The encrypted messaging company Signal has long been popular with activists, investigative journalists, politicians and assorted law enforcement officials because of its emphasis on privacy and security. Its growth was steady, but slow. Then came Christmas break. Employees returned from the holidays to an unexpected surge in new users that overwhelmed Signal’s servers and sent engineers racing to increase capacity.
The catalyst was a backlash against rival WhatsApp, which announced an updated privacy policy that included sharing some user account details with its parent company, Facebook, turning off some of its two billion-plus users. Tesla CEO Elon Musk helped stoke the exodus, encouraging his army of Twitter followers to “use Signal”.
Suddenly, a niche app endorsed by National Security Agency whistle-blower Edward Snowden was swarmed by new users — more than 50 million people downloaded it within 10 days, doubling Signal’s total user base and making it the top downloaded app in 70 countries, according to several current and former employees. The meteoric growth put huge pressure on Signal’s 30 or so employees, mostly engineers, product designers and developers who work remotely from their homes in the US and Canada.
The deluge also exposed tensions about the direction and management of Signal under its unconventional founder and CEO, Moxie Marlinspike, a dreadlocked cryptographer whose varied interests have included punk rock, sailing and anarchism. A handful of employees have quit in the last year, leaving some engineering teams short-staffed. Others have complained about Marlinspike’s oversight, Signal’s growing use by extremist groups and a new cryptocurrency feature they fear could be used for criminal behaviour.
Technical genius
Current and former staffers, who asked not to be identified either because of concerns of breaching confidentiality agreements or professional retaliation, describe Marlinspike as a technical genius but a stubborn boss who has resisted growing Signal’s small team. He long maintained a “death grip” on Signal’s underlying code and servers, a former employee said. That control at times caused internal frustration, several current and former employees said. But in recent months, he has gradually relinquished his tight control over the company’s infrastructure, entrusting other executives and employees with the ability to modify code and access closely guarded servers and encryption keys, according to the two current employees.
Lately, Marlinspike’s company has also instigated a PR feud with Facebook. Signal suggested in a 4 May blog post that Facebook refused to let Signal buy ads on Instagram that sought to highlight how the tech giant gathers and makes money off its users’ data. Facebook disputes Signal’s account, calling it a stunt. “Running the ads was never their goal,” a Facebook spokesman said. “It was about getting publicity.”
Still, Signal’s campaign against Facebook, if successful, could lure more users but add strain to the company’s skeletal staff.
Signal’s issues aren’t dissimilar to other technology companies that have struggled with rapid growth. Google and Facebook, among others, have faced internal dissent as the companies have grown from scrappy and idealistic start-ups to tech giants.
But Signal is different in several significant ways: It’s a nonprofit that relies on contributions to fund its operations and is run by a founder who has shown little interest in the traditional rewards of corporate success. Can a nonprofit run by a one-time anarchist pose a serious challenge to Big Tech?
Signal can benefit from “people searching for more viable and virtuous alternatives”, said Dan Blah, co-founder of Reset and the Open Technology Fund, organisations that financially support technology projects that advance human rights and democracy. In his role at the Open Technology Fund, Blah helped provide about US$3-million funding to Marlinspike for the development of Signal.
Blah said the question is whether Signal can rise to the challenge. “They are going to have no lack of opportunity to grow,” he said. “But from a sustainability perspective, can they meet that growth? Within the current market and political realities, it’s a wild card.”
In interviews on the phone and via text — over Signal, of course — Marlinspike rejected criticisms of his leadership style and said it didn’t reflect the views of everyone at the company. He also defended the size of his staff. “I don’t think it’s better, necessary or inevitable for all technology organisations to be several hundred or several thousand person operations,” he said. “Many of the folks at Signal are drawn here for the opposite reason — small teams of committed people where work can be high agency and low bureaucracy. I would much rather work in a guild of committed craftspeople than a monster organisation where feelings of alienation or disempowerment are more endemic.”
Broadside
He also unleashed a broadside against Facebook, saying many people have grown increasingly dissatisfied with its privacy policies — and those of other technology giants. Consequently, he said he wasn’t entirely surprised by the rapid spike in new Signal users.
“We’ve really crossed the threshold where the era of utopian technology is over,” he said. “People no longer see Facebook as a company that is connecting the world. Most people conceive of Facebook as a company that is building apps for their data. And so we have been existing in this liminal space where everybody uses Facebook every day and hates it.”
Facebook declined to comment on Marlinspike’s remarks.
