Why is Molly considered better than Signal?

uthunku

All I know is that when someone else messages me, I do receive a notification, but those who message me can only see a single tick. I understand that means message delivery isn't confirmed, or am I misunderstanding something?

eggy

uthunku Oh wow TIL. I scanned the Molly code and you're correct that it doesn't send read receipts for new message notifications from FCM + UP when a DB passphrase encryption is used. It also stops requests to the Signal server to get new messages until you unlock the DB. The lack of read receipt is what keeps it to one checkmark for the sender. I guess the Signal servers will delete your unfetched messages at some point if you choose to never unlock.

littlerack

eggy Yes, so you're just proving my point that there is no battery-usage difference between Signal and Molly. They function the same in relying on some bg notification provider where they can.

Maybe I've misunderstood it, but the point is that on GOS, it's quite expected users don't use FCM (either don't have PServ at all, or don't give it Network permission).
In such scenario, there is no way Signal+WebSock can be as battery-efficient as Molly+UP. The corner case would be Molly as a single consumer for UP, then it's up to actual measurements. So it rather supports your opponent's point.

I recall SimpleX was a battery-killer, and when I've checked for the last time, it still doesn't use (shared) UP, so will check soon if it got any better.

N1b

farbenfisch Regarding features:

In favor of Molly:

Availability in the FDROID repository or on Accrescent
No Google implementation (Signal has an alternative notification system but depends on you installing Signal before installing Sandboxed Play Services)
Multi Device support (e.g. for work-phone)

In favor of Signal:

Fastest Updates
Online backups
Donation badges
MobileCoin (that's rather a point against Signal for me but it's a feature and it's opt-in)

Tere's no general answer possible. Both are amazing for your privacy vs every other popular messenger and you can try both simultaneously if you're not sure yet (or if you manage multiple Signal accounts in one profile).

Murcielago

To what N1b already said i would ad another advantage of Signal: Trust in less parties (presuming that most users can't verify code themselves).

When using Signal, you have to trust Signal. Using Molly you trust Signal and Molly.

DohnJoe

monozygote If someone can reach that far isn't it game over already?

monozygote Why? The OS already encrypts everything at rest.

These arguments are not really valid.
I would never disable a local firewall just because I have a proper firewall in the network.
And I will never disable the firewall just because I have ACLs in the border router.
Even if they might suggest you they are doing the same thing, they are not.
They are doing different things, and if you examine the overlap area, they are doing similar things in different ways.
All of this to protect you from different attacks and from different vectors.

Your argument is the equivalent of having a keepass file not encrypted just because the hard drive of your computer already is. Can you see the problem?

monozygote

DohnJoe Your argument is the equivalent of having a keepass file not encrypted just because the hard drive of your computer already is. Can you see the problem?

I'm going to go against the grain here, but no, I don't see "the" problem. Comparison with password managers (like keepass and variants) isn't sensible IMO.

A password manager is, in many cases, the first thing that you need to fetch and unlock and as such kdbx files are often kept publicly without applying further encryption (and associated password) beyond the native encryption applied by the manager using the master password in some form. I (along with several others) used to keep it in a public github repository so that I can pull it into any machine and unlock+use it. I outgrew that long back but know manly folks who do something similar.
A password manager is usually sync'd between multiple devices all the time - using USB, using p2p sync, using some cloud sync, whatever.

As such keeping kdbx encrypted makes much more sense, but applying that to everything under the sun doesn't. By that logic, everyone should keep everything - pics, videos, files, sms's, etc - each separately encrypted in some form or the other on their phones over and above the FDE provided by (G)OS. I'm sure some do but will be very surprised if it's a good majority (and at that point also concede the argument).

Disk path Isolation/sandboxing/access-control provided by Android (and storage scopes isolation on top of that by GOS) is sufficient IMO. If I assume that I already have a malicious actor/app which can bypass that on my system, I don't think I'll feel particularly safe/relaxed that I'm having to type out my password to unlock Signal/Molly so it's all good!

Feels like a security theatre.

