Signal’s president reveals the cost of running the privacy-preserving platform—not just to drum up donations, but to call out the for-profit surveillance business models it competes against.

The encrypted messaging and calling app Signal has become a one-of-a-kind phenomenon in the tech world: It has grown from the preferred encrypted messenger for the paranoid privacy elite into a legitimately mainstream service with hundreds of millions of installs worldwide. And it has done this entirely as a nonprofit effort, with no venture capital or monetization model, all while holding its own against the best-funded Silicon Valley competitors in the world, like WhatsApp, Facebook Messenger, Gmail, and iMessage.

Today, Signal is revealing something about what it takes to pull that off—and it’s not cheap. For the first time, the Signal Foundation that runs the app has published a full breakdown of Signal’s operating costs: around $40 million this year, projected to hit $50 million by 2025.

Signal’s president, Meredith Whittaker, says her decision to publish the detailed cost numbers in a blog post for the first time—going well beyond the IRS disclosures legally required of nonprofits—was more than just as a frank appeal for year-end donations. By revealing the price of operating a modern communications service, she says, she wanted to call attention to how competitors pay these same expenses: either by profiting directly from monetizing users’ data or, she argues, by locking users into networks that very often operate with that same corporate surveillance business model.

“By being honest about these costs ourselves, we believe that helps provide a view of the engine of the tech industry, the surveillance business model, that is not always apparent to people,” Whittaker tells WIRED. Running a service like Signal—or WhatsApp or Gmail or Telegram—is, she says, “surprisingly expensive. You may not know that, and there’s a good reason you don’t know that, and it’s because it’s not something that companies who pay those expenses via surveillance want you to know.”

Signal pays $14 million a year in infrastructure costs, for instance, including the price of servers, bandwidth, and storage. It uses about 20 petabytes per year of bandwidth, or 20 million gigabytes, to enable voice and video calling alone, which comes to $1.7 million a year. The biggest chunk of those infrastructure costs, fully $6 million annually, goes to telecom firms to pay for the SMS text messages Signal uses to send registration codes to verify new Signal accounts’ phone numbers. That cost has gone up, Signal says, as telecom firms charge more for those text messages in an effort to offset the shrinking use of SMS in favor of cheaper services like Signal and WhatsApp worldwide.

Another $19 million a year or so out of Signal’s budget pays for its staff. Signal now employs about 50 people, a far larger team than a few years ago. In 2016, Signal had just three full-time employees working in a single room in a coworking space in San Francisco. “People didn’t take vacations,” Whittaker says. “People didn’t get on planes because they didn’t want to be offline if there was an outage or something.” While that skeleton-crew era is over—Whittaker says it wasn’t sustainable for those few overworked staffers—she argues that a team of 50 people is still a tiny number compared to services with similar-sized user bases, which often have thousands of employees.

read more: https://www.wired.com/story/signal-operating-costs/

archive link: https://archive.ph/O5rzD

  • Chobbes@lemmy.world
    link
    fedilink
    English
    arrow-up
    173
    ·
    1 year ago

    There’s something kind of funny about one of the largest expenses being SMS and voice calls to verify phone numbers when one of the largest complaints about signal is the phone number requirement. I wonder how much this cost factors into them considering dropping the phone number requirement.

      • preasket@lemy.lol
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        8
        ·
        1 year ago

        Make phone numbers optional and add a setting to allow/forbid accounts with no phone number to message you. I bet phone numbers have zero effect on the level of spam.

      • WallEx@feddit.de
        link
        fedilink
        English
        arrow-up
        16
        arrow-down
        37
        ·
        1 year ago

        Because there are no other possible verifications apart from phone numbers? Do you open a bank account with your phone number, because it’s the only way?

        • TJA!@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          75
          arrow-down
          3
          ·
          1 year ago

          What would you think would be an appropriate alternative to easily verify chat accounts that’s cheaper than validating phone numbers?

          • lloram239@feddit.de
            link
            fedilink
            English
            arrow-up
            6
            arrow-down
            3
            ·
            1 year ago

            Make addresses-per-contact, not global. Provide no discovery for addresses. Spam solved, since the spammer can’t find your address.

            You can of course add public messages with phone numbers verification on top of that, but you absolutely do not need them for a spam-free chat app. Address discovery should be completely optional and addresses should absolutely not tied to phone numbers.

