[deleted] Using RCS is miles better than using SMS.

And if you wouldn't mind, who exactly is saying that you should use SMS?
RCS and SMS are not the only options available. Tons of other choices.

    • [deleted]

    • Edited

    csis01 Deleted. (Got confused between threads).

    [deleted] Did I say that you were? You need to read the words that are actually written, and not things that weren't written.

      • [deleted]

      • Edited

      csis01 You said anyone supporting Google. I do, in a way, support Google by recommending Google Messages or something like GBoard.

        • [deleted]

        [deleted] I pretty much would run Google software since I am aware of its quality. On three conditions: 1.) no network access, 2.) no underlying Google Play Services, 3.) no other apps with network access in the same profile. Hang on, I only use one profile. That means I will never run it... :) But I am okay with that. What other people think is their business.

          • [deleted]

          csis01

          This is a complete myth, since the whole basis of this reasoning is to systematically answer "You can read the code, it's open source".
          An answer given to everyone, that only few people can actually apply. And even if I could, do you really think I'd go out of my way to audit all the applications I use?
          If an audit costs thousands, even tens of thousands of dollars, there are several reasons for that.

          GrapheneOS has never supported this reasoning, by the way.

            [deleted]

            Myth is the wrong word. Open Source exists, there are benefits and drawbacks like anything else.

            Nobody is expecting FOSS project code to be read by everyone who uses it. It is about community. Knowing that there are at least some people looking at code, is a huge benefit to everyone else.

            Trust is never absolute. You don't have to trust a specific code auditor, because there are many. If someone tries to put in a backdoor in an open source project with decent popularity, it will likely be found sooner than later.

            The more popular a project gets, the more independent people will look at the code. Whether for contributions, or finding vulnerabilities, it is a tangible benefit that closed source lacks. With closed source, you must trust a single entity. For Google, we all agree their quality is top notch. Privacy and data sharing however, is another matter.

            Even with Google, although mostly proprietary and closed, they do have AOSP. The clue is in the name. This "Open Source Project" is what allows developers to make the modifications they need to bring us GrapheneOS.
            If you didn't care about Open Source and want to trust Google over open source devs, then you would not be running GrapheneOS.

              • [deleted]

              Graphite

              I'm not saying that open source doesn't exist, I'm saying that its relevance as an argument of authority is invalid.
              Likewise, as some GOS developers have already demonstrated, proprietary applications aren't black holes that cannot be audited.
              I appreciate the transparency of open source, and that some community projects work very well, but that's mostly down to the developers, not the users.

                • [deleted]

                wuseman Thanks for the question. My apologies, I was wrong. Thought I'd read recently that WhatsApp had server side keys. Feel free to flag my original post for removal as inaccurate (can't delete it myself).

                [deleted]
                I don't see anyone making an argument of authority.
                Like I said, open source has benefits and drawbacks.
                Just because there's nuance and the benefits vary, doesn't make them irrelevant.

                Also, security and privacy are different things. I have great trust that Google's security is well audited. But for privacy issues, it's often said, "it's a Feature, not a Bug".
                That's why Users can also be important, not just devs.

                  • [deleted]

                  • Edited

                  Graphite Like I said, open source has benefits and drawbacks.

                  I would like to hear what drawbacks open-source software has.

                    Since we are talking pros and cons of open source and proprietary software, may I open another front with discussing the interest of selfhosting vs being hosted by a third party ? I personally use Matrix (Element, Synapse) as a messenger app, and I host it.

                      • [deleted]

                      Graphite

                      This argument of authority is present absolutely everywhere. On almost any forum where privacy and security are discussed, you'll be told very, very, very often that the application is secure because anyone can read the code. Reddit is a very good example.
                      This may be less the case here, but it's a general reality.

                      I agree with the rest. I'm not disputing the pros and cons. But privacy necessarily implies security.
                      My point is simple: the question of open source (reading the code) is irrelevant for most people, that's all.
                      I support open source in principle. But in practice, as a ordinary user, it makes no difference to me.

                        • [deleted]

                        Eirikr70

                        Personally, I find it interesting if you really know your stuff (or have a particular interest in needing to self-host).

                        Self-hosting, especially a critical service with personal data, I find can quickly become dangerous and the interest is limited.
                        You need to have the time and knowledge to properly secure your network, server, maintain it and the apps running on it. Official documentation doesn't do all the work.
                        It's interesting, but I don't particularly recommend it.

                          • [deleted]

                          [deleted] I personally don't read code. But when you look at some of the submitted issues, pull requests and other comments, you can see that some people do and just having that possibility in itself is very reassuring. Meanwhile you could be looking at a pretty proprietary box and if you had an opportunity to crack it open, many things you may find that are not to your liking.

                            • [deleted]

                            [deleted]

                            Absolutely, and it's great that there are external contributions.
                            I repeat, I'm just saying that it doesn't concern the majority of users, and that the answer "it's open source" can't be the only argument (an argument that, I'm sorry to say, I see very often).

                              • [deleted]

                              csis01

                              Within 30 seconds, you'll find posts on reddit from GrapheneOS developers that literally say the exact opposite of what you're talking about.
                              Surprising as it may seem, I'm pretty confident in their analysis.