This last weekend popular encrypted messaging service Signal crashed for almost 24 hours. If you didn’t hear about it, you probably live under a rock – or at least dense foliage. The outage made headlines at major outlets like the BBC, Reuters, Forbes, CNET, The Verge, and many more. Before I jump into the negative analysis, let’s take a step back to see how we got here and why this is a good thing.
In January 2021, WhatsApp – by far the most widely used end-to-end encrypted messenger on the planet – began to let users know that a change was coming to the privacy policy. This change essentially boiled down to “we’re gonna share everything with Facebook.” As word of this began to spread (perpetuated by people who actually read the privacy policy), this began a mass exodus away from WhatsApp as users realized how invasive this would really be. Telegram was one major choice who experienced an explosion of users, but somewhat surprisingly Signal also became a top choice. This is perhaps because of Elon Musk.
On January 7, Musk tweeted “Use Signal.” Musk is a bit of a darling among nerds (I use that term endearingly, as I consider myself a nerd). Musk is a highly successful entrepreneur with a long history of innovation and achievement, particularly in the tech world. Perhaps you’ve heard of PayPal. According to Wikipedia, that was his third successful endeavor, but perhaps is the one that first made him a household name. From there he went on to found SpaceX – the private spaceship company – and Tesla – the electric car manufacturer – among other highly technical businesses. The point is, many people consider Musk to be a real-life Tony Stark. If he endorses Signal, that’s good enough for them (or at least a major plus).
Now it’s important to note that Musk is not a security researcher or cryptographer. I am not for one second implying that the guy is an idiot. He’s got bachelors degrees in both economics and physics, and he clearly understands business. However, in researching this article I found zero evidence that he has any kind of technology education. Once again, I’m certain he’s an intelligent guy. I’m sure his employees are happy to teach him whatever they know when he asks “how does this work?” or “what solutions can we come up with for X and why?” and he strikes me as the kind of guy to take matters into his own hands when it comes to things like understanding the tech in his own home. But again, he’s not a network admin. He’s not a cryptographer. He’s not a hacker. That’s not to say he’s unqualified to make suggestions. Implying that Musk shouldn’t make suggestions because of his lack of formal training is to imply that I’m not qualified either, and I can assure you that I am certainly qualified to talk about this stuff to an extent. The ultimate point is that Musk is not an authority on this stuff, and while his endorsement does count for something, it shouldn’t be taken as the gospel that many of his fans certainly took it as.
Regardless, between these two factors, the mass influx of new users to Signal began, and almost immediately so did the strain on the servers. And on the 15th, it finally collapsed. For the next 24 hours, Signal’s usability was intermittent at best, almost zero most of the time. I myself fell victim to this. I was able to squeeze off a quick text to my partner at 8 AM. By noon my partner had given up and we were talking on Element. By 2 PM, I had sent an email to my close family to let them know to contact me on Element or XMPP. When I woke the next morning, it seemed that Signal had finally become stable, though my partner reported intermittent issues throughout the rest of the day. So this is the silver lining in this story: millions of people unarguably just upped their privacy game! Exact numbers have yet to come out at the time of this writing, but despite the issues with both Signal and Telegram (and both have their issues, to be sure), tens of millions of people (possibly hundreds of millions) just moved off WhatsApp, and I think we can all agree that WhatsApp is significantly worse for privacy than either Signal or Telegram.
But this story showcased a major weakness in both messengers, though it showed most obviously in Signal. I’m sure many readers are screaming at their screens right now, asking how in the world I could possibly be saying it’s a good thing that Signal crashed. It’s not. It’s a good thing that tens of millions of people are taking their privacy seriously for a change. It’s awful that Signal crashed. And this might’ve been prevented with decentralization.
The largest issues addressed by decentralization are trust and stability. I don’t know if a decentralized format could have saved Signal this time around. I’m not sure Mastodon would be standing if almost a hundred million people flocked to it from Twitter, but I do know that if one popular instance crashed, there would still be hundreds to pick from. I could even start my own, if I had the resources. A decentralized system is a more stable system, and more resilient against attacks and censorship, as well as a sudden influx of users. Furthermore, decentralization offers users choice of trust. Signal frequently comes under fire for using servers provided by major, privacy-adverse hosting providers like Amazon and Google. Decentralization would offer a variety of servers, some hosted on mainstream providers, some hosted in some dude’s basement, some hosted by non-profits and other privacy-respecting measures.
It’s important to note that decentralization is not a silver bullet and I understand why Signal is so hesitant to go that route. Signal’s single biggest charm – in my opinion – is the sheer lack of ease in getting started. I often call it “insultingly easy.” Decentralization puts the responsibility on the user to do their research and pick a server that aligns with their values and threat models. Decentralization can also result in technical difficulties. I’m sure any reader who’s ever used Matrix for any period of time has had situations where the messages didn’t decrypt at first (or in some cases, at all). You also run security risks from admins who don’t update their servers or potential honeypots and other malicious actors. I firmly believe decentralization is the way of the future and must be embraced, but I admit it’s not as black and white as just doing it.
So what’s the takeaway here? Awareness. I love Signal. I use Signal. (At the time of this writing, I know that our writer Privacy Advocate is planning a major expose on Signal that I haven’t read, so maybe my tune will change by the time this comes out). But Signal is not perfect. No tool is perfect. They say that in testing times your true character shows. When you’re stressed, you snap at people. When you’re scared, you hide. When challenged, you rise to the occasion. Signal has been tested, and we have seen at least some of its true character. It wasn’t perfect. We should never let the quest for perfection lead us to “throwing the baby out with the bathwater,” as my mother used to say. But we should still continue to strive for perfection anyways, and hold people accountable when they fall short – not in a vicious way, but in a respectful way that realizes that we all benefit from improvement and we all make mistakes. Keep pushing for better. Now that we have firsthand seen the risks of centralization, it’s time to demand better decentralized tools and decentralization from better centralized tools.
Keep moving forward. Failure is only failure if you fail to learn from it. Let’s learn from Signal.
