Just curious, how come at least once a month signal bugs me to turn on notifications? I said no for a reason, every single time - why does it keep asking?
Not implying anything evil but it feels a bit weird esp after this.
Signal developer here. It's just because notification reliability is always a top support complaint, and a lot of people turn off notifications and don't realize they've done so. Admittedly, once a month is likely too aggressive.
How about instead of prompting to enable notifications, you leave a small banner or other unintrusive/non-annoying UI noting that they're off, which users can tap in order to learn more about how to reenable them?
For an app that prides itself on privacy, it's kind of crazy that you're making it so easy to accidentally blow it.
That would drive me nuts. I do not want a banner permanently on I cannot remove.
And before someone suggests it: If the banner can be removed, you’re back to having lots of complaints for users that did not realise they turned off notifications.
Doesn't have to be prominent and doesn't even have to be a banner. The ultimate point is to make it hard to reenable by accident, and to not make it annoying. Lots of ways to do that.
Try from inside the signal app itself instead of system settings? On android Signal has an option at hamburger menu > Settings > Notifications > Notifications (toggle switch)
Oh... hmm, two toggles actually. One at Settings > Notifications > Calls > Notifications toggle, and the other at Settings > Notifications > Messages > Notifications toggle
> notification reliability is always a top support complaint
I know octogenarians who use signal daily. "You called me and it didn't ring" or "messaged and it didn't beep" are definitely the top support complaints I receive. Thanks for being sensitive to this use case.
It's just a mental compartmentalization thing for me. When I want to get into slack/signal chatting mode or read messages I load such an app and look/interact. When I'm not doing that I don't want to be bothered with messages. I'm already sacrificing a portion of my life to work related tasks and being in front of a computer at many hours, when I'm not in that mode I don't want to be interrupted - people who need to reach me in an emergency have other ways to get ahold of me.
I disable notifications on every app that is not on the critical path to me earning a living. Notifications are largely unnecessary. Either you are actively engaged with something, in which case you didn't need the notification, or you are doing something else and don't need the distraction, in which case you didn't need the notification. Only my employer gets a right to demand my time during work hours, which is why notifications are enabled during work hours for work apps.
We as a society have gotten way too comfortable expecting every single person to be available at all times to provide us some kind of immediate response. Let people live. If I'm hiking through the woods with my camera doing bird photography, even if you're my best friend you can wait until I get back to my car and manually check my messages, I don't need a notification. If it's an emergency, dial my number and call me, which will make my phone ring. Novel concept, I know.
Personally, I have multiple messaging apps. I have notifications on for work slack, which is high signal, and I have notifications off for personal discord which is noisy and low priority.
Why does any software keep asking you to do things you explicitly told them you don't want to do? Because it's in the software developer's best interest to get you to do them, not yours. We've gotten way past the point in software where we no longer expect the software to serve the user's interest and solve the user's problems. Now, the expectation is that the user gets nagged and coerced into serving the software's interest and solving the developers' problems.
EDIT: Looks like a developer confirmed this in a sibling comment already: It nags you because that solves their support problem.
We build Signal for everyone, and that includes a lot of people who are not as technologically literate as the average tech worker. For a lot of people, they don't even know they dismissed the notification permission prompt, they were just closing boxes. For them, the reminder is helpful and prevents them from experiencing missing notifications. Striking a balance between helping these people and annoying more technologically-literate users is very difficult, with compromises everywhere. We're just trying to make sure Signal works for people, nothing more.
Not really. A portion of users will randomly tap that just to get rid of the question. They don’t read.
The easiest way to experience that yourself is to set your device to a language you barely understand. You’ll find yourself dismissing dialogs just like all those illiterate normies.
Thanks for the reply. I know it feels noble to do it that way, and I admit I get dogmatic over this one principle: a computer should first and foremost obey the user. It shouldn't have its own agenda. It shouldn't second guess. It shouldn't "did you mean?" I command the computer, and the computer executes that command and then waits for the next command. If I command it to not display a particular output (notifications), then I expect it to never display them, full stop.
I don't see my computers as partners or helpful assistants or eager interns. I see them as tools for reliably performing computation, and I expect them to operate that way.
I fully understand that this means that fewer and fewer developers are "building their software for me" and I find that pretty disappointing.
I'm sure everyone loves it when they accidentally press "Delete", and the app instantly deletes a thing forever without showing any confirmation dialog. After all, if the computer asked you to confirm it, it would mean it disobeyed your direct order!
