After over a decade spent creating Signal, Moxie has departed to focus on new efforts. As the founder of Signal, the work he did and the organization he built are the reason Signal exists. We are infinitely grateful. He remains a friend and a core part of the Signal legacy ❤️🙏
It is just closer to WhatsApp. What Matrix does, especially with regards to enabling true multi-device support, is quite complex overall and sometimes causes issues with keys for decrypting messages not arriving on all devices. Signal is more limited but it just works a lot better. Small but important extra: Signal supports fully encrypted voice and video chats.
Full disclosure: I personally also prefer Matrix because I use it with multiple devices. I don’t want to install desktop apps for these services and Element runs in the browser while Signal does not.
Being centralized isn’t the only reason, but basically yes. The concept behind the protocol is simpler because your decryption keys only ever live on one device. You don’t really have the entire trust (and key sharing) model for devices that Matrix has. Signal’s desktop app works very similarly to WhatsApp where your single main device needs to be connected at least intermittently for “guest” sessions to be able to send and receive messages. I haven’t used Signal desktop though, that was just the impression I got from it. Would make sense though because WhatsApp is allegedly borrowing from Signal’s protocol quite a bit.
Well for one thing matrix clients on mobile are…not the best. Element X is looking promising, but it’s currently still in beta. Element misorders messages and crashes often, and most other clients are not as feature complete. Whereas in my experience Signal tends to just work. Plus for the average person it makes for a dead simple drop in replacement to WhatsApp or iMessage. Yes, the phone number requirement has led to issues with governments just blocking the sign up SMSes, but that is a tradeoff they make for convenience.
Matrix also leaks more metadata in comparison to Signal (this is just how decentralization works).
Not to mention that the recent vulnerabilities seem to suggest (in my opinion at least) that matrix cryptography is not as battle tested as the Signal protocol.
Besides the observed implementation and specification errors, these vulnerabilities highlight a lack of a unified and formal approach to security guarantees in Matrix. Rather, the specification and its implementations seem to have grown “organically” with new sub-protocols adding new functionalities and thus inadvertently subverting the security guarantees of the core protocol. This suggests that, besides fixing the specific vulnerabilities reported here, the Matrix/Megolm specification will need to receive a formal security analysis to establish confidence in the design.
Real world example: The university I study at promoted matrix as a way for students to chat at the start of the semester, and pushed them to use Element. Practically no one uses it, but I’ve met a few people who do chat with Signal.
Meh, signal seems like a worse version of matrix to me, is there any reason to prefer it?
It is just closer to WhatsApp. What Matrix does, especially with regards to enabling true multi-device support, is quite complex overall and sometimes causes issues with keys for decrypting messages not arriving on all devices. Signal is more limited but it just works a lot better. Small but important extra: Signal supports fully encrypted voice and video chats.
Full disclosure: I personally also prefer Matrix because I use it with multiple devices. I don’t want to install desktop apps for these services and Element runs in the browser while Signal does not.
Ah, so, what it really seems to come down to is that since it’s centralized, it’s easier to make it work for everyone, no?
Being centralized isn’t the only reason, but basically yes. The concept behind the protocol is simpler because your decryption keys only ever live on one device. You don’t really have the entire trust (and key sharing) model for devices that Matrix has. Signal’s desktop app works very similarly to WhatsApp where your single main device needs to be connected at least intermittently for “guest” sessions to be able to send and receive messages. I haven’t used Signal desktop though, that was just the impression I got from it. Would make sense though because WhatsApp is allegedly borrowing from Signal’s protocol quite a bit.
You don’t need your main device connected to send/receive on the Signal desktop app.
Like, never ever? Could I turn off my main device for a month and continue using the desktop app? Can I even register new accounts on the desktop app?
Well for one thing matrix clients on mobile are…not the best. Element X is looking promising, but it’s currently still in beta. Element misorders messages and crashes often, and most other clients are not as feature complete. Whereas in my experience Signal tends to just work. Plus for the average person it makes for a dead simple drop in replacement to WhatsApp or iMessage. Yes, the phone number requirement has led to issues with governments just blocking the sign up SMSes, but that is a tradeoff they make for convenience.
Matrix also leaks more metadata in comparison to Signal (this is just how decentralization works). Not to mention that the recent vulnerabilities seem to suggest (in my opinion at least) that matrix cryptography is not as battle tested as the Signal protocol.
Real world example: The university I study at promoted matrix as a way for students to chat at the start of the semester, and pushed them to use Element. Practically no one uses it, but I’ve met a few people who do chat with Signal.