this post was submitted on 27 Oct 2025
73 points (98.7% liked)

Technology

4504 readers
521 users here now

Which posts fit here?

Anything that is at least tangentially connected to the technology, social media platforms, informational technologies and tech policy.

Post guidelines

[Opinion] prefixOpinion (op-ed) articles must use [Opinion] prefix before the title.

Rules

1. English onlyTitle and associated content has to be in English.
2. Use original linkPost URL should be the original link to the article (even if paywalled) and archived copies left in the body. It allows avoiding duplicate posts when cross-posting.
3. Respectful communicationAll communication has to be respectful of differing opinions, viewpoints, and experiences.
4. InclusivityEveryone is welcome here regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
5. Ad hominem attacksAny kind of personal attacks are expressly forbidden. If you can't argue your position without attacking a person's character, you already lost the argument.
6. Off-topic tangentsStay on topic. Keep it relevant.
7. Instance rules may applyIf something is not covered by community rules, but are against lemmy.zip instance rules, they will be enforced.

Companion communities

!globalnews@lemmy.zip
!interestingshare@lemmy.zip

Icon attribution | Banner attribution

If someone is interested in moderating this community, message @brikox@lemmy.zip.

founded 2 years ago
MODERATORS
BrikoX@lemmy.zip
73
‘There isn’t really another choice:’ Signal chief explains why the encrypted messenger relies on AWS (www.theverge.com)
submitted 5 days ago by BrikoX@lemmy.zip to c/technology@lemmy.zip
25 comments fedilink hide all child comments
 

Signal was just one of many services brought down by the AWS outage.

top 25 comments
sorted by: hot top controversial new old
[–] who@feddit.org 33 points 5 days ago* (last edited 5 days ago) (3 children)

“The question isn’t ‘why does Signal use AWS?’” Whittaker writes. “It’s to look at the infrastructural requirements of any global, real-time, mass comms platform and ask how it is that we got to a place where there’s no realistic alternative to AWS and the other hyperscalers.”

To me, this reads as sophistry.

What happened here is a predictable result of Signal's design. They chose to build a centralized messaging system. This made things significantly easier for them than a distributed design would have been, but it comes with drawbacks. Having single point of failure is one of them. (In this case, that single point is Amazon.)

Trying to direct the public's focus onto cloud providers instead of acknowledging this fundamental shortcoming in their design is, frankly, disingenuous. Especially coming from someone in Whittaker's position.

While we're at it, let's acknowledge that centralized design in messaging systems is problematic not just because of (un)reliability, as seen here. It also creates a single point of attack for any entity seeking to restrict, shut down, or track people's communications. End-to-end encryption cannot solve those problems.

[–] possiblylinux127@lemmy.zip 20 points 5 days ago (1 children)

Signal is user friendly and reliable

While I don't agree with some of their choices they do have a point here.

[–] cabbage@piefed.social 3 points 5 days ago* (last edited 5 days ago) (1 children)

Yeah. I'm the nerdiest person I know—I'm not gonna try to convince people to use something I struggle to understand myself. Signal is good because it does not feel like a compromise, and the advantages are easy to explain. Matrix I wouldn't even know how to sign up for myself, as much as I would love to see the entire internet run on decentralized technology.

I am sure it's not so difficult and that I could find a good instance and figure it out if I sank some time into it, but that's really not the point here. The point is that me doing that would be worthless as I still couldn't convince anyone else to join, and nobody I am interested in talking to is currently on there. (In other words: this post is not me asking for help to sign up for Matrix)

[–] possiblylinux127@lemmy.zip 2 points 4 days ago

Honestly I kind of wish that Simplex Chat was a bit more user friendly

It focuses so much on privacy and anonymity that it is hard to use.

[–] KairuByte@lemmy.dbzer0.com 15 points 5 days ago (3 children)

I get your point, but that comes with a whole host of other problems. Take a look at Lemmy for instance, decentralized, yes. But also prone to problems stemming from that same decentralization.

[–] ryannathans@aussie.zone 10 points 5 days ago

Now scale that to the size of signal.. Oof

[–] who@feddit.org 2 points 5 days ago (2 children)

But also prone to problems stemming from that same decentralization.

Exactly what problems do you have in mind?

There is no reason to assume that a distributed incarnation of Signal would have the same design as ActivityPub or Lemmy.