            It’s utterly ridiculous that this apps claims to care about security and the first thing it does is collect boatloads of private data.

            • interceder270@lemmy.world
              link
              fedilink
              English
              arrow-up
              7
              arrow-down
              1
              ·
              edit-2
              1 year ago

              That’s actually a pretty good idea.

              I’m guessing you generate a unique address to share with someone, and then they add you. Spam is literally solved and it becomes more private.

              Might want to think twice before donating to this company that’s eating up $40m/year with 50 employees.

              • Moneo@lemmy.world
                link
                fedilink
                English
                arrow-up
                5
                arrow-down
                2
                ·
                1 year ago

                I’m going to go out on a limb and say that the company that is dominating the privacy-messaging space, considered and discarded this idea for reasons they consider valid.

            • jimbo@lemmy.world
              link
              fedilink
              English
              arrow-up
              4
              arrow-down
              4
              ·
              edit-2
              1 year ago

              Let’s not push a definition of “security” that Signal does not claim. The messages are “secure” in that nobody other than you and the other people in on the conversation can decrypt them.

              Also, no need to be dramatic. A phone number is not “boat loads of data”.

              • interceder270@lemmy.world
                link
                fedilink
                English
                arrow-up
                4
                arrow-down
                2
                ·
                1 year ago

                A phone number is not “boat loads of data”.

                I mean, your phone number can be used to find out everything about you.

                • jimbo@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  3
                  ·
                  edit-2
                  1 year ago

                  Ok, but that’s changing the goalposts. A phone number itself is not “boatloads of data”. Signal is not storing anything about you other than that phone number and whatever name you entered. They’re not storing messages or anything else. The fact that someone could correlate your phone number with other data (whether accurate or not) has nothing to do with Signal.

              • lloram239@feddit.de
                link
                fedilink
                English
                arrow-up
                2
                arrow-down
                2
                ·
                edit-2
                1 year ago

                Also, no need to be dramatic.

                Signal is an over hyped piece of shit that grossly violates numerous core tenets of pricey privacy and data freedom.

                • jimbo@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  1 year ago

                  that grossly violates numerous core tenets of pricey and data freedom

                  I don’t know what pricey is and they don’t keep your data.

          • devfuuu@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            arrow-down
            25
            ·
            1 year ago

            I’d be ok with a credit card verification or so something like that, even if still uncomfortable for me, but I hear it reduces a lot of spam.

            But then that would make people confused and make them run away when the app seems to be free and now is asking for a credit card validation… it’s too strange.

            Anyway I never got a single spam message on signal from all the years I use it, so not sure how others view the problem or even if it is a problem.

          • WallEx@feddit.de
            link
            fedilink
            English
            arrow-up
            6
            arrow-down
            40
            ·
            1 year ago

            Video call, email, other verificated factors.

            So do you think this is the only option available?

            • Dark Arc@social.packetloss.gg
              link
              fedilink
              English
              arrow-up
              59
              ·
              edit-2
              1 year ago

              You think a verification via a video call is cheaper than SMS…?

              That’s not to mention the potential concerns that would arise around the possibility of signal storing (some portion of) the video…

              • WallEx@feddit.de
                link
                fedilink
                English
                arrow-up
                3
                arrow-down
                26
                ·
                1 year ago

                Nope, just saying phone numbers are far from the only option. And if telcos are price gauging you should look at the alternatives.

                • Gutless2615@ttrpg.network
                  link
                  fedilink
                  English
                  arrow-up
                  34
                  ·
                  1 year ago

                  No you’ve complained and insinuated there are plenty of other solutions that the world class team at Signal, literally the preminent experts in their field, chose not to use - and then offered to some truly next level terrible options.

                • Dark Arc@social.packetloss.gg
                  link
                  fedilink
                  English
                  arrow-up
                  9
                  ·
                  1 year ago

                  Nope, just saying phone numbers are far from the only option.

                  What would you think would be an appropriate alternative to easily verify chat accounts that’s cheaper than validating phone numbers?

                  It’s the cheaper portion that’s the issue. There are “other options”, but they’re not cheaper and/or they have their own issues.

                  I didn’t touch the email case because email addresses can be so rapidly created (even out of thin air via a catch all style inbox) there’s nothing to it.

