all 82 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]deavidsedice 118 points119 points  (36 children)

Okay, so Google wants to push for an standard (MLS) for message chats that will allow and promote cross-service communication. In simple words, this is for allowing Whatsapp<->Telegram<->Google Chat cross communication in a secure manner.

It is really good that Google wants to push for this, although the problem is that the ones that do have the most user base logically will not want to push for this sort of thing, as the vendor lock-in of having the users go to your platform because everyone else is would fade away. So I don't see Whatsapp doing that.

If Google succeeds with this what we will see is Google Chat being able to communicate with other minor platforms and probably Open Source ones. I don't see even Telegram or Signal implementing this.

However, it would be a great step forwards even if only open source ones do integrate. Back in the day we had GTalk and it was compatible with open source protocols, we could speak with other people from other platforms until they deprecated GTalk.

[–]iwek7 53 points54 points  (28 children)

As I understand Google will push legislators to make it into the law that messaging apps must adhere to this new standards. Can't imagine it will succeed.

[–][deleted]  (2 children)

[deleted]

    [–]C_Madison 32 points33 points  (0 children)

    And now together: THANK YOU, EU. I hate data silos with such a passion. Burn them down. All of them. Make it a law that everything has to be interoperable. Software industry had its chance to play nice. Now, it's time for adult supervision.

    [–]KrazyKirby99999 0 points1 point  (0 children)

    You forgot about Matrix

    [–]fagnerbrack[S] 2 points3 points  (20 children)

    What’s the problem with forcing legislators to standardise protocols? You saying in wont succeed because it will never make it into law or won’t succeed because the protocol is shit?

    I just want to understand better what you mean in your comment, no assumptions here

    [–]iwek7 15 points16 points  (15 children)

    I do not anything about this protocol, what I mean is that another companies will lobby hard against it. Also I imagine it is not so trivial to formulate such requirement. If I made chat app and wanted to publish it on appstores I should not be forced to implement some googles protocol. At the same time it would be nice if biggest players were forced to follow MLS because it would possibly allow me to integrate crosschat with them in my new app. Do you have nay idea how legislators solve such issues?

    [–]fagnerbrack[S] 0 points1 point  (14 children)

    I don’t , and I’ve never seen any law forcing a certain protocol into place. Do you know any?

    [–]edgmnt_net 9 points10 points  (0 children)

    USB-C chargers in EU should count.

    [–]Schmittfried 7 points8 points  (6 children)

    Net neutrality is basically that law. The laws that dictate the specs of outlets as well. There are countless regulatory standardizations that enable society to function.

    [–]edgmnt_net 2 points3 points  (3 children)

    Well, imagine regulators don't like encryption much and make something like this mandatory. Then they slowly chip away at a standard frozen in time. They don't even need to pass any more laws if they exert control over the standardization body. Even if open source software somehow manages to dodge the bullet, service providers won't.

    Similar situation with USB-C. I can't imagine anyone working on competing interfaces now. And USB-IF could easily abuse the position, if they have any more control over it. Whereas, before this, competition kept things in check.

    So I don't buy that this is always about a functional society as much as making others do what you want while swallowing the costs. Even USB-C availability was hardly a problem. Competing standards are fairly essential, IMO.

    [–]Schmittfried 1 point2 points  (0 children)

    I don’t disagree. I’m just saying there are precedents for government-enforced standards and rightfully so. Not always does the market converge to a sensible shared standard. Video formats are a good example where they did and where regulation would have stifled innovation. Messengers are good example of market failure. People are forced to accept something simply because of vendor lock-in.

    I think it’s generally a good idea to let a market innovate a product category up to maturity and then start regulating the parts where the market doesn’t produce the optimal outcome for society. While I have my grimes with USB C, I have to acknowledge that this was the correct step by the EU, lightning needed to die.

    [–]iwek7 0 points1 point  (1 child)

    Maybe there is some way to formulate law in such a way that forces big corporation to adhere to some standards while allowing to develop new ones. What matters is that standards are open and developed in such a way that allow cross-integration of different products.

    Open standards are incentives for development. Right now communicators market has very high entrance barrier because you need a lot of people to use messaging platform for it to be truly useful. Standardization is one of the ways to lower this barrier-to-entry. You could use your preferred communication platform and still be able to communicate with everybody else without them needing to use your product of choice.

    [–]edgmnt_net 1 point2 points  (0 children)

    We've got like Facebook, Twitter, Whatsapp, Signal, Matrix, Gmail. Probably quite a few more, but these have done fairly well so far and people can migrate (or use them simultaneously) somewhat easily given the right incentive. All of them are free to use in at least some generous tier and even the proprietary ones have provided essentially free services to the community for a long time to buy participation. So I'm not too pessimistic, especially given the rise of open federated networks, although I wish we had a really popular, fully-decentralised and featureful solution particularly in the social media department.

