Keeping your chats secure is a good idea, but end-to-end encryption is just the beginning of the list of options to consider when picking a messaging app.
Out of band key exchange is great -as long as people can physically meet and exchange QR codes. In reality, they are often sent via less secure means. As always, the humans are the weakest security link.
Phone number and trust-on-first-use for most people, with out-of-band fingerprint verification for the paranoid. It really depends on the threat model and the security practices/awareness of your colleagues, but a link shared on some social media or lower-security chat network is more vulnerable to a man-in-the-middle attack than a phone number for your average Joe. There are a lot of ways a person could get a manipulated invite link.
Finally someone who understands! Haven’t found anything better. Just missing the bridging bit, though that comprises the privacy/security and overall personal opinion why I started using SimpleX.
UI-wise it isn’t there yet, but actively being developed so. I miss posting photos (combined) with a comment, now they are all sent separately.
Anyhow if you are looking for privacy go for SimpleX!
SimpleX is kinda good, but also we have briar, it does have ids, but more secure and 2P2, i don’t know if simpleX was checked by third parties about security, briar was audited by cure53 for example.
I believe Briar can’t do offline messaging without setting it up to use another app. That’s the main reason my friend group shifted to SimpleX instead of Briar.
SimpleX is what I use. I tried Signal in the past, but there was a noticeable delay in receiving messages and it caused problems when using it to communicate with family.
I have no problems with SimpleX so far. It works well and looks modern. A feature I like is that you can create a different user identity for each contact/ chat thread. It also supports socks5 proxy.
Maybe, but I normally only leave battery optimization on for apps that shouldn’t be running in the background at all. This was several years ago, though. If Signal isn’t like that anymore, that’s a good thing.
Wherever Signal is mentioned, I shall mention SimpleX-Chat.
Zero user ID needed to use. No phone numbers and no username.
SimpleX-Chat!!!
Out of band key exchange is great -as long as people can physically meet and exchange QR codes. In reality, they are often sent via less secure means. As always, the humans are the weakest security link.
Fair point, it always feels dirty to send invite-link through WhatsApp, the dominant messenger in EU.
How would one go to solve the invite problem? How does Signal handle this?
Phone number and trust-on-first-use for most people, with out-of-band fingerprint verification for the paranoid. It really depends on the threat model and the security practices/awareness of your colleagues, but a link shared on some social media or lower-security chat network is more vulnerable to a man-in-the-middle attack than a phone number for your average Joe. There are a lot of ways a person could get a manipulated invite link.
Finally someone who understands! Haven’t found anything better. Just missing the bridging bit, though that comprises the privacy/security and overall personal opinion why I started using SimpleX.
UI-wise it isn’t there yet, but actively being developed so. I miss posting photos (combined) with a comment, now they are all sent separately.
Anyhow if you are looking for privacy go for SimpleX!
SimpleX is kinda good, but also we have briar, it does have ids, but more secure and 2P2, i don’t know if simpleX was checked by third parties about security, briar was audited by cure53 for example.
I believe Briar can’t do offline messaging without setting it up to use another app. That’s the main reason my friend group shifted to SimpleX instead of Briar.
Briar… not familiar with, thx for sharing privacy goodies. Will check it out.
As for audits on SimpleX, there have been some. Not sure when the last one was tho, they prob have something on their site with a date.
Not sure I want to tell all my friends to get simplex with me.
SimpleX is what I use. I tried Signal in the past, but there was a noticeable delay in receiving messages and it caused problems when using it to communicate with family.
I have no problems with SimpleX so far. It works well and looks modern. A feature I like is that you can create a different user identity for each contact/ chat thread. It also supports socks5 proxy.
You might’ve had background battery optimization enabled
Maybe, but I normally only leave battery optimization on for apps that shouldn’t be running in the background at all. This was several years ago, though. If Signal isn’t like that anymore, that’s a good thing.