HN truly never fails to make me laugh when it comes to discussing user experience.
“Their support problem” is a regular person’s problem getting the software to work how they want. That frustrated them enough to complain about.
I don’t follow how it’s necessarily selfish for the developer to reduce that.
There certainly are selfish ways to reduce support load, like making it harder to ask for help at all. But this way seems like the right way: listen to users’ problems and act to avoid them.
If your remedy causes more pain and frustration than the status quo, you’ll end up with more support load, not less.
Sure it’s greyer when the developer’s trying to sell something, but what does Signal gain from pushing notifications on users?
This seems to be about making the software humane and forgiving—meeting users where they are, not tricking them into something they don’t want.
Yes Google constantly asks me to backup my pictures to their platform No, I don't want this. But regularly when I go to my photos it'll pop up with a box asking and the default option is yes please back up. Sad.
"Consent" has become this mystical foreign concept to software developers. If the world of computing was a night club, "Silicon Valley" would be that creepy guy who goes up to everyone asking "Do you want to dance? [YES | Ask Me Later]".
It's pretty shortsighted, bordering on intentionally obtuse, to insinuate that the only person that benefits from solving the support problem is the person on support.. Take the example of automatic backups others brought up in this thread. Are you really going to imply that there's zero benefit to the person who didn't lose their data because the app reminded them to turn backups on?
I don't disagree that it could be improved with a simple "don't ask me again" style setting, but that doesn't change the fact that every time someone doesn't issue a support ticket, it's because they didn't run into an issue. Any effective solution to a support problem is mutually beneficial for the user as well as the support staff.
If a person says “no” to a prompt multiple times then either they aren’t reading it and never will or they definitely know they are not interested and at some point it needs to stop.
Messaging platforms where people receive and promptly respond to messages are more successful in the long run. That's why SMS overtook email. If you own a messaging platform there isn't anything inherently nefarious about pushing people to enable notifications.
imagine someone shows up to your door and tries to sell you garbage. you ask him to leave and he says he'll show up again soon. and these idiots defend this behavior. at the end of the day, the people on this site are muppets, they just dont like facebook is all.
What I don’t understand is why anyone can’t imagine scenarios where folks don’t want to turn on notifications. Also, why on a site where all I ever read is “users should be allowed to choose, users should be allowed to control their computers, users should have their consent respected,” etc. (especially when Linux comes up) are we seeing “no, users should keep getting nagged to turn on a feature they explicitly said they don’t want to use”? It’s not like it’s hard to go enable notifications. They can easily change their mind.
Does Signal magically show up on people's phones and open itself at random point in time? I have a suspicion, that you might not be too good at this whole "making analogies" thing.
Pretty sure that's just iOS behavior + app design. If notifications are off, apps will occasionally prompt again to make sure you didn't disable them by accident or miss something
No, the OS will not do that, nor is the developer able to trigger the system prompt again when they detect the user has notifications off. Only thing they can do is present their own prompt and link out to the Settings app for the app's settings. Can't even deep link to the app's notification settings.
Sorry, I really cannot tell if this is sarcasm or not.
One of the TOTP apps had a periodic test that you still knew the paraphrase. It started frequent and then backed off to like once a month. There’s definitely a benefit even if it’s annoying.
That’s not sarcasm and it doesn’t allow any backup, it literally just to make sure you didn’t forget the PIN. It’s once a week, forever. It’s a good way to make sure people don’t activate 2FA.
SCION is generally considered snake oil within the network operator community. Its weird single vendor for profit company that ships it's software, the fact that no router hw asic fwding supports what they want to do and then the general scummy inclusion of block chain / crypto as well as some "green washing" for PR hype.
Sure the swiss have their toy but no one is taking it seriously.
Hmm, I'd disagree. The fact that Anapaya Systems (the for profit company mentioned) has the only commercial implementation/adjacent software is a problem, yes. But "snake oil" doesn't quite match up with the fact that SCION right now provides the backbone for the Swiss financial network moving 200 billion CHF each day [1], so at least some level of workable technology has to be there. And for no one to be taking it seriously, there's a decently long list of multinational ISPs at the very least taking steps towards offering SCION to customers [2] (e.g. British Telecom has expressed enough interest that they have various recent marketing videos on Anapaya's YouTube channel). Finally, I'm not sure what you mean regarding the "scummy inclusion of block chain / crypto" - as someone who has worked on SCION-based projects I never heard anything about this. Apparently a blockchain company invested in Anapaya, but that doesn't really change anything about the protocol itself, does it?
