Compensation Key Employees and Officers Base Related Other

Jim O'leary (Vp, Engineering) $666,909 $0 $33,343

Ehren Kret (Chief Technology Officer) $665,909 $0 $8,557

Aruna Harder (Chief Operating Officer) $444,606 $0 $20,500

Graeme Connell (Software Developer) $444,606 $0 $35,208

Greyson Parrelli (Software Developer) $422,972 $0 $35,668

Jonathan Chambers (Software Developer) $420,595 $0 $28,346

Meredith Whittaker (Director / Pres Of Signal Messenger) $191,229 $0 $6,032

Moxie Marlinspike (Dir / Ceo Of Sig Msgr Through 2/2022) $80,567 $0 $1,104

Brian Acton (Pres/Sec/Tr/Ceo Sig Msgr As Of 2/2022) $0 $0 $0

> We use third-party services to send a registration code via SMS or voice call in order to verify that the person in possession of a given phone number actually intended to sign up for a Signal account. Simple solution, go distributed.

6M $ for that. Stop doing that. What do dictators control? Mobile phone networks and other infrastructure. And, yes, they really do go after people any way they can.

This "cost" puts people into danger. Coupling identity and operator infrastructure is a critical privacy flaw. And a costly one too apparently. If your #1 goal is to be the most private solution, this cannot be tolerated to continue to be the case. Get rid of it. Your identity should be your cryptographic key.

Why does an organization with about 50 employees need 4 C-level executives, totalling about 2M compensation per year? Or perhaps it's 7 C-level executives (3 hiding under the "Software developer" title) totalling about 3,7M compensation per year?

I'm absolutely not donating money to such a thing without an answer to this question. As a counterpoint, I am a member of a local (Finnish) non-profit organization, one of whose many services is Matrix. This costs me 40 euros per year and none of that money goes to C-level executives.

Refreshing compared to the alternative that Wikipedia is showing, with the tantrum-like emails we receive from their CEO like "LAST REMINDER" or "We've had enough" ; which they ironically send to people who gave.

I would much prefer the Wikipedia endowment model of non-profit orgs. They have a standard operating procedure with a predictable budget, and endowment that let's them run indefinitely, and we just have to suffer through pledge drives. I just block them with ublock filters. I gave them 6 dollars back in 2012, and according to their marketing that is enough for life.

No. They are meant to manipulate me personally, as well as other persons I care about. I will take them personally.

More broadly, I don't have to excuse bad behavior just because somebody's making money off it or because it makes some too-narrow metric go up. Yes, it's a complex and imperfect world. But to me that's a reason to work harder to make things better, not a reason for people to say, "fuck it" and make the world worse.

This, absolutely! they play on people's psyche and mental cabling by trying to guilt you in the same way your parent would ; it's manipulative, and I have an absolute hatred for these tactics.

I just put my money toward people who don't do that crap, and I want the manipulators to see that I'm giving money to their non-manipulating competitors.

Parental manipulation works because it's completely reasonable given the relationship for it to be effective. It's a betrayal of trust.

If a company tries that tactic and it "works" too well, that's an opportunity to evaluate your psyche, not get mad at them.

This is different than what is currently going on with venture backed services like reddit and youtube. I would argue that we should block ads there too, but there it is an arms race where we have to consider ways to protect ourselves from encroaching privacy violations. It's much ruder, and that is something we should actually be mad at.

They don't know you; they don't know me. I'm a nobody, just like you.

I don't take them personally, of course, but they do encourage me to avoid forking over any money.

It's still shitty, even if it's a shitty "standard practice" and not a shitty thing being done to me particularly.

Honestly, it seems like Wikipedia's goodwill is seen as an exploitable resource, that people in Wikimedia are using to do other, unnecessary things (probably building little personal fiefdoms).

Sort of like Mozilla, actually. IIRC, they literally won't let you give them money to fund Firefox development, and any donations you give them go to fiefdoms almost certainty entirely unrelated to why you gave them money.