            • PlexSheep@feddit.de
              link
              fedilink
              English
              arrow-up
              29
              arrow-down
              3
              ·
              1 year ago

              Video call is expensive, and frankly, if I’m gonna sign up at a private service, I’m not going to make a damn video call.

              Email is not enough to go against spam. Email addresses are basically an Infinite Ressource.

              Other verified factors are nothing concrete. Sure we could all use security hardware keys, but what’s the chances that my mom has one?

              • uis@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                3
                ·
                1 year ago

                Other verified factors are nothing concrete. Sure we could all use security hardware keys, but what’s the chances that my mom has one?

                PKI doesn’t require hardware keys

                • PlexSheep@feddit.de
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  1 year ago

                  True, but it’s not exactly User friendly too, right? If not, tell me. I’ll be happy.

              • WallEx@feddit.de
                link
                fedilink
                English
                arrow-up
                3
                arrow-down
                24
                ·
                1 year ago

                So you do think that phone numbers are the only way to verify the person? This is just stupid. There are enough, like IDs or stuff like that. If you don’t want that, that’s a totally different story.

                • LemmyIsFantastic@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  20
                  arrow-down
                  6
                  ·
                  edit-2
                  1 year ago

                  Jesus Christ you Linux people never learn… It’s 👏 about 👏 ease of 👏 use.

                  If they wanted it to be a pain in the ass and for nobody to use they could put on a ui on top of pgp and call it a day.

                • PlexSheep@feddit.de
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  ·
                  1 year ago

                  It’s a bad problem no? Combatting “spam” Accounts while balancing privacy.

                  Personally, I don’t want to give them any more information than is really necessary.

          • iopq@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            39
            ·
            1 year ago

            Use a 3d face scan, but only send the hash over the net. Can double for account recovery (when user has no email or something)

            • PlexSheep@feddit.de
              link
              fedilink
              English
              arrow-up
              34
              arrow-down
              2
              ·
              1 year ago

              That’s a joke right?

              If not: It does not matter what hash I send, because it’s cryptographically impossible to tell what the hashed thing is. That is the whole point of a hash.

              Also: sending a hash over the network instead of a password or whatever the source material is would be a bad practice from security perspective, if not a directly exploitable vulnerability. It would mean that anyone that knows the hash can pretend to be you, because the hash would be used to authenticate and not whatever the source material is. The hash would become the real password and the source material nothing more than a mnemonic for the user. Adding to that: the server storing the hash would store a plaintext password.

              See: https://security.stackexchange.com/questions/8596/https-security-should-password-be-hashed-server-side-or-client-side

              • iopq@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                1
                ·
                1 year ago

                The point is to protect your face data, the hash IS the password, but you don’t want people to be able to tell how you look like by sending the raw images of your face over the net

                • PlexSheep@feddit.de
                  link
                  fedilink
                  English
                  arrow-up
                  4
                  ·
                  1 year ago

                  That would do nothing to validate that the user is real, they can just insert any hash and claim it’s their face’s hash. At that point we can just use regular passwords, but as I said that won’t solve the spam Accounts issue.

              • uis@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                arrow-down
                2
                ·
                1 year ago

                It would mean that anyone that knows the hash can pretend to be you, because the hash would be used to authenticate and not whatever the source material is.

                Guess what happens to passwords themselves? Same thing, but user can’t just add nonce. Replay attacks are super easy to mitigate and hashing makes it easier.

                Not saying that biometry authentication isn’t shit for security itself.

                • PlexSheep@feddit.de
                  link
                  fedilink
                  English
                  arrow-up
                  4
                  ·
                  1 year ago

                  Honestly, I’m not sure what you are talking about. Could you elaborate more?

                  Are you implying that sending some hash is better than sending the secret and let the server deal with it?

            • scorpionix@feddit.de
              link
              fedilink
              English
              arrow-up
              14
              ·
              1 year ago

              Where would one get a 3d face scan from? For my part, I don’t have a scanning rig set up anywhere.

              • iopq@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                4
                ·
                1 year ago

                You turn your face in different angles, creating a 3d scan of your face using your phone camera

        • topinambour_rex@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          I open a bank account with a copy of my id, a copy of a bill to my adress, and some money. My phone number can be used along the process, like for a digital signature.

