!sOLQNHloevPHIEWcYN:matrix.org

Secure Messaging Apps (not encrypted room)

591 Members
Discussion on secure messenger apps, security and privacy. Prefer peer-to-peer (Secure Scuttlebutt, RetroShare, Jami, Tox, Briar, Cabal, Cwtch, Session, Tinfoil Chat, Freenet, I2P, Twister, GNUnet Chat, OnionShare), federated (Matrix, SIP/SIMPLE, XMPP, Conversations, Gajim, Pidgin, Movim, Rocket.Chat, Delta Chat, GnuPG, Status.im), planned federated (NextCloud Talk, Wire) or centralized (Signal, Mumble, Mattermost, Jitsi, Zulip) instead of closed server (Threema, Keybase, Telegram) or proprietary (WhatsApp, Facebook, Twitter, Instagram, FaceTime, Zoom, Google Hangouts/Meet, Viber, WeChat, Wickr, Olvid, ICQ, SOMA, Discord, Hushed, Beeper, Skype, FireChat, Kik, Line, Silent Phone, Slack, Tencent QQ, Trillian, TeamSpeak, Ventrilo, HipChat) or outmoded (IRC, Jabber, Cryptocat, Ricochet, Bitmessage, Serval Project).51 Servers

Load older messages


SenderMessageTime
15 Sep 2021
@adbenitez:matrix.orgadb
In reply to @imjona:matrix.org
We should ditch izzy then
my point was that the same apk they provided in their own repo was the same that was already in Izzy since ever 🤷‍♂️ and that is not what people wanted, people wanted the damn thing in the official fdroid repo
18:10:09
@adbenitez:matrix.orgadb
In reply to @code1234:matrix.org
So, in the end we shouldn't trust anything or anyone, but only p2p systems
that then leaks metadata, so it seems there is no way to get private&secure&confidential communication we live in a world without privacy
18:12:19
@imjona:matrix.orgJona
In reply to @adbenitez:matrix.org
my point was that the same apk they provided in their own repo was the same that was already in Izzy since ever 🤷‍♂️ and that is not what people wanted, people wanted the damn thing in the official fdroid repo

It's about trusting the apk builder and signer... I'd prefer from f-droid to compile the stuff than trusting the developer publishing the binaries (through izzy).

It's one step less to care about security if you get rid of izzy.

And I don't care if the apks are the same (comparing both repos), if you use f-droid, you will always be secured and bulletproofed against evil binaries.

18:18:30
@imjona:matrix.orgJona But if you use izzy, you are vulnerable to evil binaries because izzy don't compile anything.
Yea, he use virustotal, but I don't think that's enough.
18:21:15
@imjona:matrix.orgJona* But if you use izzy, you are vulnerable to evil binaries because izzy don't compile anything. Yea, he use virustotal, but I don't think that's enough.18:21:44
@_xmpp_adbenitez=40movim.eu:matrix.org@_xmpp_adbenitez=40movim.eu:matrix.org joined the room.18:27:54
@_xmpp_adbenitez=40movim.eu:matrix.org@_xmpp_adbenitez=40movim.eu:matrix.org left the room.18:45:18
@leeshiwoon:matrix.org@leeshiwoon:matrix.org joined the room.18:47:51
@leeshiwoon:matrix.org@leeshiwoon:matrix.org left the room.18:48:36
@adbenitez:matrix.orgadbdude, I am not recommending to use Izzy, but the contrary, that using izzy was the same as using Session's repo, it is the same apk, and people wanted the app on the official repo, and Session folks pretended to have solved the issue by providing an fdroid repo, I don't need you to explain me that stuff about izzy20:47:08
@adbenitez:matrix.orgadb* dude, I am not recommending to use Izzy, but the contrary, that using izzy was the same as using Session's repo, it is the same apk, and people wanted the app on the official repo, and Session folks pretended to have solved the issue by providing an fdroid repo, I don't need you to explain me that stuff about izzy20:49:16
@adbenitez:matrix.orgadbTL;DR I don't recommend to use Session today20:49:52
@imjona:matrix.orgJona F-droid > Play Store > izzy > specific repo 20:50:12
@adbenitez:matrix.orgadb
In reply to @imjona:matrix.org
F-droid > Play Store > izzy > specific repo
Build from source yourself > *
20:50:52
@adbenitez:matrix.orgadb:D20:50:55
@retr0taku:matrix.orgretr0taku set a profile picture.21:27:11
@_xmpp_adbenitez=40movim.eu:matrix.org@_xmpp_adbenitez=40movim.eu:matrix.org joined the room.22:07:38
@_xmpp_adbenitez=40movim.eu:matrix.org@_xmpp_adbenitez=40movim.eu:matrix.org left the room.22:08:15
@_xmpp_adbenitez=40movim.eu:matrix.org@_xmpp_adbenitez=40movim.eu:matrix.org joined the room.23:01:30
@_xmpp_adbenitez=40movim.eu:matrix.org@_xmpp_adbenitez=40movim.eu:matrix.org left the room.23:01:41
16 Sep 2021
@adbenitez:matrix.orgadbhttps://dessalines.github.io/essays/why_not_signal.html01:19:04
@hypokeimenon:tchncs.depatience 🏳️‍🌈It's an okay article but it's lacking explanation/information.07:33:36
@hypokeimenon:tchncs.depatience 🏳️‍🌈

We need to take control of our communications, and stop letting US tech companies handle it for us.

07:34:05
@hypokeimenon:tchncs.depatience 🏳️‍🌈 A FVEY-centric decentralised standard was touted as the "future of secure messaging" by them, so it's not really important where the development effort is concentrated or whether there is a company involved (e.g. Vector/Element) 07:36:12
@hypokeimenon:tchncs.depatience 🏳️‍🌈

We shouldn’t be daunted by the inertia that seems to plague general adoption of new chat applications

07:36:47
@hypokeimenon:tchncs.depatience 🏳️‍🌈Individuals are mostly looking for something to enrich or seamlessly facilitate enjoyable and cheap communication with other people. This is what drives the adoption of centralised messaging platforms because they will always be in a position to optimise and add features and polish at a faster rate.07:38:24
@hypokeimenon:tchncs.depatience 🏳️‍🌈

Briar is newer, and lacks too many features to be usable for large organizations at the moment. There are no voice calls, reactions, permissions systems, or web or iOS clients: its android only at the moment.

I'm not sure what permission systems are but the lack of iOS support is a combination of factors outside their control. There is also a beta Linux client and a revamped one in the works mentioned recently: https://fosstodon.org/@briar/106917945054943923

07:43:27
@hypokeimenon:tchncs.depatience 🏳️‍🌈

After the outcry, signal finally updated their server code to appease the open source community, but it left a sour taste in everyone’s mouths.

Signal released the server source code after the introduction/announcement of the cryptocurrency integration really. I don't think the outcry was the main factor.

08:14:06
@hypokeimenon:tchncs.depatience 🏳️‍🌈

If you were building a secure platform, and wanted to use an identifier, what would be the worst thing to use? Phone numbers.

Ignores the context under which Signal was made and their goals.

08:16:47
@geremastik555:matrix.orggeremastik555 joined the room.08:49:14

There are no newer messages yet.


Back to Room List