You'll be proper mad when you realize how much money that other company, whom you regularly pay for access to their services, has in the bank.

There's a difference between "donate if you appreciate this website" and "donate if you appreciate this website because we will have to shut down otherwise (not really though)"

Because it's not perfect yet?

The point of Wikipedia is not to have some servers ticking over. The project has a vision: "Imagine a world in which every single human being can freely share in the sum of all knowledge."

I agree it's not ok for them to lie, and am bothered enough by their dubious fundraising tactics that I stopped donating. But that's a totally separate concern than whether Wikipedia's mission is complete.

That's not their vision. Not only do they require entries to be notable, they'll remove information from articles that are, in their editorial judgment, too long. Neither action is compatible with the goal of sharing the sum of all knowledge.

Seems almost mundane, as if they’re running a very effective foundation that’s actively achieving their goals. See the recent Cambridge study that explored how their governance has been effective at promoting moderate discourse while suppressing misinformation and hateful content: https://www.cambridge.org/core/journals/american-political-s...

1. Open Signal and click on your user icon in the upper left.

2. Go to "Settings" --> "Donate to Signal".

3. Click "Donate", select your donation options, and pay with Apple Pay.

Love what signal's doing for the world.

Thanks for that, I did a one off 300 euro donation back in '21 during the bubble market; Meredith has been doing the rounds [0] and she hits on lots of good points, and even went to the UK over their now failed bill during the Summer.

0: https://www.youtube.com/watch?v=ykfABSBeAVo

Easy google , but no it doesn't

https://developer.apple.com/apple-pay/nonprofits/

Very few people are going "No apple pay? No donation."

43% additional impact.

It's for security.

Your payment info is not connected to your account.

https://support.signal.org/hc/en-us/articles/360031949872-Do...

Does Apple have any records connecting your recurring Apple Pay payment to your iPhone's phone number?

I'm curious what the breakdown of donations is. I only have 1 contact with a $10/month and 1 with a $5/month badge. Of course there could be others not displaying the badge. Signal really needs 500,000 people giving $20/month and plus the rich guys giving some millions on top of that to be in a safe financial position.

Maybe something that could be done to encourage donations is have the client estimate how much raw infra costs your usage created and display in the donation screen.

They actual costs are apparently about 1 USD per year per user. I usually at least double (usually more) my incurred cost when the donation is optional, to cover for those who can't or won't pay, but paying 240× the cost price seems wasteful as well when there are other nonprofits that can do more good with every dollar you give them (be it solving poverty, climate change, whatever you find valuable) rather than one which has mostly fixed fees

I'm donating more than my costs deliberately because I fully understand that most users are not going to contribute money, full stop. I need those users though, because they are the people I want to privately communicate with. So the obvious thing to do is pay for as many other users as I can. If there's 50M monthly active users, and if 1% of them are like me and highly value Signal, then each of us 1% users can pay $20/month and cover the entire operation. Then the contributions of the super rich donators can be saved to rebuild the war chest.

$20/month is nothing to me considering the value I get. I understand that most won't feel that way, which is why I'm only appealing to those who do feel as I do to just get that recurring donation going now.

- signal for family and some techy friends

- whatsapp cuz some friends dont really get signal

- imessage cuz some friends dont get whatsapp nor signal

- viber cuz family across seas and that's whats popular there

- slack with some friends cuz it's nice to have focused discussions in channels

- discord cuz its better for gaming

- ig messaging cuz i stay in touch with less close acquaintances and some friends that way, comment on their stories and chat about whats going on in the moment

It feels good supporting something worthwhile.

Second, are you hedging your bets and supporting Matrix or XMPP as well, or will you only encourage people to "donate" to the platform that you happen to have picked already?

you literally don't. It's a fully encrypted service. The literal purpose of encryption is to move data securely through insecure or even adversarial channels. Which you can verify, it's audited and open source.

They refuse to build the app in a decentralized way because decentralization is an ideological obsession that is useless in this context, and because centralized organizations can actually ship polished software that works for normal people and move quickly.