    • Poutinetown@lemmy.ca
      link
      fedilink
      English
      arrow-up
      25
      ·
      1 year ago

      Phone numbers will still be required to sign up, you only won’t need it to add a contact.

    • sndrtj@feddit.nl
      link
      fedilink
      English
      arrow-up
      31
      arrow-down
      8
      ·
      1 year ago

      Interestingly this phone number complaint only shows up among techies and especially Americans. You guys don’t get to keep your phone number? I’ve had the same number now for 20 years here in Europe, it may as well be synonymous with my identity.

      In fact, I’d say the phone number requirement, or at least option, actually promotes adoption in parts of the world. I wouldn’t have been able to get my mother to use Signal if it didn’t work with a phone number, for instance. She’s not gonna make an account just for a chat app. Phone number she already has.

      • devfuuu@lemmy.world
        link
        fedilink
        English
        arrow-up
        41
        arrow-down
        2
        ·
        1 year ago

        Exactly because I have the same phone number for almost 30 years, that is the problem. It’s too deep interlaced with my real and personal identity and I regard it as a very private thing that only few people should have.

        I don’t get the idea that a phone number should just be randomly given as if it was natural.

        It’s good to have it as an option for example so my mother can use it simply and quickly, but when I go to a conference and want to connect to new people which are still strangers and will and don’t give my phone number. So in those situations I have to randomly use other chat system or share emails? When signal already is in my pocket and my main chat application 99% of the time and is perfect for 1 to 1 friendly chats?

      • shortwavesurfer@monero.town
        link
        fedilink
        English
        arrow-up
        29
        arrow-down
        2
        ·
        1 year ago

        It’s actually a privacy issue because your phone number is tied to your physical identity so deeply that giving it out is giving too much away.

      • neonred@lemmy.world
        link
        fedilink
        English
        arrow-up
        26
        arrow-down
        2
        ·
        1 year ago

        because people might feel uncomfortable sending unnecessary personal information to another party, especially if it does not change often, like the telephone number?

        • Kusimulkku@lemm.ee
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          2
          ·
          1 year ago

          I’m mostly contacting people I already know so using phone number (something I already have a collection of) is very handy to me

  • LemmyIsFantastic@lemmy.world
    link
    fedilink
    English
    arrow-up
    100
    arrow-down
    13
    ·
    1 year ago

    This shit costs money.

    And now folks predictably are bitching about ceo comp. 400k is shit for a competent CTO. I make nearly as much for a lowleey director for a small federal contractor. Welcome to tech pay.

    • EnderMB@lemmy.world
      link
      fedilink
      English
      arrow-up
      58
      ·
      edit-2
      1 year ago

      Tech pay in the US.

      Not wholly relevant to the above story, but worth calling out regardless.

    • LSNLDN@slrpnk.net
      link
      fedilink
      English
      arrow-up
      20
      ·
      1 year ago

      But 19 million in costs for 50 staff would put everyone at roughly that wage right? Or what have I missed here

      • Jako301@feddit.de
        link
        fedilink
        English
        arrow-up
        33
        arrow-down
        2
        ·
        edit-2
        1 year ago

        You’ve got tax, insurance, retirement plans, trainings…

        The average wage will be around 200k. Still a lot for the average person, but not much for an experienced programmer/ sysadmin.

        • flambonkscious@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Also, what are the chances the 3 overworked stress bunnies that were in on it ‘from day 1’ are claiming a LOT more than that??

        • Kuma@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          6
          ·
          1 year ago

          I am getting scared… That is not a normal pay here for an experienced developer. Who gets over 10k a month?! Sign me up! I would say even 100k in a year is a lot for someone, 60k to 80k is a bit more normal. But we also get payed vacationdays (30 days) plus all of the payed holidays and half days, and payed sickleave (80% of your pay) and monthly pension (4-6% of the pay). But that does not cost 140k - 120k for a company, and that was low?..

          Everyone think this is normal in the us?!

          • Socsa@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            13
            ·
            1 year ago

            An experienced engineer won’t take a piss on your lawn for under 200k total comp where I am.

