Many "apps" from WhatsApp to Zoom are treated as public spaces by citizens. But, legally the app-space is closer to a private space. This creates a mismatch between reality and expectations. (Zuckerberg can delete his chat history and you could not until Europe passed legislation forcing Facebook to do so.)
I suffered the "Windows only" of gubernamental applications that excluded Linux users from using them. I see a new wave of iPhone/Android apps, WhatsApp/Twitter official accounts, etc. creating the same monopolistic synergy where the government decides what apps the citizens have to install and what Operating Systems to use. The abuse of monopolies is not fight against but government officials take sides and choose which monopolies to grow.
Finally, a point missed in the comments: WhatsApp is an American company. The misalignment between Europe and the USA has grown the recent years meanwhile the technological dependence of Europe towards the USA has increased. That will not end well. The USA is in a position to shutdown all the technological infrastructure of Europe (AWS, Google, Facebook, Azure, ...) and to openly spy its citizens. When the two blocks were in more friendly terms that was seen as acceptable, today that is creating an uneasy feeling.
As an European citizen I do not feel safe with such an American oversight of my private and job-related activities. And, this is the most important point, when citizens feel threatened they will react or over-react to the situation. The USA has not been a trustworthy partner for some time. And ,the rise of TikTok and other Chinese apps are bringing that fear to public attention.
The solution is trivially easy and has existed for long: open standards. Mail has been around as long as the Internet and proven its value, the same applies to the World Wide Web. The only reason for the rise of apps is that companies see them as a good way of lock-in customers, gather data and increase influence. All that reasons are bad for the economy, for the freedom of countries and individuals. Open standards should be pushed as a leveling field for competing companies, as a form to increase freedom of expressions and communication and to avoid single-points-of-faiulre that risk big parts of the economy.
I hope for a return to sanity and open standards. The alternative is heavy regulated monopolies, no government is going to allow this situation to go for long, like the telecommunications industry. And, that does not work so well.
I wish I had more than one upvote, this capitulates perfectly my feelings on the situation.
I see the same sentiment echoed in our American friends w.r.t. Chinese spying. Huawei is dangerous and must be stopped, but the NSA having broken encryption a bunch of times, sending NSL's to chip makers and such is fine.
And that is not seen as hypocritical.
We as Europeans have no technological industry without the USA, and the USA has done nothing to assuage fears that they will backdoor everything they can without remit.
In fact, it's not only that we have no technical industry; it's that we actively pander to it and lock ourselves into it in perpetuity, ensuring that in a given future where we desire some level of independence that it will be as painful as possible.
"Chrome only" is the new "IE6 only" and services only accessible via Android/iPhone apps are a part of it too.
Plenty of European countries are complicit in similar acts of their own, and many more tacitly assist. I don't think many deserve being painted as a victim of this situation. There's an article right now on the FP about the Netherlands helping GCHQ break Argentinean encryption.
In any case, I think the hypocrisy makes sense if you consider that the people saying this are from places (the US + close allies) that probably, all things considered, benefit [EDIT:] more than others by government privacy invasions. The goal of these governments is presumably to further their own interests at the cost of everyone else's. Why else do several of these allies willingly sign up to trade information with the NSA?
EDIT: "more than they are harmed" => "more than others"
I'm sure European governments love all the press that the US gets for this kind of stuff because it draws attention away from them. A lot of Europeans seem to know more about wiretapping in the US than in their own country.
A 5 minute search will bring up lots of examples. These are a bit old, but I can't imagine any powers have been removed since the laws have been passed. (I apologize for the tone of some of these articles.)
[1] 2003 Italy and the Netherlands top wiretap chart
76 and 62 wiretaps per 100k citizens, compared to 0.5 in the US (you could make an argument about the uncertainty in that measurement).
[2] 2017 New Dutch law allows law enforcement to digitally wiretap your friends and family to get to you
"Netherlands Senate passed a new surveillance and data mining law. The new law (available in Dutch) expands the government’s targeted and mass surveillance powers and were first introduced in 2015."
[3] 2007 Dutch Law Threatens to Wiretap Family and Friends
"The legislation under consideration allows for much more generalized information gathering—or “bulk” monitoring"
"And since The Netherlands is a major hub for the fiber optic networks that carry huge amounts of information from many different countries, including the United States, the new law would open the way for the Dutch services to suck in communications that U.S. law might prevent the American intelligence agencies from tapping directly."
[4,5] 2011 German politician reveals six months of private mobile phone data
> I don't think many deserve being painted as a victim of this situation.
Especially the least educated individual users are largely victims of this situation. Any who could possibly educate themselves further are proportionally less victimized and more complicit/approving.
Open standards are the answer, and the more individual demand we can create for these products and services, the better served we will find ourselves.
> There's an article right now on the FP about the Netherlands helping GCHQ break Argentinean encryption.
EU<->EU cooperation is different though than US<->EU cooperation.
I will very much agree though, that GCHQ has been in bed with NSA for far too long and it's disgusting.
But I think there's a clear delineation between: "Our government does shady things" and "Another nations government does shady things, and incidentally we're entirely dependent on them not to do it to us".
This actually preceded the EU as it was during the Falklands situation, and I don't think EU<->EU cooperation is inherently different if interests are misaligned (which has happened many times between EU members), or if a country (e.g. the UK) chooses to leave the EU.
I was hoping to at least illustrate that European countries (particularly EU countries) have for many years gone out of their way to invade the privacy of foreign citizens when it benefits them, just as the US feels free to do so today. I don't support this in either case, and rereading my initial comment I made a quick edit that I think makes this a bit more clear.
My point is more that if we're going to claim that certain countries are the victims of US surveillance, the countries that opt into cooperating and benefit more often than not really shouldn't be at the top of the list. The US and most western European countries (or certainly those which cooperate with the US) do not see each other as their foremost adversaries, which I suspect is why both seem to willingly sign up for this cooperation. I would instead suggest that the victims of this relationship are limited to third-parties that don't have anything to gain but are still vulnerable to these extrajudicial privacy invasions.
EDIT:
> But I think there's a clear delineation between: "Our government does shady things" and "Another nations government does shady things, and incidentally we're entirely dependent on them not to do it to us".
Maybe I'm misinterpreting, but this sounds to me like it is an attempt to justify the hypocrisy you alluded to in the initial comment.
if I seem like I am hypocritical then it is because I don't scan these things as being the same at all.
Cooperation is very different from dependence.
The rest of your comment seems to assume that I'm talking about "bad things that we do to each other" and I'm not really talking about that at all, merely our dependence on a foreign ally that has unclear motives.
Here's some things that I consider to be true:
1) Our intelligence services are in bed together, that's bad.
2) Our governments are blindly allowing (or in some cases supporting) monopolies of other nations industries. That's bad.
3) Our countries are both victims _and_ perpetrators, there's no black/white divide here. But our peoples will be worse off.
4) We're taking on a debt that has a very high interest later.
I don't think cooperation and pooling of resources is the same as pinning an entire section of society on another country.
For a concrete example, imagine that we're pretty friendly with Germany, we decide to let them be our postmen, they carry all post for us. Eventually we don't have the capacity to deliver mail anymore, the logistics are completely lost on us.
The Germans open our mail, their government "allows" it, and there's nothing we can do because the post is somehow routed via Germany and not our jurisdiction anymore. We do nothing, because we trust the germans, maybe a stern warning, maybe certain mail has to be routed in-country. But the Germans say that this is stifling industry.
Later, Germany invades poland, all our postmen are German, all the trucks are German, all the infrastructure that depends on post is German.
You might argue that this is absurd, but this is how I see the situation with the USA.
> I will very much agree though, that GCHQ has been in bed with NSA for far too long and it's disgusting.
It's wider than that. It feels like UK politicians have always been the loyal pets of US presidents/decisions/agendas, and that is more obvious when EU has a different approach, and the UK just moves on its own. UK has been in bed with the USA (practically USA's little pet) for a long time now. Jean-Claude Juncker said (and apologies, but I cannot find the quote) something along the line (regarding the Brexit-divorce) that "it wasn't a very good marriage to begin with".
UK is the foothold of USA to disrupt a strong, united Europe. I say good riddance. This hurts me since I love the UK (but not what it stands for lately) and I am making my living here, but this shitshow has to stop.
I sincerely hope that Boris won't burn the country down. So far he has done a pretty bad job all across the board (COVID deaths per 1mil, economy, Brexit 'negotiations'-hahahahaha).
He's a true reverse Midas!!! He touches gold, it turns to shit.
Yes, "Chrome only" is bad, but the web, open standards, and open source are the solution to the problem being discussed, so putting Chrome in the same bucket as IE6 seems quite backwards to me.
I interpreter the Huawei example quite differently than you.
In attacking Huawei, the U.S. is using it's tech power to further it's economic and geo-political ends. There are, of course, legit reasons to be concerned about Huawei but Trump has made it clear that the attacks on them go away if he gets a trade deal he likes.
The ironic thing is that this is their primary nominal concern about Huawei in the first place: that its close ties to the Chinese government and pwa suggest it would be used to further their interests rather then simply pursuing corporate interests.