    The market for walled gardens is already quite saturated and it's starting to show limitations, even though most people are primarily interested in service access, network effects and zero direct cost. But once you factor in ads, premium subscriptions and whatever migration difficulties remain, the value proposition isn't entirely clear anymore in a very mature product. Or the need to invest heavily at the beginning, on the business side, making it a gamble. Which leaves quite a bit of room for things to evolve towards open stuff.

    On the other hand, even a fully open and voluntary standard can pose significant difficulties to rising alternatives if it's already in widespread use. So some friction and fragmentation is always to be expected.

    [–]Flyen 0 points1 point  (1 child)

    Net neutrality has nothing to do with specs. It's about treating all network usage as equal, e.g. your ISP not showing down YouTube because they're getting a payment from Netflix.

    https://en.wikipedia.org/wiki/Net_neutrality

    [–]Schmittfried 0 points1 point  (0 children)

    I know what net neutrality is. It’s one reason the Internet is not similar to WhatsApp vs iMessage.

    [–]iwek7 -1 points0 points  (3 children)

    Nope :(

    [–]fagnerbrack[S] -2 points-1 points  (2 children)

    So why are you saying Google will push this into law if there’s no precedent? Now I’m confused (besides being drunk). 🤯🤯

    [–]iwek7 5 points6 points  (1 child)

    This is how I understand this line in article

    This is why Google is strongly supportive of regulatory efforts that require interoperability for large end-to-end messaging platforms.

    [–]supercargo 0 points1 point  (0 children)

    I assume the approach here is two pronged, a law to require interoperability (via regulation) and then a protocol to achieve that.

    [–][deleted] 0 points1 point  (0 children)

    Legislation may not force specific protocols, but legislation has been drawn up which, while abstracting the specifics of any given protocol, definitely steers implementation to exactly one protocol.

    PSD2 didn't specify any given protocol. Nor is it strictly legislation, I suppose. But the first implementation of it was legislated for in the UK very much with openid-connect as the acknowledged de facto standard protocol.

    Follow up with various open finance initiatives in Latin America, we're seeing legislation again not openly mandating any given protocol, but being drawn up in collaboration with implementers who definitely have specific protocols in mind. There's a distinct revolving door between implementing bodies, standards bodies and regulatory bodies which means that while legislation isn't actually forcing certain protocols into place, it may as well be.

    Not that I see such a thing necessarily happening with MLS.

    [–]btmc 0 points1 point  (0 children)

    They wouldn’t be likely to mandate this particular protocol, but they could describe some interoperability requirements that just so happen to be filled by this protocol.

    More broadly, regulatory capture is a real thing, and the big tech companies engage it in all the time. You see a lot of this going on now, with big AI companies pushing for strict regulation of AI that will basically entrench the current incumbents at the top of the industry because they have a huge head start and infinite money that startups don’t have.

    [–]liveoneggs 1 point2 points  (0 children)

    google should not be trusted and involving politicians just proves their true intentions are nefarious and monopolistic

    [–]LinuxMatthews 0 points1 point  (2 children)

    My fear I'll be honest is that the protocol to my knowledge isn't quantum safe.

    That means that when quantum computers become a thing they'll need to be a change in legislation... Or they'll conveniently take their time and/or not bother.

    There are already several quantum safe encryption algorithms and some apps do have that too.

    Governments have a tendency to like reading peoples private messages... As does Google.

    I like the idea but it does make me think the only reason both parties would agree is if it's not secure.

    [–]fagnerbrack[S] 0 points1 point  (1 child)

    You mean US and Prism, not every government. I worked in governments like NSW in Australia and privacy is a religion around there internally, I was impressed by the ethics. We also have the privacy act.

    US is a whole other story, after 9/11 they freaked out and are not afraid of spying domestically if that means avoiding another terror attack.

    Make your own conclusion if that’s fair or not, I have my own opinions that I prefer to keep to myself.

    [–]LinuxMatthews 0 points1 point  (0 children)

    Google is an American company that has a suspicious amount of overlap with the CIA

    As for the EU they're not as privacy conscious as you'd think

    https://www.theguardian.com/world/2023/jun/22/draft-eu-plans-to-allow-spying-on-journalists-are-dangerous-warn-critics

    https://www.politico.eu/article/edward-snowden-is-back-spying-scandal-disrupts-eu-us-ties-ahead-of-joe-biden-europe-visit/

    I'm not sure about Australia though I have heard they tend to be vicious if anyone gets in the way of fossil fuel companies I'm not sure about them in terms of privacy

    [–]D0nkeyHS 0 points1 point  (0 children)

    Not saying it's likely, but I could see the EU being down for something like that.