          • ipkpjersi@lemmy.ml
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            1 year ago

            It depends on where you live, but yes in tech hubs in the US that’s normal pay. Of course, outside of USA you’ll see like 5x or more lower salaries. I’m happy with the money I currently make, but I’d likely make 2-3x what I currently make if I moved to USA.

  • RealM@kbin.social
    link
    fedilink
    arrow-up
    80
    arrow-down
    2
    ·
    1 year ago

    You know what, that’s fair.

    I saw a lot of discussion in the comments about their workers pay, but honestly, they make a great product. Wouldn’t wanna be counting pennies in someone elses pockets. I donated a one time 25 bucks, I hope they will continue to ask for donations whenever they are in dire need of server running money.

  • xenoclast@lemmy.world
    link
    fedilink
    English
    arrow-up
    56
    ·
    1 year ago

    Of all the services asking me for a monthly fee. $5 for a non-profit private communication tool is a no brainer.

        • madcaesar@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          2
          ·
          1 year ago

          This isn’t viable.

          I tried to buy crypto to support some sailors, but… The fees buying that shit are insane. I didn’t want to trade, gamble or by a crypto bro, just exchange some USD to bitcoin, was directed to coinbase as they are reputable, apparently and won’t steal my shit, but their fees are insane. Trading 100 USD was like 19.95 $ in fees. Fuck that shit.

          Is there a cheaper / better yet still safe way to get crypto?

          • pedroapero@lemmy.ml
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I agree this is mostly for people already owning crypto.

            Note that not all crypto are created equal, bitcoin is probably the one with the highest fees.

            The good news is that a lot of developpers accept cryptocurrency donations (often xmr in addition to btc I noticed). So you can help a lot of organisations that don’t want to pay and do legal paperwork to accept fiat.

          • Kiruko@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Using crypto isn’t for everyone, I just thought they might not know. It’s much easier when you’re ‘in it’.

            Bitcoin is generally considered expensive. Bitcoin cash would be the way to go imo, but they accept all sorts that are way less expensive.

            Personally I would reccomend p2p methods like bisq and agoradesk. But then you incure exchange fees anyway as you would be more likely buying monero (lower fees and more private), which their ‘partner’ doesn’t accept.

            Either way, still cheaper that you described

      • xenoclast@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        They have a donation thing and you can setup a monthly donation. It’s gives you a badge in the app.

    • FrankTheHealer@lemmy.world
      link
      fedilink
      English
      arrow-up
      16
      ·
      1 year ago

      Tbf, I’ve used Signal daily for about 5 years now, I completely forgot it had that crypto thing a while back. I don’t think it’s something that the current head of Signal is interested in.

      • online@lemmy.ml
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        I think Marlinspike’s weird crypto turn is what got him pushed out so we now have the wonderful Meredith the first tech company leader I’ve ever looked up to.

        Hopefully they remove that crypto thing from it.

    • fosforus@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      1 year ago

      I think it’s sad more like it. One of Cryptos’ actual real world promise was workable micropayments, and that would’ve made a lot of sense as a payment method for a service like this. Like pay either a smallish block sum every month or a tiny amount for every message you send out.

      And of course sadder still that Signal has a crypto integrated into it and failed to make it work for anything else but a cryptobro get-rich-quick scheme.

      I guess it turned out that nobody wants to implement micropayments because one of their qualities would have to be extremely tiny processing fees which both means that the implementation has to be highly efficient (so it won’t waste the already small margins on computing resources) and the implementing party has to be able to stomach very low profits until traffic gets huge.

  • Blackmist@feddit.uk
    link
    fedilink
    English
    arrow-up
    49
    arrow-down
    2
    ·
    1 year ago

    Just over a dollar a user doesn’t sound that bad.

    I suspect if they run short of money to run it, they’d add some Discord style features. Better quality voice and video sounds like an easy one to get users of it to pony up for.

    Although again, I’d prefer a federated alternative. We shouldn’t be hanging large portions of infrastructure on a handful of companies that at any point can pull the rug.

  • Fallstar@mander.xyz
    link
    fedilink
    English
    arrow-up
    42
    ·
    1 year ago

    Does put into perspective how much it costs to run at this level and how their competitors are paying costs of similar magnitudes

    • Lodra@programming.dev
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      The blog/article calls it out out well: other tech companies are running at much greater magnitudes.