>The USA is in a position to shutdown all the technological infrastructure of Europe (AWS, Google, Facebook, Azure, ...) and to openly spy its citizens
OK, and what can we do about that?
We build our own successful cars, we build our own successful planes but it seems like when it comes to building highly scalable world dominating software we are powerless even though our universities churn out tons of talented CS engineers and researchers.
What does the US do right that we do wrong here? Besides paying our devs worse.
> What does the US do right that we do wrong here?
I have worked for a number of really successful Swedish software companies, all of them have been purchased by American companies. From Skype to Candy Crush, all companies are owned by USA corporations. USA is a rich country and has accumulated enough wealth to buy any competing economy.
China, when it comes to technology, has created an extremely innovative environment and growth local talent beyond what Europe can dream. (Before anyone complains about China "stealing" American technology, just remember that most of American technology was "stolen" from Europe after WWII. Except, that sharing technological advances should not be seen as stealing but as global collaboration for the improvement of humankind).
Just to make sure that I am not misunderstood. I do not think that the USA has done anything wrong, I just think that Europe, until recently, has not been in a position to compete with the USA. Not even Germany, one of the biggest and one of more successful economies in Europe, can compete with the USA as a whole. Europe failure has been to not unite and align their positions. A divided Europe cannot compete internationally, that is our fault. Internal-country markets are too small to create a software industry, or a film industry. Only aviation and car manufacturing have growth thanks to a heavy government intervention that forced a consolidation and shared efforts at European level, showing that the approach works.
USA and Europe should be partners, a week European Union will not be relevant in the world, a divided European Union would individual states up for grabs for other international powers (UK probably by the USA, southern regions have seen China investment increasing and Russia maybe temporally incapacitated but sooner or later will come back).
So, I believe that Europe has done some things poorly, event that also had done great things, as keeping one of the higher standards of living in the world. The current pandemic is creating a re-thinking on how countries interact between them. Isolation is not a solution, not even for China, and I hope that we do not get there. But, we need to find a way that each region can protect its own interest while sharing its wealth and knowledge with the rest.
> What does the US do right that we do wrong here? Besides paying our devs worse.
The reason there is really no cool tech firms in the EU is because the EU economic policies make them impossible.
Working for a startup is an extremely risky decision. As a top engineer, you get shitty pay, and a really good options package that in most cases ends up being worth nothing because most startups fail.
In the US, however, if your startup cashes out, you end up rich. This is not only a life changing experience, some of these rich top tech engineers end up creating their own startups afterwards with the money they make, which perpetuates the cycle.
In Europe, if as a top engineer your startup cashes out, you only end up marginally better than if you had had an 8-5 job at BigTech (Google, Apple, Microsoft). Almost 50% of your cashout goes away in taxes, and the rest barely compensates the bad paid you got the last 5-10 years of your life, and if you take "worked hours/week" into account, quality of life, and risk taken, the value proposition is just a joke.
Startups already have a very hard time flourishing with top talent. Europe makes it almost impossible for these to attract top talent, so that's why you don't see as many unicorns here as you do in the US.
This doesn't mean there aren't any startups in Europe. There are. There are just much fewer than in the US, have an even lower success rate, and a less qualified and risk-friendlier employee base.
Source: my own personal experience job hunting in Germany, for many US startups operating here, where most of them actually try to offer BigTech salaries without option packages because they know option packages do not make sense here.
>Working for a startup is an extremely risky decision. As a top engineer, you get shitty pay, and a really good options package that in most cases ends up being worth nothing because most startups fail.
How about structuring it differently? If you e.g. don't receive options but actual shares? Hold those shares not by yourself but via a shell company. Then you never pay income taxes. Since you are in Europe, look up the successors of the current Double Irish.
> If you e.g. don't receive options but actual shares?
Everything your employer gives you as part of your salary is subject to the salary tax. Whether your employee gives you options or shares, doesn't matter, you need to taxate them, and that requires assigning them a value.
If your employer gives you options, you can only exercise them when the shares you buy have a value (via an IPO, acquisition, etc.), so you pay taxes on the value when you exercise them - verifying this value is trivial for the tax office (check purchase price of shares, IPO share value, etc.).
For publicly traded companies, if your employee gives you shares, you pay taxes when you get the shares on the value of the shares on the day that you got them.
If your employee gives you shares from a private hold company, those shares have no value until the company gets public or acquired. You'll taxate them not on the share price that the share had when you got them, but the one it has when it went public.
> You'll taxate them not on the share price that the share had when you got them, but the one it has when it went public.
Imagine getting 1 million euros in shares, that you want to hold on for a couple of years because you believe they will be worth 10 million euros then. Well, to do that, you need to first pay 500k Euros in taxes (where you get them from is not the tax office problem). Then, if the stock goes from 1 to ten million, you need to again pay taxes on the 9 million win that you made (25%).
Opening a startup in Germany, Italy or Spain means enter a world full of bureaucracy and complicated rules: you need enough money to start and an accountant hopefully knowing their stuff.
Taxes are so high that you will likely struggle (or just close) the first two years and you will eventually start accumulating tax debts. Errors
On the other side, some european countries came to rescue with some smart solutions — like the Estonian e-residency program.
Not in Sweden. To start a limited liability company here you only need 2500 euro and no accountant and Swden does have plenty of successful tech companies, it is that the US tech giants tend to buy them out.
I own two tiny companies, neither of them which has an accountant.
That's for a GmbH [1] where you create an independent legal entity. Actually it's 25k and almost 1k in legal fees. Though, you only need an accountant if you have millions in assets or plenty of employees. [3]
However, that's for an independent legal entity. If you want to start a business, you can simply register a business, even online [2] for about 25 to 100 euros. If you don't have wealth to protect you don't need a legal entity anyway.
[3] Actually you can buy an old, empty, GmbH for about 5k but then you lose those 5k instead of having them on your balance sheet like you do when you start your GmbH with 25k.
> However, that's for an independent legal entity. If you want to start a business, you can simply register a business, even online [2] for about 25 to 100 euros. If you don't have wealth to protect you don't need a legal entity anyway.
I'm not sure I follow. If your startup isn't even an independent legal entity, AFAICT you can't pay your employees with equity (e.g. stock options).
If you could, the risk would be super high. If the startup is an independent entity and the CEO screws up (e.g. goes to jail), you can replace it. But if it is a completely private business owned by one single person and that person doesn't want to be replaced, then whatever equity you had is now worthless.
You are right. I just wouldn't see those points as essential problems:
* If you have co-founders, 25k shouldn't be a problem if you pool your money. A group of people who have worked for some years should have that much money or I would fear that they cannot hold budgets for the company
* If you have employees, 25k is a month or two of their salaries. You are dead in the water if you don't have that amount of money in advance as a buffer
* If the CEO owns something like 90% of a GmbH and he screws up, his 90% go to whoever has to be compensated. There is no fundamental difference to him owning everything. If you are an employee, then you better start your own company with your colleagues, even if it was a GmbH. If you are an investor, well, start anew. You have spend less than 25k or this would have been a GmbH.
> You are dead in the water if you don't have that amount of money in advance as a buffer
In Germany, yes.
The people that usually have the high-enough risk tolerance to build a startup are usually broke college graduates. For a group of 3 broke college graduates each with 10k Euros in debt from BaFoG, coming up with 25k Euros just to try an idea that in the vast majority of cases will not succeed is pretty much impossible.
I finished my masters in germany debt free with 22 years old. The first time I got 25k in the bank was when I was almost 30, that's after working 7 years full time as an employee.
My risk tolerance at 30 is completely different from the one I had at 22. At 22 I could have "lost" 1 or 2 years building a startup that fails, living with 500 Euros a month or less in a shared apartment with my university buddies, waiting tables to pay the bills in between, no problem.
But now that I have 25k ? There is no way in the world I would quit my job to start a company. I have a family that depends on me, and other things I can invest those 25k in (car, house, pension fund, ...).
If you want fresh and broke college students with nothing to do to attempt a moonshot, those moonshots need to be almost free. Only 1 out of every 10.00 or 100.000 moonshots will land your country a profitable company, so you need to have a lot of them.
Requiring people to come up with 25k euros upfront is nuts. If you already had a couple of moonshots succeed, and each moonshot created a generation of 300 millionaires like it happens in the valley, then chances are that some of these risk-friendly and nostalgic millionaires will sponsor some of these startups is high. But Germany would need to somehow create that ecosystem first.
This is all valid if you need a GmbH. But if you are building a website you can do without. Which risk do those students take that cannot be stomached?
On the other hand, since you have 25k, where else but in your startup can you invest your money and expect high profits? If anything, your family does not only rely on you but you can rely on your family to start a company. Your children depend on you showing them how to take risks and be successful.
> This is all valid if you need a GmbH. But if you are building a website you can do without.
If you are doing that alone sure, but if you need to hire people and only have equity to pay them, things will get sketchy quickly without some kind of legal entity.
> On the other hand, since you have 25k, where else but in your startup can you invest your money and expect high profits? If anything, your family does not only rely on you but you can rely on your family to start a company. Your children depend on you showing them how to take risks and be successful.
High profits are the reward for high risk, and high risks do by necessity materialize very often - otherwise they wouldn't be high.
