It shouldn't just be limited to messaging. An internet where everyone can built a client against Facebook's API, or Youtube or what have you and users get actual choice and control about how they consume those services would be a big leap forward.
Or a wonderful leap backward, in the most positive sense.
In these days of proprietary wall gardens everywhere it might be difficult to remember, but earlier in the Internet that was how things worked. Every protocol was public, documented in RFCs and all implementations were interoperable (barrings bugs/etc, but mostly anyway).
Even a completely obscure protocol can be reverse-engineered given enough time - in fact if you search on GitHub you can already find a lot of client libraries for proprietary services.
The problem is that at the moment the platform owners intentionally detect usage of these alternative clients and ban their users or abuse laws such as copyright to block their development & usage.
Peer-to-peer communication in WhatsApp in the network topology sense happens where possible when making Voice and Video calls, as this is probably WebRTC-derived (it is WebRTC in everything else these days), which concretely involves some kind of call signalling, then p2p setup to talk RTP if possible. This is not Signal Protocol or Noise: it is most likely the S in SRTP with key agreement done over the Signal Protocol. In other words, no key ratcheting between voice or video packets. I'm actually not sure if the session key is ever changed for a given call. To make this clear: call setup happens via a central server but the media streams will go from your IP to theirs directly, if possible (or proxied via WhatsApp if not). The reason for doing calls p2p like this is where possible is to reduce latency.
This is also, last time I looked, true of Signal. We are good at end-to-end text. We are less good at voice/video, particularly voice/video group calls that might not be p2p-able and rather require the server to do something with the RTP streams.
Now, what you're actually missing is that WhatsApp was in its early days based on a fork of ejabberd, the Erlang XMPP Server, with if I understand correctly custom extensions. Thus WhatsApp actually was at some stage somewhat compatible with open standards.
We've also kinda been here before. Google Talk used to interoperate with XMPP just fine and at one stage my own XMPP server could talk to my friends on Google Talk and they'd pretty much not notice.
I agree however that it would be better to have a new protocol that starts based on end to end key agreement like Signal/Noise, rather than use XMPP. Or perhaps use XMPP _inside_ this protocol. This is because "opt-in" crypto is a disaster that probably has happened. Signal and Noise are also missing what the body of those messages should look like and standards for agreeing for example calls, media transfer and so on, basically all the non-crypto parts.
So, I wouldn’t assume it’s great for end users without digging into the details. Don’t forget the last time they did privacy regulations they created an unending wave of click yes to accept cookies.
PS: Looking at rapid downvotes I see people disagree, but mandatory interoperability would presumably force them to accept SpamNetwork101, SpamNetwork102 … etc.
WhatsApp replaced SMS as a free alternative with media. Sms is just a protocol. It is not necessary that a replacement is walled garden, especially not under the sole guise of spam protection - something that is being done very poorly anyway.
Depending in the specifics everything from Yahoo! Messenger to MMO chat either needs to get shut down or made interoperable.
And even if you for some reason don't want to restrict your requests, you'll probably still be fine - Gmail handles protects me from spam pretty well.
What do you love, what is missing?
Can you organize the chats?
Right now everything is running on their servers with god knows what IP addresses and from where.
So far I haven't been banned but I have had to reset my Facebook password once.
Instagram suddenly stopped working and I had to reconnect a few times.
So far WhatsApp is ok.
IMHO the iOS app is close to useless and I stopped using it.
The desktop app is where it's at and I'm only using that for now.
Edit: more subtle choice of words to indicate what I meant
- Implement a conversion layer from our internal representation so we can keep it stable.
- Complicate all further feature work because we have to consider how it will affect existing customers of the API.
- Write and maintain documentation for the API.
- Keep the API working even after we no longer use it.
- Maintain multiple versions of the API in parallel.
- Make sure our error messages make sense to people not familiar with our internal systems.
- Be more careful with validation - for our internal APIs it's not the end of the world if a bad request results in a 500 rather than a 400, but it matters a lot for public APIs.
- Be more careful with rate limiting and other defenses against API misuse.
