“Telegram is not a private messenger. There’s nothing private about it. It’s the opposite. It’s a cloud messenger where every message you’ve ever sent or received is in plain text in a database that Telegram the organization controls and has access to it”
“It’s like a Russian oligarch starting an unencrypted version of WhatsApp, a pixel for pixel clone of WhatsApp. That should be kind of a difficult brand to operate. Somehow, they’ve done a really amazing job of convincing the whole world that this is an encrypted messaging app and that the founder is some kind of Russian dissident, even though he goes there once a month, the whole team lives in Russia, and their families are there.”
" What happened in France is they just chose not to respond to the subpoena. So that’s in violation of the law. And, he gets arrested in France, right? And everyone’s like, oh, France. But I think the key point is they have the data, like they can respond to the subpoenas where as Signal, for instance, doesn’t have access to the data and couldn’t respond to that same request. To me it’s very obvious that Russia would’ve had a much less polite version of that conversation with Pavel Durov and the telegram team before this moment"
What is not mentioned… there’s no privacy when the device itself is compromised. For instance, Android phones can read and phone home data from your notifications. In that case, any messenger app wouldn’t be private from Google’s eyes.
As much as I’d like to favor foss and federated messenger apps, telegram isn’t as much garbage as whatsapp:
1.The client is somewhat open source and have forks like Forkgram, Materialgram and unoffical clients like Telegrand.
2. Telegram isn’t E2EE by default but at least it doesn’t lie about it and have E2EE secret chat when nessesary, that means crucial chats stay on your device and the rest stay on their database recoverable and syncable across devices.
(Yes, whatsapp supposedly is E2EE but we can’t know for sure, it’s closed-source.)
3. You can use telegram as a cloud service with only 2GB per file limit, unlike whatsapp.
(There’s even a third-party app that utilise this as a cloud gallery.)
4. Even tho telegram has ads in large channels, telegram isn’t funded by a greedy big-corp and it doesn’t datamine you, ads are based on the channel’s topic.Yes, in terms of privacy, telegram isn’t the best option, Signal, Session, XMPP, Matrix, or SimpleX have better privacy features, less linkability and E2EE by default but telegram is very mainstream and got more publicity, making it the whatsapp alternative it advertises itself as-is.
Publicity doesn’t make a better messenger app, but for what it tries to do, it’s adoptable for simple users, doubles as cloud storage and is more secure than the garbage being whatsapp.Immigrating users to different apps is a headache on it’s own, but if they know of telegram and it’s not privacy invasive, that’s not bad.
Isn’t it possible to verify WhatsApp encryption with packet sniffing?
Yes, but how would you know Meta doesn’t have a copy of your encryption key (ex: when you sign up) and keeps a copy of your encrypted messages somewhere?
AFAIK your encryption key resides as whatsapp’s data folder but since whatsapp is closed-source you can’t guarantee that whatsapp gave the encryption key to Meta’s server at some point when it was created; (or it was created on their servers and sent to your device.)One would just assume the encryption key is made on your device and never sent to Meta and all the E2EE messages aren’t kept on Meta’s server after they are sent.
Again, Meta is a company that is profiting on targeted advetising and selling user data, how would whatsapp be a free service without any profit?
Also, Here’s someone who saw their whatsapp chat used for targeted ads on them in case you have doubt.
His NAME is MARLINSPIKE?? Like the ancestral home of Captain Haddock from Tintin?! We really are living in a simulation
It’s also the name of a tool for working with braided rope.
Where I am, Telegram is mainly used by alt- und far right figures close to Russia. Facts don’t matter in these circles any more. Feelings do. And Durov knows how to manage those.
Isn’t Telegram is a Social Media?
I don’t think, at this point, people who use Telegram do it for their privacy. I still use it, but I don’t trust it one bit more than I trust WhatsApp.
The body language in this video is wild.
Body language of the interviewer?
No, both. The interviewer seems extra comfortable at the start but by the end they both seem on the same level. I think in a good way, not sure it’s a good method to get a read on either of them if i know my friends 😆
They’ve done a really amazing job of convincing the world that this is an encrypted messaging app.