Also, high risks aren't necessarily rewarded with high profits - there are many risks that just aren't worth taking.
Those are the true lessons for the children: assess the risk, asses the profits, and decide whether taking the risk is worth it _for you_. Every person is different and has a different risk tolerance, there is no right answer to the question of whether a risk is worth taking.
A 25 year old joining a startup is taking a smaller risk than a 30 year old simply because they are investing less (their time is worth less, they have less to lose, etc.). The profits are also higher for a 25 year old: 1 year of failed startup experience at 25 can have a huge impact on your human capital long term - if you are a manager at 30, and jump to a startup that fails people will just think that you hugely miscalculated a risk. That might actually hurt your human capital.
There are legal forms to share a company that are not a GmbH but come with personal liabilities. There is also always the option to use an English Ltd or that Swedish form.
>there is no right answer to the question of whether a risk is worth taking.
I tend to disagree. Multiply the risk with the expected profits. Unlike extreme sports, death is not part of the outcome unless you invest in drugs. It's not about thrills and crossing boundaries. If the expected profits are the highest, a risky investment is the reasonable choice, no matter the size of the risk.
Regarding the age, a 25 year old has the most to lose. Until 26 or 27, the brain has the biggest capacity for development. Wasting those years on something profitable but non-educative is a waste of potential. On the other hand, most successful companies are created by older founders because they have the experience and network to be able to succeed.
The 30 year old manager on the other hand hasn't even reached the middle of his life. What if he runs a project in his company that fails? Will he have to prevent mistakes at all costs? Will he ever be able to manage instead of having to cover his ass for further 30 years? By focussing on what he could lose, he is wasting all the opportunities in his life. People who think like that shouldn't start a company.
High profits don't come from high risks. As you say, if you only have the option between high profit, high risk and low profit, low risk, then it is all about risk preference. However, it's all about information asymmetry. Once you know a market and you see an opportunity, that means the risk is lower or the profits are higher than any other market participants assumes.
We pay devs worse because software is a complete aftertought, and the guys who produce it therefore are not seen as adding much value, if any. Meanwhile, the "software is eating the world" memo is almost 10 years old yet nobody this side of the pond got it.
Fix this mindset (good luck!), which is the real issue, and dev wages will correct themselves too.
I never felt I was earning worse than on US, while enjoying my 30 days vacations, home office, unemployment support, health insurance and having a privileged life above many of my friends in "regular" (non-IT related) jobs.
In the US, so many jobs, in so many industries, pay a complete pittance. It's one of the least regulated economies and people are seen as a fungible asset, hired, laid off at a company's convenience (in many states), and paid literally as little as possible. And yet, in this bizarro (for Europeans) world, devs are often paid a small fortune.
That's not generosity.
That's because they are recognized as bringing huge value, otherwise they would never be offered anywhere near those amounts of money. Europe just won't get it, therefore Europe is going to remain behind.
> Everything else is lost in US with immediate job termination, no thanks.
This doesn't matter when you save $60k/year from your $250k FAANG job. Job termination just means a long, fun vacation before you look for your next thing.
Also the idea of people get fired in IT jobs in USA at the drop of the hat is also bit of an exaggeration. Just look at how Airbnb and Uber are handling it.
"Affected employees will receive a severance package, which includes a minimum of 10 weeks pay and health benefits through the end of the year" [0] and their average senior software engineer is making 345k a year [1] so a minimum of 66k on average.
Nobody is talking about being rich but if you look at house prices in the major European metro areas or tech hubs, they're out of reach even for devs while that's not the case in the US.
By having a 30 year long credit and not going over the roof with their choices.
Meanwhile as described by Lehman brothers fiasco documentaries, multiple American families went totally bankrupt with their multiple mortgages over their houses.
Except that as a FAANGer you earn enough to own your house in full in 10-20 years and retire early, while as a dev in Europe's strongest economy you're basically a neofeudalist slave to your bank and employer way into your 60s(if anyone will still hire you then). Really nice.
Just because some people in the US made bad financial choices with property investments(some Europeans also did the same) doesn't change the fact that US tech workers earn way more than Europeans, cost of living adjusted.
I dont think it's that level of job that determines which economy became dominant. The US had policies friendly towards huge capitalist projects and funding that allowed for companies like facebook and google to form in the first place and reward immensely the people that took the risks to make that happen. You get as a result huge wealth inequality, but also huge concentration of international power since that's what you incentivized from the beginning. For the average worker its probably better to be in a country with worker protections, lower inequality, less concentrated power, etc. But that same system doesnt lend itself to creating multinational dominant corporations as powerful as many nation states
I have experience across Germany, Switzerland, France, Greece.
It is not the legal minimum, usually around 22, but you can easily negotiate it.
Back home, in Portugal, 25 days.
Ah, and if manage a position at a research institute like CERN, you can up it to 45, because usually they close around Christmas and it doesn't count for vacations.
1. Stop putting college kids with a bachelor degree in business in charge of software development teams. "Management" is still seen as something very 'fancy' in Germany. Being "a manager" carries a lot of weight.
2. Allow Engineers to advance without forcing them into management. A lot of very talented engineers in Germany are forced in mediocre middle management / product owner positions as the only option to gain some more influence.
It tends to be a fabrication of people miscalculating. You look at the total income sum "Wow!, 120k is twice 60k!" and you judge based on that.
It's similar to items appearing cheaper in the US because they do not include taxes, salaries "the sum" does not accurately reflect the quality of life. The number is higher but it doesn't reflect purchasing power accurately.
It's hard to explain, but I did these calculations a whole bunch of times because I keep considering moving to the US, but ultimately it comes down to:
A) Having a huge benefits package (which is not optional for an employer to avoid paying out for in the EU, especially Scandinavian countries)-- this includes insurances for loss of employment or sickness, but also pension contributions which are actually illegal to avoid in most European countries (5% matching contribution being pretty standard).
B) QoL differences up to and including healthcare, paid vacation time, paid sickness leave and paid parental leave. (from 2w-480d depending on country)
C) Childcare.
D) Taxes (and an accountant's time to file them on your behalf, this is assumed to be a minor cost)
Ultimately I did the math, and I'd have to dig it out again, but unless you're 20-30, very healthy, childless and a low-risk taker that enjoys driving: it is unlikely that you'll be better off working in IT in the USA.
Obviously there's 10x developers who would out-earn me there though.
If you want to earn large sums of money in a European country, that can still be done in Ireland or Switzerland.
FWIW: in my calculations 120k USD in Los Angeles was roughly equivalent to 55k EUR in Stockholm (50k SEK/mo)
Objectively, pendantically, you’re right. The actual sum of money being paid to you the employee is higher.
However, if you are “earning more” but also “paying more” then your purchasing power is lower. And when people mention salary, what they really mean is purchasing power.
It’s also true that US companies don’t have to pay certain overages that are required in the EU.
For example. I earn 60k (SEK) per month, my employer pays out 90k (SEK) due to insurances, social securities, pension plans and so on.
And things like that can’t be factored in easily, as it’s not usually known to the employee- so it’s often apples to oranges.
Ironic considering I would _at_least_ double my pay just moving to London (from north Italy, of course col is very different unless you live in Milan which is comparable to London but still with worse pay).
There is not much consensus regarding open standards, and the first plan of action would appear to be "a European firewall" (quickly renamed to the cloud for obvious reasons). So there will probably be some action, but I don't think it will be what many hope for. We Europeans may end up with a more closed, albeit more local, network.
As a European resident and previously lived in Asia and the US, I think that EU become a 3rd tier player in that game (user data) as stated by the EU Commission [1] due to an inability to develop those services by itself.
> The misalignment between Europe and the USA has grown the recent years
I wouldn't count the last 20+ years as "recent", but ok.
> The solution is trivially easy and has existed for long: open standards.
What we usually get is a hybrid "compromise". Things of absolutely no consequence are using open standards, e.g. Messenger will send JSON back and forth and things that matter a lot, e.g. social engineering algorithms for "ads" are black boxes.
It is my personal opinion these heavily asymmetric compromises are a consequence of severe technical inadequacy from most power bearing persons in the EU parliament. Another plausible explanation might be mind boggling corruption.
> The alternative is heavy regulated monopolies, no government is going to allow this situation to go for long
What we get so far are monopolies that are heavily regulated in inconsequential aspects to "please the crowd". Also, it has been a tendency of humans to underestimate how long a bad situation could last. Governments are very much a reflection of it's people(believe it or not) and they mostly "don't want trouble" - it is my belief it's exactly this attitude that has lead us so far astray.
“I hope for a return to sanity and open standards. The alternative is heavy regulated monopolies, no government is going to allow this situation to go for long, like the telecommunications industry. And, that does not work so well.”
I do hope for heavily regulated and accountable monopolies. Open standards what for? The current internet doesn’t differ from electricity or water; it’s not a network running on top of the phone network, but a commodity by itself.
You cannot avoid hardware manufactures, so let’s stop to argue idealistically about a technological solution to a political problem.
My current view is “the more people in WhatsApp, the more power for states to rule” –so spent your time caring of your institutions and not creating utopian technological alternatives; look at the Pinboard’s guy: ACT.
