Remix clone Hacker News

> What on earth makes you think that the same engineers responsible for fluid and smooth UI/UX are the ones who’d ever influence the cryptography/privacy/security?

Did you even read my comment? I gave an example of how privacy directly impacts UX: GMail couldn't automatically add your events to your calendar if it could not read the content of your emails. I never talked about engineers, just the technical reality. If you don't have it, you can't read it. That seemed absolutely obvious to me: the best UX for a car would be one that doesn't need a source of energy, fits in my pockets and instantly teleports me anywhere I want. Go ask your engineers to make a car that allows that perfect UX, and see how they react.

Telegram has no E2EE except for the secret chats. Last time I checked, the secret chats were not synchronized between devices (i.e. the privacy has an obvious impact on the UX).

So no, I don't think it was an odd comment. It just feels like you don't know how it works technically.

▲

Klonoar 2 days ago | parent [-]

> Did you even read my comment?

I'm not even sure you read mine.

> It just feels like you don't know how it works technically.

You're disregarding what I've said and trying to have a different discussion. Please pay attention.

I am not discussing - nor do I consider it relevant to my point - privacy/security/etc contexts for Telegram's client side applications. Whether or not it's encrypted has zero to do with how smooth and well built a chat UI is. I am commenting on the frontend client side engineering and how Telegram has, hands down, the best implementation. Other apps need to catch up.

▲

palata 2 days ago | parent [-]

> Whether or not it's encrypted has zero to do with how smooth and well built a chat UI is.

Ok, let's talk with concrete examples.

1. Say you open the Signal Desktop app: either you don't get the history of the messages, or you need to wait a fairly long time for them to arrive. With Telegram, you get the whole history immediately. Does that count as "smooth and unrelated to encryption" to you?

2. Say you send a message to a group on Telegram and on Signal/Element. On Telegram you see that the message was received noticeably faster than on the others. Does that count as "smooth and unrelated to encryption" to you?

3. Let's talk about GIFs and stickers: I'm sure Telegram has many more than e.g. Signal. Is that something you consider when you say Telegram has a better implementation and it is unrelated to the privacy concerns?

4. Telegram has bots that enable a lot of feature. Does that count?

You're telling me that for the stuff that isn't impacted by privacy concerns, Telegram is better. You seem very sure of that, and maybe that's right. But can you give concrete examples? Because until now, what I've been reading from you is that the UI/UX is not impacted by the privacy, and this is obviously wrong.

So let me ask this: would you agree that at least some UI/UX is impacted by the privacy concerns?

▲

Klonoar 2 days ago | parent [-]

Every single point that you want to try here has nothing to do with implementing a smooth scrolling, buttery UI/UX of a chat application. Please stop moving the goalposts if you want to actually discuss this.

I also frankly don't even get what you're trying to say with point 1, because Signal loads messages instantly for me on Desktop. There's zero delay. The UI/UX of the scrolling and chat display is the problem.

> what I've been reading from you is that the UI/UX is not impacted by the privacy, and this is obviously wrong

It is not obviously wrong, and you've done nothing but attempt to loop the conversation back to some level of privacy/encryption/etc. These things do not matter in this conversation, full stop.

This (my thread, not the greater thread we're in) is a design and frontend implementation discussion, not a privacy/security discussion. If that is not clear to you, I don't know what to say anymore.

	▲	maqp a day ago \| parent \| next [-]
		>These things do not matter in this conversation The largest UX hit is when launching a client after it's been powered off for a while. Telegram uses a symmetric session key. The client can with SINGLE AES-IGE decryption operation decrypt a massive packet containing every message received to every non-secret chat. Signal uses Diffie-Hellman ratchet or SCIMP ratchet for every received message. That means there's X25519 and AES-CBC involved for every message. It is not, and will never be as fast as Telegram's insecure approach. Thus the security design will absolutely affect the smoothness of the experience. But Signal has blazing fast search function since it's local only. Telegram's search functionality freezes when you go over the server's chat history cache limit, to try to find years old posts. >The UI/UX of the scrolling and chat display is the problem. My desktop computer loads messages from my Signal history as fast as I can scroll my mouse. My cheap smart phone loads messages from my Signal history as fast as I can swipe my fingers. You can solve this with faster hardware.
	▲	palata a day ago \| parent \| prev [-]
		> This (my thread, not the greater thread we're in) Well, you're answering to my thread, if we go like this. Where I said that one reason the UX is better in Telegram is that they don't care about privacy. > Every single point that you want to try here has nothing to do with implementing a smooth scrolling, buttery UI/UX of a chat application. Then we fundamentally disagree on what UX means. If it takes 2 days to receive a message because a human has to check that it is not spam, wouldn't you say that it's bad UX? Or is "scrolling" the only thing that you put into "UI/UX"? Do you actually know what UI/UX is? > It is not obviously wrong, and you've done nothing but attempt to loop the conversation back to some level of privacy/encryption/etc. Because that's my goddamn point from the beginning on. Privacy has an impact on UX (which means "user experience", by the way), period. > If that is not clear to you, I don't know what to say anymore. Same here. You don't seem to understand how privacy works technically, and you don't seem to understand what UI/UX means.