This is a play on people’s naivety. It is an encrypted messaging app in as much as regular messages are encrypted between the client and the server. It’s just that this achieves nothing for the user in terms of privacy unless you can both completely trust the provider (you shouldn’t) and be confident that the back-end can’t be compromised (you can’t).
They do also have “secret chats” that are apparently E2E encrypted, but you’d be mad at this point to give them the benefit of the doubt without at least looking at independent security audits of the client.
Why are they sitting in a sauna?
Build sauna, host interview in sauna, sauna is tax writeoff
Damn that’s brilliant.
I stopped using Telegram as soon as I learned their chats aren’t E2E encrypted unless you create a secret chat. Their advertising is so misleading. Even WhatsApp is more private than Telegram.
When you build a backdoor into your “encrypted messenger” its just a surveillance app
Dude for the first 15s I thought this is porn
Raising money for Signal with OnlyFans
its the sauna
How I hate that saunas are associated with porn and sex. It’s not supposed to be sexual and it’s an awful, just terrible place to have sex
I don’t know man, those benches are nice for a variety of positions. Plus, you are already naked…
Just trust me on this one, 80’C+ room just isn’t the place for that sort of exercise. And it’s not like your heart rate isn’t up already lol. It’s a terrible experience
Slow down, big daddy! You can be gentle at it sometimes.
I want you to actually try sauna sex and report back to me, if you don’t believe me. But don’t say I didn’t warn you lol
you are gonna feel way too gross in the sauna to wanna have sex
Why is this interview happening inside a sauna?
for the thumbnail :)
She likes putting guests on the hot seat.
If you watch the video - its explained starting at 1:13, Moxie built it himself: https://www.youtube.com/watch?v=cPRi7mAGp7I
That’s fucking awesome
Why is this interview happening inside a sauna?
It’s his favorite sauna. He built it himself.
Why did he invite the hot reporter chick to his sauna? would be the follow-up question…
It’s a sauna on a boat. She’s out in the middle of nowhere with some dude she barely knows. You know, she looks around and what does she see? Nothin’ but open ocean.
That explains that awkward interaction in the interview. It’s like an interview happening in the Black Lodge.
Because of the implication…
it’s the D.E.N.N.I.S. system working
If I had a personal sauna, I’d invite everyone. But I’m not from puritan central (USA) so that might be a foreign concept to some readers.
You answered yourself.
Right? If they’re just chatting this should be happening in a jacuzzi with nice glasses of milk 🍼 👍
Somehow all these years I thought that Marlinspike is either Swedish or Finnish, so the sauna would be on brand.
Why not? I thought it was een interesting choice ;-P
Like in a sauna you should be completely exposed or something
They say the trick to public speaking is to picture the audience naked, but I actually prefer to do my interviews in a sauna so the audience pictures me naked.
All these apps owned by corporations are just black boxes where you send information and nobody knows for certain what they do with it.
Best case, they parse it, cross it with other data and make it profitable (for them, not for you).
Worst case… Who knows…
It’s also important to continue educating people about the fact that Signal is incredibly problematic as well, but not in the way most people think.
The issue with Signal is that your phone number is metadata. And people who think metadata is “just” data or that cross-referencing is some kind of sci-fi nonsense, are fundamentally misunderstanding how modern surveillance works.
By requiring phone numbers, Signal, despite its good encryption, inherently builds a social graph. The server operators, or anyone who gets that data, can see a map of who is talking to whom. The content is secure, but the connections are not.
Being able to map out who talks to whom is incredibly valuable. A three-letter agency can take the map of connections and overlay it with all the other data they vacuum up from other sources, such as location data, purchase histories, social media activity. If you become a “person of interest” for any reason, they instantly have your entire social circle mapped out.
Worse, the act of seeking out encrypted communication is itself a red flag. It’s a perfect filter: “Show me everyone paranoid enough to use crypto.” You’re basically raising your hand.
So, in a twisted way, Signal being a tool for private conversations, makes it a perfect machine for mapping associations and identifying targets. The fact that it operates using a centralized server located in the US should worry people far more than it seems to.
