There's a lot to be said for low/nonexistent barrier to entry. But like any large platform, such success comes at a price. Discord is privacy-invasive and heavily censored. It is not a viable option for secure communication, but instead tends to be a great place for fluff.
Discord is a running joke on comparatively less-frequented communication protocols like IRC (possibly just out of spite, but all the same).
They have done a great job, certainly, and have accomplished what they set out to do. But I have my personal reservations. I don't like using closed, proprietary communication protocols and would rather stick to IRC or Matrix. Granted, I am not the target audience.
Also the author claims Discord is a "multi-billion dollar business" in the introductory paragraphs but the only figure I see is the 70/120 million dollar estimate from Forbes.
Edit: this link/thread (and lots of the hyper-positive replies that appeared as I was typing my comment) strike me as possibly dishonest, especially since there was a post just this morning about the RCE vulnerability[0] in Discord's desktop application.
Arguably on IRC you can use OTR (you need a secure medium to exchange a secret or fingerprints). Its usability is awful so barely anyone uses it, but at least you can.
I guess you could do it with a browser extension, but they'll probably think you use a third-party client if they notice you're sending encrypted text.
There was actually a plugin for BetterDiscord that did that that I used (probably 2 years ago now). Can't find it anymore, but it did exist and worked pretty well.
IRC users certainly experience arbitrary censorship by petty tyrants. Of course they can move to a different IRC server (or start their own), but that's not really any easier than moving from Discord to IRC or vice versa.
It’s trivial to connect to multiple IRC servers with any of the popular clients. I don’t think it makes sense to compare that to switching to an entirely different protocol/software stack.
> Please don't post insinuations about astroturfing, shilling, brigading, foreign agents and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data.
Sorry, I've altered my edit to remove the explicit insinuation of astroturfing. I was just a little shocked when I finished my submission and saw the sameness of all the other comments.
> Discord is privacy-invasive and heavily censored. It is not a viable option for secure communication, but instead tends to be a great place for fluff.
Apart from the bit about “secure communication”, which is obvious—Discord is proprietary software that doesn’t bill itself as security-focused—could you explain the basis for these judgments? I’ve been using it for years and I’ve never been censored, have never felt like my privacy was invaded, and far from being “a great place for fluff” it’s been (for me) a source of great happiness, connection with good friends old and new, and a godsend during the pandemic.
If I were looking down on it from some Stallman-esque ivory tower, I imagine I’d have a lot more to complain about. But when I’m not in full-on tinfoil hat mode, it honestly seems like one of the least-worst offenders in the consumer-facing SaaS world today. I’d rather send somebody (my) nudes and SSN over Discord than bring one of those fucking “smart TVs” into my house, for instance.
The censorship angle is likely how discord shuts down servers used to organise gatherings that are borderline terrorism and servers used to share anime under age content.
Its worlds away from china level where your DMs are being monitored for problematic keywords.
I want to like IRC. Discord is great for gaming or chatting with friends and random people casually, but certain IRC channels tend to have extremely knowledgeable, helpful people you can't find much elsewhere. But IRC clients are just so frustrating. Just today I open the IRC client on my phone and the IP I'm currently assigned is banned from one server? I also tend to have random connection issues to certain servers and trying to Google errors messages shows me forum posts 15 years old that are vague and not helpful in diagnosing the issue.
If you can spare a few more minutes, hosting an IRC client on your own server would probably be the best choice. For example: ZNC (bouncer), WeeChat (relay -> app) or Quassel.
This is the great irony, isn't it? You want to escape Discord, because it's centralized, so you jump to a decentralized service, whose user experience sucks, so you sign up for another centralized service, just so you can use the decentralized service that was supposed to get you away from centralization in the first place.
That is why I literally said in my second paragraph that "hosting [...] your own server would probably be the best choice". Also, I was replying to somebody who complained about connection issues on his phone. He probably doesn't want to have a random timeouts when he travels from one place to another and potentionally miss important messages...
Furthermore, IRCCloud is not centralized in the same way as Discord is because you are not forced to use it. IRC is still an open protocol. For example Matrix has a big chunk of people using the official "centralized" Matrix server and the same is true for Mastodon with mastodon.social. Some prefer to self-host, others do not. I don't see the problem here. Gmail wasn't the downfall of email either.
