@baseless_discourse The gold standard has always been XMPP. It's the IETF Internet Standard for messaging, no walled gardens, ability to self-host, no phone numbers required and modern clients use the same end-to-end encryption protocol as Signal does.
It's not the same encryption, it's based on the same double ratchet design that's it
Is there a community for XMPP? I would like to know what clients people use on iOS. So far I found them all to be pretty insufficient.
@matricaria There is a community around XMPP. Of course you will find most of them in public XMPP channels, but many are also active in the Fediverse/Mastodon. I don't have any Apple devices, but a few of my friends use Monal ( @Monal ) which seems to be the most reliable client on iOS currently.
XMPP or Matrix. I'm on Matrix only because I have my family there and I was there before I knew of XMPP and at this point I can't turn that boat.
Signal was/is (idk if they still are) into crypto, they don't let you run your own server or client, and they have a proprietary shim in place to combat spam (or so they say, it can't be audited because it's proprietary).
I was all in on Signal until the above.
For me Molly works but one can't use Signal betas (obviously) and backups are currupted for me for months.
What's your threat model?
Signal as a gold standard for encrypted messaging is based on many factors. Ease of use, UI/UX, protocol, platform support and so on.
Even though I'm a hard core FOSS person I'm also a realist. Sticking to a common platform is worth a lot. Bridging stuff with Matrix is cool but will not take off among most people.
Signal using Google blobs is a problem but let's face it, the UI will be presented on a Google branded Android phone or a iOS device anyhow. Sure you can use GrapheneOS and Molly or you can switch to another app altogether but heck you'll have no other to talk to then.
Matrix
I love Signal, and I have persuaded people to use it a lot. That said, it is definitely not the gold standard for privacy. It's a good-enough compromise between actual unbreakable encryption and trivial for anyone to use. It's always been valuable for that reason, and still is.
Don't worry about Molly - it uses a variation of the same code that Signal does, so they don't need "help" to get critical fixes that Signal receives. Use it if you like it!
The actual gold standard for privacy would be logging in through TOR and sending GPG-encrypted messages that way. And there's an app which does this, too - it's called Briar. (No phone number needed, either!) It's not as seamless to set up as Signal is, though.
And there’s an app which does this, too - it’s called Briar.
Cool I had not heard of this, thanks!
Do you know about SimpleX?
@Nimbus @SteleTrovilo
@[email protected] not.coffee I did not, super interesting.
I gave up Briar for SimpleX, as really good as Briar is, because of only having one ID. On SimpleX, if you enable incognito, it will create a new random ID for each new contact that you message, so no 2 persons will see the same ID for you, they each see you as a different name.
Also SimpleX is on iOS and Android, Briar is only for Android, and SimpleX does calling with contacts.
How do you backup SimpleX? Considering you changed your phone or factory reseted, can a normal person continue to contact their previous list? They don't have a problem with Signal since it uses the phone number. Can I convince my family / friends on SimpleX, as I barely managed it on Signal? Because SimpleX looks much nicer and I'd love to use it.
In SimpleX app settings, if you have already set a database passphrase, you can do a data backup or export to a file, when SimpleX is installed again, you import database.
I see, thanks for the reply. I guess this is still not so viable for tech-illiterate people, unless the devs find an optional and more streamlined process for this. I barely made people use Signal, they couldn't managed Matrix for example.
Let them stick with Molly/Signal, that will give them a lot of privacy, and nothing for them to figure out how to use.
Leave SimpleX for people more skilled to handle how to do configurations. SimpleX does have superior privacy over Signal, but mabe they can't do SimpleX. Take it in stages with what they can handle, don't jump to the end.
I'm not willing to Matrix and I don't recommend anyone use it if they wat privacy and anonymity. I'm content only using Molly and SimpleX with everybody I know and no other apps or messaging services.
I agree. Though I think 1v1 on Matrix is fine if encrypted prior, but I mostly use Matrix as tech news/forum. Federated services are not good for privacy anyway, they are not meant to be.
Currently I tell people to install Signal if they want to message me, I guess it would be a couple people for SimpleX. Most of my Signal list came when WhatsApp ToS made it to the news, some of them uninstalled Signal after a while but I'm okay with it. Well, I'm happy with Molly-FOSS for now. I would love to use SimpleX but it's something.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)