The kicker is that thanks to gag orders, companies are legally forbidden from telling you if the feds come knocking for this data. So even if Signal’s intentions are pure, we’d never know how the data it collects is being used. The potential for abuse is baked right into the phone-number requirement.
The fact that Signal is operated centrally, and it’s being developed by people with connections to US intelligence while being constantly pushed as the best solution for private communication should give everyone a pause.
Opinion: I think painting in Signal in such negative light is more harmful in the practical sense. Having fragmented messaging towards the public that does not care about many of these aspects just makes them a lot more hesitant to change, from my perspective.
We as a community should, in my opinion, pick a “good enough” solution for the majority of the people we interact with. That in itself is a market force to show interest and demand for private solutions. Most people I know don’t have the tools or knowledge or time to understand nuances and all they’ll hear are conflicting messages.
For us more technically inclined people: hell yeah, let’s figure out the ideal model and bring it up to maturity so others can join when it’s fleshed out. E.g. when lemmy came to my attention in the reddit 3rd party app fiasco, I was really confused on how to sign up and use it. And I’m no stranger to tech.
Edit: spelling
We as a community should, in my opinion, pick a “good enough” solution for the majority of the people we interact with.
I’d probably suggest Deltachat. It’s decentralized and has always on encryption, but is so incredibly simple and easy to onboard and use, and doesn’t require a phone number or even an email. It also works on all platforms with a single app.
There are plenty of good enough options like SimpleX Chat out there that don’t have this problem. The whole argument that people should just ignore the obvious issue with Signal is frankly weird.
Accept defects != ignore
My original comment that you replied to was explaining the defects. People are free to decide whether they want to accept them or not. Your comment is saying that it’s harmful to discuss these defects which implies that we should just ignore them.
I was talking about the “educating people” part. I interpreted as “let’s steer them away from Signal towards a better solution”. If it’s not the intent then my comment is irrelevant
Again, I think people should be aware that there are alternatives to Signal, and be able to make an informed decision on the trade offs that matter to them. My personal view is that there are absolutely better platforms than Signal, but if people understand the potential risks with Signal and use it because it’s convenient or their other contacts use it, etc., that’s entirely up to them. It’s just not what I would personally recommend if people want privacy.
Fair enough
You think we’re living in an ideal world, but we’re not. Most of our family and friends use WhatsApp and other big tech messaging apps. You make valid points, but they’re just a dream if messaging means people and if there aren’t people, it’s not messaging.
Apparently they don’t store contact info.
https://signal.org/blog/looking-back-as-the-world-moves-forward/
The problem is that you just have to trust them because only people who actually operate the server know what they do or do not store. Trust me bro, is not a viable security model. As a rule, you have to assume that any info an app collects, such as your phone number, can now be used in adversarial fashion against you.
Trust me bro
Yeah, this is the viable security model.
I’m not a developer, but if the client and server code is open (AGPLv3), you can definitely know what they do or store.
Yeah there’s a reason they don’t allow you to use your own self hosted server.
People just accepting what companies say is how we ended up in the current mess. But here we are again. Companies work around how people perceive things to be secure and private all the time. It’s just one small cog in the big machine.
It’s how some NGOs are part of a intelligence and surveillance network but people only focus on the social work and it becomes immoral to criticize the good things they do as a cover.
There’s also reluctance to release it in f-droid. They say they want to becontrol the distribution, but they have no problem with Apple and Google being the main distribution platforms. They haven’t even looked at unified push. And that just adds to the “there’s something else going on” factors.
Signal protocol might be bullet proof but the app supplier, centralized server, and phone number requirement and the most mainstream OS aren’t. When you combine with how mainstream OS companies like Microsoft, Apple and Google work together with the feds, there’s ways that the bulletproof protocol may not be sufficient and is only a part of the bigger picture. There’s also US government spying on notification.
They may work without them but the inconvenience will deter 99% of people. Being dependent these external factors, It just doesn’t feel as bullet proof as a whole.
Whatsapp also uses the signal protocol, but you wouldn’t trust them because they’re under facebook, would you?