Marlinspike started Signal in 2014 as an app for encrypted calls and texts over Apple and Google’s mobile operating system. It grew out of earlier projects, RedPhone and TextSecure, which he co-created in 2010 with his company Whisper Systems. Twitter acquired Whisper Systems in 2011 and brought Marlinspike on board as its head of product security. But he departed after less than two years to begin work on what would later become Signal.
Marlinspike said his aim was to make encrypted communication accessible and easier to use than what was then available, which was cumbersome and difficult for ordinary people to adopt. Concerned about government surveillance of the Internet and sceptical of law enforcement, Marlinspike said he wanted to empower people to protect their privacy from authorities.
“A big part of why we created Signal was because it feels like the way the Internet works is crazy,” he said. “If in your living room there was just some weird guy sitting there that you didn’t know, taking notes about everything you said and did, you would think that’s nuts.”
In keeping with his zealous defence of personal privacy, Marlinspike doesn’t like to discuss his background or personal life and has gone to some lengths to keep it out of the public sphere.
“He leads a very private life,” said Blah, who characterised Marlinspike as someone “profoundly frustrated and bored with the way things are. He wants to instigate change on a big societal level and also on a personal level.”
Coding skills
Some scant details of his background are available in public records and in previous profiles. Moxie was a family nickname, and the origins of his surname, Marlinspike, aren’t known. He declined to confirm details such as his age and name at birth for this story.
He grew up in Georgia, where his mother was a secretary. In the late 1990s, when he was still in his teens, Marlinspike moved to San Francisco, where he got a programming job, according to people close to him. He has travelled extensively across the US, sometimes jumping on freight trains and hitchhiking. He learned to surf, obtained a master mariner licence and piloted a hot-air balloon. He helped create an online library that people in the San Francisco Bay Area could use to lend books to each other.
But his coding skills brought him the most recognition.
In 2009, he appeared at the Black Hat security conference, where he revealed a critical vulnerability that weakened the security of Internet encryption used to secure the world’s data. The following year, he presented at Black Hat again, this time promoting his encrypted phone apps, Redphone and TextSecure, while issuing a stark warning: “Surveillance is probably at an all-time high, while privacy is probably at an all-time low.”
His words proved prescient. A few years later, in June 2013, whistle-blower Edward Snowden came forward and revealed details about the extraordinary scope of top-secret government surveillance programmes in the US and its allied countries. When Marlinspike launched Signal in 2014, Snowden endorsed it and still appears on the Web page, where he is quoted saying, “I use Signal every day.”
Snowden’s disclosures triggered growing public demand for more privacy and better data security. In response, WhatsApp, Skype, Facebook and Google separately announced plans to adopt Signal’s encryption protocol into their own messaging platforms, which would eventually bring Marlinspike’s encryption to about a quarter of the world’s population.
In February 2018, WhatsApp co-founder Brian Acton joined Signal, after quitting the Facebook-owned company. Acton injected $50-million of new funding into Signal in the form of an interest-free loan and became executive director of the nonprofit Signal Foundation, where he said he would oversee Signal’s growth. The foundation’s stated aim is proving that a “nonprofit can innovate and scale as well as any business driven by a profit motive”.
Acton later explained in a talk at Stanford University that he left WhatsApp in part due to his concern that the “capitalistic profit motive, or answering to Wall Street, is what’s driving the expansion of invasion of data privacy”. A Twitter post was even more explicit: “It is time,” he wrote. “#deletefacebook.”
‘Strong leadership’
Asked to comment on some of the criticism of Marlinspike, Acton said: “I think my actions speak best when it comes to how much I admire and respect what Moxie and the rest of the Signal team have built. The bar is continually raised and met by the team and that consistency starts with strong leadership.” He declined further comment.
Acton’s hiring was a significant step. He has overseen growth of the company’s staff from fewer than a dozen to more than 30, bringing on board engineers, developers and product designers, as well as a product management executive and an engineering director he knew from his time at WhatsApp. In recent months, he has pitched in with technical work due to staff shortages, helping to manage Signal’s expanding infrastructure and booming user base, the employees said.
Marlinspike has gradually relinquished the tight control he maintained over Signal, handing over key responsibilities to newer recruits, according to two current employees. Still, Marlinspike has baulked at dramatically increasing Signal’s staffing levels, according to current and former employees. Teams of employees and executives at the nonprofit interviewed dozens of candidates for positions in the last three years, some from leading Silicon Valley technology companies, only to have several approvals held up or vetoed by Marlinspike, the employees said.
Marlinspike has told colleagues of his desire to keep Signal a close-knit group. He has also complained that he hasn’t been able to find people with the right level of expertise, the employees said.