They can ship it, because they got a fuckton of money. But apparently they can not maintain it, because now they are crying about how expensive it is to run it.

Signal is acting like a sprint runner who signed up for a Marathon and wants to be carried out to the finish line after showing how much faster he was in the first mile. That's what I think is dishonest here.

They can use their pick of SGX exploits to undermine the weak metadata protections and they (or apple/google) could, if pressured, ship tweaked versions of their centrally compiled apps to select targets that use "42" as the random number generator. No one would be the wiser.

Signal is a money pit with a pile of single points of failure for no reason.

Matrix is already proving federated end to end encryption can scale, particularly when users are free to pay for hosting their own servers as they like, which can also generate income.

Signal builds on Android have been reproducible for over seven years now. That's not to mention the myriad of other ways that people could detect this particular attack even without build reproducibility.

Moxie made it very clear he never wants third parties like f-droid -actually- reproducing and signing packages for distribution to de-googled signature-enforcing android distros etc. Providing side-loadable apks as an alternative a joke.

Third party builds and distribution would serve as public canary and be better for privacy forbidden. He argued the tracking advantages of centralized development and distribution outweighed any wins of allowing third party clients.

In reality a build published with a breaking change and a subtle crypto backdoor omitted from public sources may not be discovered for days or longer. Long enough to decrypt most every convo on the planet.

How many? There's some news about it being recommended for use by BLM protesters, and about it being blocked in China, Iran, etc. Where is this info about it being used in "overthrowing dictatorial governments"?

Given that Signal is free as a service, supporting federation only increases their expenses.

Element can do it for their Matrix servers. Process.one can do it for ejabberd. Prosody as well. Why can't Signal?

You've named several products that share your values. Perhaps those would be a better fit if you were to donate.

The most comparable system to Tor that has practical properties I can think of is maybe ipfs, but nobody will store your encrypted chat blobs for you out of the goodness of their hearts. Ipfs also tends to have high latency. A slow system of uncooperative nodes isn't what you want your messaging app built on.

A federated messaging system looks a lot more like Matrix. The obvious problems are that splitting users up over multiple nodes mean encrypted data doesn't live on your instance, it lives everywhere the people are you chat with. Another problem is what you see with bsky, where identifiers come with a domain name (like an email).

IRC is also federated (sort of), and there's a long list of tired, age-old problems. The most common one is simple: different servers have different features, so you can't reliably "just use it" like you can with Signal.

[1]: https://themarkup.org/pixel-hunt/2022/11/22/tax-filing-websi... [2]: https://github.com/the-markup/meta-pixel-taxes

edit: it was called MobileCoin right

edit2: they do

https://support.signal.org/hc/en-us/articles/360057625692-In...

is that generating any revenue?

I don't think they ever confirmed that this was why they stopped updating, or did a postmortem on how poorly that launch went. I vaguely recall there was also an unexplained spike in MobileCoin trading shortly before the public launch that looked quite a bit like insider trading, though right now the stories I can turn up about it here are about similarly disconcerting and unexplained issues in its provenance: https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...

It's hard to take this fundraising plea seriously when this financial disaster is never even mentioned. I hope I've just missed whatever Signal has done to try to repair trust after the, but the fact that they haven't even removed it from the app is not promising. Can anyone share updates?

Short timeline of events from my side:

- Signal announces/endorses mobilecoin support, as their new and only cryptocurrency option

- I figure I'll get on it early this time after missing out on Bitcoin, despite Signal only supporting this in the UK (for now)

- Mobilecoin and Signal websites both mention FTX as being the only exchange where you can currently buy mobilecoin, never used it before but I go ahead, transfer $1000 worth (at the time) of bitcoin to buy mobilecoin

- There are currently no other wallets for mobilecoin (except maybe some difficult to use or obscure ones that looked sketchy? don't like leaving money on the exchange but didn't really have other options)

- Mobilecoin spiked on ftx, sold and bought back a few times, at the right time with some good luck, now have $20,000 of mobilecoin

- Signal finally adds support for mobilecoin in my country, proceed to try and withdraw it

- However, my country just announced legislation to require ID in order to buy/sell cryptocurrency, but it's not planned to go into effect for at least another 6 months or so, but FTX decided to start requiring it immediately and wouldn't let me withdraw without it (I could see they were still willing to take more deposits from me without it though!)