I also find it really weird how aggressively Signal is being pushed everywhere, and how any criticism of it gets dismissed or ridiculed. It feels a bit like a cult at this point.
And that is the problem with anything you don’t write yourself. And for anything you do write yourself: Are you smarter than the three-letter agencies?
There are plenty of chat services that aren’t centralized and hosted in the USA.
Sure… and my point is that you have to trust those services that aren’t hosted in the USA. It’s a choice you have to make. I’m not judging either way, just pointing out because what I responded to in the comment to which I replied was:
The problem is that you just have to trust them
Which is true of open source unless you read the code and can verify nothing nefarious exists; which is true if you use a service in a country you trust; which is true no matter what you’re doing.
Not all entities are deserving of the same level of trust - some are more trustworthy than others - but you are still making a decision to trust someone unless you write the code yourself or verify the code yourself.[1]
And had the capability and time to do so ↩︎
Which is true of open source unless you read the code and can verify nothing nefarious exists
Not at all. Not everyone needs to audit open source, only a few interested experts do. Most importantly, auditing is possible because its out in the open.
The just trust me model of signal means its impossible to audit, unless they give us their centralized database and server code.
If you are not auditing the source code, you are trusting those that are.
You don’t have to trust anybody when you run your own server, or you use a server that doesn’t collect information it has no business collecting.
You don’t have to trust anybody when you run your own server,
You have to trust the people that wrote the code.
or you use a server that doesn’t collect information it has no business collecting.
Again, you’re trusting the authors of the code.
Which is fine, but it’s a choice to trust them.
You have to trust the people that wrote the code.
There’s a big difference between having confidence in open source code that has been audited by many people, and knowing for a fact that the service collects specific information. In the former case, you can never be absolutely sure that the code is not malicious so there is always a risk, but in the latter case you know for a fact that the service is collecting inappropriate information and you have to trust that people operating the service are not using it in adversarial ways. These two scenarios are in no way equivalent.
Which is fine, but it’s a choice to trust them.
It’s a choice to trust the entire open source community around the project and all the security researchers who have been looking at the code.
Frankly, I have trouble believing that you don’t understand the difference here and are making your argument in good faith.
Frankly, I have trouble believing that you don’t understand the difference here and are making your argument in good faith.
Let’s back up to what I replied to in the first place:
You don’t have to trust anybody
I even took the time to quote that, because it’s important.
Of course there are different levels of trust. But what you said is flatly wrong and misinformation, if you want to get technical about it. Arguing in bad faith? I beg your fucking pardon, friend.
Just becuase it’s less likely to find nefarious code in open source doesn’t mean it doesn’t exist. There ahve been multiple cases of it found in open source code. Blindly trusting something because it’s open source or you host it on your own server is a very very false sense of security, especially in the context of the larger discussion, which came about in regard to what information is exposed by certain messaging clients.
It’s also a matter of the importance of what you’re doing.
I wrote a little CRUD app a while back to track me giving my cat medication. I sanitized inputs, but I left it open without a login on my server, just an obscure URL that didn’t get published anywhere. All you could do was click a button to indicate the cat had been medicated, or another button to delete the latest entry. That was plenty of security for that. If I was writing a banking app, I’d use a bit more.
So yes, in the same way as that, hosting something you use to chat with friends about whatever is one thing; trying to communicate secretly from a country where your comms might lead to being put to death is quite another. And in the latter case, it’s important to know that no matter what you use, unless you wrote it or read all the source code, you are trusting others with your life. Perhaps you feel comfortable doing that, but you should be aware of it.
So no, this is not a discussion in bad faith at all, it is valuable on multiple levels.
And the client, too.
Precisely.
And it’s worth repeating here - the level of trust needed is affected by the nature of what you might lose if that trust is broken. For non-important things, trusting a third-party company is probably fine. If you’re in a country and being found out might mean you get put to death, though, the stakes are a bit higher.
No need for that when self hosted open source projects exist
But again, you either read the source to confirm there’s nothing nefarious, or… you trust the programmers.