Thank you for comparing to E-mail. E-mail federation has been a solved problem for decades. Why on Earth is it so chronically intractable for chat? It's as if every time a new chat app is created, the developer's #1 requirement is: "Must be incompatible with every other chat app"
With so much, frankly, miraculous software systems out there in production, built by some of the smartest minds in software, it's just stupefying how "send text from one person to another, regardless of the sender's and receiver's client" continues to escape us.
"Many "apps" from WhatsApp to Zoom are treated as public spaces by citizens. But, legally the app-space is closer to a private space."
Clay Shirky's Here Comes Everyone points out this disconnect between social norms and technical reality.
IIRC the book example is kids talking at the mall's food court. While it's not private, as in hidden away, they're talking to each other, not to us adults.
You could eavesdrop. But why would you? That's creepy.
> The only reason for the rise of apps is that companies see them as a good way of lock-in customers, gather data and increase influence
Apps live and thrive because they are convenient and provide the most value to most people.
As a user, I wouldn't want the government to tell me what software I should use. As a software engineer, I wouldn't want to be told what software I should write.
If the problem lies in bad foreign apps, a possible solution is to educate citizens using facts and evidence.
> As a user, I wouldn't want the government to tell me what software I should use. As a software engineer, I wouldn't want to be told what software I should write.
As far as I am aware nobody is telling anyone what exact software to use or to engineer. Also nobody seems to be calling for that.
What has been applied here instead are standards. That's quite a different thing and I'm pretty sure, as a software engineer, you're used to be told to follow standards, aren't you? They exist in other fields, too. Like citizen rights and protection of personal data.
The advise not to use a specific piece of software because it doesn't appear to adhere to existing standards (by an agency with the sole purpose to watch over compliance) is also very different from telling people what software to use specifically.
I'm very glad of this development. Kelber has repeatedly made public statements in support of Matrix. Hope that more German government entities will adopt it.
From my experience a lot of people will not hesitate to contact you via WhatsApp even in a professional setting if they can get hold of your phone number. After this happened several times to me I made sure to have a separate phone for business where no messengers or any "social" apps are installed.
The funny side of this behavior is your client messaging you via WhatsApp but forgetting their profile picture shows them drunk emptying a giant beer shoe :D
I’ve never understood the appeal of WhatsApp: it requires a phone number (so it’s useless or hard to setup abroad, and it’s tied to a very personal data), handle very poorly wifi connection (somehow it seems to only update when connected over 4G) and force me to download pictures and videos to see them, trashing my photo folder in the process. It also has no killer features in comparison to any existing messaging app, nor the defunct MSN. And finally it’s now owned by Facebook, so using it to avoid Messenger is moot. Yes, this app success is truly a mystery for me. I have it for speaking with two family members, otherwise I would not bother.
I think you are underestimating the degree to which requires only a phone number is a killer feature:
-you download the app and can immediately get started after verifying your phone number (no ID or password required)
-you don't need to share any ID or connection details other than just your phone number
I spend a lot of time in India, and I think this lack of complexity has contributed significantly to its virality (I'd estimate that a pretty significant percentage of the user base does not have or regularly use an email account, which is usually a prerequisite to setting up many accounts).
Whatsapp has replaced SMS as the defacto standard mobile messenger for 98% of users in Europe (or many other places). It doesn't matter if they do things badly, there is no way around them at the moment.
It is even replacing SMS more in areas where Facebook pushed their internet.org / free basics program, where mobile network companies where supported by Facebook to grant free access to Facebook services while still charging for SMS (or other websites and services) There WhatsApp is/was free. (A few years since I looked into it last, not sure how the project changed)
An anecdote from South Africa: SMS was charged per message at very high rates. MMS even higher. Mobile data, while expensive too, was much cheaper per message. Also, free wifi was quite common in many urban areas. All this at a time when WhatsApp was much much simpler and easier to use, with good UX. The person to person advertising for WhatsApp at the time was “it’s free”, which while not 100% true factoring in mobile bandwidth, it was effectively true since mobile data and WiFi was at least 1 or 2 orders of magnitude cheaper than SMS or MMS.
That stayed true for a few years, and so WhatsApp became the de facto standard for messaging.
I can’t speak for other countries but in South Africa that’s why. And the rest is just networking effects.
Ah, that makes sense. I'm fortunate enough to live where we have unmetered SMS/calls/data so I've never had that issue (at least not while WhatApp's been around).
My phone number is an ID. An ID I don't want to share. An ID that can be stolen by calling the phone company and saying you're me and bought a new SIM.
Then you need to realize that you are a special case and not representative of the general public.
Most people who meet each other in real life and want to exchange contact information exchange… you guessed it… a phone number. Maybe you exchange email or twitter handle, but again you are an exception here. So imagine we meet for the first time and we exchange phone numbers. Now I can WhatsApp you, just like that no other account info needed.
You can get replacement SIMs with the same number (source: I'm in Germany and on my third SIM with my current number after first not having a micro-SIM and then a nano-SIM) – I did get notofied of this by SMS, though, and no idea what other anti abuse measures may be in place. I can order one for 10 Euro via the website anytime and I suppose I could do it via phone as well.
There was actually a scandal about that in Denmark recently. Some journalists managed to get new SIM cards for other people without proper authentication. Repeatedly and from different providers.
As I've heard it, the alternative that drove the first hundred million users was the telco reading over your shoulder and/or randomly dropping your messages on the floor.
Whatsapp grew big with customers of telcos like Vodafone, which may be less capable than Mark Zuckerberg's snoopshop but I wouldn't bet on their being nicer. See https://toroid.org/vodafone-smtp-mitm for example.
Email with real-time push notifications is not free. Without push notifications, WhatsApp, or any other messaging platform is essentially DOA. Theoretically, we only have Apple and Google with their limited operating systems in the early years to blame for the rise of the notifications economy.
Edit: While there are free email solutions that provide free push, you are either tied to the platform or are made to download an email app, which just makes WhatsApp an easier to use alternative, even if your use case is just spamming groups with pictures or video.
How about group email on demand? Setting up a group takes a few seconds, so does exiting or blocking. Ever imagine doing that with yahoo groups? I have some permanent groups but we have created and dropped so many need based groups. No need to accept the group by logging in here and clicking this and so on.
When WhatsApp first came around sending SMS in many places like in Europe was not free. It wasn’t free to send SMS to other people from the same country, and Europeans, especially European Students going to university will typically have friends or contacts with different country codes because they didn’t get a new SIM card for various reasons. It wasn’t free to SMS people in the same country, and it was not free to SMS people from other countries.
WhatsApp changed that, without needing you to sign up for an account somewhere and telling people “my AIM is this” or “my email is that.” You were already giving people your phone number when you met them, and WhatsApp was compatible with that. So it requires no extra steps. Just download the app and go and now you can SMS people for free using the contact information you already have, using the contact information you were most likely to give to people you just met.
> > The appeal of WhatsApp was free text messages
> Except that this is a feature of every messaging app.
No it isn't. WhatsApp is a replacement for sms, while other software is (or at least was) always some kind of internet messenger that now also runs on your phone.
Those were not simple, seamless, cross-platform, drop-in replacements to SMS though, which is what OP was referring to by “text messaging.” Sure, clunky systems which had no chance of mass adoption existed before.
They were if you're willing to overlook the requirement -- which WhatsApp shares -- for the other person to use the same app. (Well, protocol. Gaim handled AIM and MSN fine.)
The only thing SMS offered was that the other person didn't need to be running anything. WhatsApp didn't offer that, and also didn't improve on the other messengers of the day.
You’re missing the fact that WhatsApp was actually available for essentially all phones (even in 3rd world markets) and that nothing else is needed. AIM and MSN required an email address which means you need one, as well as an email client on your phone, not something that all people want or have. The signup process wasn’t even always available within the device, you might need access to a desktop to complete signup. They both require you to remember and accurately share an extra piece of info you have to memorize (email or username). They were both extremely slow, clunky and unreliable compared to WhatsApp.
Essentially, 95% of the reasons WhatsApp was successful were things you glossed over here.
That's not a replacement from SMS since those aren't based on phone numbers. If you have the phone number of somebody and they have WhatsApp installed you can message them immediately. If you both have AIM or MSN installed you have to exchange your handles through some other channel. That's a massive difference in terms of usability and friction to get started.
Could you chat with people on iOS with this? Or with people who didn't have a Google account, or didn't want to setup yet another account at all? Being a free and hassle-free drop-in replacement for SMS was the main appeal of WhatsApp at the time. If there would have been alternatives with the same features, WhatsApp would never have become popular in the first place.
Everyone (in Joel Spolsky meaning of everyone) already had an gmail account. Not giving out phone number was a feature.
When Whatsapp started out, it was free only for the first year; after that, they wanted a payment. What this experiment has shown, that people did very short term decision without regards for long term.
That's probably because you lived in a tech bubble already 10 years ago.
I reluctantly installed WhatsApp only after everybody around me started using it, or (the more tech savvy among them who already knew how to "open the internet"), switched away from Facebook to WhatsApp.
Everybody who had a phone also naturally had a phone number, and the phone numbers of their friends were already stored on the phone. Nobody outside the "nerd sphere" had a Gmail account 10 years ago, especially not outside the US.