- FTX had trouble verifying ID, I already suspected what was about to happen, tried my best to get my crypto out but they kept having excuses, the ftx fall out and everything became known some months later

> Cryptocurrencies are awesome. Greedy people who can't do research and complain loudly when their "get rich quick" schemes blow up in their face make everyone look bad :-/

Normally I wouldn't acknowledge this, but I find your assumptions and accusations about me quite rude, for someone who has been on HN for at least 12 years you should know the rules. I simply stated the timeline of events as is, because there is no denying the connection between Signal and FTX through mobilecoin, and I only spent what I could afford to lose, I was well aware of the risks.

[1] https://www.businessofapps.com/data/signal-statistics/

[1] https://news.ycombinator.com/item?id=38117385

https://venturebeat.com/mobile/whatsapp-subscription/

Signal also intentionally doesn't store too much data, long term data costs will slowly grow over the years. I imagine for a bigger platform, costs can grow to multiples of the rates for Signal and smaller Mastodon servers.

€10 per year should be more than enough for most users, though, and it should be quite affordable for most countries.

Source: https://venturebeat.com/mobile/whatsapp-subscription/

(Originally WhatsApp charged $1/year.)

https://en.wikipedia.org/w/index.php?title=WhatsApp&oldid=11...

(Small difference is that WhatsApp had a profitability of –93 %.)

Only a tiny fraction of my contacts use Signal, and most of those are also on Whatsapp, Telegram, Discord, and others.

Signal offers essentially nothing to me.

I hope that they make it so you can register WITHOUT a phone number. Perfectly fine if it's not the default. This is post is currently implying that is not currently the case.

WhatsApp instead makes tons of money from this kind of metadata.

Signal is an awesome project but some of their decisions annoy many users. E.g. Signal does not allow to automatically save all pictures in the gallery. It's a privacy feature, but it's inconvenient since it forces me remember to download each image seperately.

Many of my family also dropped Signal.

It is now really only used by the hyper-privacy conscious.

I do fear they'll loose most tech un-savvy users because they don't know how to pay (safely).

There must have been some kind of venture backing because there was no money coming in at all from users for a long time.

Now add the cost of providing support (it's a paid product now!), payment handling on their end (in a privacy-preserving way, which excludes most common payment methods), and top it off with the immense damage to the network effect by excluding all the users that can't or simply don't want to pay $1/year...

Donations seem like the much better option here.

You don't need to provide support, even much more expensive consumer services live without a proper one, so being explicit about the fact that you only pay for infrastructure could suffice

Not sure why payment privacy has to be so strict for everyone

The network effect damage is real, but maybe it could be limited with donations :)

Just ignoring customer complaints and selling the service "as-is" is usually not an option.

Besides, even now they're not ignoring all the complaints, the do fix bugs?

Maybe to be more specific, how much did it cost WhatsApp when they had $1 price and a tiny team? How does it compare to the cost of SMS?

FB acquired them next year and if my memory is correct there were 19 in the team then.

[1]: https://en.wikipedia.org/wiki/WhatsApp

With just a bit more effort you can see that most of those $148 are not related to the extra customer support we're discussing, but rather to the things that Signal is already doing

Costs and expenses in 2013:

Cost of revenue 53 (payment processing fees, infrastructure costs, SMS verification fees and employee compensation for part of operations team)

R&D 77 (engineering and technical teams who are responsible for the design, development, and testing of the features)

G&A 19

I'd like a signal daemon on all my servers for alerting which could message me via Signal. This is worth a monthly fee to me.

I know people running small businesses who would really like to have a business Signal account: an ability to send Signal messages as a business identity without tying it to some specific phone number. This would be worth a subscription even if they had to get their customers to install Signal.

