In my experience WhatsApp has around 1 hour of (noticeable?) downtime a year, although not evenly spread out. That's about 99.99% available, which I'd consider pretty damn good for a consumer application. There's almost no person or business who will have a real problem caused by that. Let's not blow things out of proportion.
I think some businesses depend on Whatsapp. I remember jumping in a cab in a middle eastern country and they would use voice notes on Whatsapp almost like how you would use a 2 way radio. An hour of losing your normal mode of communication will impact your small business
I don't have a strong opinion of an hour of downtime is bad or not, and I think the concern about five nines for everything was silly. But it's an interesting talk I think it's worth watching. Is software getting worse and could we reverse the trend if we tried?
Jonathan Blow is a good speaker – I haven't seen this talk (will watch later) but I'm sure the content is good.
However, he has also not worked in a tech company of the kinds we see today (games are a different business), and he hugely underestimates the necessary complexity of systems. He is right that there's a lot of unnecessary complexity, and that we should push back on complexity of all kinds, but I've always found his opinions around this to be naive, to lack nuance, and to lack experience. His arguments often boil down to criticising progress rather than acknowledging the issues progress brings and finding ways to work around or minimise those issues.
Getting to five 9s is hard, and as software does more it'll get harder, but it's not impossible, particularly if we look at five-9s from the user's perspective, as clients get smarter we have more leeway to accept minor downtime without harming the user experience.
> Is software getting worse and could we reverse the trend if we tried?
I think part of the problem is that we are focusing on the wrong thing in a lot of areas. Complexity is the real evil most of us suffer from.
Achieving 9 9's is not something you can explicitly set out and do as your primary objective. It is a side-effect of other quality choices made in aggregate.
Looking at a subset of an entire system and asking "is that database resilient to x 9's" and then worrying about that as your new target is how you wind up with something so inherently complex that the effective resiliency is somewhere around a single machine circa 1999.
Instead of looking at every piece of hardware as a potential time bomb, you could start to embrace higher-quality components and arrive back at something that resembles a mainframe again.
US based isn't a concern in this case, as the data they store is pretty much unusable.
They publish the subpoenas they receive and the dump of relevant data to the authorities, and it's usually a timestamp associated with some ID and that's it.
Actually very nice to integrate with. I'm not using Google or Apple in my life. On the phone I'm using sailfish OS, so the main stream apps are not usually ported natively. Fortunately someone used libsignal and added frontend so signal is my main means of communication with friends. And I still don't have to drown into Google or FB services.
Much better in that it is open source (so you can audit the e2ee), and it does a lot about metadata. It is actually better at protecting metadata than many decentralized alternatives.
How do you know the source code you’re looking at is for the same program you downloaded from the App Store? Does apple publish a checksum of software you’re installing?
This is a failure of Apple and their walled garden, not of Signal. If this is a concern to you, you either need to jailbreak or switch to a more free as in freedom platform.
Honestly, if it really mattered a lot to me (i.e. to my own security), I would compile Signal from source and install it on my device. Which I could not do with WhatsApp.
That article doesn't support what you're saying. It says that WhatsApp has access to metadata, which it hands over to law enforcement. This does not necessarily mean that they can read your messages.
It does say that 'WhatsApp can read some of your messages if the recipient reports them'. That 'if' is doing a lot of work in this sentence. It means that the recipient has to decrypt your message.
Although there are forms etc. within the app for doing this, it's essentially no different to taking screenshots.
There is no way to ensure 100% privacy if the other party you are communicating with does not keep data they have access to private.
I'm not a big Meta fan, but as far as I am aware, they can't normally read your messages. The fact that it's closed source just means that we can't verify that for ourselves.
> The fact that it's closed source just means that we can't verify that for ourselves.
That's really the whole point. As far as we know, it could be that it is not e2ee at all.
Also from the moderation article, it's not clear to me what that means: if I report you, does that mean that the moderators will get access to all your recent conversations? Could be, right? But then the FBI could report you for no reason, and then ask WhatsApp to provide your recent conversations. Which would effectively act as some kind of backdoor, right?