PS: I don't remember ever paying money to WhatsApp, I think that was a short-lived experiment that didn't work out right before the Facebook acquisition.
Every mobile messaging app has this now, but not in 2009 when WhatsApp started. I remember that mobile carriers were really pissed for a while that WhatsApp killed the SMS.
In 2011 I was a student in university and I had friends in my circle from Erasmus so they kept their phone number from their own country. In 2011 it wasn’t even free for me to send a sms to people from my own country so I couldn’t even imagine sending sms to people internationally even though they were physically in the same city as me.
Well one day a friend told me to download WhatsApp. So I did. All it wanted me to do was verify my phone number and that’s it.
Now suddenly all of my friends with smart phones could just sms me for free. And I could sms them back too. For free.
That was the value of WhatsApp. The fact that all you needed was a phone number, which you already had saved in your phone. Now instead of opening your phones messages app, you just open whatsapp.
There was no extra step of signing up for a new account or telling people “search for my name on Facebook my profile picture is blah blah.”
It's interesting. Whatsapp didn't start out to be a messanger app for the world. It didn't start out to be a replacement for SMS, it started as a tool for frequent flyers to be able to set a status on their iphone in the same way you could on Yahoo messenger.
Frequent flyers weren't particularly enthusiastic
"It appears that this requires the other party to also have the app installed, right?"
The appeal of WhatsApp is simply that everyone already has it. It's the only messaging platform that can be used to message all your contacts. Network effect, that's it.
In the Netherlands it was the platform that was easy to install and didn't cost money per message. SMS was pretty expensive back then. Whatsapp quickly became the defacto messaging app. The word "whatsapping" even replaced "sms'ing". At this point in time you need Whatsapp (Or Messenger when you don't have their number yet)
The only time I get an SMS now is for specific multi-factor authentications or automated updates from companies. A lot of businesses even do their live support through Whatsapp now.
The fact that an SMS costs money is a feature. That way people will think twice before they SMS you. Free communications is only great if you have infinite time to communicate, as the cost of a bit approaches zero the quantity of bits goes up considerably. Things that before would have been fine to save up until you meet again now need to be sent instantly, and need to receive an instant response as well otherwise there will be a bunch of 'did you get my message' messages to follow up on the first one.
I prefer a slight barrier before I'm interrupted and don't mind paying the cost of sending a message. On top of that I don't like non-regulated foreign companies looking over my shoulder. That this is a non-standard pattern I'm well aware of but it suits me just fine.
I agree to a point. The barrier is something I miss sometimes. Because people will be asking something, and then start spamming question marks after 5 minutes.
If you're on a pre-paid plan then SMS doesn't just cost money. It's actually a finite amount you can send before you need to up it. Whereas Whatsapp can function on WiFi. So that can be a big deal if you have urgency.
> I don't like non-regulated foreign companies looking over my shoulder
I mean sure. You have to trust Facebook that the end-to-end encryption has no backdoors. But SMS is known for being intercepted really easyily.
What about just “apping” is that a word? On a business trip earlier this year my colleague told me (in English) “I’ll meet you down at the bar after apping with my daughter.”
Now that I think about it I’m not sure if “apping” implies texting, voice call, or video call. Lol
Almost everyone has it. I do not want to use WhatsApp, but in The Netherlands it is nearly impossible to go without it (although it seems you do ;)).
E.g. the parents of our daughter's class uses a WhatsApp group. You can decide not to join it, but you will miss out on all kinds of activities people plan together for kids, school-related messages, etc.
Similarly, our larger family uses a WhatsApp group to stay in touch, coordinate our the bi-yearly family outing, etc.
And this goes on and on, basically everyone communicates through WhatsApp groups. If you do not join them, you miss out on a lot of social activities, etc.
I wish WhatsApp just stayed independent and charged $1 per year, which they did irregularly before they were bought by Facebook.
Many operators "zero-rate" WhatsApp, meaning that you can access the service without having to pay for a higher tier full data connection. It's true for many mobile data plans and even sometimes wifi hotspots. It's shitty because it gives WhatsApp an advantage that's extremely hard to compete with but it does make it a lot more reliable and cheap to use than some alternatives.
Connectivity is what your phone has. It has nothing to do with Whatsapp. Whatsapp does not add anything to your connectivity.
Perhaps you mean "server availability/reliability"?
The only thing Whatsapp could do, without reaching deeply into the system, is to retry sending messages over and over, until they are sent. If other messengers give up early, then perhaps that could create a false impression of improved connectivity.
It's a simple calling and messaging app without the baggage of Facebook integration. That is all people wanted.
It is now redundant but that was not the case 10 years ago. People just stick with it since there is little incentive to adapt anything else. WhatsApp just works.
You can disable storing media to your photo folder. That was the first thing I did after installing it. I've never had issues with support on wifi, and that's a large amount of my usage of it.
Its killer feature was what it did before it was acquired by FB, really not much difference since then. The killer feature was international messaging without SMS/MMS costs (and poor reliability) and only needing a phone number, so you could take it with you easily as you moved through devices so long as you controlled the same number. This got presence around the globe making it easy to message almost anyone, almost anywhere.
It's "killer feature" is that it's just another messaging app that only requires a phone number. I don't want to add people to yet another proprietary network.
I'm an Android lifer (all my smartphones) and now live in Australia. I use Whatsapp for 99% of my personal messaging and frankly, I love it.
Same messaging experience for everyone (including emojis), great desktop app, easy backup & restore as you switch phones, was early on the reply-swipe functionality, easy forwarding, voice messages, . No, none of these are "killer" features, but it's honestly one of the purest examples of 'Just Works'(TM) I can think of in my digital ecosystem.
SMS on Android is pretty crap, and it's a particularly shitty experience communicating with an iPhone user or in groups.
Every time an article about Whatsapp on HN or Reddit pops up I fearfully look to see if there are legitimate privacy concerns. Afaict, all my messages are still E2E encrypted, and all my stuff is saved to my Google Drive.
Unless you're in a sheltered circle of only iPhones (probably in America), Whatsapp is the best choice by miles IMO. (Edit: sure if Apple would democratize iMessage for x-platform I'd consider it, but given that will never ever happy, Whatsapp is the great equaliser)
No other messaging app has the reach and consistency. And yea, this is a hill I'm willing to die on.
> Every time an article about Whatsapp on HN or Reddit pops up I fearfully look to see if there are legitimate privacy concerns.
There are legitimate privacy concerns. The main concern here is that Facebook builds up a network of who you are in contact with, how often you message them, when you message them, etc.
You are either not aware of this or you don't mind, but calling it illegitimate is not a fair assessment of the risk.
What if this data is leaked, hacked or sold or Facebook is pressured to release it to certain governments and they use this data to find dissidents?
This data, in combination with other Facebook data, could also be used by advertisers to target people specifically with questionable offers and materials, etc. People might object to their data being sold this way.
What if the US regime changes to a dictatorship, I know, it might seem very far fetched that some insane barbarian becomes president, but bear with me. Facebook might be forced to reveal said information and the regime will then use this to find dissidents.
What you should be asking yourself is 'Why is this app, that costs millions to make and maintain, that was bought for billions, free for me?' There is someone out there making a profit. This might not be a big concern to you personally, but it is not an illegitimate concern.
Backup works android->android and iOS->iOS but not if you want to cross the lines; guess you don’t care about that... but:
If you use Google’s backup for WhatsApp, it is NOT encrypted. Your local backup IS encrypted. It’s not your data - you can’t have it except through the app. But google can (and does) have that data for likely 95% of android WhatsApp users; E2E with this state of affairs is not very useful. (I assume the iOS situation is similar, but don’t know for sure)
Also, a copy of your phone book, continuous IP (and likely location) and all your conversation metadata is stored on Facebook’s servers even if you don’t use the google drive backup.
Yes, WhatsApp is useful and works well, But the E2E aspect is false safety. For many practical purposes, you should assume there’s No encryption. For the purposes that inconvenience you, it’s obviously there.
But even if, WhatsApp remains a closed source app, owned by Facebook. I really see no reason to trust them. Zuckerbergs privacy policy seems unchanged, since he called his user dumb fucs for trusting him with their data, while at the same time, buying the surrounding houses of his Villa, to protect his own privacy.
The only thing holding them back is a bit public image, but the general population do not care much and maybe breaking of privacy laws. But since the governments also really do not want real encryption for everyone, I would rather imagine "gentlements agreement" behind doors, than real investigations, in case for example WhatsApp would secretly send also the key for the backup to someone else.
Yeah the backup is really bad... WhatsApp put so much effort into the E2E encryption and then just dumped the backups on Google. It was all just window dressing.
I bet this is also why the intelligence agencies aren't pounding on them for having E2E encryption, obviously Google is an open book to them. And Google has access to all your history for their own purposes.
Of course you can choose to turn off the backups, but you can't be sure all your contacts are doing the same.
The idea of end-to-end encryption is just too broken. You always need to make sure that the implementation of the idea isn't controlled by the vendor from which it is supposed to protect you. But it is pretty much never the case, all the WhatsApps, Signals, etc. control implementations, updates and openly fight against attempts to decentralize or weaken that control, making sure that ultimately they are the ones deciding whether they get access to your data or not. At best it's just acts as a regular encryption with the vendor.
