Alright, you make a convincing case that it's not tacked on and I'll give you the benefit of the doubt here. Unencrypted basically is just "dev mode".
Very glad to hear you patched up the hole with the unknown clients. Perhaps I'll try again down the line.
> Now, totally agreed that this UX is ugly and needs work, but this is NOTHING to do with the decentralised or federated nature of the protocol.
Well you have to design that dialogue that tells you new devices came on, right? And you have to deal with cases where some people accept a new client and some don't. And you have to explain to lay people what the heck an IRC bridge is. And so on. My point is just that you have a lot more things to explain to users, so you have a lot of UX work ahead that you wouldn't otherwise have. So I don't think it's unrelated. (Aside from the issue of explaining things, it's not particularly ugly actually, from what I remember).
> it's possible someone will fire up a buggy/malicious client and inadvertently compromise a room
I appreciate that you acknowledge that. It signals that you have things in perspective.
I actually think some people do consider freedom to be a security issue. They don't want Signal servers to go down, or get into malicious hands.
Also: Nothing strictly stops people from using rogue Signal clients either. There's just social pressure deterring it. By that same token, perhaps you could use social pressure to deter developers from lying about what client they are, and then have a vetting process for secure clients. And then warn users when an insecure one comes on. (And perhaps count web as "not recommended for especially sensitive discussions")
Anyway, thank you for addressing my points and accepting critique. I do hope to see you succeed.
Alright, you make a convincing case that it's not tacked on and I'll give you the benefit of the doubt here. Unencrypted basically is just "dev mode".
Very glad to hear you patched up the hole with the unknown clients. Perhaps I'll try again down the line.
> Now, totally agreed that this UX is ugly and needs work, but this is NOTHING to do with the decentralised or federated nature of the protocol.
Well you have to design that dialogue that tells you new devices came on, right? And you have to deal with cases where some people accept a new client and some don't. And you have to explain to lay people what the heck an IRC bridge is. And so on. My point is just that you have a lot more things to explain to users, so you have a lot of UX work ahead that you wouldn't otherwise have. So I don't think it's unrelated. (Aside from the issue of explaining things, it's not particularly ugly actually, from what I remember).
> it's possible someone will fire up a buggy/malicious client and inadvertently compromise a room
I appreciate that you acknowledge that. It signals that you have things in perspective.
I actually think some people do consider freedom to be a security issue. They don't want Signal servers to go down, or get into malicious hands.
Also: Nothing strictly stops people from using rogue Signal clients either. There's just social pressure deterring it. By that same token, perhaps you could use social pressure to deter developers from lying about what client they are, and then have a vetting process for secure clients. And then warn users when an insecure one comes on. (And perhaps count web as "not recommended for especially sensitive discussions")
Anyway, thank you for addressing my points and accepting critique. I do hope to see you succeed.