And this is to name just a few. A requirement that everyone expose a public API is pointless if it doesn't include a stability guarantee, and overly burdensome if it does.
This isn’t a requirement that everyone expose a public API . https://www.theverge.com/2022/3/24/22994234/eu-antitrust-leg...:
“The DMA will force new obligations on companies deemed to be “gatekeepers” — a category defined by the legislation as firms with a market capitalization of at least €75 billion ($82 billion); at least 45 million monthly users; and a “platform” like an app or social network. Companies covered by this classification include well-known tech giants like Google, Microsoft, Meta, Amazon, and Apple, but also smaller entities like Booking.com.”
Also relevant: https://www.youtube.com/watch?v=rAlTOfl9F2w
> Included in the rules' scope will be platforms with a market capitalization of €75 billion or turnover in the European Economic Area equal to or above €7.5 billion. [0]
[0] https://www.politico.eu/article/eus-digital-markets-act-adop...
It’s hard for me to muster up even the smallest amount of sympathy for these vampires.
I expect this will take a decade to shake out as US tech firms work tirelessly to protect their spyware walled garden models.
What’s going to happen, if this ever goes through, is that the networks will open some kind of api so outsiders can send and be sent basic messages. And you will never be happy using it because you’ll always look like an outsider.
And there is no way to fix this because a big draw of these networks is that they keep adding new features and they are not in the old api so you can’t use them.
And of course it’s going to be a big source of spam so users will get the ability to block the outside from sending messages to them, which means you can’t reach half the people you want.
[arbitrarily deciding what is and isn’t allowed] Everything so arbitrary. Either allowing everything or nothing is not sustainable for anything on the internet so you need arbitrary rules to stop arbitrary things.
If you want a free, private, modern communication network, build it, don't steal it. In this case we are already very close to having a very nice solution in the form of Matrix. Throw some money and devs for things at Matrix/Element for issues we want to solve there. Push it as a government sanctioned solution. Offer services over Matrix, avoid WhatsApp.
These rules only apply to platforms with a market cap of over €75 billion or European Economic Area turnover of over €7.5 billion.[0] No one is proposing that we require single developers work with Apple and Facebook to make their apps interoperable.
[0] https://www.politico.eu/article/eus-digital-markets-act-adop...
There is no forcing necessary in other, imo preferred, scenarios. Like pushing Matrix. The solution, which uses the law to force a company will just block new attempts at creating similar but better products.
While I'm against walled gardens, I can see why these companies want to keep them closed. And if I'd work for e.g. snap, I would probably have this opinion as well.
Sawing off the branch you are sitting on is usually not a good idea.
iMessage's advantages are a feature of the Apple ecosystem. WANTING it to interoperate with Facebook or whatever is one thing, but legally REQUIRING it seems to me to be very, very dangerous.
> (fa) allow end users, business users, providers and potential providers of on line social networking services access to and interoperability with the same industry-standard service features that are available or used in the provision by the gatekeeper of any social networking services; minimum interoperability requirements shall be in accordance with the relevant Union legislation or the industry standard, where applicable, by providing open standards, open protocols, including Application Programming Interface;
Start using Matrix, we all know that the signup process could be easier (among many other things), throw some money and devs at the project with that specific goal. Start offering services over Matrix. Public money, public code. The whole world benefits.
[1] https://www.theverge.com/2022/3/24/22994234/eu-antitrust-leg...
https://matrix.org/blog/2018/04/26/matrix-and-riot-confirmed...
More importantly, who cares about Moxie's (imo crappy) vision? If this were to force him to rethink his stance, that's a plus in my book.
I realize now that Signal will not be affected, only very large companies will. Nevertheless I find your attitude very concerning.
Imagine you were him and you are getting issues filed from people using services the government forced you to build, or were even build by others but forced on your once clean solution. I'd say "screw you guys, I'm going home" (Build your own solution). And I'd agree with him. Where would it end?
From my point of view, the advantages of opening up these platforms outweigh the disadvantages for those who don’t like that.
The whole idea of this type of regulation is that it tries to do what’s best for the consumer, and the market as a whole, not not necessarily for the businesses behind it.