And while there is definitely no hope for binary blob consumer software to ever have real end-to-end encryption, there is hope that it could happen for open source software, distribution of which is not controlled by software vendors with many competing parties that package and ship it and an incentive not to sneak anything in because of that.
> The idea of end-to-end encryption is just too broken. You always need to make sure that the implementation of the idea isn't controlled by the vendor from which it is supposed to protect you. But it is pretty much never the case, all the WhatsApps, Signals, etc. control implementations, updates and openly fight against attempts to decentralize or weaken that control, making sure that ultimately they are the ones deciding whether they get access to your data or not.
Note that the client side apps are available for researchers to study. If they find a back door, it will be a big publicity issue for the app vendor.
Your concern is still valid though. Both Whatsapp and Signal could announce tomorrow that they drop E2EE or add some feature (like a default on non-disable-able cloud based spellchecker) and there is nothing you could do to protect your correspondence.
Matrix is different here that it encourages independent implementations as well as end to end encryption.
Whilst it does not work natively, there are working 3rd party products that let you backup on Android and restore on iPhone. Or at least there were 2.5 years ago.
Beg to differ. The Windows WhatsApp App has full permissions to use your entire machine, change your register, use your camera and mic without notification, read and or modify all your files, scan your network, watch all network traffic, catalog all the apps you have and see what they are doing, and use/access any all peripherals
No, that is not a "great app". Especially coming from Facebook.
FD: I'm an iPhone user. (not a die-hard, but I haven't found a decent android I can get along with permanently).
Aside from the number of people (network effects) on WhatsApp, what does it have over something like telegram, signal or any of the other cross-platform messengers?
Devils advocate for a moment:
Signal is pretty consistent, for a "no frills" chat solution, the UX is worse but it is still consistent across platforms.
Telegram does everything WhatsApp does but "better", native desktop apps, voice calling is clearer, it still very consistent. You can even have "usernames"; the UX is clearly superior. But the security model is questionable.
And if the answer is: "but network effects", why not Facebook messenger? it has the same reach if not greater.
> Aside from the number of people (network effects)
Network effects is it.
> if the answer is: "but network effects", why not Facebook messenger?
This is a good point, and I'm not really sure, but some guesses:
- Branding. During it's initial growth WhatsApp was a FB alternative and FB was in decline. Even after acquisition, awareness of the ownership wasn't immediately widespread.
- Contextual app differentiation. Facebook didn't separate its messenger from it's main platform quickly enough and even when they did, they're both conceptually considered a single package. People these days like separation of contexts.
- Phone numbers. WhatsApp was hard-linked to your phone contacts from the off, making it familiar to SMS users. Facebook jumping on phone numbers has followed slowly in a less focused manner.
- Less confusion for tech-illiterate. There's no posts or pages or walls. It's just like SMS.
> it has the same reach if not greater.
Anecdotal, but I don't feel this is true anymore. I certainly know a lot more people without Facebook than without WhatsApp.
phone number pairing is not just about familiarity - a person's phone number is still a natural contact handle to put on a signature, business card etc. Being able to then WhatsApp this person is very powerful.
Where I live (Austria), Facebook messenger does not have the same reach as Whatsapp.
Pretty much everyone with a Smartphone has Whatsapp, but there are lots of people without a Facebook Account. These are mostly older people. There are also people (like me, but I know several others) who do have a Facebook account, but don't use it on their phone.
The really nice thing about Whatsapp is the installation experience. Just download the App from Google Play/Appstore. Start it. Confirm your phone number. And you can communicate with all your friends. Facebook is much harder in this regards. Signal is similar, "but network effects".
Not OP but I'll chime in.
I have a range of devices myself and within in my social circle. I also live abroad from my family so good communication is key.
My work phone is an iPhone, my personal an Android, and across the family there is a multitude of old and new, Android and Apple.
Telegram is using (or used) some homebrew encryption protocol and I simply don't trust it. As it doesn't have a proper tried and tested encryption I'm not going to use it. (The encryption may have changed by now, as I haven't kept tabs on it.)
Signal is okay. There are 2 main things that irk me. Signal's Windows App is bad. Long loading times, bad UI. Keeps crashing for me. I also frequently video chat with family. Signal's quality is considerably worse than that of other services. The sound is choppy and video may or may not work. This is on all devices I own, regardless of network speed.
iMessage and FaceTime are good but platform locked. The video call quality on FaceTime is the best one across all services for me. The picture and sound is just significantly clearer than anywhere else. If I talk to family members with an Apple device I will generally use FaceTime.
WhatsApp still remains my main one for the simple reason that it gives me the best average experience across all devices and circumstances. Video and phone calls could be better but are acceptable. Chats are easy to use and work. Service quality is generally good. WhatsApp for me stands out because it doesn't really negatively stand out anywhere else. Yes, owned by Facebook is something I'm not entirely comfortable with, but right now, there simply isn't any other application that for me is consistently average across every platform.
I really dislike the Whatapp desktop experience, specifically the fact it's still going through Bluetooth using the phone even though I am on my desktop. Sometimes I leave my phone on another level in the house (yes I don't carry it around 24/7) and then Whatsapp desktop simply won't work as the distance is too great.
I prefer desktop apps that are 'standalone' such as Telegram's or Skype's.
It doesn't actually use Bluetooth. When you scan the QR code your browser pairs with your phone and messages are relayed back through WhatsApp servers between the two, so as long as both have an internet connection it should work regardless of where they are.
Yep, it actually works terribly in my experience. It's very slow even for web apps, is unreliable in staying paired, and (at least for me) often has issues with file attachments. I would much prefer a standalone app like Signal or Telegram.
> Afaict, all my messages are still E2E encrypted, and all my stuff is saved to my Google Drive.
There’s two things here: who controls the endpoints and who controls the key exchange. For now, I’m less concerned with reading your texts on the end than anything else any other Facebook app does to ping back and track you. The key management to me seems to be less than paranoid.
Curious how your enthusiasm develops when they start injecting ads into their application chats. I haven't seen a single ad all year and will keep it that way.
Skype is still way better for those. I use both regularly, WhatsApp has choppy video and phone-like audio whereas Skype has smooth video and HQ audio. I only use WA with contacts that don't have skype.
Just a few years ago, paramedics in Germany were routinely (and probably not entirely legally) using WhatsApp for communicating with the hospital while en route because there wasn't (and still isn't) a reliable, secure and interoperable system allowing healthcare providers to communicate with each other.
It's not like people in Germany are using tools such as WhatsApp in a professional context because they're negligent or careless (at least not entirely). Often, the digital infrastructure available to them is so woefully inadequate they have to resort to non-official tools.
> Just a few years ago, paramedics in Germany were routinely (and probably not entirely legally) using WhatsApp for communicating with the hospital
Here in Canada, WhatsApp is routinely used in the hospitals for doctors to communicate with each other about patient care. We aren't supposed to send identifiable information but... it happens all the time, of course. And for the same reason: no sanctioned system to replace it.
That's funny. UK is now switching off TETRA to a new ESN network; based on LTE. Quite a few issues with it, so it will be a while yet, but most of the masts are built. It will also allow coverage in rural areas to improve (as operators can share the masts built for the emergency network).
There was a bug, not exploited, fixed immediately... And you hold that as government failure... I won't try and lecture you about government efficiency, but you really should do something about your confirmation bias.
While it is sad they had to resort to custom fork, they didn't really fail, did they?
> Tchap wasn’t built from scratch. The DINSIC, France’s government agency in charge of all things digital, forked an open-source project called Riot, which is based on an open-source protocol called Matrix.
I was appalled when I went to install it and there was no way I could see to avoid handing 100% of my contacts to it.
Do people keep a private offline contacts list, or a clean phone just for this?
Or do folks just not care about giving away the mobile phone numbers (and addresses? email addresses? birthdays? other notes on the contact about kids names, etc.?) to an app?
Am I behind the times and everyone just knows none of this stuff is private anyways due to leaks etc.? Even if that is your attitude, it seems you are feeding more links to the graph someone else is maintaining. Did you get consent from every one of your contacts to do so?
I feel like I must be missing something here. Am I over-reacting or paranoid?
No, you're not over-reacting. I refuse to give access to my contacts to any app; however, that doesn't stop my friend, mom, or a cousin from giving access and Facebook/Google building a profile on you. The other issue here is Apple and Google have not updated these permissions to only get access to certain contacts you choose, its either all or nothing.
From personal experience, I can tell you that the consequence of this will be that ministries will be using unencrypted and unauthenticated email and SMS.
At least in Germany companies and government are required to configure mandatory TLS for SMTP and IMAP so the biggest attack vector is gone. No end-to-end encryption though.
The most significant attack vector might be the admin of the email service. In European public institutions, the admins have access to your work account (which is healthy and ok). WhatsApp, it’s the equivalent to share a coffee some blocks far away from the office (which is healthy and ok).
true. Keep in mind that specific industries (e.g. finance) have transparency requirements so end-to-end encrypted messengers are not acceptable (prevent insider trading, collusive behavior, data theft).
In private, personal communication, everyone must have the right to use end-to-end encryption but in commercial and governmental communication, there needs to be some archive, accessible on judicial request.