Signal need to figure out what product they sell that's going to fund the privacy objective: because there's plenty and they're worth having.

Just sign up with a Twilio number (using voice call) and you can make your own bot.

IMO Signal need to figure out what they sell to people with the money to say "yes, this service helps me make money" so they fulfill the big mission statement. That's true viability.

Within that bucket there's some real obvious ones: server monitoring and alerting (I have Signal, let my severs have Signal so they can talk to me, maybe at an agreed reduced throughput rate so someone doesn't just try to run TCP/IP over it), and letting businesses have a secure multimedia messaging channel to their clients for notifications.

But I think it's pretty clear by now that this is a feature for FVEY IC, not a bug. FFS, they burned development resources on stickers, but abjectly refuse to offer alternative account identifiers. The standard apologist response is, "but phone numbers make adoption easier". Sure, but nobody is asking to replace the identifiers, or even to make them nondefault. We're just asking for the option. It could be hidden behind a developer mode for all I care, but it should be there.

The fact that they abjectly refuse to do it is enough to tell you about what their true motivations likely are.

Indeed, the Wire messenger is done like this - it offers phone number, but has an option to not use them and only rely on the usernames (although I think you need to register in the web browser for that)

[1] https://www.theguardian.com/technology/2016/jan/18/whatsapp-...

It's possible that they were only enforcing it in some regions, though.

But I remember other people started to en masse switch to other messengers like Viber(?). And Whatsapp had to stop enforcing the fee.

All pricing was entirely optional

Here's one reference to a different price (can't find lifetime except for people complaining that Facebook didn't honor it on original ToS)

https://www.wired.com/2011/11/whatsapp-messenger-app/

https://support.signal.org/hc/en-us/articles/360031949872-Do...

Nobody would accept a check here anyway as they're not guaranteed. These days I pay with my watch or phone everywhere (Samsung Pay). I don't even use the chip on my card anymore. And payments between people happen digitally too (a system called Bizum here in Spain).

Fwiw, in America I use my phone to pay for everything too. But there are edge cases and tools like these often have utilities in domains that might not be common to the average person but are to specific groups. For example, these are often used in situations where cash is preferable but you wouldn't want to cary that around, like real estate down payments and buying a car. Some settings are sensitive to the exchange times (though that money looks like it is in your account instantly, it isn't).

I just wouldn't be so quick to make such a conclusion because it's pretty likely that your experience is not general. Despite America treating corporations like people, I'm pretty confident you aren't a corporation.

> Nobody would accept a check here anyway as they're not guaranteed.

Btw, a cashier's check is. Like I said, it is as good as cash.

You can still buy a SIM, a prepaid PIN, and a phone with cash, but you'd need to pay a non-correlated person to be seen on CCTV to do it, at a non-correlated time, and hope they don't just take your money and leave you nothing at the dead drop.

Then there's the hassle of setting up the account in a way that's not correlated with your location, normal waking hours, etc.

All of this could just be avoided if Signal did the right thing.

But they won't. Ask yourself why.

So what you've leaked is the information that you have an interest in private conversations. This might be a problem in some countries, but I think it's fair to ask folks in affluent countries with working (sorta) democracies to shoulder that burden. I.e. you don't donate if there's elevated threat to your safety, there are enough people who aren't under elevated threat.

There's also the possibility of using a donation mixer like Silent Donor, though I'd evaluate that very carefully. (There's a record of the transfer in, and the mixer needs to keep temporary records for transferring out. There's also the question how you verify the mixer doesn't skim.)

Some donation mixers accept crypto currency, so for maximum paranoia, I suppose crypto->crypto mixer->donation mixer->charity might be workable. Or hand cash to a friend who donates in your stead.

As always, the best path is to set aside paranoia and build a threat model instead to see what the actual risks are.