I'll feel far better if I use Signal/Molly (or whatever important apps) are in a different profile/private-space altogether from the ones that have relatively dodgier apps or if I have to frequently give my unlocked phone to others (kids / family etc).

Your firewall argument is similarly a flawed comparison. If by local vs network firewall you mean the one on your laptop (for eg) vs one on your router, you are literally talking about two different machines - one that can travel to other networks/places and one that can serve other devices with different needs. What's that got to do with the process memory protection offered by the OS to different apps running on that OS on the same system? How a breach of your laptop affects your router (and other devices connected to it) - or vice-versa - is quite different from how a breach of your OS affects the apps that are running under it!

And my arguments didn't stop just there - I'm also saying (and happy to be corrected) that it's impossible to actually clear the memory due to the reasons given + doesn't buy much if GOS does it already for freed memory.

I would in-fact argue that something that has nearly (or more than) 10x the number of watchers/forks/stars is more secure than the alternative merely due to the sheer engagement and vetting. If db encryption was that big a thing it would have happened already (assuming it's not the case just now) - just like someone above said:

eggy If it was strictly better, the Signal team would have already integrated its features.

Having said all that ofc if someone's threat model warrants it, they should go for it by all means (as usual).

Jasper82

monozygote Part about Google-services:
I run Signal got via GitHub directly and without any play services etc in the profile and get push notifications just fine. Do you mean Signal communicates with some Google-services online? Or does it use some closed source Google library and is thus sketchy?

Signal is compiled with proprietary blobs

DohnJoe

monozygote I don't see "the" problem

I assure you that my position is not a religious belief and it's not security theatre.

I will try to make a better example and put some explanation on it, but please, try to not read this post as a "me vs you" argument.

Let's try again with Keepass and see how it goes.
If you encrypt your disk, you are achieving a very specific security measure, that is preventing people to read your files from your (post-mortem or powered-off) device.
When you power on your device and input your encryption password (or a password to access the encryption key), everything is unencrypted to the live system.
This means that a malware running on your system will read clear text data.
This is the reason why, having another layer of encryption is beneficial (And specifically why a keepass file is encrypted in the first place).
If I have to make another example, we could talk about encrypted password on a database, preventing admins (or hackers) to read them.
Next step (continuing with the keepass example) is that even if your hdd is encrypted, and even if your keepass is encrypted, you have another layer of protection, which is keeping passwords (and some variables) censored.
The reason you have this other feature is because you are preventing another set of attacks (shoulder-surfing, remote screencast, etc.).

monozygote Disk path Isolation/sandboxing/access-control provided by Android (and storage scopes isolation on top of that by GOS) is sufficient IMO

Why Disk lisolation/sandboxing might be not enough? Because you might have that part of isolated disk infected, or the sandbox broken.

I wouldn't trust Vanadium sandboxing to protect my keepass file, that's why I encrypt my keepass file.

All of this to specify that on every step you might have different attack vectors that needs different solutions.

monozygote Your firewall argument is similarly a flawed comparison. [. . .]

monozygote What's that got to do with the process memory protection offered by the OS to different apps running on that OS on the same system?

The firewall example:
Don't think about your laptop.
Imagine a Border Router, followed by your corporate firewall, followed by your web-server, followed by the firewall, followed by your back-end server (maybe sql server).
On every step you are applying network filters (ACLs on the routers, Policies/Rules on the firewall and Policies/Rules on the servers).
My point is that even if they might implement the same rule (Let's say TCP/443 ALLOW), they are not doing the same thing.

They are all necessary because they are protecting you from different sets of attacks and attack vectors.
This is true not only because they are different layers of your networks and have different software running, but also because they do the "same" job in different ways.
An ACL is less powerful than a netfilter/pf rule which is less powerfull than a firewall rule (Especially if you have Application Control on it).

The point I am trying to make is: you need protection on more layers.

I agree that Router and Server and Firewall are different machines, the analogy is that also inside the same system (Let's say your OS), you have the same issue: processes/services/software might get affected by different processes/services/software. This is why you should consider to have more than one line of defense.

monozygote If db encryption was that big a thing it would have happened already (assuming it's not the case just now)

eggy If it was strictly better, the Signal team would have already integrated its features.