Which is not a problem, but it is a choice to trust. All I’m pointing out. :)
Well yeah everything is a choice when trust is the matter, but there is a difference between choosing a community project that can be audited by different transparent parties and choosing a private company on their own servers (even on source available projects)
Removed by mod
There’s no such social graph to speak of. Signal does not know who is speaking to whom.
The only people who know this are people operating the server. Period.
Three-letter agencies have served them legal subpoenas many many times and they never turn over anything more than the above information.
See the link I provided above.
Filter for…what, exactly? The hundreds of millions of people who value private and secure communications?
Yup, that’s precisely what it’s a filter for.
We do, because they publish them publicly.
Trust me bro is not a viable model for anybody who actually gives a shit about their privacy.
The reality of the situation is that Signal asks users for information it has no business collecting during the sign up process, and this information can be used in adversarial ways against the users. People using Signal are making a faith based judgment to trust the operators of this server.
nope… signal has sealed sender to prevent them from building a social graph
Nope, sealed sender does not address the problem because the phone number is collected at sign up time. The whole sealed sender concept is just another trust me bro mechanic because, once again, nobody aside from people who are actually operating the server know what it’s doing. Signal is proof that vast majority of people don’t understand the basics of privacy and security, and they don’t actually care.
the phone number being collected at sign up just proves that you use signal
they can’t build any kind of social graph from it… they can only use the information contained in the message for delivery and rate limiting
Again, the only people who actually know what the phone number is used for are the people who operate the server. I don’t know why this is such a difficult concept for people to grasp. They don’t need the information contained in the messages. Once the phone number is collected, it CAN be stored and associated with your account. There is no way for you to know whether that happens or not unless you have access to that server. There is no way for you to verify that the server does what people operating it say it does. That’s what makes it a trust based system.
yes, i’m aware that you don’t know what the phone number is used for, but what we can guarantee is that it can’t be tied back to your message history, because again that’s what sealed sender is for. in order to send messages, you use a signed, derived value that has never been seen by the signal servers (since it’s derived) but is still signed (so signal knows it’s legitimate: they can validate your identity and rate limit without knowing it)
so whilst the phone number is associated with an account, that only allows them to know that you (person/identity) use signal… but that identity can verifiably not be tied back to any messages you send
nothing about that identity other than derived cryptographic data is ever sent along with your messages
*edit: i’ll slightly retract that: of course your IP address is also sent along with messages, and that may be able to be tied back to your identity… let’s say out of band, of course… so it’s on you to use a VPN or some other method to obfuscate your source IP address. i’d say that’s generally applicable to any other service too
The only people who know this are people operating the server.
We all know this, for reasons I’ve already stated.
See the link I provided above.
Your link is broken.
Yup, that’s precisely what it’s a filter for.
100M people is not a filter…
Trust me bro is not a viable model
No one said anything about that? That is not the model.
The reality of the situation is that Signal asks users for information it has no business collecting
The business is connecting users. It’s one of the reasons it is the most viable private and secure chat platform. It’s why I have a dozen connections on Signal and literally 0 on every other platform. Because you actually know who’s using it. You can have the most private and secure messaging system in the world but if you can’t use it to actually chat with anyone, then what good is it?
No, we don’t all know this. What we actually know that people like you say this and expect the rest of us to trust you blindly, which is itself concerning.
Your link is broken.
Your browser plugins are broken, the link is fine. That said, here’s non archived version https://www.washingtonpost.com/technology/2021/06/15/faq-data-subpoena-investigation/
100M people is not a filter…
Given world population and modern data analysis capabilities it absolutely is.
No one said anything about that? That is not the model.
That’s literally the model. Signal asks you for your phone number when you register, what happens with that information after that is only known to people operating the server. Let me know what part of that you’re still struggling to understand.
The business is connecting users. It’s one of the reasons it is the most viable private and secure chat platform. It’s why I have a dozen connections on Signal and literally 0 on every other platform. Because you actually know who’s using it.
That word salad has fuck all to do with the point I made, which once again, is that you have to trust people who operate the server in how they handle this information.
You can have the most private and secure messaging system in the world but if you can’t use it to actually chat with anyone, then what good is it?