It's like brute forcing, we just want something where we'd be surprised if someone could accomplish it within the lifetime of the universe though technically it is possible for them to get it on the very first try if they are very very lucky. Which is an extreme understatement. It's far more likely that you could walk up to a random door, put the wrong key in, have the door's lock fall out of place, and open it to find a bear, a methhead, and a Rabbi sitting around a table drinking tea, playing cards, and the Rabbi has a full house. I'll take my odds on 256 bit encryption.

> Servers: $2.9 million dollars per year.

> Registration Fees: $6 million dollars per year.

> Total Bandwidth: $2.8 million dollars per year.

> Additional Services: $700,000 dollars per year.

Signal pays more for delivering verification SMS during sign-up, than for all other infrastructure (except traffic) combined. Wow, that sounds excessive.

https://www.cnn.com/2023/02/18/business/twitter-blue-two-fac...

Previous Twitter employees have said that this is incorrect. Because Twitter began as an SMS-only (and then SMS-first) application (remember 40404?), they very early on established direct-connection infrastructure for sending SMS, meaning that they have a marginal cost of literally $0.00/message in most markets. Twitter still has to maintain that infrastructure, because they didn't get rid of SMS 2FA - they just restricted it to Twitter Blue users, so the overhead is still the same.

Almost nobody else who delivers SMS today has that infrastructure, because it doesn't make sense for most services to build.

The only place where Twitter was paying significant amounts for SMS was due to SMS pump schemes, which is a consequence of Twitter gutting its anti-spam detection, resulting in them paying for SMS pumping which was previously blocked.

I am very, very interested to understand how that works, because without more detail or sources I'm calling bullshit. I definitely understand how Twitter could have greatly reduced their per-message fee with telecom providers, but at the end of the day Twitter is not a telecom and is still at the mercy of whoever is that "last mile" for actually delivering the SMS to your phone, so I don't understand how they have no marginal cost here. Happy to be proven wrong.

For something like Twitter where you could post by SMS, the balance of traffic might have been such that giving Twitter free outbound SMS was balanced by the charges incurred by customers sending to Twitter's shortcode. Or it might just be balanced by increased customer happiness when they can use the product more effectively.

If the carrier doesn't run their own messaging infra, they might be paying their IT provider on a per message basis, and might not be able or willing to set the messaging rate to zero.

For a use case where SMS is used to show control of a phone number, getting a zero cost direct route is a harder sell, but it can happen if the routing through aggregators is poor and the carrier is concerned about that, or if there's some other larger agreement in play.

I ran the engineering side of carrier integrations at WhatsApp. Carriers wanted to sell data plans with special pricing for data with WA and use WA branding in advertising, because it attracted customers that might later convert to a bigger general purpose data plan. As part of that, we would ask for zero rated SMS to their customers for verification. When it was available, it was generally faster and higher success vs sending messages through an aggregator.

We also had some, usually small, carriers approach us asking us to set up direct routes to them for verification, because their customers would not always receive our messages when we sent through an aggregator. Early in my career at WA, we would just send these carriers to our aggregator contacts, and often things would get linked up and then we'd still pay $/message but it would work better. As we got a little bigger and built support for direct routes anyway, it was usually not too hard to set up a direct connection and then there'd be no cost for that carrier. Messing around with IPSEC VPNs and SMPP isn't fun and the GSMA SOAP messaging APIs are way worse, but once you get the first couple implementations done, it becomes cookie cutter (and FB had built way better tools for this, and a 24/7 support team, so I never had to be up, on the phone with telco peeps at 3 am kicking racoon or whatever ipsec daemon we were running until it finally connected)

In general, pricing varies widely by destination (country and sometimes carrier), US and some other places are

Those SMTP -> SMS gateways sometimes work in the US, but they don't work much in other countries, and they're not good enough to rely on if your product requires an SMS during the new user flow. SMS costs are real and it's frustrating, but if it costs too much, you need to use something other than phone numbers for ids; I don't think skirting by with email gateways is going to work. But, if you build dynamic routing, I guess you could try.