  • uis@lemmy.world
    link
    fedilink
    English
    arrow-up
    35
    arrow-down
    1
    ·
    edit-2
    1 year ago

    40% of costs is salary? That’s so little for software company.

    EDIT: oops, it’s not 19/50, it’s 19/40. 47.5% Still less than half.

    • s38b35M5@lemmy.world
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      3
      ·
      1 year ago

      $19M? With 50 employees, that’s an average salary of $380k/yr if my poor math skills are correct. Is that for real?

      • Confound4082@lemmy.ml
        link
        fedilink
        English
        arrow-up
        28
        arrow-down
        3
        ·
        1 year ago

        That’s not terribly awful actually.

        If they are wanting to attract programers with experience and not have them sniped.

        Fresh out of school in that field with no experience, one can hit $75k-$120k fairly easily.

        Signal needs people who are familiar with encryption and cyber security, and are basically inventing new ways to did things in order to mantain user privacy. That is a very specific niche that takes a lot of skill and experience to do.

        • DinkleDorph@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          edit-2
          1 year ago

          Where are new grads making >75k (USD)? I made 50k CAD out of school, got a couple raises and now at 65…

          • Confound4082@lemmy.ml
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            1 year ago

            US.

            Average starting salary at my school is $68k, my department is $74k average, and I have friends who have started at $110k and had their MS degree paid for on top of that, with a pay bump after their degree.

            I turned down $80k starting in a really low CoL area cause they didnt have a big enough moving allowance, and I have a few other options I’m pursuing that are more appealing to me.

          • Moneo@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Damn you are me from the past, except I don’t have a degree. The pay is much worse up here. I’ve considered trying to get work down south to make some $ but the US is kind of a shit show right now and I don’t want to live in a car dependent city.

          • Takumidesh@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Made 75k out of a 12 week coding bootcamp. Didn’t go to school, but worked as a mechanic for about five years before that.

        • Max-P@lemmy.max-p.me
          link
          fedilink
          English
          arrow-up
          7
          arrow-down
          1
          ·
          1 year ago

          And it’s the kind of product you don’t want a 80k developer to introduce security vulnerabilities left and right. You get what you pay for.

          Security minded people are usually very skilled, and everyone’s competing to get them.

          Could it be run cheaper? Yes probably. Would the product enshittify after a while? Absolutely yes.

        • MeanEYE@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          1 year ago

          More likely average developer salary and CEO takes couple of millions as a bonus every year, as they all do.

          • ipkpjersi@lemmy.ml
            link
            fedilink
            English
            arrow-up
            6
            ·
            1 year ago

            This is unfortunately almost definitely how it works.

            After all, what kind of CEO can live with only having one yacht?

            • MeanEYE@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              1
              ·
              edit-2
              1 year ago

              According to tax filings, they are not paying him a single dollar. Which is something am finding very suspicious. Especially considering he gave the company ~$100M for startup. But if it’s true, then it’s commendable. Person who has $100M in cash to shell out for a startup doesn’t need to worry about the money, it’s just that they often only care about that.

        • TowardsTheFuture@lemmy.zip
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          I mean, multiple places online saying literally less than half that at the high end. Also, I could see a few making that much I guess but all 50 employees?

          • Bezerker03@lemmy.bezzie.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I also dunno signal itself. There’s no leveling info or there. According to blind posts asking about the tc I quote.

            “Work at signal currently and can say the pay is competitive. There’s no equity given it’s a nonprofit but there are many benefits that add up very quickly. Maxed out 401k match, which is ~$20k right there every year, as an example. As a nonprofit you can look at the 990 (I think the most updated one is from 2019 on propublica) that shows salaries for certain employees.”

            Reading other posts base salary goes up to 250k.

            They don’t give equity so maybe benefits being factored in.

          • Bezerker03@lemmy.bezzie.world
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            1 year ago

            What bullshit? Entry level sde 1 at Amazon is 176k. A senior with around 4 to 5 years of experience is 359k.

            E5 at Facebook is 412k. Levels.fyi has all the stats.

            Like if you’re a company competing against these companies for talent that’s what you gotta pay. During the pandemic it was even worse with people getting like 20-40k sign on bonuses etc too.

              • Bezerker03@lemmy.bezzie.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                1 year ago

                I mean citation needed… Levels.fyi. It literally lifts all the major tech company salaries and stock breakdown.

