- cross-posted to:
- privacy@lemmy.ml
- privacy@lemmy.ml
- cross-posted to:
- privacy@lemmy.ml
- privacy@lemmy.ml
Especially for the less tech-savvy among us?
You must log in or register to comment.
Dear god, just don’t.
https://soatok.blog/2025/01/14/dont-use-session-signal-fork/
As soon as I saw the furry reaction images, I knew this was going to be a detailed and informative blog post.
The real alternative to Signal for myself is SimpleX. The project is still in his beginning but it’s the best instant messaging we could have once polished finished
firstly , why do you want to replace Signal?
Because his grandma can’t type a password 30 characters long just to restore her messages.
They are so smart and still make some choices that are so, so, *so dumb*. ‘No history on a new PC for you, it’s a ״feature״’. Seriously? c’mon.
History isn’t stored on the server so it can’t be automatically populated on a new device. That is a feature. The alternative, storing the messages on the server or having the means for one device to clone all of its messages to another device, would be insecure.
A 30 character long password is required in order to have enough bits of entropy so that the backed up messages are actually secure.
Grandma isn’t moving her data to a new PC without assistance, the person that is assisting her should be competent enough to operate Signal.
Sure, so let me export my data from another PC or phone. If they wanted you to have message history, they would. So I’ll respectfully disagree.
Why can she do WhatsApp but no Signal?
It’s already needing to convince people to use Signal, why also making it hard for, let’s say, your grandma.
Sure, so let me export my data from another PC or phone. If they wanted you to have message history, they would. So I’ll respectfully disagree.
I think that SimpleX is more innovative and ground-breaking than Session.
Use separate profile for different devices. Make a group when you chat with others.
Grr! Ok, but damned if I could get that to work! It seems like you can’t use the desktop and mobile client at the same time! You have to scan a QR code to switch between them! And it has issues with firewalls and VPNs! Old and clueless here, maybe part of the problem. 🙁
Yes SimpleX isn’t mature from a UX perspective and that is due to it’s innovative approach. If you need to have device sync and don’t want Signal, Session could be a better optioon to you.
Am I right tho about having to scan QR codes to go back and forth between desktop and mobile on SimpleX, or am I just 😵💫?
I don’t use SimpleX on my computers
As a centralized system, nothing has been shown to improve on Signal yet. For decentralized systems, I haven’t seen anything better than Matrix yet? SimpleX is slightly more secure, but harder to spin up and easier to break.
Session… there have been multiple articles written on how it is flawed and untrustworthy.
Matrix is not decentralized but rather federated and distributed. Also synapse (matrix sevrer) have poor performance, especially when you federate your instance to others.
Session is an Australian conpany afaik. The entire app reeks of entrapment. Australian laws are all about no privacy for you.
They recently relocated to Switzerland, after the AFP visited an employee, unannounced, at their home.
what in the fucking dystopia are they doing.
deleted by creator
Briar doesn’t make sense to me because you’re trading a central server for a central service… If tor is down, you can’t message. It’s the same POF as cellular, which is insane to me.
TOR isn’t a centralized service, it’s a distributed network.
It’s also a specific procol, which can absolutely be blocked. I don’t know where this notion that it’s impossible to block tor because it was designed to be censorship resistant came from, but you can absolutely stop people from using it.
It’s not even that hard and there’s nothing end users can do about it if they don’t know how to circumvent it…
Being able to be blocked is a completely different thing than being centralized service.
[…] there’s nothing end users can do about it if they don’t know how to circumvent it…
I mean, if users don’t know how to circumvent something, by definition there is nothing that they can do about it.
However, unless this hypothetical censoring country is blocking all encrypted network traffic it is trivial to access TOR via a VPN or an SSH tunnel
tor is decentralized, if someone’s tor server goes down you just go to another.
You’re missing the point. Of course tor is decentralized, but the tor protocol can be locked at which time you have no connectivity at all… Your super secure messenger doesn’t work. It makes no sense.
“the tor protocol can be locked” ?
Unless you obfuscate tor traffic, it’s trivial to block it via any number of IDS products. The entirety of public tor exit nodes are publicly available: https://check.torproject.org/torbulkexitlist
Here’s tor exit node blocking in production with 14 lines of bash…
It’s significantly easier than you’ve obviously been led to believe. When it becomes not easy is when someone understands the protocol and understands how to circumvent these measures, but I can assure you that 99.8% of all tor users don’t fall within that category…
oh sure, but you can get around these blocks and this sort of block is ultimately always a possibility short of building your own network infrastructure. and as blocks like that become more common it becomes more common to circumvent them too.
“significantly harder than youve been lead to believe”, no, you just werent clear in your description of the problem. if your problem with tor is “governments can play whack-a-mole blocking ips and traffic” there is no technology which doesnt have that as a downside.
but you can get around these blocks
They create a better ad, so they create a better adblock, which forces them to discover anti-adblock methods, which forces adblocker’s to adapt, which forces anti-adblocker’s to adapt, ad infinitum.
This isn’t anything new. Of course you can circumvent these blocks, but they can always adapt to make them useful again. It’s not a good argument at all.
There’s nothing about Signal that requires savvines.
Don’t use Session! It’s not secure with the recent changes!
Not sure, I’ve never used session but I think less tech savvy people would want to use signal because it is similar to Whatsapp, which they are used to.
First impression: why another messaging system?
It may be fine, but what does it bring that Signal/Briar/Matrix/XMPP+Omemo doesn’t have? Does it use existing standard protocol or encryption that’s compatible with other messengers, to avoid fragmentation?
I think it has tor routing by default, so different in that way?
Briar use Tor by default as well for Internet connections, so I don’t think Session is unique in that way. And both appear decentralized.
A difference is that Briar is Android-only, whereas session is available on more platforms https://sourceforge.net/software/compare/Briar-vs-Session-vs-Signal/
It’s good that people are working on privacy-preserving tools. But I wish they’d coordinate to avoid fragmentation. Work on common/standard messenging protocols, so that people can talk to each other even using different software.
Currently it feels like going back to the 1990s-2000s, with ICQ/AIM/MSNM being all incompatible, and every single one being unable to communicate with a large fraction of your contacts.
Fair, I’ve never used Briar, so I was mostly responding to the others. I complete agree though, the fact that there are so many is super frustrating.
You can easily re-roll usernames in Signal, and profiles in SimpleX. I couldn’t find an equivalent feature in Session.
What do you think about OLVID?
