Remove GIPHY support due to Facebook involvement

[navid-zamani]

• [x] I have searched open and closed issues for duplicates
• [x] I am submitting a bug report for existing functionality that does not work as intended
• [x] I have read https://github.com/signalapp/Signal-Android/wiki/Submitting-useful-bug-reports
• [x] This isn't a feature request or a discussion topic

---

Bug description

GIPHY has just been bought by Facebook https://about.fb.com/news/2020/05/welcome-giphy/

Facebooks's privacy behavior is the opposite of what Signal stands for.

Given the general bad experience with GIPHY (slow, huge bandwith requirements not suitable for mobile, generally really bad content quality, limited to mostly English, pixely upscaled stickers, duplicating the newer stickers functionality), it would be a good idea to remove it completely, and in the long run, move the animated images (actually short videos) functionality to the new sticker collection functionality, expanding from there.

[Allowing easy sticker generation from URLs (incluing generating sticker collections from Telegram sticker sets) on a website could complement the functionality for an easy transition and expland sticker collections to a usable set quickly. (But that’s a topic for a different bug, as it would be a feature request.)]

Steps to reproduce

• Try to add a GIF.
• Type in a topic you might want a GIF for.

Actual result:

• The search is sent to a server now owned by Facebook, linked to your IP address, and certainly sold to everyone with a bit of money or a government letter.
• Meaning you will now get harassed by targeted advertising related to what you entered.
• The results are shown ... veeery slowly ... eating up all your mobile data cap ...
• and you notice that they are pretty much useless too. Usually not even including a single correct match.

Expected result:

• No data whatsoever should be sent to a Facebook-owned system.
• Results should show fast. (E.g. by only loading the preview animation if the image it tapped and held while scrolling before releasing, like e.g. PornHub mobile does it.) - And results should be limited to good matches. Not limited to one site either, but more like a privacy-enabled version of Google's animated image search (with a warning triangle for ones in the old .gif format due to size issues.)

Alternatively, GIPHY support shoud not exist at all, until a good solution has been found.

Device info

Device: Huawei ALE-L21 Android version: 6.0 Signal version: 4.59.9

[greyson-signal]

We have always used a proxy for our requests to GIPHY, and will continue to do so. There should be no harm in continuing to use it. https://signal.org/blog/signal-and-giphy-update/

[jlund-signal]

Just to add some additional context, the privacy-preserving proxy that Greyson mentioned has been in place from the very beginning. The Giphy SDK also isn't included in the app at all (and never was).

[navid-zamani]

OK, I did not know about the proxy.

I still think Giphy is really bad, slow, and with usless content, but OK, if you think it is the best Signal can do … It’s your app!

I guess I have to wait until I get some free time, to make myself something else.

[msummers42]

It would be nice to be able to disable it, optionally.

[greyson-signal]

@msummers42 No requests are ever made to GIPHY unless you open up the GIF selector. So if you don't send GIFs, you've effectively disabled it :) Still, I encourage you to read the blog post to understand the protections we've put in place.

[JimLoose]

@msummers42 No requests are ever made to GIPHY unless you open up the GIF selector. So if you don't send GIFs, you've effectively disabled it :) Still, I encourage you to read the blog post to understand the protections we've put in place.

how funny they still embed giphy without proxy in their website 🙈

[JimLoose]

Attention btw:

Facebook is famous for using hidden metadata in images to track them: https://www.forbes.com/sites/zakdoffman/2019/07/14/facebook-is-embedding-hidden-codes-to-track-all-your-uploaded-photos-report/

this might make the whole thing obsolete!

[Trolldemorted]

How does picture fingerprinting impair the usage of giphy? Worst case is all signal users get the same fingerprinted files, isn't it?

[JimLoose]

How does picture fingerprinting impair the usage of giphy? Worst case is all signal users get the same fingerprinted files, isn't it?

if Signal would cache all gif's from giphy that's right - at the moment it's only a proxy which might get a different stamped gif on every request. (still gibberish for Facebook, expect one forwards the gif to another Social Media Plattform)

Does one know how they send the request to contentproxy.signal.org?

[Newbie-Plz-Be-Patient]

I support this. Please consider adding the option to disable Giphy.

[julianfairfax]

Yeah this is ridiculous for what's supposed to be a FOSS app. If you want to send gifs you can search for them outside of the app.

[cody-signal]

@msummers42 No requests are ever made to GIPHY unless you open up the GIF selector. So if you don't send GIFs, you've effectively disabled it :) Still, I encourage you to read the blog post to understand the protections we've put in place.

[msummers42]

@cody-signal From a user safety perspective, I don't think it is good enough to simply say "just don't open the GIF selector UI". Accidents happen often, and it's extremely easy to fat-finger phone touch screens.

Does the cost of adding a simple settings boolean to opt-in/out of using this new, fun feature exceed the potential human safety cost?