Using a centralized IRC service like IRCCloud is an option, but not one I would opt for personally. There are also other options, ZNC and The Lounge both come to mind. You can self-host these or find an instance hosted by somebody else.
Self-hosted Matrix works fine and great. You can host either just a server, Riot (Element now), or both. You can then use any client you want with your server or any other.
If IRC had an objectively better user experience, objective usage numbers would show that. It has a better user experience /for you/ because it caters to the things that /you/ care about.
I'm not sure what pretending your preferences are objective standards is supposed to add to the conversation.
I was forced to use IRC for about ~15 years due to being involved in a big OSS project that refused to use anything else, and .. man. I honestly have to say it's my number-one most hated software program in my life. Exceeding even the sins of Adobe and Microsoft.
It made most of the collaboration work I was trying to do "here, let's just send a file" that'd be trivial on AIM/MSN/etc, into an huge ordeal (oh, I guess we better use a pastebin - er, whoops, that's too big for the pastebin, better set up our own ftp to transfer stuff)... Just tons of things that were trivial matters on other platforms were serious work on IRC.
And to top it all off - to add insult to injury, it had frequent, invisible quality-of-service errors. It wouldn't have been so bad if they were obvious, but they were completely silent "failures to send messages". Only much later, when I had some bouncers and was logged into a server on multiple accounts, did I realize how bad the QoS was - entire chunks of conversations would just fail to get sent in some cases, leading to spectacular miscommunications, and just honestly screwing up some basic human<->human conversational expectations (often making many people seem really rude).
That's the thing that just boggles me - it wouldn't be so bad to have a really awful, rudimentary UI if the underlying service was reliable - if there was any tradeoff making it worth it - but it wasn't a "you get this bad part in exchange for this other thing being better". It was just all bad - terrible reliability, terrible UI, broken features, etc etc.
---
The worst part was getting gaslit by other project members desperately trying to pretend it was anything but garbage. If we want open-source software to be great, then the very first "step one" we need to buy into is doing an honest take on what we've already got, and not trying to pretend a Trabant is a Tesla just because it's on the open-source team and it's all we've got. That is: we must not evince loyalty to a terrible program simply because it's the only OSS/Decentralized/etc entrant into a field. If it's trash, acknowledge it's trash and get to work building something great that fits the ideology.
Because otherwise something like Discord will win, decisively, and adherents to [xyz_progressive_software_ideology] will lose, and lose really badly because they'll be decades behind the curve, rather than neck-and-neck, or even, ahead (as firefox was for a while back in the IE days).
That attitude is the achilles heel of OSS. It's why we can't have nice things.
Not to try and invalidate your experiences, but "IRC" doesn't refer to any specific software program. I'd be interested to know which of the dozens of IRC clients you were using that was so horrible.
As for sending files, IRC has no real capacity for this. XDCC exists, but is an extension to IRC and isn't guaranteed to be supported by your network/server. So yes in this situation you must look to an alternative protocol like FTP (hopefully SFTP or at least FTPS).
I do largely agree with most of your points aside from reliability. In my experience large IRC networks with many servers are essentially immune to downtime. The most that happens would be a netsplit, whereupon the two halves of the network continue to operate normally (though separately) before synchronizing. From your description, I would venture a guess that (at least some of) the reliability issues you experienced were also due to your IRC client.
Anecdotally, I have certainly experienced far more outages of the centralized Discord service than I have of the IRC networks I frequent.
> Not to try and invalidate your experiences, but "IRC" doesn't refer to any specific software program. I'd be interested to know which of the dozens of IRC clients you were using that was so horrible.
We ... did try that. Of course. :(
A failure of IRC's ecosystem is a failure of IRC. Ultimately it doesn't matter what part of the big chain of interconnected pieces is actually the culprit, unless you're the rare individual in a position of leverage to fix it. A failure of implementors to correctly adhere to the protocol, or ISPs to send it, or anything - is still a consequence of decisions made by the designer who released it into the wild.
An analogy to draw is the web - the web isn't just browsers; it's webpages, it's servers, it's scripting languages, and all of these add up to an experience that can be judged as a whole. We've had many mistakes on the web - every time flash crashed on someone was a direct consequence of the quick-and-dirty netscape plugin api getting rushed to market. Decisions => consequences. But any time something's bad? It's "the web"'s fault as a whole.