I agree, closed source means we can't do anything apart from decide whether we believe Meta or not.
But my understanding is that the 'report' is from a user's WhatsApp client—if someone sends you a message that you think is reportable, you can report them to Meta. As part of the report, your WhatsApp client will forward some information to Meta.
Assuming Meta are not actively lying, this would not mean that it's not E2EE.
I'd say it's a lot better since it doesn't do unknown things with your address book. It actually doesn't do any unknown things and the fact that they're US based is irrelevant since they have nothing to give away thanks to E2EE.
WhatsApp uploads the address book from the user's phone to Meta's servers and after that it's unclear to outsiders what they do with it. Hence "unknown".
I'm presuming GP does not put Signal forward as a solution to outages. But instead uses the opportunity to talk about messengers and show that there are alternatives in general.
Yes it's what I do, and then I actively struggle to hold back on pushing Matrix/Element as the solution. The beauty of the federated system, it's the way the internet was intended to function, oh man I love talking about it. But, nobody unaware of Signal will ever run their own Matrix server of course.
Signal is simple, recognizable, very much like WA. A WA outage is indeed a good point in time to have a lighthearted conversation about messengers and platforms. A lot of people still don't realize Meta owns WA.
What I like is that the normy friends I have on Signal are now telling all their normy friends/colleagues about Signal and how we are still apping away while WA is down.
Yep. I host my own server and have it federated. That part was simple.
It was a struggle to get my core group of friends to sign up, and I just sort of haven't bothered trying to get anyone outside that group to try it. They are not technical people in the hn sense but are vastly more competent than the average joe.
It's the normies at large who dictate comms platforms really. Things like matching emoji support and easy + performant video and picture sharing are absolutely crucial.
I feel like people don't see the timeline. As much as I hate Zuck, his current 3D playground is probably comparable to a 70's video game, and his vision is that the Metaverse future is Skyrim or GTA5, I guess that'd be a Matrix-like virtual world.
Imagine a headset with a 360 degree camera, so you can broadcast your surroundings, and someone else can wear their VR headset and be seeing what your camera is seeing. Or use some transformation/extra gear so they can view the world/your avatar from a few feet next to you.
And I feel like people are high on fumes and refuse to see that there’s nothing there, none of the actual problems are solved, and there are no real use case being addressed. Someone just went “this is the next hype” and… is it?
Most next hypes flounder and die a lonely but well deserved death.
> his vision is that the Metaverse future is Skyrim or GTA5, I guess that'd be a Matrix-like virtual world.
Except for all the difficult bits which make matrix matrix, you know, the part where you don’t crash into a wall or destroy a display if you forget that you’re very much still in the real world outside of your helmet?
> Imagine a headset with a 360 degree camera, so you can broadcast your surroundings, and someone else can wear their VR headset and be seeing what your camera is seeing.
Yes because if there’s one thing that’s missing to my life, it’s an office supervisor being able to see my surroundings when I’m taking a shit.
Sure there's nothing there now, and I'm not cheerleading or hyping him on, but if I were in charge of this project I'd look if the tech which is portable and affordable could be developed (in a 10-15 year timeline) to prevent running into stuff. I look at your response and think "Why so much of the small-mindedness?".
I've seen people walk around tourist spots while video-calling their friends/family, the other side would be in their tatty t-shirts in their bedroom, but hey, they can enjoy a part of the caller's travels and adventures. Of course it's also currently possible to take a shit and video call your supervisor, geez, I wish you a better job than one where you have to answer supervisors' calls even while crapping...
What does "doesn't work" mean here, and who learns that lesson?
E-mail is decentralized, but every now and then a hn post pops up, complaining about how you can't run your own email server these days. Billions of people don't use email for personal communication, but use centralized apps like WhatsApp and many businesses do the same with WhatsApp, Slack and similar apps.