                Also I was a hiring manager that competed against these companies during the pandemic. I know the salaries lol.

      • uis@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Oops, it’s 7.5 percent more. Anyway. Article summary says 40M is total operation cost including 19M in wages.

      • pandacoder@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        You aren’t accounting for overhead (taxes that aren’t listed on an employee paystub, insurance, benefits, training, etc.)

        The advertised salaries are closer to a 150-200k average which is pretty ordinary.

      • tehbilly@le.ptr.is
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        That’s assuming even pay distribution, which is obviously not the case anywhere.

        Still, I hope the distribution isn’t terribly skewed, the developers absolutely deserve to be fairly compensated.

  • phoneymouse@lemmy.world
    link
    fedilink
    English
    arrow-up
    30
    arrow-down
    2
    ·
    edit-2
    1 year ago

    WhatsApp’s initial monetization model was pretty good. Free for the first year, $1/year after that. With 400 million users, that’s a lot of money.

    Signal has 50 million, but could cover their costs for $5/year per user, I’m sure, assuming not all users would pay.

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      26
      ·
      edit-2
      1 year ago

      If the dollar fee of Whatsapp teaches us anything is that any tax you put on your app hinders adoption.

      Whatsapp intended to do that but ended up scrapping the tax for various reasons. One of them was to keep the existing user base (they have existing customers lifetime use for free when they brought out the $1 idea). Another was the fact that in some populous regions of the world credit cards weren’t common (like India) and they’d rather have lots of users there.

      Bottom line, the $1 Whatsapp is even more elusive than the WinRar license and I’ve never personally heard of anybody who ever paid it.

      https://venturebeat.com/mobile/whatsapp-subscription/

      • sergih@feddit.de
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        My dad paid for it for himself, for me and for my mother, this made a lot of sense bc in Spain, in the pre-messaging app era, sms were like 5-20cents each in most tariffs.

        It was getting to the point where it wasn’t uncommon for an average joe to just ask their friend who’s using whatsapp how to pay for it so he can have it too(many ppl had never bought anything online so they needed help)

        However things are different now, there are tons of free messaging app alternatives out there, ppl would rather change to another free one.

    • WallEx@feddit.de
      link
      fedilink
      English
      arrow-up
      13
      ·
      1 year ago

      They had 40 million users in 2021, so a dollar a year would cover the costs.

    • kautau@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      1
      ·
      1 year ago

      As much as I would hate a “premium tier” for signal. That sounds like the best approach. Charge $5 a year for features that make sense if you are a signal power user, though that can get dicey fast on what those premium features are

      • devfuuu@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        2
        ·
        1 year ago

        Basically the gamification and moneyfication that for example discord uses which are basically gimmicks for dumb things like animated avatars or special stickers and we clearly know there are a bunch of people that actually fall for it and give money to feel superior for having those things.

        • kautau@lemmy.world
          link
          fedilink
          English
          arrow-up
          7
          ·
          1 year ago

          Sort of, though I’d be hesitant to say “actually fall for it” in the case of Signal considering it’s a non profit. They’ve worked really hard to solidify chat privacy, and this is more like “if you use signal a lot, and want some features that in no way impact the service but might be something you’re interested in, perhaps you’d donate?”

          It’s either that or beg for donations with banners Wikipedia style. They’ve laid out their costs here pretty well. It’s expensive. I mean even your point of “feeling superior,” many who champion privacy are asking people to switch to signal to chat with them because they won’t use other non-secure chat apps, so I see nothing wrong with a “donor” indicator that can be added to their profile or something.

  • Kalistia@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    1
    ·
    edit-2
    1 year ago

    My non-pro question is : if it was a peer-to-peer service like element, using a decentralized protocol like matrix, wouldn’t it be a huge cost saver because of less data bandwidth and server costs?

    • steltek@lemm.ee
      link
      fedilink
      English
      arrow-up
      55
      ·
      1 year ago

      That’s Matrix. End to end encrypted, decentralized, and open source.

      Bridging opens it up to other services as well, like how Pidgin/Adium/Gaim used to work.