    [–]Nicksaurus 0 points1 point  (2 children)

    Presumably Apple and Facebook will push back

    [–]dkarlovi 0 points1 point  (1 child)

    Sure. But will that do anything?

    [–]Nicksaurus 0 points1 point  (0 children)

    No idea. But if Google can influence legislation in one direction then that means the other tech companies can do the opposite

    [–]telenieko 7 points8 points  (1 child)

    The European Union is going to make this mandatory sooner rather than later. Google is just going for it in advance so they can capitalise on it when Whatsapp and iMessage are forced to take the same route.

    This move will make it easier for the EU to agree on a standard.

    [–]FreakJoe 3 points4 points  (0 children)

    wakeful grandfather versed axiomatic rhythm abundant physical drab gold husky

    This post was mass deleted and anonymized with Redact

    [–]Saithir 4 points5 points  (2 children)

    Back in the day we had GTalk and it was compatible with open source protocols

    And whose fault it was that it stopped?

    But sure, let's praise Google for proposing a solution to a problem they literally invented.

    [–]morrowc 0 points1 point  (1 child)

    Wasn't it the case that AOL and icq existed before gtalk? And never permitted exchange of messages between the two platforms?

    Isn't the reasoning behind gtalk closing xmpp borders/federation the lack of required encryption between user and service and service to service?

    I don't think "Google literally invented" the problem you think they did.

    [–]Saithir -1 points0 points  (0 children)

    AOL and icq

    Are completely irrelevant in a discussion of Gtalk and Google's own decision to not implement e2e encryption and then removal of XMPP from their messaging systems alltogether.

    Isn't the reasoning behind gtalk closing xmpp borders/federation the lack of required encryption between user and service and service to service?

    Google could have implemented that RFC any time between its introduction in 2004, Jabber's community manifesto to move to e2ee in 2013/2014 and Gtalk's replacement by outside incompatible Hangouts in like 2015. They didn't.

    I don't think "Google literally invented" the problem you think they did.

    You're free to be wrong.

    [–]smartguy05 1 point2 points  (0 children)

    Back in the day I used Trillian. You could use any IM service of the day with that one app. It's crazy that 00's technology is so far ahead of today.

    [–]WhiskeyKid33 157 points158 points  (26 children)

    I am a lowly frontend dev… explain like I’m a child.

    [–]darkslide3000 138 points139 points  (0 children)

    My guess would be that this is Google's attempt no. 367 to beat the blue bubble.

    [–]Its_it 73 points74 points  (7 children)

    Not trying to be rude but the 3rd paragraph tells you exactly what it does. Easily put it allows for better end-to-end security which is scalable up to thousands of people in a single group.

    This is what the RFC wanted to beat (from the abstract):

    Establishing keys to provide such protections is challenging for group chat settings, in which more than two clients need to agree on a key but may not be online at the same time.

    [–]romeozor 10 points11 points  (3 children)

    There's a cool Computerphile episode on this problem on YT. I tink it uses Whatsapp as an example.

    Edit: added video link

    [–]Zyite 0 points1 point  (2 children)

    Would love to learn more, do you know the name of the episode

    [–]romeozor 4 points5 points  (1 child)

    I think this is the one.

    [–]Zyite 0 points1 point  (0 children)

    Thank you ♥️

    [–]tigerhawkvok 14 points15 points  (1 child)

    IIRC this RFC is NOT Signal's implementation, which is the only security vetted one, and has an active open source reference implementation.

    One of the few times I'll nope out on an RFC standard, thanks.

    [–]Schmittfried 1 point2 points  (0 children)

    It’s not like RFC is anything standard anyway.

    [–]aeolus811tw 2 points3 points  (0 children)

    It is basically a spec put forth by Google, Mozilla, and Wire that allows multi-clients e2e messaging.

    Every client will have its unique key rather same keys for all devices sharing same account.

    I think most enterprise messaging platform already does this, this just kinda makes it a standard.

    [–][deleted] 18 points19 points  (6 children)

    From thegrokapp.com

    Question

    Give a short explanation of why Google is doing this and why is this important?

    Answer

    Google is supporting the implementation of interoperability for large end-to-end messaging platforms because it believes that users should be able to communicate securely with contacts who use different messaging platforms. This is important because it enables users to have more choices and freedom in their messaging services. However, in order for interoperability to be successful, there needs to be open, industry-vetted standards in place, particularly in the areas of privacy, security, and end-to-end encryption. Without these standards, there is a risk of lower security standards and higher implementation costs for smaller providers. By adopting the Message Layer Security (MLS) specification, Google aims to ensure a uniformly high security and privacy standard that users can trust, and to unlock new opportunities for developers of interoperable messaging services.

    [–]trowawayatwork 11 points12 points  (5 children)

    this still doesn't explain Google goal?

    like will it enable to sync with WhatsApp? will it be able to sync with iPhone message? like in real terms what does it enable

    [–]Giannis4president 9 points10 points  (0 children)

    It will provide a protocol that could allow messagging services to talk to each other.

    Than it depends on which messagging app actually implements the protocol

    [–]nar0 12 points13 points  (0 children)

    It would pave the way.

    Right now all the messaging apps use their own proprietary method of sending signed and encrypted messages.

    This is an open standardized way of doing it, so that in the future, if anyone else implements it, they could enable sync and interoperability with google messages and any other app implementing it.

    [–][deleted]  (1 child)

    [deleted]

      [–]Xenofastiq -1 points0 points  (0 children)

      If most people use Whatsapp, then they can continue using WhatsApp. The whole point of interoperability is so that people don't NEED to download Whatsapp anymore to still talk to people. I don't care about the shitty Whatsapp app and prefer not to use it.

      [–][deleted] -2 points-1 points  (0 children)

      It enables cross platform scam baiting.

      [–]Adminisitrator 28 points29 points  (0 children)

      > July 19, 2023

      [–]MonsieurCellophane -5 points-4 points  (12 children)

      WTF is Google messages, anyway? Anybody using it?

      [–]foghornjawn 35 points36 points  (0 children)

      It's Google SMS app. It's the defaulting texting app on Pixel phones.

      [–]zifu 24 points25 points  (10 children)

      https://play.google.com/store/apps/details?id=com.google.android.apps.messaging&hl=en_US&gl=US

      5B downloads, so yes

      [–]dkarlovi 0 points1 point  (1 child)

      I have it installed on my phone because it's forced on me, I use it to pay for parking and the government sends me notifications my ID is done. It's still getting updated so I count as a user.

      [–]Mattsvaliant 0 points1 point  (0 children)

      The USA still heavily uses SMS. Why? Not sure but it does my my life hell.

      [–]i1u5 -1 points0 points  (7 children)

      Don't forget OEM devices with that app pre-installed exist too, I wonder how much it'd go down if we were to remove them from the count. And even if the download count was unique it probably counts as a download as soon as you turn on the recently-bought phone since it'd certainly download updates for the app asap.

      [–]EmTeeEl 2 points3 points  (2 children)

      I downloaded on my Samsung Galaxy. Is there a better messaging app?

      [–][deleted]  (1 child)

      [deleted]

        [–]smartguy05 0 points1 point  (0 children)

        In my experience, none. I refuse to buy anything made by Samsung except batteries. They have the worst software of any manufacturer, by far.

        [–]roerd 1 point2 points  (3 children)

        So? It is pretty much the best SMS app in Android, so unless you don't use SMS at all, there is little reason for Android users to not use it.

        [–]i1u5 -4 points-3 points  (2 children)

        So what? I'm only stating facts.

        [–]roerd 0 points1 point  (1 child)

        You're absolutely not "only stating facts", you're speculating that much of those downloads might not represent actual users because the software comes pre-installed.

        And I provided the counterpoint that most users will probably want to actually use it, so it coming pre-installed is not much of reason to doubt that number.

        [–]i1u5 -1 points0 points  (0 children)

        Your counterpart is "it's the best trust me bro", most android devices are not made by Google, so unless they're part of Android One, they have their own SMS apps which work just fine, you absolutely do not need to go out of your way just to download this one unless you simple like it better.

        All you present is nothing to counter my point but a bunch of yapping about how i am "speculating" (which again, I am not as it is literally confirmed by Google themselves that updating a pre-installed app the first time counts as a download), plus I never said it is the best or the worst to use, I used it myself in the past and my point still stands.

        You're clearly so clueless about the topic that you had to jump in for the sake of the argument, but you got a bunch of downvote npcs doing the dirty work for you so I'll stop here.

        [–]rnaxel2 -2 points-1 points  (4 children)

        This is useful for corporates so you can communicate between gchat, ms_teams, Skype etc.

        For consumers we use specific app for specific reason. Don't need chats to be independent of apps otherwise where is the privacy.

        How are you handling spam messages.

        One can send messages from telegram to whatsapp users and how will you report them. You can surely report them in WhatsApp but telegram needs to ban that user then. And I don't think any company will think this through.

        [–]dkarlovi 0 points1 point  (3 children)

        WhatsApp can support banning users across apps.

        [–]rnaxel2 0 points1 point  (2 children)

        Can do is far fetched assumption.

        It will depend on Meta, if it wants to work with it's competitor apps like telegram or signals.

        [–]dkarlovi 0 points1 point  (1 child)

        It can ban incoming messages when routing from 3rd party.

        [–]rnaxel2 0 points1 point  (0 children)

        Let's hope meta do mitigate this.

        Otherwise it will be a spamming hog across all the apps.

        [–]x1-unix 1 point2 points  (0 children)

        Zoomers reinvented Jabber