To me it looks like running a centralized service works really well for companies like Meta and Google and the fast majority of people pick those services over something else. I don't think many people will change their mind about this because of one outage.
Yeah, WahtsAps is the biggest messaging app in the EU, and I think other Latin-Am countries as well. Whenever it goes down it's bad for business and people.
I tried to convince people to move to Signal, but 1) they're not immune to outages as well, 2) the network effect is too strong, and 3) signal doesn't seem to get the QoL niceties that made WhatsApp appealing in the first place and insisting they know better. No easy chat history backup is a no-go for most people. No live location sharing is also a bummer. Plus their Android app is a second class citizen in quality and lacking tablet support.
This is the time when people search for alternate messaging apps like Signal, Telegram :)
Totally forgot that I have installed both those apps and opened them today after more than a year.
Is it also the time to remind about the fact that Telegram is not end-to-end encrypted? I mean, the "secret chats" are end-to-end encrypted, but if you use Telegram that's the last thing you want to use.
If you use Telegram with only the secret chats, then Signal is better. If you use all the cool features of Telegram, then your communications are not end-to-end encrypted (i.e. the Telegram server and whoever can hack them can read everything).
I sent a couple of WA to a friend, noticed the clock icon, didn't think about it until when I saw these news one hour later. If I really had to hear from her I'd call her or at least send her a SMS (maybe the first one of the year, to anybody.) Same thing if she were one of those friends I'm using Telegram to chat with. I assume that most of them have both WA and Telegram, WA for sure.
Down in Uganda too. I was speaking to my cousin who just had a baby and told her I'd call back in 2 minutes to see the kid and then whatsapp went down!
Sounds like youd maybe want to consider a platform with a lower downtime requirement - isnt sms/phone at like 5min/yr downtime (99.999% up) or whatever?
Last week, KakaoTalk (the main messenger used in Korea) was down FOR A WHOLE DAY because of a fire in their (1!) data center. Let's see how long it takes WhatsApp to get back online.
They can still text regularly though, so it isn't that much of an issue if there's a real need to communicate.
Edit: I feel like every response I'm getting is: 'but texting is expensive, especially with foreign contacts'. Sure, but do you really need to send 100 texts in the odd hour that Whatsapp is offline sometimes, or can they wait?
Parent wrote 'This is a big issue in Europe', which is what I'm responding to. I live in Europe, I have foreign contacts. This should not be a big issue, because for pretty much everything that can't wait, texting or calling will be worth it. If it isn't worth spending some money to get in touch with someone, it can probably wait. This may be an actual issue for a very, very small number of people. But the majority is just exaggerating because they feel disconnected without being able to send Gifs to their friends for an hour.
So, do you need to be in touch with these people instantly 24/7? Because if that's the case it's useful to have some sort of back-up. If it isn't, then the usual Whatsapp outage isn't actually an issue for you, since it takes a couple of hours in the absolute worst case scenario. And if you really need to get in touch, you won't care that calling them is a bit expensive.
> Emergency calls shall be supported by the UE [User Equipment] without a SIM/USIM/ISIM being present. No other type than emergency calls shall be accepted without a SIM/USIM/ISIM.
> It will be left to the national authorities to decide whether the network accepts emergency calls without the SIM/USIM/ISIM.
It’s generally bad etiquette to send SMS because it forces the other side to potentially have to pay money to reply. And if it’s cross-border then just forget it. Unless you are both on iPhones.
Yeah, but it's not considered bad etiquette to give in to WhatsApp's nagging to send your complete contacts so they can build their fscking social graph, thereby grossly violating EU GDPR in that phone numbers are personally identifiable information? And yes, it's you who's violating that law by handing out PII others shared with you under an implied assumption of confidentiality unless you've written consent by everybody stored in your contacts.
If you use SMS then you are sending not just your metadata, but the content of your messages in cleartext to your provider and the recipient’s, and depending on where you/your recipient lives, potentially the authorities too.