One cluster of my friend base has entirely switched to Telegram.
Now I know I will get hit with a barrage of information why Telegram is also bad and blah but honestly at least it's a bit less info for the POS company Facebook.
threema is not open source and it is not free, Signal (better some European fork) without recent baggage would be better option
user base is extremely slow, in Slovak media Threema is associated with mafia and murder of journalist, it will be hard to convince people to use same app as mobsters
People also use money, mobsters do too. They breathe air, mobsters do too. I don't think mobsters using something that is otherwise legal to use is going to stop adoption.
The parent did not say it is a mafia app. But it's use really is strongly associated with mafia in Slovakia. That for sure will never make it very popular choice for people in Slovakia don't you think?
You can look for yourself, the only thing which pops-up on google when you search for threema and slovakia are the murders and mafia dealings with government officials and lawyers.
BTW the Threema encryption was not broken. The messages were extracted from an unlocked iPhone X of the main mafia operative (Kočner).
Slovakia is not exactly the largest country in the world and to extrapolate from 'Slovakian mobsters have used it' to 'this app is associated with the mob' is a bit of a stretch.
It may only be hard to convince non-mob Slovakians to use it, but that's a relatively insignificant number of people on the larger world stage.
if you hear money, mafia/murder are not the first words which come to your mind
if you hear Threema in Slovaka - mafia and murder are first words which isntantly come to your mind, because nobody else use this app, everyone is already on Whatsapp, Messenger or Viber and nobody ever heard about Threema besides few nerds until media started to publish transcriptions of Threema chats from mafia where they are ordering murder of journalist
you can downvote all you want, that's reality, same as when you hear Ford Pinto
In Germany, you usually hear about Threema as the app that you should use if you care about data protection. Signal isn't as well known, but it's gaining traction. Neither currently has even the slightest connection to mobsters, as far as I'm aware.
I wasn't aware that the German government had a "Data Chief" position. This article refers to the Federal Commissioner for Data Protection and Freedom of Information. Because of the federal structure, his authority is complicated with many important decisions based on the regional level (Bundesland). While some people do use Signal, most people, don't care. Many doctors communicate via WhatsApp, as it's just faster / easier.
Google, Facebook, Whatsapp (part of Facebook now), Amazon are all basically spy companies
They are 'America's Edge'
Let's consider the narrative ->
That one corner of the world (Silicon Valley) is so good at technology that it produces nearly ALL of the world dominating technology companies
*
Let's consider another narrative ->
While most countries were asleep at the wheel, the US (or some group of people in the US) figured out that the next wave of imperialism would be
- technology
- data
- surveillance
And they devoted all their resources to making sure these 'big data collection and surveillance companies' would be American companies
*
If you remember the example of the spy hardware company in Switzerland that turned out to be owned by the CIA
If you remember how US tried to fund a social network app in Cuba but failed to get traction
Then does it not make sense that all the things we think are 'accidents' are perfectly reasonable when considered as a collection of dots that link together
Cisco hardware = backdoors
Intel chips - backdoors
Amazon/Google/Facebook - data collection and surveillance
*
All the smart countries are gradually ditching Facebook and Google
If you look at actual innovation, there is now lots of great stuff coming out of Europe. China, etc
US seems completely focused on
A) data surveillance companies
B) advertising tech
C) 'Outspend everyone else to become market leader' type companies
Then provide useful, technically complete, secure alternatives that are vetted by the government. The expectations of your employees are changing, so the technology you provide should change along.
The article says: The Düsseldorf newspaper Handelsblatt said Kelber, previously a Social Democrat (SPD) federal parliamentarian, was reacting to complaints from citizens about the use of WhatsApp by unnamed federal authorities.
It seems some „authorities” used it as a citizen communication channel for official contact.
Unfortunately the agencies in charge of vetting this kind of software work in timespans of 2-3 years (not just Germany in most other countries as well).
If you like WhatsApp but don’t like Facebook having your meta-data, and don’t like the fact that your Google Drive back-ups are not E2E encrypted, then use Signal. WhatsApp’s encryption algorithm is based on the protocol that Signal invented, so you get the same and E2E security — but without the potential for Facebook snooping on you.
In my case I'd also lose about 98% of my contacts, who're non-technical and don't care enough about some very abstract threats to abandon their social network or use yet another messenger app in parallel.
Also, since it's not well-known here, people tend to be very suspicious of it at first, because it's not known to be super safe like Whatsapp.
There are very good messengers, they are just not pushed by big money and group pressure. The problem is always, that people don't care about what they do (to others) and apply group pressure for the benefit of the company.
matrix.org
For professional usage and IRC like chatrooms. Free and open source software, with several native desktop and phone clients. Doesn't require any phone number and offers E2E encryption. You can use the central server or host your own ones and connect everyone through federation. The official app for iOS/Android is getting currently a rewrite because it is chubby. I'm using Fractal happily on Linux as IRC replacement, because it lacks E2E at the moment. Developed by a company which offers support and libraries for development. Therefore you could criticize that there are no RFCs floating around, but looking at XMPP which created a lot of RFCs this is probably quicker and better.
The germany army will use Matrix and also the french government. No joke! The germany army is here an example to follow.
signal.org
Also free and open source software, but you won't get your own server and federation. Very easy to use for everyone, hard linked to phone numbers with default E2E encryption always on. Childs can use it. No native desktop clients, only the fat Electron "Flash for the desktop" thing.
The european parliament is using it in future. Probably a wise decision in their case ;)
PS: Facebook claims that WhatsApp uses the E2E of Signal. Nobody can proof that without source code. Nobody is allowed to write own clients for other platforms than iOS and Android. Nobody ever has seen the server code. Haven't we seen enough greedy monopolies since the 80s?
There are not really any good messengers across the board.
I have most experience with Signal and though I think the security side is good and it ticks lots of boxes, I often encounter bugs; overall a much worse UX than Whatsapp or Telegram.
What are the chances that this could be solved by having the German government (or EU) overpay to poach a team of instant messaging engineers from around the globe (give them 2x their current salary, have milestones to unlock more money) to have them develop a Whatsapp alternative that can be used in EU?
Several European government bodies are looking into/starting to transition to self-hosted Matrix servers. Further development on the protocol with government funding could very well happen.
Advancements are definitely being made, though because of the way governments operate I doubt we'll see their contributions be open sourced very soon. It's nice to know there are developments in the right direction, though.
i think the federal government also doesn't quite like the fact that it can't wiretap WhatsApp calls upon court order or decree; i don't know which possibility is worse - possible privacy violation or possible wiretapping.
The bigger issue here is that while currently there are quite many communication tools with various degrees of central control, effective encryption, cross platform availability, user adoption, etc., none of them nail a optimum on all these dimensions. You are always compromising on something.
Uneducated users just use what everybody else uses that is "free". This tends to be stuff that is provided by big US based companies like Google, Facebook, Apple, etc. Free here is primarily about pricing and convenience. Recently, people value encryption a bit more but most users lack the expertise to make good decisions for this. So, they'll use something that supports encryption without realizing that might need configuration or turning on.
Companies have to deal with employees using non-sanctioned devices and solutions (i.e. uneducated users), which means the above tools are used. Additionally, they tend to have internal tools that are required to used for internal communication. Typically these too are provided by big US based companies (Slack, Microsoft, Facebook, Google) but are optimized for corporate requirements (better security, team features). A problem with these tools is that they are useless for communicating with people outside the company. Most companies are part of a complex supply chain involving companies that typically don't align on this. So, things like Skype, Google Meets, Zoom, etc. are popular in this space. Or email. A surprising amount of communication still happens via unencrypted email.
Finally, educated users tend to pick solutions that are a bit more on the paranoid side of the spectrum when it comes to privacy, encryption, data ownership, etc. Additionally, open source clients and servers are important in this space. Signal, Matrix, etc. are some better known solutions in this space. Unfortunately, these solutions tend to be not widely adopted and make it harder to communicate with "normal" people in the above two groups. I have signal on my phone but less than 99% of my phone book actually is reachable via it (not counting sms messages here for obvious reasons).
Companies are increasingly valuing this type of solutions from a security point of view. Industrial espionage is a thing and it's a thing companies with representatives in countries like China, Russia, or even the US have to worry about. These countries have very active intelligence agencies and a long track record of actively serving local businesses with basically any information they can get their hands on. Therefore companies that care about keeping secrets ought to be highly paranoid about popular solutions controlled by US incs that must be assumed to be actively under the attention of intelligence agencies.
IMHO OSS, federated solutions, with multiple implementations, clients, and no central control is what is needed. Unfortunately the dominant business models in this space favour closed source, non federated solutions with maybe some OSS clients but typically no independent server side implementations. Signal and matrix are exceptions in this space and neither has meaningful (> 1%) traction in the any market. I guess matrix is growing nicely regardless. Also signal has one big flaw: it uses phone numbers for authorizing users. This gives a large amount of control to operators.
Generally I'm for stronger data protection, but German officials relationship to WhatsApp is a bit silly, I always wonder what their conrete worry or attack scenario is. That a rouge employee at WhatsApp can see your metadata or access your telefone book? That the US government can see your metadata? Criminal and state actors have access to most of that information anyway.