Ah yes, because there’s absolutely no conceivable way to verify whom you’re connecting with aside from sharing your phone number with an American company. You couldn’t possibly use any out of band channel to verify who the person you’re communicating with is.
Removed by mod
I’m not misrepresenting anything you said. Meanwhile, it’s very telling how you’ve pivoted to making personal attacks instead of actually addressing the problem I’ve now repeatedly explained. You’re not fooling anyone here bud.
Removed by mod
There’s no such social graph to speak of. Signal does not know who is speaking to whom.
You have no source for that other than Signal’s “just trust us” claims.
no, the technology in signal prevents it
Give me ssh access to their server so I can verify that works like it should.
Can’t? Then it’s just trust me bro
the whole point is you don’t need to trust them… you can never trust any server: your client is the only thing you can trust. you can verify using your message payloads that your sender information is not ever sent to the signal servers along with your messages
Signal has your phone number and everyone else’s who signed up. That is more than just client information, and it’s possible to build entire social networking graphs with it alone.
they do, but that information is disconnected from your messages by sealed sender: that’s the point… your sender identity is cryptographically shielded from the signal servers
they know who you are, but they have no ability to connect that identity with who you message (which you can verify using only your client)
*edit: i will say, because i’m interested in conversation and understanding not just winning an internet argument, that my conversation with yogthos here has underscored i think a place where this could still be improved: your IP address across the entire sealed sender process can be used to tie things together, if it remains unchanged (but you can change your IP address between receiving your sender token and sending messages)
signal is open source no?
There are forks that don’t require phone numbers.
Yes, but those are basically separate platforms like Session. Signal does not federate, and there’s only a single server in the US that requires your phone number to sign up.
Not effectively, since it’s centralized in the US and you have no idea what code the server is running.
Signal does claim to have their server code open, but they went a whole year one time without updating it, until they received some backlash for it.
Isn’t it reproducible?
you can never validate what code a server is running, so having FOSS server code is kinda a moot point: it can’t add anything useful to the privacy conversation
the only way you can guarantee privacy is with the client code, and they have repeatable builds so you can validate the code that’s encrypting the messages, and in that case it barely even matters if their server is streaming all the data they receive to some shady other place… especially with sealed sender
you can never validate what code a server is running
Really? if so how can we trust Lemmy?
you can’t, and shouldn’t… lemmy never claimed to be, nor has the architecture to enable it to be a private service. lemmy instances are run by arbitrary people on the internet, and some of them do run forked versions of the codebase (eg blahaj)… we have no way of verifying what’s running on the server
but interaction on lemmy doesn’t require trust. i don’t think anyone is expecting lemmy to be private
you can never validate what code a server is running
Most halfway-decent messaging services (unlike signal) are self-hostable. So yes with actual open source software, that’s very possible.
that comes down to a difference in philosophy i think… signal have detailed their reasoning for not making signals servers decentralised and self hostable, and i don’t disagree with some of them… i think everything is a trade-off, and decentralisation has scaling and usability issues
signal has done a pretty good job of creating a platform that’s much much better than alternatives in a package that’s consumable by the general public
i’m not sure that something that’s more like matrix, or xmpp, etc could do that
it might be theoretically and technically not quite as perfect, but its impact on increased privacy across the globe has been far larger because they’ve made some of those compromises
I can’t really trust anyone’s security philosophy when they market their service as “secure”, but then have it built on required phone numbers (linkable to your real identity), and a single centralized US-based server subject to national security letters.
Anyone who came up with this idea of security should be laughed out of the room.
I’m convinced signal’s entire support is similar to apple’s : they make vague untestable claims about security, whilst having a shiny and functional app.
There are so many self-hostable alternatives that have signal beat on both those, that make any reason for using it moot.
Best alternative?
It really depends on your needs and what people you communicate with are willing to use. A few platforms that are notable in no particular order.
SimpleX Chat is probably the gold standard right now. It uses absolutely no user IDs such as phone numbers, no usernames, no random strings of text. Instead, it creates unique, pairwise decentralized message queues for every single contact you have. Because there is no global identity, there is no metadata connecting your conversations together.
