30
submitted 4 months ago* (last edited 4 months ago) by schizoidman@lemmy.ml to c/privacy@lemmy.ml

Session messenger android client currently feels unpolished while simplex seems to require it to run in the background for instant notifications. Is there an alternative that is better than those 2?

all 19 comments
sorted by: hot top controversial new old
[-] trickster@infosec.pub 12 points 4 months ago* (last edited 4 months ago)

It depends on many things, such as a threat modeling, opsec, etc. In terms of privacy and security !simplex@lemmy.ml seems to be superior.

Several reasons to that:

  • SimpleX doesn't have IDs, unlike Session. Which makes it more anonymous and private;
  • Ofc things like E2E encryption, forward secrecy and others;
  • Message mixing is and underrated feature, as well as content padding;
  • It has amazing security features such as self-destruct passwords, and a couple of others;
  • Can be self-hosted;
  • No need for phone number;
  • Leverage several 'accounts';

I have read their white paper, and is worth the time. Also, one of the episodes of the Opt Out podcast is with the SimpleX creator. I suggest listening. I personally liked the way he conceptualizes decentralization, and problematozes protocols.

I found SimpleX to be the best of all private messengers. Better than Session, Signal, XMPP, DeltaChat, and others. It is also more convenient than Briar and Threema.

[-] PrivacyWayFinder@lemmy.world 9 points 4 months ago

Session don't have forward secrecy. For more comparison check out this Spreadsheet.

[-] umami_wasbi@lemmy.ml 6 points 4 months ago

Define your criteria for an ideal messenger. What do you need actually? What's your security requirement?

[-] schizoidman@lemmy.ml 2 points 4 months ago

Probably something that does not require a phone number while still using google firebase notification system? Basically a less buggy version of session messenger.

[-] kylian0087@lemmy.dbzer0.com 8 points 4 months ago

google firebase notification system

Why though? If a app has its own implementation this is a non issue really.

[-] schizoidman@lemmy.ml 4 points 4 months ago

To save battery life I suppose. Also some phones may kill a background app even when told not to thus preventing messages from being received.

[-] kylian0087@lemmy.dbzer0.com 5 points 4 months ago

may kill a background app even when told not to

Most of the time this can disabled somewhere in the app permissions. i have done this for a couple of apps without much issue.

[-] umami_wasbi@lemmy.ml 1 points 4 months ago* (last edited 4 months ago)

I have simplex notification service running 24x7. while rarely open, i never missed a message when it arrive (i use it as a message bridge between my devices). Nor I feel it uses more battery that it can't hold a day of use despite it running constantly in the background. I'm using S21FE btw.

[-] jet@hackertalks.com 4 points 4 months ago* (last edited 4 months ago)

I run simplex on Android and it barely uses any battery. Just checked <1%

[-] schizoidman@lemmy.ml 2 points 4 months ago

That's good to know.

[-] kylian0087@lemmy.dbzer0.com 2 points 4 months ago* (last edited 4 months ago)

Their is briar. It is fully decentralized and works p2p over for.

[-] schizoidman@lemmy.ml 6 points 4 months ago

From my understanding briar requires both clients to be online at the same time to use?

[-] kylian0087@lemmy.dbzer0.com 3 points 4 months ago

Normally yes. But they also have mailbox application that kind of acts as a message queue both ways

[-] autonomoususer@lemmy.world -1 points 4 months ago

No voice chat.

[-] Harvest5634@lemmy.ml 1 points 4 months ago
[-] SweetCitrusBuzz@beehaw.org -2 points 4 months ago* (last edited 4 months ago)

Neither, they are both very much made for tech obsessives with no real advantages and thus won't ever have anyone but those people on them.

Until they have nice features like stickers and have nicer UIs, their usage will likely be limited to just those that think they are more private without having many people on.

I do not personally think that using messengers with so few people on or the proliferation of such niche messengers is a good thing and there really isn't anything like 'ultimate' privacy/security anyway.

I personally think sticking to fairly mainstream messengers is better unless you have accurately done threat modelling for yourself and found you need something more secure, though in most cases these niche messengers won't necessarily be that as they lack the funding and technical knowhow (or just make claims without necessarily being able to back them up), just selling the dream.

Plus a lot of them are frustrating to use due to, as has already been pointed out in this thread, them having such drawbacks like needing to both be online usually or are not feature complete on all platforms if they are even on those platforms at all.

I also do not think that operating over alternative networks like TOR necessarily is more private or secure than just having very good encryption and other well thought out and tested security features even over the 'clearnet'.

At the end of the day I still very much think it is best to stick to messengers most people have probably heard of, though I would still recommend open source ones, I don't think that we need more messengers that claim to be better than the last, just a few really good ones that have shown under various conditions to work well, stand up to surveillance or cops etc and are a joy to use.

this post was submitted on 25 Jun 2024
30 points (100.0% liked)

Privacy

31937 readers
597 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS