i.e. Don't pretend to be "Open", altruistic, acting only in users security interests, selling benefits of open source, taking public interest donations, contributions, etc - and then prevent users from actually exercising simple neighborly freedoms. It's not like LibreSignal were doing anything particularly different to Desktop. LibreSignal would have been thrilled to have just had it upstreamed anyway.

How many Signal users don't have GCM or Play Store? 1%? Hardly an extreme server load burden. More so, it would have attracted code contributions to further improve Signal. Equating THAT with assault as you have, is rather fkng melodramatic.

Oh, wait, people are taking liberties and entitlements? Well what the hell do you think you're doing by using the GPL in the first place? What was the spirit and intent of the authors who wrote it? Do you think THAT is being respected?

Quite simply, don't give people nasty lock-in surprises. If you intend to be a closed, tightly-controlled cathedral of non-optional dependencies on large swathes of commercial mystery meat blobs - then just say so in the first place. If you start off with non-commercial protocols like SMS, then switch to GCM, plus have federation clearly in your plan, until you're big enough you don't have to care and can rip it - then give people an out that doesn't involve losing their whole network.

Whether you like it or not, a big part of the reason Signal attained the critical mass of users necessary to take it to the next level, was the promotion and backing of the FOSS community.

The attack on open protocols, cooperation, standards and community is hence the most disappointing part. We wouldn't even be having this conversation, if we weren't here standing on the shoulders of giants of open protocols from IETF, W3C, etc. Signal's contribution was respected as one of those, until it transformed (or revealed?) itself as a closed monopoly.

Let's cut to the chase. Were they legally free to continue, or not? No. Were they at risk of Aaron Swartz style incarceration if the did? Possibly, since that community also includes among it public interest defenders, political dissidents, journalists, whistleblowers, etc. and we've seen it all before. 50 years imprisonment and $1 million for Aaron Swartz (for a download), a hellish trial he couldn't afford against Goliaths, or plee bargain guilty to a minimum 6 months imprisonment and lifetime exclusion from any political life (which he'd planned) - DESPITE MIT & JSTOR declining to proceed

Was LibreSignal technically doing something wrong in the first place? Debatable. I haven't read that part of Signal's ToS, but it had been implied to be an open community (and certainly they immediately ceased and desisted on request). Was it ethically wrong? Hardly "because what they did was illegal" as you put it, a major crime and DEFINITELY not the equivalent of hitting someone.

The implication that OWS had directly threatened explicit legal action, was too strongly stated and I'm happy to withdraw that (I had another case in mind). Nevertheless, the end result hasn't been all that different for practical purposes.

What in the world do you think our motivation is, then? We're not a business, it's not like we're doing all of this to capture revenue. We could all be making orders of magnitude more working elsewhere. We're doing this because we believe it's the most effective way to make private communication ubiquitous, and it's working.

> How many Signal users don't have GCM or Play Store? 1%? Hardly an extreme server load burden. More so, it would have attracted code contributions to further improve Signal. Equating THAT with assault as you have, is rather fkng melodramatic.

What code contributions? If this is something you want to see in Signal, sure, submit a clean well-written PR and stick around to maintain it. The only contributions we've seen from this particular community haven't even begun to pass code review.

> Oh, wait, people are taking liberties and entitlements? Well what the hell do you think you're doing by using the GPL in the first place? What was the spirit and intent of the authors who wrote it? Do you think THAT is being respected?

Exactly, we make our code available under the GPL. That entitles you to use the code for whatever you would like under the terms of the license. It does not entitle you to use our service for your product, or to use our name for your product.

> Quite simply, don't give people nasty lock-in surprises. If you intend to be a closed, tightly-controlled cathedral of non-optional dependencies on large swathes of commercial mystery meat blobs - then just say so in the first place. If you start off with non-commercial protocols like SMS, then switch to GCM, plus have federation clearly in your plan, until you're big enough you don't have to care and can rip it - then give people an out that doesn't involve losing their whole network.

I think I've been pretty consistent in my position from the beginning. I've been saying the same things over and over at least since #127, which was early 2013. It's true that we wanted to pursue federation, and we did. But when we tried it with Cyanogen, it was a total nightmare that probably set us back a year in development time. So we've learned from our mistakes, which I think is a good thing. We'd all be better off if projects like XMPP had also learned from their mistakes.

> Whether you like it or not, a big part of the reason Signal attained the critical mass of users necessary to take it to the next level, was the promotion and backing of the FOSS community.

I don't know what you consider "the FOSS community," but I think of them as being the same people who have been sending me a torrent of verbal abuse, legal threats, and even death threats pretty much non-stop over the past three years. At no point have I wanted any part of that.

> The attack on open protocols, cooperation, standards and community is hence the most disappointing part. We wouldn't even be having this conversation, if we weren't here standing on the shoulders of giants of open protocols from IETF, W3C, etc. Signal's contribution was respected as one of those, until it transformed (or revealed?) itself as a closed monopoly.

Plenty of people have used the Signal source to build their own projects (some even in "the FOSS community" like SMSSecure), so I don't know how you can say it's closed. Plenty of other people have also come to our project with an understanding of our development goals, and have helped to contribute to making Signal something better. A very small vocal minority of FOSS moralists have decided that we should have to do whatever they want if they scream loudly enough, and have contributed very little of anything but verbal abuse.

I didn't have much doubt before. But once you double-down on technical strategies that entrench concentrated power of Google, Apple, etc and leave users without open source options, I have to start to wonder.

> What code contributions?

I guess we'll never know. I think more could have been done to bring them back in though. There was obviously significant interest in LibreSignal for a reason and the community sure looked big enough to curate a PR between them. I'm pretty sure that the only reason they'd have given a different name to the fork (which might have evolved into a solid PR), was that they'd been told blanket that FDroid was never going to happen and hard Google dependencies would continue to be baked in.

> It does not entitle you to use our service for your product, or to use our name for your product.

Mate, you've been spending too much time with corporate lawyers. Take a breath. It's not a "product". In the days that GPL was written, operating as a closed service wasn't something the founders had even contemplated. It just wasn't the done thing.

> We'd all be better off if projects like XMPP had also learned from their mistakes.

The core issue with XMPP was that MSN Messenger, ICQ, etc. had deeper pockets. It wasn't fundamental technical flaws in open protocols. Sure, protocols don't always get it right the first time. I don't think HTTP would be better today though if we had to use 10 different browsers from 10 different vendors with pages that won't link together. Yes, XMPP had some issues (chief of which for mobile, was battery drain resolved by push). Let's hope Matrix gets traction.

> I don't know what you consider "the FOSS community," but I think of them as being the same people who have been sending me a torrent of verbal abuse, legal threats, and even death threats pretty much non-stop over the past three years. At no point have I wanted any part of that.

Well that's pretty sad. The BSD kernel of your iPhone, the Linux kernel of your Google devices and the GNU user space you enjoy on Linux are what the FOSS community have built. It just sounds like you're painting the whole community as abusive now.

Death threats etc should be reported to police. Likewise the community shouldn't be tolerating abuse. My condolences that you've had to go through that @moxie. It's bullshit and behaviours like that help no one.

No doubt, it's been traumatic and stressful, so I want to cut you a lot of slack. This in no way excuses their behaviour and I've never seen you engage in abuse, but mate (and recognising we're all human), your tone hasn't always come across as encouraging either.

> Plenty of people have used the Signal source to build their own projects (some even in "the FOSS community" like SMSSecure), so I don't know how you can say it's closed. Plenty of other people have also come to our project with an understanding of our development goals, and have helped to contribute to making Signal something better. A very small vocal minority of FOSS moralists have decided that we should have to do whatever they want if they scream loudly enough, and have contributed very little of anything but verbal abuse.

It sounds like it's always just going to be a protocol issue. Signal is a closed service and a closed network, unless you're using Signal's App. The GPL for the app in that context seems fairly meaningless in practical terms.

To anyone looking on, from the outside, it looks like OWS has taken a giant flip from their previous position: https://twitter.com/lyon01_david/status/733096322304249856. Maybe you need to work on your PR. When people see companies like Facebook given rights, but open source are not, it naturally raises eyebrows. Good on you for opening the iOS libraries now, but maybe it should just have been clearly stated (or repeated when necessary) that it was your intention all along, otherwise it really does give the impression it was only due to 'complaints'.

The fact that you keep painting other projects as "products" and legitimate security concerns as mere 'FOSS moralism', does make people really ponder what the development goals are.

This is not a "giant flip." We told Chris and everyone else both in person and publicly that they were free to use these libraries in their apps so long as they were otherwise complying with the GPL. You can even see my response to that exact comment here: https://news.ycombinator.com/item?id=11727870

Even though we had given explicit permission for Chris and others to use this code in their OSS apps, people like you -- who wish to see conspiracy in every choice we make -- continued to paint it as some kind of cold calculated move to prevent OSS apps from using our software (for what reason is beyond me). So we worked with a lawyer on this solution.

And now, what? This is part of the conspiracy too. Great.