I’m all for living under a privacy rock, but WhatsApp is a much better rock than SMS.
In Europe you're degrading all the way to basic SMS because as far as i know MMS never worked properly. So basic text only, no emoji's or media attachments.
If not being able to send emoji or media attachments for a couple of hours is a 'big issue' for you, then I really feel for you, honestly. I have no idea what that would be like, but for me it's pretty trivial, Like I think it would be for most.
It's also used by businesses and governments. For example to report thrash that has been placed by the side of the road, you would send a whatsapp with a image of the issue. Insurance companies also use whatsapp for initiating a claim.
There are backups for these systems of course but it is inconvenient and will cause some disruption.
Phones still work, right? For things that can't wait for Whatsapp to get back online, I would imagine a phone call would then be an option? Or open up a Jitsi Meet just for the time being and share the link through mail?
There's so many alternatives, I'm always surprised that a Whatsapp outage seems to mean the end of the world to many people.
I don't see how that conclusion follows from the premise. Why doesn't email work for you in particular when you're in Africa and your clients in Europe?
Every SMS I send nationally costs me 0.30€ my brother. I am not even going to bother looking what it costs me to text outside the country (even if inside the EU) or to send an MMS.
>I haven't had to pay for SMS in the last decade. Even roaming is free in the EU too.
Whether you pay for SMS or not depends on your telco. Regarding roaming, let's say that you pay the same you'd pay if you were in your country if you leave the country, but you still pay different rates if you try to call or text someone from another country (whether you are roaming or not)
>Do we live in divergent Europe timelines or something?
Despite what the propaganda may have lead you to think, life in Europe is very different depending on your country.
> you still pay different rates if you try to call or text someone from another country (whether you are roaming or not)
I have a LycaMobile NL bundle (which you can get without having an address there) which is 15euro for 20 gigs + unlimited calls/sms national/international. Roaming too due to EU regulations. I've had service from the westmost point to the eastmost point of the EU with this SIM.
> life in Europe is very different depending on your country.
I know, I've lived in 4 countries by now in different regions. Thus the need to obtain cheap international SIMs, which are easy to acquire in most countries.
Interestingly, a couple minutes before WA went down my messages were being sent while only displaying a single tick (as in the other parties could see my single-tick messages).
Thought it was quite weird/concerning that that could happen.
What's the big issue here? Can't people remain in silence for a few hours without their usual communication.
Are we so dependent on these tools?
If there is something really urgent I don't think people would use WhatsApp in the first place, or when did you text with 911 the last time using WhatsApp?
Maybe we got even more productive and thoughtful during these cutt-off hours. Hours without notification, chit-chat and that social background hum we so much used to be in doesn't sound that bad, does it?
Global communication protocols and interfaces should be left to the ISPs, just like email and NNTP etc. used to be, and DNS still is.
Really, why can't everything be like DNS? You ask the nearest available authority about something, and that in turn asks the next nearest authority, until that shit is found. Would work for web search too.
When you need a pretty UI just put different client apps on top of it, just like we did/do for email and newsgroups.
They're ruining DNS, too, in the form of DNS-over-HTTP. The justification being that DNS is tampered with by national NICs (eg a paragon of press freedom such as ycombinator.com redirected to something else). Of course, DoH has absolutely nothing to do with valuable DNS query data and closing "leaks" of visit data from Google's PoV ...
Open source, doesn't require a phone number, and a big strength is that it's decentralized, which makes it much less vulnerable to outages like this.
"Session utilises the decentralised Oxen Service Node Network to store
and route messages. This means that unlike P2P messaging applications
you can message Session users when they are offline.
This network consists of community operated nodes which are stationed
all over the world. Service nodes are organised into collections of small
co-operative groups called swarms.
Swarms offer additional redundancy and message delivery guarantees even if some service nodes become unreachable. By using this network, Session doesn’t have a central point
of failure, and Session’s creators have no capacity to collect or store
personal information about people using the app"
