Privacy @lemmy.ml Danileonis @lemmy.ml 2y ago

SimpleX Chat > all?

A genuine discussion about the best FLOSS decentralized system to share poop emojis and videocall your dog.

29 comments

Another super cool thing about it is that it's written entirely in Haskell!
I would use simplex if there was a desktop client. I like Signal because I can use it across all my devices.
- The desktop client is in beta right now. I should go public by next week for all platforms save windows. Windows is planned for about a week later. However, in the first phase, there will be no account syncing (but it's on the roadmap). So you will need one account for each device, which is fine imho, since you can set up groups instead of 1-on-1 chats to resolve that issue.
- Signal is wannabe private because of phone number, metadata and contacts mining (even though they say they don't, they can). Simplex looks promising and the guy is headed in the right direction. As soon as he makes it that the servers cannot correlate which IP is talking to which IP, I will say they are a really good solution. Telling people to use Tor with your app for privacy is not a solution.
  
  Besides that, it is a very well made app that has a nice UI and works very well. Also many good features.
- It runs well enough in Windows Subsystem for Android!
  
  Right, you can just use an Emulator. If the apk runs on x86 not even that, Waydroid on Linux works natively
Im not a fan of no identifiers. Sure simplex is secure with it but I would like to see something like simplex that uses 24 word seed phrases to generste millions of unique identifiers the user can easily backup and restore from a piece of paper and not from a digital backup file.
Simplex chat isn't really decentralized. This makes it simpler at the cost of centralization
- It's not P2P, but it definitely is decentralized, as in anyone can set up a server:
  
  Anyone can set up a server indeed, and you have no real way of knowing if you can trust them or not.
  
  The official SimpleX chat website has this nice advice in this regard:
  
  The servers have separate Anonymous credentials for each queue, and do not know which users they belong to. Users can further improve metadata privacy by using Tor to access servers, preventing corellation by IP address.
  
  But IMHO if you need Tor to get the resemblence of metadata privacy, why use SimpleX at all and just use XMPP with Tor with works great?
  
  To me this SimpleX is pure techno-solutionism that tries to solve a hypothetical problem and ends up as basically security LARPing and not solving many real-world threat-models at all.
  
  True but basicly everyone is on the main server
  
  This!

29 comments