1. 13
  1.  

  2. 12

    I’m having a hard time understanding why Signal is being treated as a “private” solution, when it requires to submit a real phone number. SIM cards are tightly coupled with real name and citizen identification numbers, which is the ultimate goal of every identification technique. Well, some countries maybe allow buying anonymized SIM cards, but I don’t think it’s legal in lots of countries. Plus, the privacy policy of Signal contains this clause:

    Information we may share: Third Parties. We work with third parties to provide some of our Services. For example, our Third-Party Providers send a verification code to your phone number when you register for our Services. These providers are bound by their Privacy Policies to safeguard that information. If you use other Third-Party Services like YouTube, Spotify, Giphy, etc. in connection with our Services, their Terms and Privacy Policies govern your use of those services.

    Does that mean that they share the phone number with multiple third-parties? Maybe I misunderstand something, but it doesn’t sound very “private”.

    In other news, this article contains so much assumptions that something is bad, and something is good, without giving any rationalization why author thinks this way. This forces me to not treat the article seriously ;)

    1. 6

      Does that mean that they share the phone number with multiple third-parties? Maybe I misunderstand something, but it doesn’t sound very “private”.

      Your phone number is shared with their verification service. Your phone number is not shared with YouTube, Spotify, Giphy, etc..

      Signal knows you use their service. They do not know with whom you’ve communicated.

      1. 4

        The same reason people recommend Protonmail and Tutanota, which don’t comply with open standards like IMAP and the latter of which makes claims about things being open source when it’s demonstrably untrue.

        Hype, spin and assuming people are being fully open when their definition of what constitutes ‘fully’ can vary wildly.

        1. 4

          I think the phone number requirement makes a lot of sense, especially for email-related services. Abuse is rampant. I worked on a email-based support system (e.g. like ZendDesk) and we had people using scripts to keep signing up new accounts and spam until they hit the rate limits. It didn’t matter that we limited the number of recipients: they would just send loads of emails anyway. They just paid the €5/month to avoid the free-trail rate limits which existed solely to prevent abuse (using a stolen CC?) With really aggressive rate-limiting and limits I eventually solved most of the problem, but people still tried, and it still affected our sender reputation (although within manageable levels). The entire thing was no fun at all, and the more protection you have against abuse like this, the better IMO. This doesn’t just protect the service, but also (potential) scam victims.

          tl;dr: spammers are assholes.

        2. 8
          • Spam email, even not opened : 0.3 CO2e
          • A proper email : 4g CO2e
          • An email with long attachment : 50g CO2e

          i’m not really sure about these numbers.

          1. 10

            The carbon footprint of email are approximately

            Where I live most power is from burning lignite, which is about as bad as it gets - 1.17 tonnes per megawatt hour.

            4g of carbon emission would be 14 kj.

            End-to-end delivery of an email from fastmail to gmail takes about half a second (counting from when I hit send to when it shows up in the gmail inbox).

            To consume 14kj of carbon emissions in that half-second, you would need to draw 28kw! My local colo will, if you have a really fat wallet, sell you a 6kw line for an entire rack. Worst-case, the cooling for a rack that draws 6kw will use 4kw, and there’s embodied energy in the products, and a control plane, networking gear etc. Lets say a really full rack ends up using 14kw.

            I don’t think 2 full racks of servers running at maximum power are strictly required to send an email.

            I’ve been quite generous in this analysis - using lignite for power, inefficient cooling - and I still can’t see how these numbers could be within 3-5 orders of magnitude of reality.

            1. 6

              Two further comments:

              1. The “email with long attachment” is 12x more CO2; that’s some attachment! Given that this number is given just after complaining about “people put images in their signature” I feel it’s rather misleading.

              2. Email servers will run anyway; and the difference between the base power draw vs. maximum power draw in the context of processing emails is probably not going to be that great. While dealing with torrents of spam emails certainly increases the load significantly, it seems to me that an email with an image is unlikely to increase the power draw by 12x.

              Given that this person has their own hefty dedicated server for their blog and some projects it seems they’re not overly concerned about a few grams of CO2 more or less. The entire thing seems like a post-hoc argument to rationalize “I don’t like HTML email”.

              1. 2

                The “email with long attachment” is 12x more CO2; that’s some attachment! Given that this number is given just after complaining about “people put images in their signature” I feel it’s rather misleading.