I don't think the swiss banking network is really the right thing to point to. Folks measure networks in bps/pps, not financial transactions - nevermind the actual control plane bits (num of prefixes, as paths, etc.). Plus it's all within one country where you have the luxury of being able to directly influence and steer those companies into adopting this.
As for BT - they're just one broadband ISP operating primarily in a single country. I don't see that moving the needle - you're missing CDNs, traditional large scale "tier 1s" and cloud or large hosting networks.
RPKI got to where it is today through community engagement by folks like Job S. and others - hitting the conferences, direct engagement with operators and raising the bar from a software quality and standards perspective - which still continues today. That's how you get the internet to adopt something that is considered the new normal.
As for your ISP list - I know there are networks listed there that aren't running scion in a production capacity (perhaps you can run scion in a virtualized environment on top of them which is different than those companies running it on their production network).
As for the block chain - it was all the Sui stuff.
> SCION right now provides the backbone for the Swiss financial network moving 200 billion CHF each day
This is a meaningless benchmark - for a small group of trusted big enterprises with insurance policies and mutually signed contracts you could've just as well used OSPF with zero filters.
The benchmark would be adoption by an actual large number of parties that don't/can't talk to eachother spread across the world. With a large chunk of them being malicious or incompetent to the point of being effectively malicious.
I'm not claiming that this shows SCION can replace the respective parts of the network stack right now, and you're right that at a global scale this is still an unproven technology. But I would argue that a technology needs a certain level of matureness / is not "snake oil" if it is deployed in a heavily regulated and comparatively conservative sector such as banking.
Aren't heavily regulated sectors the one where you usually encounter snake oil? Useless WAFs and other security snake oil products, Microsoft 'collaboration' jank like Teams and Sharepoint, MitM proxies, etc?
I gotta say some of the proposed use cases are things no one is looking/asking for. One I recall was having a network decide to reach another network by avoiding countries that aren't carbon neutral (which could take longer hops and use more infra / more energy...) feels like they're trying to say they're the green/environmental friendly protocol.
Why does a routing protocol matter for the banking sector? With proper encryption the route the packets of transaction data takes should not matter at all.
There are "live" residential proxy IP lists you can purchase today from a variety of companies. Various companies defending use them as an additional data point when making a call to throw a captcha or block.
ISPs have been fairly silent on the topic (it is a hot topic for many of them due to the kimwolf botnet leveraging resiproxies to function and launching attacks). In many cases, being a resiproxy is a violation of the TOS - but they struggle with enforcement and how to do customer engagement given that most resiproxies are loaded without the end user knowing. So you have an educational problem - how does an end user figure out how to remove it.
Some ISPs could null the resiproxy c2 infra - and a few have played in that space.
Home router vendors could play their part and notify users exactly which device is connecting out and give them an option to isolate, etc.
My biggest issue with IP brokers is how they'll avoid taking any responsibility for their customers action. A fair amount of bullet proof hosters (and we're talking malware distribution, botnet c2s, ransomware c2s, proxy/scanning) get their space from brokers. When you engage with the brokers they say go talk to the transit providers - and because the bullet proof guys can switch off to another transit provider easily they maintain connectivity/continue to operate. Super common in Europe where most of this goes on and they have a super plentiful transit market - but they are still rolling with the same set of IPs they get from these brokers (and one in particular).
I thought these days one can go directly to the RIR in case neither LIR nor the IP end-user acts on repeated/ongoing abuse? With the ongoing tension between central policy enforcement mechanisms vs. net/jurisdictional neutrality…
AI companies are _already_ funding and using residential proxies. Guess how much of those proxies are acquired through being compromised or tricking people into installing apps?
I constantly get tik tok style everything everywhere all at once fever dream headache rapid edited clips. There's a difference between to the point and just being brain rot delivered with no background. Reminds me of happy hardcore techno - you can't really feel the bass because it's not getting enough time to reverberate.
This. The lawful intercept infrastructure is one facet of their network. The rest of their infra is also a deep concern: call records, SS7 signaling, the IP network, mobile infra and it's back end (sim swapping).
Not implying anything evil but it feels a bit weird esp after this.
reply