The reason it is not "strictly" better is because this specific layer of protection has some trade-offs that Signal is not willing to include in the user experience.

If we have to examine this feature from a pure security perspective, this feature is "strictly" better (and Signal itself had this feature in the past).
If we have to take into account also user experience, I agree that this is not for everyone, and that's why you have Signal and Molly available to install.

I hope this gives a better insight on what I meant to communicate, but really, I would understand if you think this logic is incorrect: everyone has different objective and opinions and this is perfectly fine.

monozygote

gta3 Molly has removed and replaced the proprietary closed source google owned blobs... Which no1 could presisly confirm what they do as they are closed source...

That sounds concerning if true. Can you point out what these components are? From what I'm reading, they might use proprietary but still open source software. Further I don't think this applies when running signal without play services (and equivalently Molly uses them too when not using Molly-FOSS) - so maybe it doesn't apply to me personally since I'm not using play-services at all (sandboxed or not) but I would still be interested/concerned to dig further if there was such an opaque component in app's security critical path.

DohnJoe I assure you that my position is not a religious belief

Firstly I don't consider your arguments as coming from some sort of a product-fanatic - quite to the contrary, I appreciate your engagement and it's obvious you are knowledgeable and making your arguments in good faith. Please consider the same for myself (the good faith part) - I just discuss based on my (limited) knowledge and try to present them clearly so they can be scrutinised.

DohnJoe Why Disk lisolation/sandboxing might be not enough? Because you might have that part of isolated disk infected, or the sandbox broken.

This is where I think we fundamentally differ. I consider sandboxing to be a very very critical aspect of the Android OS (otherwise might as well use less modern OSes like other linux distributions directly). Apps internal data needs to be protected by the OS. If that's broken, I consider the breach to be severe enough for the rest of everything to fall into the undefined-behaviour territory - who knows what the extent of compromise it - maybe the malware just waits for you to enter your password and reads it off.

It's the same reason why in QubesOS the sudo in VMs is (by default) passwordless - if that VM is compromised, entering a password is a security theatre. If the dom0 is compromised (or equivalently a Xen escape successfully carried out), rest of everything is a security theatre. I'm relying on the assumption that this will not happen (or I won't do things which could assist from such a thing happening).

Firewall example is still the same - the outer devices are configured differently because they don't necessarily serve just one device. If every path along your firewall is just saying "block IP-x, block IP-x, block IP-x" and that is all that is needed and there's exactly one device, then no I don't see the point in multiple firewalls - it's like doing encrypt(encrypt(encrypt(plaintext, password0), password1), password2) kinda theatrics.

I've at-least seen enough AWS configurations (both inside and outside of AWS as a company) to realise that many services use both network-acls and security-groups and many are fine just with only security-groups. The decision has never been about security (in the sense that if security-groups were breached, ACLs would protect us), it's always about configurability to achieve the final desired traffic-flow behaviour.

In-fact I just remembered I had read this: even for keepass android, you have something like this:

What does "Biometric unlock for QuickUnlock" do in comparison?

It is a pure "UI lock". Both the database as well as the master key are in memory without any encryption, but the app doesn't show any sensitive information unless you pass the QuickUnlock screen. KP2A assumes that the Android sandboxing keeps the data safe (as any app does when it shows sensitive information).

(Highlights are mine) Which relates to the bit about memory clearing thingy I was challenging.

gta3

Molly has removed and replaced the proprietary closed source google owned blobs... Which no1 could presisly confirm what they do as they are closed source...

Molly is better.... More hardened.

SimpleX is also good but the user interface is rubbish on mobile devices - icons / emojis are too small, they do not have many features like one time video / photo viewing etc, disappearing messages is rubbish as not enforced for both devices, only yours... Etc

Molly it is for now.

eggy

gta3 Signal doesn't "enforce" disappearing messages either. It's strictly up to the client and there are Molly forks out there that ignore disappearing message requests.