                I can definitely see this. An average text-only email is ~4kb from what I’ve seen. Images I’d expect to see in email signatures weigh ~100kb. It’s a long way from 4kb to 104kb. 26 times larger emails would definitely use more energy to transfer. The question is, is the CO2 emissions dominated by the processing of the email, or the transfer, and I’m pretty sure it’s the processing. Though, even in processing some things like spam processing can use more energy for larger emails.

            2. 4
              • a web page complaining about email plus the resulting discussion: XXXXXXgCO2e

              I’m fairly sure about this number although I’m not convinced about the relevancy of these ‘CO2e’ stories - not about the CO₂ itself, nor about the estimates. It makes a lot of difference whether that mail is sent between two people in Sweden - where electricity is largely CO₂-neutral due to the extensive use of hydro and nuclear (still, the so-called environmentalists want to get rid of it) with a bit of wind added in - or Poland where coal is used for ~85% of power generation.

              1. 3

                As others have pointed out, these CO2 number are highly doubtful. Neither source nor methodology are given to back up this claim. But even if we believe the author, one important question remains: Applying the same methodology, what would be numbers for Signal? And no, I don’t buy that routing your communication through the central servers of a private enterprise makes it trustworthy in any way. It’s great that they open source both the client and server software, but you have to simply trust them that that’s actually what they’re running on their servers.

                In my opinion the biggest problem with Email nowadays is Gmail. And I’m not talking about the obvious privacy implications. I agree that email is kind of broken in that respect anyway, and that won’t change unless there’s a way of encrypting mail that’s end-user/non-techie friendly. I think the bigger problem is Gmail’s tendency to silently block mail from smaller providers. This, combined with their market share, is what breaks email for me.

                1. 1

                  I think the bigger problem is Gmail’s tendency to silently block mail from smaller providers. This, combined with their market share, is what breaks email for me.

                  with anything else, these practices would be instant-lawsuit, but spam is the ideal front for them, as everybody dislikes it.

                  1. 1

                    but spam is the ideal front for them, as everybody dislikes it

                    Which is why we need to switch off of email, onto a communication channel that has spam-resistance baked in from the get-go.

              2. 5

                Hello,

                I wrote that post and wanted to clarify some points.

                For the numbers, I’ve found them on three sites :

                https://www.independent.co.uk/life-style/gadgets-and-tech/how-bad-is-email-for-the-environment-a7555161.html https://carbonliteracy.com/the-carbon-cost-of-an-email https://www.theguardian.com/environment/green-living-blog/2010/oct/21/carbon-footprint-email

                It was probably an error to not check them better because the first link was from 2017 but the other ones were older and maybe some improvement has been made since.

                On the signal part, it’s just that people around me used Whatsapp a lot. Moving from Whatsapp to Signal is still better. Of what I’ve read they do some work to remove the phone number and use just a nickname. Dunno exactly where they are about that. The giphy part was also a privacy concern since it’s a 3rd party service.

                I should have been better checked facts …

                Sorry for that and lesson learned.

                1. 1

                  I read your post, and I liked it. I wasn’t clear on why you dislike HTML emails. Edit: I did some thinking, and I came to agree on this point. emails are letters, not websites

                  1. 2

                    @binyamin Ah thanks !

                    I don’t like emails in HTML because the email should just be in plain text and have a link to their website with that page actually… and the second reason is because I use mutt … and sometimes you got email with crapy HTML like this one :

                    ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ http://click.e.odigeo.com/u/?qs=daeacdb6679ec88c461f91321f2197852351893baf9a

                    How could you even send that kind of content to people … They should keep those pages on their websites IMHO

                    1. 1

                      Actually, you don’t see it because there was like more than 10 lines of “zwnj;” HTML tags …

                  2. 1

                    Thanks for the clarification. Yes, recommending Signal over Whatsapp sounds like a good idea.

                    1. 1

                      Then the all thing is to write … I started the #100DaysToOffload challenge and the main goal was to write something I thought it would be a subject that could be interesting to talk about.

                      Indeed my research was a bit flaky and I should have done better … but hey nobody is perfect and I’m certainly not too.

                  3. 4

                    Is there a rant tag?

                    1. 3

                      Yes, there is. I have suggested it.

                      1. 4

                        Nice, thanks!

                        I just saw the “suggest” link.

                    2. 2

                      when i saw the title i figured it was going to be a rant against the new ‘Hey’ email service from the rails/basecamp folks… i was kind of looking forward to that.

                      1. 2

                        I was wondering if we could solve this by having pointers and content in email where previous emails are included only as a pointer.

                        1. 5

                          There is the In-Reply-To header, which any decent mail client will use to reconstruct the thread structure.

                          1. 3

                            There is a Message-ID header, at least in theory.