WhatsApp is a proprietary app and Facebook did plan to implement client-side agents that would extract info from content, or blacklist it. This means Facebook has the capability of backdooring WhatsApp and by extension the US government has this capability.
This isn't just about the metadata, you would be naive to think so. Proprietary apps, especially those that get automatically updated, will always have this loophole.
> "Criminal and state actors have access to most of that information anyway."
You don't have evidence for this and regardless, metadata access can be prevented and it's in a country's best interest to protect its affairs from governments of other countries or from organized crime.
> This isn't just about the metadata, you would be naive to think so. Proprietary apps, especially those that get automatically updated, will always have this loophole.
I would say most applications that goverment offices in Germany use to interact with citizens are proprietary. For example Outlook as a mail client. SAP is used in some administrations. Many cities and police departments have presences on Facebook and Twitter and communicate with people there. Nobody has any issue with using proprietary SMS apps or iMessage.
In fact, open source in administration is currently so rare that it is newsworthy.
> German officials relationship to WhatsApp is a bit silly,
I find HN hivemind relationship to these apps quite silly. A government should never entrust any information to a third party it has zero control over. An individual consumer and a government employee working with classified information have vastly different responsibilities.
> I always wonder what their conrete worry or attack scenario is
The security of these public apps are akin to a glass cannon. Strong in one scenario, hilariously weak in another. State actors can easily circumvent and extract full text messages and not just metadata.
It's not clear from the article, but the debate in Germany is about local offices using WhatsApp to interact with citizens. Like people asking about garbage collection dates, or informing about school closings. Things you might as well post on a wall or send with a postcard. Anything remotely sensitve, like getting a certificate of residence, has to be done in person anyway.
You're right when it comes to government officials working with classified information. But otherwise its completely normal to subcontract IT to third parties, even (especially) in the US.
Many people on HN say over and over that Facebook is a private company and they can ban you whenever they want for any or no reason.
A company that behaves this way cannot be trusted of course. If I get banned I cannot know about closed schools and garbage collection dates? And with no way to appeal or get redress. Of course completely unacceptable.
Cambridge Analytica showed there is a huge private market for data. Why should any government put its connections into a private corporation?
Just because some criminals or state actors can obtain that information illegally does not mean we should provide that data willingly and legally.
As a side note, I find it strange that you are for stronger data protection and at the same time think it is "silly" to avoid data collection companies such as WhatsApp.
> As a side note, I find it strange that you are for stronger data protection and at the same time think it is "silly" to avoid data collection companies such as WhatsApp.
For example, I would advocate to allow anonymous phones again. Since a few years you can only get a SIM card with identity verification in Germany.
I would also disallow third parties to create profiles of anybody, and I would ban the sale of such data. Currently as a company you can even make queries to the local "Einwohnermeldeamt" (registration office) and for a fee get address and other data of residents. I'm opposed to that, as well as the data collection going on at credit score agencies.
Personally I think what German officials are doing is often data protection theatre, akin to security theatre.
But I think WhatsApp is somewhat unavoidable, and after weighing the pros and cons I don't think it is reasonable to ban it (I know it is banned e.g. by many municipalities, schools, and trade unions for communication with citizens). It's better to allow it so you can reach people for whom this is the medium of choice, as long as you always provide a safer alternative of course.
If I could decide, I would also require every messenger and social network above say one million users to provide federation. Being able to access your own data the way you want is just as important an aspect of "data protection" as locking it down! And it would force competition and prevent one entitiy from being too big to avoid.
Already the fact that you are talking to a psychologist is worth a lot to insurances and job candidate assessment platforms. Or to a midwife. Pregnant women are worth a lot in the adtech industry because especially if it's their first baby, they are about to buy lots of things they haven't bought before. Classical example is diapers.
This is from the metadata alone.
But Whatsapp goes further: it also encourages Google Cloud backups. Quite many people enable it. That way, the content becomes accessible to Google.
Other apps like Threema don't have the option of online backups of message content. You can back up some stuff online, but it's only stuff like your list of contacts, stuff that for Whatsapp already resides on the servers. For the content, you must use offline backups.
> But Whatsapp goes further: it also encourages Google Cloud backups. Quite many people enable it. That way, the content becomes accessible to Google.
What's the bigger danger for most people?
- You talk about pregnancy on WhatsApp, and they - illegally - extract this information so that some website can show you diaper ads? (I'm not even considering the possibility that this information would leak to an employer or heathcare - because such a leak, or anybody doing anything with that info would be considered completely outrageous here.)
- Or: your phone breaks and you loose extremely important information stored in chats - passwords, photos, and so on?
For most normal people I know, #2 is the greater hazard. So I , too, would encourage them to back up their stuff in the cloud.
Not only metadata but the whole data transmissions.
Whatsapp may claim that transmissions are encrypted end-to-end but they control the app itself so can do whatever they want.
The app distribution channels are also controlled by American companies.
So any government conducting communications through Whatsapp has in effect outsourced its communications to the US.
For important communications governments do not even trust off-the-self smartphones.
To add to this point: The US government is not at all trusted in Germany (or most of the EU) at the moment. "America first", combined with numerous withdrawals from international bodies like the WHO and the climate agreements has given the impression that the old allies are no longer beneficial to the European cause.
> I always wonder what their conrete worry or attack scenario is
There are laws in place who require German institutions to keep data privacy to a certain standard. This standard cannot be guarantueed when using e.g. Whatsapp.
Of course one could argue the Germans are too paranoid when it comes to privacy – but keep in mind where this comes from: Germany knows first hand what impact state lead data collection can have from it's own history on not one but two occasions (the Nazi-apparatus and the Eastern German STASI surveillance).
This historic backdrop lead to a widespread mindset that one should collect as little data as necessary (search for privacy by design or Datensparsamkeit). This mindset is also enshrined in law.
If you work in an government entity IT-department who is responsible for complying to these laws recommending a messenger which does "something" to your users data (where this "something" can change at any point), is something you could do, but on the other hand you could also just tell them not to use it at all (or to use Signal etc).
Here on HN people want to believe that WhatsApp is more secure than Telegram, when all the evidence points to the contrary. Also: don't trust closed source protocols.
If they discourage people from using something, they should tell people what is the alternative.
I've been user of Signal for years, but with recent changes especially with screen nagging me and everyone else to enter PIN I'm going back to Whatsapp, which was my secondary messenger, but which has most contacts anyway.
What are the other options - Messenger, Telegram, Skype or whatever Google kills this year, which are all not even E2E encrypted by default (let alone colecting metadata)? Anything else has zero users and it's not user friendly.
It's not like there is user friendly completely safe service, after all even Signal now collects and stores your contacts in cloud after forcing you to create PIN nobody asked for, while they still keep asking for phone number and nag you with other prompts instead of adding basic features like pin conversation to top.
Nobody asked for spaced repetition nagging, and no way to turn it off. its so condescending and stupid of them. If you don't give users a choice, the only choice left to them is to stop using your app.
Yeah, maybe they could leave an option to disable this. But it takes like 30 seconds to input your pin if it's really long, and that's every few days. I for one think it's a neat solution of "now give us an 8-digit pin you've set up a year ago" problem.
Which I assume is a first step towards user profiles. Their development team is small and every feature has to be implemented using state of the art crypto.
Many "apps" from WhatsApp to Zoom are treated as public spaces by citizens. But, legally the app-space is closer to a private space. This creates a mismatch between reality and expectations. (Zuckerberg can delete his chat history and you could not until Europe passed legislation forcing Facebook to do so.)
I suffered the "Windows only" of gubernamental applications that excluded Linux users from using them. I see a new wave of iPhone/Android apps, WhatsApp/Twitter official accounts, etc. creating the same monopolistic synergy where the government decides what apps the citizens have to install and what Operating Systems to use. The abuse of monopolies is not fight against but government officials take sides and choose which monopolies to grow.
Finally, a point missed in the comments: WhatsApp is an American company. The misalignment between Europe and the USA has grown the recent years meanwhile the technological dependence of Europe towards the USA has increased. That will not end well. The USA is in a position to shutdown all the technological infrastructure of Europe (AWS, Google, Facebook, Azure, ...) and to openly spy its citizens. When the two blocks were in more friendly terms that was seen as acceptable, today that is creating an uneasy feeling.
As an European citizen I do not feel safe with such an American oversight of my private and job-related activities. And, this is the most important point, when citizens feel threatened they will react or over-react to the situation. The USA has not been a trustworthy partner for some time. And ,the rise of TikTok and other Chinese apps are bringing that fear to public attention.
The solution is trivially easy and has existed for long: open standards. Mail has been around as long as the Internet and proven its value, the same applies to the World Wide Web. The only reason for the rise of apps is that companies see them as a good way of lock-in customers, gather data and increase influence. All that reasons are bad for the economy, for the freedom of countries and individuals. Open standards should be pushed as a leveling field for competing companies, as a form to increase freedom of expressions and communication and to avoid single-points-of-faiulre that risk big parts of the economy.
I hope for a return to sanity and open standards. The alternative is heavy regulated monopolies, no government is going to allow this situation to go for long, like the telecommunications industry. And, that does not work so well.