    • MeanEYE@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      1
      ·
      1 year ago

      There’s application called Session, which is essentially forked Signal, but doesn’t rely on servers or phone numbers. Instead it uses Tor network and is decentralized. It’s kind of annoying though considering adding people to your contact list, you have to scan their id. Increased security but it goes to show why Signal opted for phone numbers.

      • ALostInquirer@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Instead it uses Tor network […]

        Are you sure? Do they use that alongside the weird blockchain backend they had going, or switch over at some point? I remember looking into Session awhile ago but I wrote it off because of the blockchain/cryptocurrency shenanigans involved in the architecture.

        As I recall part of the idea was that the cryptocurrency would serve as a sort of incentive for people to run nodes for the Session network to operate.

        • MeanEYE@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          I am not sure to be honest. It’s something I’ve read, installed application and tinkered a bit. Decided no one from my friends will use this since I already inconvenienced them into Signal. Then promptly removed it.

    • topinambour_rex@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      2
      ·
      1 year ago

      No, we need a lemmy version of chaturbate.

      I mean, there is already matrix. But does there is already a cammodelling federated tools ?

      No, so stop reinventing the wheel, and let’s make something new and original.

  • subignition@kbin.social
    link
    fedilink
    arrow-up
    19
    arrow-down
    3
    ·
    1 year ago

    Now I want to know more about that $6 million annually spent on SMS messages… That seems like a ridiculously unnecessary cost, wonder if some startup can wedge into the market and undercut the competition.

      • bobs_monkey@lemm.ee
        link
        fedilink
        English
        arrow-up
        17
        ·
        1 year ago

        It wouldn’t surprise me if they keep the SMS verification to keep the number of superfluous accounts to a minimum, which would likely greatly exceed the $6m operating costs. I also wonder if that $6m included their now defunct SMS integration, and if that cost has changed at all.

        It’s also worth noting that while SMS is typically nowadays a free feature, it wasn’t always as such. It used to be that users were charged per message, especially in Europe, which is why Europeans tend to rely on messaging services instead of SMS; US carriers made SMS free only maybe 10-15 years ago, and that was only to US based numbers. When you’re dealing with many people that are international, such as in the EU, that adds up quickly. SMS is a Telco utility, and they tend to be, er, behind the times as it were. Remember that when you’re an internet-based service and you want to interface with a Telco utility, ie via SMS, they charge a tarrif, like a toll road. While Telco utilities are all digital and voip-equivalent based these days, they are still a private network and charge fees to access. And I am now rambling so I’ll stop here.

        • GnuLinuxDude@lemmy.ml
          link
          fedilink
          English
          arrow-up
          15
          ·
          1 year ago

          I remember once a girl I was friends with lamenting that someone sent her two text messages when it could’ve been one, because each one counted against the free quota before you were charged per text.

      • subignition@kbin.social
        link
        fedilink
        arrow-up
        10
        ·
        1 year ago

        Right, the reason why SMS is used was explained in the excerpt, I’m not asking about that. I guess what I’m curious about is how badly the telecom firms they’re purchasing SMS services from are price gouging, and if they are, why there hasn’t been a startup in this space

        • redcalcium@lemmy.institute
          link
          fedilink
          English
          arrow-up
          8
          ·
          edit-2
          1 year ago

          In my country, all carrier here would block bulk SMS sending (and terminate your phone number if they think you abuse it) unless they come from a special short number account (e.g. those with 4 - 5 digits phone number), and those account is not cheap. That’s where the telcos made money from sms these days now that ordinary people don’t use sms much. They would partner with api providers such as Twillio to setup the account. You can review Twilio international sms pricing for an overview of sms prices across the globe. In my country, it’s 50x more expensive than US.

        • PlutoniumAcid@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          You mean startup for sending SMS? That would have to be a real telco, otherwise it would just be a front that is essentially renting capabilities from an established telco - and it would suffer the same fees/rates as Signal. Either way, really expensive to operate, with no real benefit to show for it.

          • subignition@kbin.social
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            I mean… yeah. A real telco. I figure it has to be one of a few things:
            a) The profit margins baked into existing SMS services are razor-thin and there’s no room for a startup to undercut that (unlikely);
            b) The monopoly of the existing telcos is thorough enough that they can shut out newcomers;
            c) The initial costs of any potential newcomers are great enough that nobody can secure funding;
            d) Nobody both wealthy and moral enough has had this idea yet