I don’t think he has he ambition to even get half-way there, and if he ever gets there, I expect he’ll be able to pay others to worry about that.
Try putting yourself in his shoes as the government contemplates publicly about how they are going to force some changes to the project you build based on your very private vision of privacy and subsequently made available for free to millions, based on your hard work.
I remember back when MSN/Windows Live Messenger used to be one of the most popular options out there. Even though I used Ubuntu, I could still chat with my friends through the Pidgin messenger. This was all possible through the XMPP interface, which still exists by the way.
It's not just that these new messaging platforms are adding no extra value, they are creating worse experiences, and we're buying into it. You now have to install half a dozen messaging apps just to keep up (WhatsApp, Telegram, Facebook, etc.) . And now we're suddenly talking about reinventing the wheel.
I assume it costs Meta a lot too, and so they reduce the quality of media flying around on WhatsApp.
Would others have to be able and willing to pick up these costs if the networks were opened up? I am thinking even if Apple/Meta were forced to open their networks, they would balk at subsidizing outsiders.
I am not clear what the backend costs and cost allocation would be, for example, if someone using iMessage sends me a 4K video to me and I am not using iMessage, and I am offline, but I will expect to see it next time I open up Pidgin on my laptop.
Which ones don't?
Short term thinking and focus on new shiny features over long term sustainability. It's a pattern we see repeated in many aspects of society, not just messaging. Combine this with network effects and it ceases to matter that a minority of people have the time and interest to think about the long term, the majority have already made the decision, and your choices are to either be left out, or participate. It's frustrating, but it's one of those things when a large enough sample of the population are living lives which have much bigger problems than messenger lock-ins.
tl;dr: stickers
You don't have to. If you say you're only reachable with apps that support XMPP then generally people who care about chatting with you will use that. That's what I have been doing since January last year when WhatsApp changed its ToS.
Surveillance is an area where there are still plenty of politicians who try to sabotage (digital) freedoms.
The thing is, there doesn't appear to be any way to know whether this is the case.
iCloud Backup was introduced in iOS 5, released in 2011. It escrows either message plaintext or device secret keys (depending on OS version and configuration) to Apple, encrypted with Apple keys (non-e2e) and readable to Apple (and the FBI and others, some of whom access the data without probable cause or a warrant under FAA Section 702).
WhatsApp backup backs up chat plaintext to cloud services (I think Google is the default), also non-e2e and readable to the cloud storage service (who often shares it with government snoops without a search warrant, also under FAA Section 702). They added an e2e option late last year but it doesn't matter if you turn it on because none of the people you chat with are likely to have it enabled (so all of your chats will be backed up in plaintext from the other end).
Further, the law should specificy that the protocol allows E2EE, and we have traction.
This needs to happen. Mandate interop and federation please.
[1] https://www.penguinrandomhouse.com/books/194417/the-master-s...
So, I think further revisions of this law will somehow need to take this into account.
They don't need to change law to address issues.
Specifically:
- article 7: Compliance with obligations for gatekeepers
- article 10: Updating obligations for gatekeepers and
- article 11: Anti-circumvention
Whether or not they succeed at improving choice and reducing centralised power over comms is up to dumb luck, mostly.
Step 2: So... the encryption your application uses doesn't work well with other platforms.
Step 3: Everyone must use this one kind of encryption for interoperability with our tracking ser... I mean other platforms.
Step 4. Hey, look at all the stuff these activists are talking about.
Step 5. Gulag for the activists
https://www.theverge.com/2022/3/24/22994234/eu-antitrust-leg...
On the contrary, the whole point of this law is to make it not just easy, but even possible for alternative messaging providers to compete.
Clearly they cant be expected to integrate with any 3rd party, so the expectation is that 3rd parties would integrate with them.
You can do this at present via their private API (as per pidgin, etc) - but thats against their terms of service. It seems this law will prevent them imposing such terms.
But they won’t do it exactly given their widely disparate privacy and security model. Unless some kind of an instant messaging standard surfaces.
As is, it would become another cat-n-mouse security theater in leveraging one IM provider’s API weakness to gain additional insight of a subscriber using another IM provider’s API.