Session is a popular Signal alternative. It doesn’t require a phone number and routes your messages through an onion-routed decentralized network that’s similar to Tor. Since your IP address is hidden and messages are bounced through multiple nodes, no single server ever knows who is talking to whom, stripping away metadata.
Jami is completely decentralized, open-source platform. It uses Distributed Hash Tables to connect users directly to one another without a central server. Notably, it supports high-quality voice and video calls.
heard SimpleX is really good, the only thing that bothers me is their vc funding model. It makes me feel a bit suspicious.
Yeah, I’m leery about anything where vcs are involved as well for obvious reasons. The tech itself does seem solid though, and it is open source. If it does start moving in a sketchy direction at least it could be forked at that point.
Session is a security downgrade. It doesnt support forward secrecy which is hella important.
Session actually does implement a form of forward secrecy through the Session Protocol. https://getsession.org/blog/session-protocol-v2
It seems that forward secrecy is still in development from the blog you showed.
I still wouldnt use session for the reasons stated in this Soatok’s (a cryptographer) blogs. Even if they fix(ed) these problems, I have no trust for their security implementations. Why use session instead of something like Briar?
https://soatok.blog/2025/01/14/dont-use-session-signal-fork/ https://soatok.blog/2025/01/20/session-round-2/
I’m not advocating for using Session specifically, I just listed it as a viable alternative to Signal. Given that it’s forked from Signal presumably it’s an easier switch for people who like the general mechanics of Signal and its encryption system.
Understood.
I really want simplexchat to evolve and get more features. If they ever make a lot of mod tools and the possibility to make giant servers with thousands with chatrooms like discord I could see it having mass appeal due to the ease of “signup”
yeah it definitely has some promise
I like your analysis, and would love your thoughts on matrix(assuming you have ofc)
It’s better than Signal since you don’t have to disclose any personal info, but people have pointed out some issues with federation in it. Again, it’s one of those things that may or may not matter based on your use case.
That link seems dated (Nov. 2024). If anyone finds a more current critique, pls send. I also get auto-kicked from HLC simplex group, so I’m not sure what to think of them but commando’s matrix server was amazing befored abandoned
People keep finding significant vulnerabilities in its cryptography and the Matrix team tries to deflect or create strawmans for why it isnt actually a vuln. Soatok found a vulnerability in 2024 by just browsing the source code for tiny bit of time, and again just two weeks ago after looking for a couple hours. In both cases, Matrix then responded to his vuln report with hostility, saying it wasnt actually a vulnerability. He is sitting on another vulnerability.
Having a cleartext mode is a security downgrade and no secure messenger should support cleartext. It only barely got functional forward secrecy recently. VoIP in most Matrix clients (and servers) still use Jitsi backend which isn’t E2EE, even with the release of the newer (secure) Element call protocol. Matrix leaks tons of metadata, such as usernames, room names, emoji reactions, generate URL embedded previews. Rooms arent encrypted by default. It is also a UX nightmare and often times you cant decrypt your messages.
Matrix is not secure. You’d be better off with XMPP and OMEMO which has its own problems and isn’t secure either. Sill better than Matrix.
“sitting on a vulnerability” does this mean he’s discovered another exploit but refuses to disclose it essentially?
Probably Briar. Encrypted, P2P, and doesn’t require anything but a username and password to sign up. Pretty sure that username doesn’t need to be unique, it’s just what people will see you as in messages.
Downside is it’s only Android, so many people are left out.
sadly Briar has been stuck at the “cool idea” stage for years. Still no desktop app, still no iPhone app.
Still working android app.
If the username doesn’t have to be unique, couldn’t you impersonate people?
It doesn’t work like a centralized server for connecting contacts. You use a unique link per device to initiate the original connection with others at a distance or you can use QR codes in-person.
The link just tells briar where to route the messages and looks like:
briar://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx (50 char alphanumeric key)
So there’s no way to impersonate someone directly. If you made two contacts and they use the same username, I suppose you could mistake them, but their contact connection keys will not be the same.
Hopefully that makes sense, if you look in the app or their site, it’s probably explained clearer.
The link is not working. Would you be so kind as to provide the article link?
