rathe… goal with PINs is to enable non-phone # based addressing. Since that will mean your Signal contacts can't live… Building apps without analytics can be a challenge, and if we want developers to do that, we need to figure out… latter is obviously important, but it seems to me that we need to think about ways to contextualize those discu… is similar to a larger pattern I've seen where projects that make no attempt to provide privacy will never hav… interesting that some folks who see discussion around PINs conclude "switch to app X!" where X invisibly stores…