this post was submitted on 04 Aug 2023
55 points (95.1% liked)

Privacy

31872 readers
555 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

A genuine discussion about the best FLOSS decentralized system to share poop emojis and videocall your dog.

all 23 comments
sorted by: hot top controversial new old
[–] pineapplelover@lemm.ee 13 points 1 year ago (3 children)

I would use simplex if there was a desktop client. I like Signal because I can use it across all my devices.

[–] ISOmorph@feddit.de 11 points 1 year ago* (last edited 1 year ago)

The desktop client is in beta right now. I should go public by next week for all platforms save windows. Windows is planned for about a week later. However, in the first phase, there will be no account syncing (but it's on the roadmap). So you will need one account for each device, which is fine imho, since you can set up groups instead of 1-on-1 chats to resolve that issue.

[–] opt9@feddit.ch 3 points 1 year ago* (last edited 1 year ago)

Signal is wannabe private because of phone number, metadata and contacts mining (even though they say they don't, they can). Simplex looks promising and the guy is headed in the right direction. As soon as he makes it that the servers cannot correlate which IP is talking to which IP, I will say they are a really good solution. Telling people to use Tor with your app for privacy is not a solution.

Besides that, it is a very well made app that has a nice UI and works very well. Also many good features.

[–] ranok@sopuli.xyz 2 points 1 year ago (1 children)

It runs well enough in Windows Subsystem for Android!

[–] Pantherina@feddit.de 2 points 1 year ago

Right, you can just use an Emulator. If the apk runs on x86 not even that, Waydroid on Linux works natively

[–] expr@programming.dev 12 points 1 year ago

Another super cool thing about it is that it's written entirely in Haskell!

[–] comcreator@lemmy.world 6 points 1 year ago* (last edited 1 year ago) (1 children)

Im not a fan of no identifiers. Sure simplex is secure with it but I would like to see something like simplex that uses 24 word seed phrases to generste millions of unique identifiers the user can easily backup and restore from a piece of paper and not from a digital backup file.

[–] Shaul@lemmy.ca 4 points 1 year ago (1 children)

That wouldn't work for anonymity because in order to be able to restore from a passphrase or seed, it must be kept somewhere remotely that people can access and activity can be tracked. That's why there's no anonymity with bitcoin.

If all the identifiers are prerendered then they must be stored somewhere discoverable. What you are referencing is the best for security, SimpleX is the best for privacy.

[–] comcreator@lemmy.world 1 points 1 year ago (1 children)

Monero is a privacy coin that allows for multiple subaddresses.

The reason I prefer having identities (subaddresses) and to recover these addresses using a single 24 word seed phrase is for a simple one-time backup of your addresses. This will not backup anything else.

Lets say you generate a subaddress for every single friend you have and then a few years later your phone dies and you did not make a backup in over a year. The seed phrase will be able to recover your subaddresses. You may not know who address is for which friend, but as long your friend knows they can contact you and you will still receive the message.

If simplex implements multiple reuseable addresses that are generated by a seed phrase like a cryptocurrency, it will be a killer app. I am not against removing the single use one time codes to establish communications, that is a cool feature, just not possible to backup these communications on paper.

Paper backups are considered the most secure since it is not backup using a computer.

[–] Shaul@lemmy.ca 4 points 1 year ago (1 children)

Have you contacted the developers to discuss it with them and ask to see if it may or may not work for optimally making contacts untraceable?

[–] comcreator@lemmy.world 1 points 1 year ago (1 children)
[–] Shaul@lemmy.ca 2 points 1 year ago (1 children)

Instead of simply criticizing SimpleX, talk with the developers directly about a passphrase recovery and see what they have to say about it for them to address your point directly insteadig of you saying it but never sharing your feedback with them.

[–] comcreator@lemmy.world 0 points 1 year ago (1 children)

I am not complaining about SimpleX. Just expressing a feature I would like to see. I could try to reach out to the devs about it though.

[–] Shaul@lemmy.ca 1 points 1 year ago

I encourage you to contact the developers with all of your opinions and they will give you a detailed technical response to everything that you expressed.

[–] possiblylinux127@lemmy.zip -2 points 1 year ago (1 children)

Simplex chat isn't really decentralized. This makes it simpler at the cost of centralization

[–] ISOmorph@feddit.de 13 points 1 year ago (3 children)

It's not P2P, but it definitely is decentralized, as in anyone can set up a server:

[–] poVoq 9 points 1 year ago* (last edited 1 year ago) (2 children)

Anyone can set up a server indeed, and you have no real way of knowing if you can trust them or not.

The official SimpleX chat website has this nice advice in this regard:

The servers have separate Anonymous credentials for each queue, and do not know which users they belong to. Users can further improve metadata privacy by using Tor to access servers, preventing corellation by IP address.

But IMHO if you need Tor to get the resemblence of metadata privacy, why use SimpleX at all and just use XMPP with Tor with works great?

To me this SimpleX is pure techno-solutionism that tries to solve a hypothetical problem and ends up as basically security LARPing and not solving many real-world threat-models at all.

[–] ISOmorph@feddit.de 4 points 1 year ago* (last edited 1 year ago)

I kinda get where you're coming from, but I think your perspective might be too "techy". I actually do use XMPP myself for the time being, but I have like half a dozen contacts on it. IMO because the set up process, presentation and apps fit a protocol born in early 2000s. Which might not bother some IT guys, but you'll lose all the normies. SimpleX is on a whole other level it that regard, but keeps the benefit of being as secure, if not more. I have high hopes this app could become the signal killer we need.

[–] astramist@lemmy.sdf.org 3 points 1 year ago* (last edited 1 year ago) (1 children)

We are together with you in favor of XMPP (I am with both hands)! You just "won't sell" that kind of solution to very many people. We are already living in a zoo of messengers. We need to come up with at least two that will cover all the basic needs and offer sufficient privacy.

[–] possiblylinux127@lemmy.zip 3 points 1 year ago

True but basicly everyone is on the main server