[–] 1984@lemmy.today 1 points 4 days ago (2 children)

Thats true but what examples is there of successful distributed apps with tons of users?

[–] who@feddit.org 3 points 4 days ago* (last edited 4 days ago)

We're not talking about a distributed app, but a distributed service.

Email.
The web.
The entire internet.
The postal service.
The telephone network.

[–] KairuByte@lemmy.dbzer0.com 1 points 4 days ago (1 children)

Massive lag coming from larger instances, instance moves or domain name loss causing the death of an instance, misconfigurations in general since those cause a plethora of problems.

[–] who@feddit.org 1 points 4 days ago* (last edited 4 days ago)

Problems like those are unavoidable even on today's Signal, because the service depends on internet peering relationships, internet service providers, mobile network operators, cell tower reception and backhaul, etc. Oh, and Amazon.

You usually don't notice them because when any of those components develops problems too often, affected users tend to get annoyed and switch to a more reliable one. (Also because you don't expect to receive messages from as many people or as often as you do on Lemmy, so short outages are less likely to affect you.)

All of this would still be true in a distributed Signal, except that users could switch away from Amazon as well. Meanwhile, everyone not using Amazon would still be chatting during an Amazon outage.

[–] possiblylinux127@lemmy.zip 1 points 3 days ago (1 children)

Almost all of Lemmy uses Cloudflare

The modern internet pushes centralization

[–] KairuByte@lemmy.dbzer0.com 2 points 3 days ago

I mean, that’s not quite the same thing to be honest. That’s a choice made hundreds of times by individual instance owners. Is it a good choice? Debatable. But that reliance can also be bypassed by those same owners rather quickly if it became a problem. You can’t pivot out of AWS quite as fast unless you have a backup plan locked and loaded.

[–] artyom@piefed.social 1 points 5 days ago

It also creates a single point of attack for any entity seeking to restrict, shut down, or track people's communications.

That's what relays are for.

[–] NGram@piefed.ca 19 points 5 days ago (2 children)

It is true that there really isn't another cloud provider that they could choose. All of the other cloud providers (major and minor players) are prone to the same sort of systemic failure. But it isn't true that they didn't have another choice.

The solution to service failure is redundancy. Making the redundancy as different as possible makes it even more resilient. In this case, that would be having redundant servers on other cloud providers which can be used in the event that the main one fails. Even better if they can use all of them simultaneously to share the load and let failover happen more gracefully.

[–] NaibofTabr@infosec.pub 20 points 5 days ago (1 children)

Right, OK, but Signal sustains itself on charity.

[–] NGram@piefed.ca 5 points 5 days ago

I don't think that's necessarily incompatible with what I suggested. They could just leave the backup servers offline until they're actually needed which shouldn't cost them anything (or at least not much; some cloud providers charge for a VM's storage usage regardless).

Assuming that Signal's servers were designed by competent engineers, the engineering cost to make a change like this shouldn't be that bad. Though judging by Whittaker's comments, that may be a bad assumption.

[–] possiblylinux127@lemmy.zip 12 points 5 days ago

That is very pricey

[–] scytale@piefed.zip 16 points 5 days ago (1 children)

Yes, but you can have redundancy though. Obviously it comes with a cost, and I don't know if Signal can afford it.

[–] r8KNzcU8TzCroexsE2xbWC@lemmy.ca 20 points 5 days ago* (last edited 5 days ago) (1 children)
[–] TacoButtPlug@sh.itjust.works 7 points 5 days ago

That was... enlightening. I can't imagine the scaling they had to do from day 1 to now.

[–] noname_yet2077@lemmy.world 10 points 5 days ago

Signal was down? Didn't even noticed

[–] DrDystopia@lemy.lol 0 points 3 days ago (1 children)

Signal users have no choice but to rely on Centric Untelligene Bureau's Amazon. And an American company registered in the US being allowed to provide unbreakable comms without being served a letter of national security? X to doubt.

While a ton of alternatives could be self-hosted or use VPS-hostable beacon servers for direct connection. I run my Briar hub mailbox on an old android for goodness sake.

[–] BrikoX@lemmy.zip 4 points 3 days ago

Signal is centralized by design. It has it's pros and cons, but it's not an alternative to decentralized comms that require self-hosting or networking knowledge. Different userbase.