Signal is a messenger service. You can expire messages after a certain amount of time.

They ask for a phone number to limit bots. I used my Google voice number and it worked fine. I like Telegram which banned me after a day of use for using Google Voice.

It's not suspicious. It's been talked about for years. People know exactly what the phone number is used for. Easy discoverability, quick and seamless onboarding of new users by providing a way to bootstrap their social graph, and it being very similar to the process of the other biggest player that people just understand. And spam prevention. The phones are not leaked or used for anything else. The other alternatives exist and you are welcome to onboard the people you want onto them if you think it's simpler.

The code is open, if you don't trust other people and can't read the code to understand then hire someone you trust to validate the claims and assure you. But spreading FUD and saying it's suspicious is not productive to anyone.

1) I don't understand what you mean about discoverability: is my presence on the network advertised to strangers and spammers? That doesn't sound good. What does the onboarding process look like?

2) You still haven't said what Signal's advantages are supposed to be over alternatives, though I can guess some (e.g. better/more crypto than irc has). Jami seems conceptually ok, but buggy in implementation. Nextcloud Talk works but is kind of clunky. Matrix is popular though I've never used it: is it the main alternative to Signal these days? I thought it was what all the hipsters had migrated to while luddites like me were still on irc. Jitsi Meet looks nice though again I haven't explored it much. I've been puzzled for a long time that there is so much work in this area yet everything has deficiencies. Are there difficult problems to solve?

3) If Signal's code is open then of course I'd want to self-host the server. Can I do that? Does that get in the way of the onboarding process you mention? Where does the phone number come in, in that case? If I to use Signal's server, that doesn't sound so open, and normally there's no way for me to verify that it's running the same code that they claim.

I don't see where I'm spreading FUD. Ignoring a question and calling it FUD doesn't invalidate the question.

Yeah I'm on their Discourse forum, but the situation isn't that great, and it's unclear to me if the problems are fixable. Particularly when there are incompatibilities between version X and version Y, where both versions are already in the wild. You can't travel backwards in time to fix those versions, and this (like email clients or telephones) is an application area where you can't tell people to update their clients all the time. You have to keep things interoperable.

It's also often inconvenient to reproduce bugs like that in order to diagnose them. If you try to talk to someone over Jami and it doesn't work, you generally can't borrow their phone to analyze the issue. If you're one of the core developers, maybe you have access to a room full of different kinds of phones and OS versions to test with, but a typical user/contributor won't have anything like that.

Those are nice generalities but I think they ignore reality. Jami seems like sort of a side project to its developers. Bug reports often are answered with a suggestion to make sure everyone is running the latest version of Jami, which is often useless advice. Like if you try to call your friend with your new phone and the call doesn't complete, it's unhelpful for your phone manufacturer to say your friend should get a new phone. You might be interested in helping fix the problem but your friend just wanted to have a phone conversation and doesn't want to get dragged into a debugging project. It's even worse if the other person is not your friend but rather is someone you just met and exchanged numbers with. If you try to follow up with a phone call and there is a problem, GAME OVER. You permanently lose contact with that person. You can't possibly suggest Jami as a Skype replacement after that happens to you once or twice.

Another thing with comms programs in general is you really can't debug them with just one computer. Their whole function is to let two computers talk to each other, so you need two computers where you control both ends and ideally control the network as well, so you can insert delays, network faults, etc. If the Android version has trouble talking to the Iphone version, you need both kinds of phones. I'm not sure if Jami's devs really understand that. I've worked on telecom stuff in the past and it's just the reality of that field.

Yet another (I'm not sure of this) is that Jami is a peer to peer program so I suspect some of the problems revolve around firewall traversal gotchas of various types. I don't know if there is a cure for this while keeping the basic architectecture intact. I do like it in principle and I know that people get BitTorrent working reliably without too much trouble, so maybe Jami is just missing some trick.

Finally, Jami is pretty old and back in those days, people hadn't really thought about the subtleties of encrypted group chats. Signal does a better job, and these days there is a standard (RFC 9420) for how to do it (I don't know if Signal follows this standard). It would be good if Jami were revamped for that, but 1) that would break interoperability again, and 2) I don't know if it's workable at all with Jami's architecture (serverless, using a distributed hash table for peer discovery).

For now I've sort of given up on Jami and am trying to figure out what to use instead. It's unfortunate that the main devs don't seem to have that much interest in making Jami reliable. Randos like me capable of making small contributions can't really help much with more involvement from the experts.

read the history

Is there a url for the history? Or for a good answer about the phone numbers? If the topic keeps recurring and the answers don't satisfy people, that suggests that there is no good answer, and that there are possibly misaligned interests between Signal and its users.

That is a pretty weird post that doesn't make much sense, but I remember meeting Moxie and asking him about Android security and being surprised at how defensive he was about it. Is Signal the app he was working on? That helps somewhat. I get them confused with each other.

The Signal app doesn't appear to be on F-droid, which is a bit discomforting.

read a filename from the user

Honestly for something repetitive like this I'd suggest trying to avoid user interaction completely. It's probably better to get that info from the DVD drive itself (blkid -o value -s LABEL /dev/dvd), or if that fails assign a number.

I can use dd after running "lsdvd" on CSS protected DVDs.

I have no idea why it works.

Interesting. I didn’t know about it.