And if it gets bad enough, people look for alternatives for particular tasks.
> I do largely agree with most of your points aside from reliability. In my experience large IRC networks with many servers are essentially immune to downtime.
Fwiw, we weren't talking about downtime. These issues may have actually not been caused by network outages at all.
To explain this for your benefit:
Consider that this was invisible failure. It took quite a few years before I was able to realize that "awkward silences" in the conversation were actual failures-to-send-messages. Not netsplits. The messages never got through, rather than being delayed. Just, every day or two, chunks of conversations would completely fail to send - just a couple sentences here and there. No rhyme or reason. And so intermittently, we wouldn't notice it.
It just felt like the other person was rudely not replying, so I figured they were afk, but when they came back, it was genuinely like they hadn't seen it. And once you're friends with someone and you really know their personality, you can tell that this just ... isn't like them at all to forget things like that. Or not read the backscroll. Finally I started to wonder. What tipped me off was a bouncer I had coming in from a different ISP. The bouncer got the messages, and my local never did, even days later. After that, I compared logs between myself and friends, and ... they were mostly ... similar.
But not identical. There were holes. And this had been going on for a decade.
And maybe the same thing happens to you - because really: How can you even tell?
>It is not a viable option for secure communication
Security from whom? This seems like a textbook threat model problem, and one that I'm not sure how to address as a proponent of federated/decentralized services.
I used to (and still kinda do, but times change) run IRC/TS3/Mumble servers for MMO guilds. At least in this specific MMO, DDoSing was a significant issue since gear was lost on death - an attacker finds a rich target, gets their IP somehow, fights them, knocks them offline, takes their stuff.
Most/many IP leaks were via out-of-game communication services. Since a guild's Teamspeak is probably administered by a guild member, it is trivial to pull connection info on a given user. At this point in time, Skype was still largely p2p and it was fairly trivial to obtain the IP of a call participant, so it was also a big vector. There was an IRC network "for" the game, so the situation there was better than Skype+individual guild audio chats, but opers getting bribed to leak IPs was unfortunately common.
All of this meant that when Discord showed up on the scene, a lot of people in this community went "finally, a communication service where I can both 1) talk to people I don't necessarily fully trust and 2) not have to go full perfect 100% of the time opsec to do it" and gratefully signed up. Anecdotally, this class of IP harvesting has gotten a lot rarer, largely thanks to Discord.
Most of these people, despite often having some degree of technical sophistication, don't care about Discord privacy-invasion or censorship because it isn't in their threat model - they've got more immediate fish to fry. Should it be? It's easy for us to sit in our IRC ivory towers and say so, but I think having a communication service where your privacy isn't contingent on the local admin whose court you end up in being a good person is an obvious advantage of centralization.
Of course, Discord isn't immune to issues of compromise (when you're the central point of a juicy system, attackers will try, as shown by Twitter's Saudi subversion thing and various other examples), but compromising a Discord employee is a higher bar than compromising the person running a 500-person IRC server out of their basement. Likewise, many of these sort of privacy issues in decentralized and/or federated services have technical mitigations, but not requiring technical mitigations is an advantage in and of itself.
Anyway, that's how Discord was plausibly a security upgrade for many people I knew who switched to it from IRC/Mumble. I dislike closed, proprietary communication protocols as much as the next person, but I think we've got to treat server subversion/local corruption as a higher class of problem than it usually is treated as, though that gets into a lot of hard problems all the way down the stack.
Discord is a running joke on comparatively less-frequented communication protocols like IRC (possibly just out of spite, but all the same).
They have done a great job, certainly, and have accomplished what they set out to do. But I have my personal reservations. I don't like using closed, proprietary communication protocols and would rather stick to IRC or Matrix. Granted, I am not the target audience.
Also the author claims Discord is a "multi-billion dollar business" in the introductory paragraphs but the only figure I see is the 70/120 million dollar estimate from Forbes.
Edit: this link/thread (and lots of the hyper-positive replies that appeared as I was typing my comment) strike me as possibly dishonest, especially since there was a post just this morning about the RCE vulnerability[0] in Discord's desktop application.
[0] https://news.ycombinator.com/item?id=24822755