Also, you've got the use the right email gateway for the user's carrier, and a carrier lookup is on the order of $0.01, unless you have tons of volume, so for the US, you might as well pay for the SMS.

[1] https://assets.cdn.prod.twilio.com/pricing-csv/SMSPricing.cs...

So sending 1 costs the same as sending a 10 million. It isn't that they are free to send, its that they are charged for access to the system, but aren't charged per message.

This is not how SMS pricing works in many, if not, most countries.

I have no experience directly with foreign telecoms, so I was simply explaining how something with no marginal cost could still be a very expensive system.

In most of the world, SMS is billed per-message, so it's basically no extra effort on the Telecoms side at all. In fact, Telecoms' online charging systems are fast enough to calculate users' data usage by seconds in real time, so they don't even blink at counting SMS.

> If you are drawing as much billable traffic as you are sending

SMS verification traffic is usually unidirectional, so that’s very unlikely to be the case.

... legacy telecom operators have realized that SMS messages are now used primarily for app registration and two-factor authentication in many places, as people switch to calling and texting services that rely on network data. In response to increased verification traffic from apps like Signal, and decreased SMS revenue from their own customers, these service providers have significantly raised their SMS rates in many locations, assuming (correctly) that tech companies will have to pay anyway.

...

These costs vary dramatically from month to month, and the rates that we pay are sometimes inflated due to “toll fraud”—a practice where some network operators split revenue with fraudulent actors to drive increased volumes of SMS and calling traffic on their network. The telephony providers that apps like Signal rely on to send verification codes during the registration process still charge their own customers for this make-believe traffic, which can increase registration costs in ways that are often unpredictable.

It still seems like a lot of money to spend on simple, old technology, but from the PoW perspective, making it cheaper would defeat its purpose.

*Which is why many sites reject Google Voice numbers, for example, for SMS verification.

There's nothing that requires tech companies to use SMS for registration or for 2FA. The normal way to do it is by email, which continues to be free. For Signal, there is no need to do 2FA registration at all.

Signal is ideologically committed to publicizing your phone number, and apparently they'd rather pay $6 million to hold to their commitment than just... not do that.

That'd be all well and good... the technology would die naturally, but all my American relatives continue to stubbornly use iMessage.

For P2P communication. SMS is alive and well for B2C messaging, most importantly for 2FA OTP delivery, but also as a first line of defense against spam/bot account creation.

It's not a good solution to either problem, but it's slightly better than nothing (which apparently makes it good enough for many), so I suspect we're stuck with it for now.

> That'd be all well and good... the technology would die naturally, but all my American relatives continue to stubbornly use iMessage.

iMessage is not SMS, though. It just uses phone numbers as identifiers, but so do many other popular over-the-top messengers, including the most popular one globally.

I've got an Android phone so all iMessage transmissions come across as SMS (or MMS).

The iOS application is called "Messages"; iMessage is the over-the-top Apple-exclusive messaging service.

1. https://www.wsj.com/articles/why-apples-imessage-is-winning-...

It reminds me of the "Blue eyes/Brown eyes" exercise (https://en.wikipedia.org/wiki/Jane_Elliott) so let's say this was a real psychology experiment. Middle-schoolers and high-schoolers are encouraged to communicate via a chat application with rich multimedia functionality. But any conversation that includes even a single individual who belongs to an arbitrarily-defined "out-group" has its functionality degraded and the application highlights who the out-group member(s) are. After a year you compare the mental, social, physical, and academic well-being of both groups. Would your university's IRB approve such an experiment?

I initially gave Apple the benefit of the doubt that this was simply a technical limitation. And of course kids will always bully each other about something. But at this point it does indeed seem like a billion-dollar company is intentionally amplifying and leveraging this sort of bullying to drive marketshare. If you don't find this immoral then I'm not sure what to say.

Bullies will bully. Targeting the articles of bullying versus the source is fruitless; the former is unlimited.

My carrier charges an arm and a leg for international texting, and if distinguishing between texts and iMessages wasn't as easy as it is, I would probably have to pay hundreds in carrier bills at least once.