It’s clever, but they should have used this money to make discs more durable instead😇

You can get around it a few ways. Some are drive agnostic, some aren't. Also your drive might not be super affected by it. My dad's Sony AIO PC didn't have an issue ripping while a USB DVD drive I borrowed did.

Edit: the Sony AIO PC was also from 2012. It was running windows 7 when I did this.

It might be your reality but it’s clearly not mine.

I can’t tell you how many times I’ve rewatched Alien or Terminator.

So yes it’s true that I’m using Netflix more than my DVD’s, but I’ll watch a lot of these movies again for sure.

Also, despite the low resolution, DVD’s now have some kind of charm in their picture quality and it’s perfectly good enough for me.

But, of course, someone who doesn’t enjoy cinema the way I do shouldn’t be going through such a hassle.

Is a SSD's cache even about wear? I mean wear only happens on write operations. And I would expect a SSD to apply the writes as fast as possible. Since piling up work (a filled write cache) means additional latency and less performance on the next, larger write operation. Along with a few minor issues like possuble data loss on (power) failure.
And on read, a cache on the wrong side of the bottleneck doesn't do that much. A SSD has pretty much random access to all the memory, it's not like it has to wait for a mechanical head to move into position on the platter for data to become available?!

But I haven't looked this up. I might be wrong. What I usually do is make sure a computer has enough RAM and it is used properly. That will also cache data and avoid unneccessary transfers. And RAM is orders of magnitude faster, you can get gigabytes worth of it for a few tens of dollars... Though that might not be easily done on the more recent Thinkpads... I've noticed they come with a maximum of one RAM slot these days, sometimes none and it's soldered.

Woah their partner, major software developers have been having similar issues with accessibility for decades now. For instance the ability for the blind to deal with Windows if it crashes or errors out is pretty much non-existent.

nfb.org/sites/default/files/im…

Google isn't much better breaking accessability in the name of protecting content.

So I will have to respectfully tell you to get off your high horse.

Please read the article I referenced. Most of their gripes are also issues found in Windows. Also OP's article is clearly written from a constructive criticism point of view that I appreciate. Keeping software accessible is hard work and proprietary software is not some magic bullet.

I think you are taking this all out of context hence why I told you to get off your high horse. Apparently you decided to climb onto an even higher horse instead. You are not echoing anything but your rather alarmist perspective. See below for excerpts about Windows accessability.

"A concrete example of a product that simply cannot be used by the blind, but which is an integral security component used in employment situations, is Microsoft's BitLocker software, which provides full disk encryption. BitLocker requires the user to enter a PIN (personal identification number) before the full Windows operating system is started. While competing full-disk encryption programs have offered the ability to generate an audible tone that can be used to alert the blind user that information needs to be entered, BitLocker offers no such indication. Despite years of repeated entreaties by blind people for Microsoft to fix this problem, we have yet to see a version of BitLocker that addresses this issue. A blind employee who is required to use a computer with Microsoft BitLocker installed will be unable to turn the computer on and get it running—not to mention use it.

Microsoft SharePoint, a program used by many institutions (many of which employ the blind), is not fully accessible to the blind. SharePoint has been found to be so frustrating for the nonvisual user that a third-party vendor believes that it can sell an add-on solution to large enterprises (e.g., state or federal agencies) that costs as much as $12,000 for a single user license. If Microsoft's accessibility effort were working, a product that is as widely used as SharePoint would already be as convenient and effective for the nonvisual user as it is for everyone else.

There does not appear to be any user-experience research being conducted by Microsoft into improving efficiency for keyboard-only users, including the blind. This has already had a negative impact on keyboard-only users of the spell checker in Word 2013, which no longer provides accelerator keys to speed up the selection of options when spelling errors are detected.

Microsoft struggles to implement an API (application program interface) which makes it easier for screen-access software to get information about application states, messages, and controls. Microsoft Active Accessibility (MSAA) and User Interface Automation (UIA), two examples of existing accessibility APIs, have existed within the Windows operating system for many years, but they have apparently not done much to solve the accessibility problem. While I applaud the fact that Microsoft has worked hard to ensure that Windows Vista, Windows 7, and Windows 8 have worked with updated releases of screen-access software on the day they were released to the public, it must also be recognized that, in order for this to have happened, the screen-access software vendors (very small companies in relation to Microsoft) had to devote considerable resources to make this happen. It would be better if these relatively small companies could spend more time and effort coming up with innovations that improve the efficiency and productivity of blind users of their software.

Unlike its main competitors on desktop and mobile platforms, Microsoft has failed to provide built-in support for refreshable Braille displays to be connected to and used on its various platforms. This is particularly vexing for users who are both deaf and blind for whom refreshable Braille displays are the only way to interact with computer software. The Apple Macintosh and the Apple iPhone support a variety of refreshable Braille displays without requiring the customer to install device-specific drivers, and these products entered the market well after Microsoft began working on accessibility.

The maintenance, setup, and recovery of Microsoft Windows continue to be inaccessible to the blind. Consequently, there is an added cost in time and/or money to the blind user, who has to bring in (and often pay for) sighted assistance to install, upgrade, or repair a Windows system. This situation is unacceptable—especially given the fact that Apple OS X and iOS operating systems incorporate accessibility tools that enable the blind computer user to perform maintenance, upgrade, and recovery tasks without sighted assistance. Moreover, this problem curtails the ability of the blind to accept Windows system support jobs in information technology."