Nobody here can truthfully say that Molly is "better" than Signal. There are tradeoffs for everything. Note that Signal devs are not dummies and they have a whole dev team regularly working on it where as Molly is really 1-1.25 devs that occasionally work on it. No shade to s1m as he's more focused on the mollysocket stuff and testing/reviewing. I think the Molly devs did a great job and I use it (technically I use my own personal fork) instead of Signal; however, you have to be a dev/dev-adjacent to really see the downsides of Molly. FCM has superior infrastructure and implementation which will give you more reliable notifications. Feel free to read the commits/PRs from the last month for the mollyim + mollysocket repos. Source: I helped to reproduce and debug stuff which led to the latest v1.7 mollysocket release.

DohnJoe

gta3 disappearing messages is rubbish as not enforced for both devices

You have disappearing messages and timer for autodeletion as well, they serve two different purposes.

One deletes data on your smartphone only, the other one will delete it for everyone.

gta3 Molly codebase is also less than signal, which means less surface area for bugs/intentional flaws to exist.

Using the same logic, this is why @eggy worked on Polly: Molly with less (older) code.

monozygote This is where I think we fundamentally differ.

To be fair, apart from sterile arguments on security, I tend to agree that at a certain point, one must stop and accept some risks, especially if I decided I am not really that interesting as a target (I like to think I am not delusional lol).

If you read here and there, I also wrote somewhere else in this forum exactly this: If you are not a target there are some attacks that are unlikely to be received and you might want to accept.

This means that personally, I do not feel the urge to encrypt e2e my photos before uploading them to my self-hosted cloud.

That said, unfortunately, there is a plethora of attacks, mostly side-channel (?), that can go over sandboxing, sometimes without technically breaking them and using shared resources, like cpu cache or the like.

Just to be very pedant, while I would agree that once dom0 is reached in QubeOS is "technically" game over, I would still argue that a side-channel attack that can read outside the sandbox might (also might not) be mitigated with a second layer of encryption.

Let's think about a compromised cloud server: If I encrypted all the data with Cryptomator, the attacker controlling my server is left with a bunch of random bytes instead of my actual data.
While integrity and availability can be affacted, confidenciality will stay intact.
Of course using Cryptomator I lose also some features, like the possibility to share a single file with a public link.

I think that the line a person would draw is very personal, and it doesn't have to follow a strict logic pattern, sometimes it's just a matter of preferences, or sometimes two alternatives might give you different trade-offs.

gta3

Molly codebase is also less than signal, which means less surface area for bugs/intentional flaws to exist.

Choose molly over signal

Graphene0569

I never managed to catch notifications with UnifiedPush when my phone or Molly were locked with biometrics, is it an expected behavior?

monozygote

TL;DR, (IMO) if the critical aspects of the OS are breached, no amount of memory clearing and db-securing theatrics are going to make any difference - it's just a placebo effect.

monozygote

DohnJoe Let's think about a compromised cloud server: If I encrypted all the data with Cryptomator, the attacker controlling my server is left with a bunch of random bytes instead of my actual data.

Apples and oranges - cloud server is on hardware that you neither own nor control. There might be legal or other requirements for the cloud server to even scan your data regularly (for eg. if you have content not permissible by the law where the server is).

You should absolutely encrypt your sensitive data before handing it over to someone else. Same reason why you would use HTTPS by default in transit for almost everything (even unimportant stuff) - it's leaving the hardware you own/control.

In-fact if you accidentally leak your password, you are doomed because the "Internet" now has both: something that you have + something that you know.

Your machine (GOS/laptop) OTOH is yours and is where you actually read/use the data. If instead of cloud-server, you use p2p sync like syncthing to sync between your own hardware (GOS profiles, laptops etc) and you trust syncthing (the android version of which I've actually stopped trusting for now due to the recent "controversy") this is not longer applicable - you can still use encrypted vaults if you want ofc, but it's doesn't have similar impact anymore.

DohnJoe I think that the line a person would draw is very personal, and it doesn't have to follow a strict logic pattern, sometimes it's just a matter of preferences, or sometimes two alternatives might give you different trade-offs.

Fully agree - if something makes you sleep better - do it. In-fact (healthy) competition is good (though not much of a thing in this case, molly is currently quite small, but even then - a good thing there's more than one option).

« Previous Page