• PhobosAnomaly
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    1
    ·
    10 months ago

    I’m torn on it. I love that everything is geared towards privacy, but location sharing seems to go against the grain of the program’s principles.

    I’d make use of it if it was included, but I understand why it doesn’t and Google Maps does a similar thing.

    • ArbiterXero@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      10 months ago

      Location showing only goes against privacy If it’s not done right.

      It’s expensive to encrypt it and forward it through the servers or proxies, but revealing if done peer to peer. (And less reliable)

      But by the time I’m giving “live location” I don’t think my ip address is THAT private 😝

      • wischi@programming.dev
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        edit-2
        10 months ago

        How is location expensive to encrypt? I share my location all the time but to do that I have to write an entire sentence to other people where I am. Just introduce a new message type (like with edits) frontend to enable location sharing. Location is sent every 5min or if the other person requests an update, than location is updated again (send location update request message to trigger response on the other side). Same encryption as everything else and easy to implement. Of course the devil is in the detail but the basis are trivial.

        The “hardest” part would be to show the location on a map without leaking data but just add a warning dialog and open externally. Every link in Signal you press has the same privacy issues.

        • ArbiterXero@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          10 months ago

          Encryption isn’t hard, the service to stream live data over an hour is what costs money.

          Continuous data

          • Serinus@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            1
            ·
            10 months ago

            It’s not continuous, and it’s not much data. It’s GPS coordinates once every five minutes and when it’s requested.

            • ArbiterXero@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              3
              ·
              10 months ago

              When you’re looking at the map, it’s continuous.

              And it doesn’t sound like a lot of data until you compare it to text messages that are 2kb a couple times per day

              • wischi@programming.dev
                link
                fedilink
                English
                arrow-up
                2
                ·
                10 months ago

                The amount of data is a joke for location “streaming”. There is no need to update the location every second, most people on earth don’t travel with rockets. Updating the location at most every 30 seconds is probably more than enough for most usecases. Let’s make it 15s. Let’s be generous and just use two 32bit floats (could probably get away with 16bit half precision or fixed point). The size of the entire message (without meta data and encryption) is just 8 bytes. There are emojis that need more than that. And in practice people that can’t share their location often just end up sending images, so the amount of data is definitely not the issue with location sharing. A single image you send on Signal uses more data than streaming the location ever 15s for a few days.

      • PhobosAnomaly
        link
        fedilink
        English
        arrow-up
        8
        arrow-down
        2
        ·
        edit-2
        10 months ago

        Oh I totally get why it’s useful, but it seems sharing more than intended goes against the privacy-focussed principle of the app.

        Though I do now see that if done correctly, it could be a bonus.

        • teolan@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          9 months ago

          The purpose of an app like Signal is specifically to be able to share stuff with people.

          What makes it private is that you are in full control over who can see what you send. You’re arguing that for something to be private it must prevent you from sending what you want to send.

          • PhobosAnomaly
            link
            fedilink
            English
            arrow-up
            1
            ·
            9 months ago

            Yeah you’re right, with your viewpoint I can see the hole in my almost cyclic logic, so I appreciate your take on things.

            I’m not too bothered about what is being sent with user consent - another user made a facetious comment about sending SSNs which is fair enough, if that’s what someone wants to send then wire in - but I think the key worry for me is the constant sending of identifiable and locatable data, something a little more than a single instance of encypted data sent at a user request, but the idea of a stream of data broadcast in the background which doesn’t sit right with me.

            That said, I’m not overly arsed either way, it’s not a deal-breaker for me and it was a useful feature when I was a WhatsApp user when on holiday with family and friends.

            • teolan@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              9 months ago

              I’m not too bothered about what is being sent with user consent

              For an app to be private, it shouldn’t be about “consent”, but it should be about “demand”. Send something only if the user demands it, not if they agreed to it. This goes with the principle of least surprise and the idea that the app should only act for the interest of the user.

              the constant sending of identifiable and locatable data

              Have you ever used such feature? I don’t think you understand what is being asked. We’re not talking about constant background location sharing (like I think snapchat is doing). We are talking about live location sharing with a contact or a group, for a limited period of time.

              Here how it works in Facebook Messenger. The location is shared explicitly with a specific group of people for a limited time period, and the UI should make it pretty hard to forget, and deactivate automatically after a certain time.

        • Kusimulkku@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          But if I specifically want to share my position, live, I’m absolutely not sharing more than intended.

    • akilou@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      2
      ·
      10 months ago

      I mean I can type out my social security number in Signal but sending text doesn’t go against Signal’s principles