“In the early days, one of my most important tasks was hiring great people who could come together with a shared vision for what we wanted to build and how we wanted to build it,” he said, in a message via Signal. “These days, I am much more involved at the level of trying to help with a smooth hiring process rather than making hiring decisions about individual people.”
For those hired at Signal, the standards are high and mistakes sometimes severely punished, according to multiple employees.
In April 2018, one of his company’s new hires made a change to the desktop computer version of Signal, enabling non-English speaking users to send links to website URLs that contained non-Latin characters such as Cyrillic and Chinese. The change was approved and subject to an internal and external code review, which didn’t flag any problems. But a month later, a team of Argentinian security researchers discovered a vulnerability — introduced as a result of the employee’s changes — that could allow a hacker to break into a person’s computer and potentially spy on their Signal chats.
Fired
Within a couple of hours of the researchers flagging the security issue, the employee fixed the problem. But about a week later, an upset Marlinspike called the employee and fired him. Some Signal employees at the time said they were shocked by the firing. Two former employees and one current one said they feared Signal staff would be hesitant to admit mistakes, lest they lose their job.
The employee who was fired described Marlinspike as “super brilliant” when it comes to his vision and engineering skills. But the employee, who requested anonymity for fear of professional retribution, added that Marlinspike “was relying on everybody not making mistakes. And that just doesn’t scale.”
Asked about the fired employee, Marlinspike said: “Like any other company, we have fired people who have under performed. No one at Signal has ever been fired for making a mistake.”
Joshua Lee Bauer, a Los Angeles-based former chief technology officer, joined Signal in January 2019 as a senior server engineer. But he left after only six months, citing frustration with Marlinspike’s leadership style and unwillingness to respond to his suggestions.
“I felt like all the other engineers were pleased with what I was doing, but with Moxie there was just this weird barrier,” said Lee Bauer. “After a couple of weeks he just shut off from me. He’s sort of your typical hacker. He fits the mould in every way. And that comes with pros and cons. He’s pretty good at what he does, but at the same time there’s an aloofness.”
“He’s sort of your typical hacker. He fits the mould in every way. And that comes with pros and cons.”
Signal’s sudden growth has also prompted concerns among some employees that it hasn’t created clear policies around misuse by extremists who are increasingly embracing the app.
In the aftermath of rioting in Washington on 6 January by supporters of then-lame duck US President Donald Trump, federal authorities disclosed that members of the Oath Keepers militia group had been using Signal to orchestrate their participation in the rioting at the US Capitol building. In February, Kelli Stewart, a leader in the conservative militia group People’s Rights, told a gathering of supporters that the organisation had adopted Signal because its regular method of sending out text messages had been “blocked from communicating with phone providers”.
Extremists
Gregg Bernstein, who started at Signal in March 2020 as a user researcher, identified the risk of militia groups adopting the platform. He resigned in January in part because of concerns that a new Signal feature could be misused by extremists. That feature allows users to post links online to group chats, which could be joined by up to a thousand people.
“I thought we needed to think about how this could go wrong — how the groups could be abused by bad actors,” Bernstein said. “But when I would raise issues about policies, guidelines for how we want people to use Signal, it was always a non-starter.”
“I don’t think we want to support Signal for insurrections,” he said.
Marlinspike said Signal has taken some steps to reduce the risk of people spreading misinformation, including restricting users from forwarding messages to more than five people at a time. But he was dismissive of concerns about militias or other extremists using Signal groups to organise.
“People are asking YouTube to take responsibility for content moderation because YouTube is showing people videos that they had no intention of watching,” he said. “Encrypted messaging platforms can’t do that and aren’t amplifying or making content discoverable. I think it is a different space entirely.”
In the future, Signal may become more than just a messaging app. In April, the company announced it was testing a new cryptocurrency feature that would enable “privacy-focused payments”, bringing with it a new set of issues for Marlinspike to address. Signal’s intention is to make it easier for people to send money — possibly an effort to challenge a Facebook plan to create a similar tool for WhatsApp. In addition to concerns that it could be used for illicit activity, however, some employees worry the feature could provide ammunition to critics in law enforcement, some of whom have long argued that end-to-end encryption like Signal’s thwarts investigations by protecting criminals’ communications.
Marlinspike said he isn’t too worried about authorities coming after his company because “large swathes of the government in the US and many other countries are using Signal”.
He said he is hoping to continue growing Signal as a privacy-focused antidote to what he describes as the ills of Big Tech.
“Signal is in some ways the boring project of trying to bring normality to the Internet,” Marlinspike said. “I would like to see that normality in as many places as possible.” — Reported by Ryan Gallagher, (c) 2021 Bloomberg LP