• [deleted]

  • Edited

AlanZ Hopefully this is will be addressed soon, but you also aren't met by a completely empty contact list. Phone numbers are there for a reason, but good on Threema for making both approaches work, although my contact list is still at zero, just like it was when I first purchased it.

  • [deleted]

  • Edited

People looking at XMPP might be interested to read XMPP: Admin-in-the-middle by now defunct Infosec Handbook and associated HN discussions here and here. It mostly applies to using third party servers, not hosting your own.

zzz
No link able sources, but read about Australia and encryption.

US politicians are no better than Australian politicians, to say the least.

And “our” government is constantly dinging them to “take action” on the “problem” of encryption for the citizenry.

    supersonic My 0.02 cents. Creator of ,,tinfoil chat'' which is a really secure communicator, has a long reddit history of saying unpleasant things about SimpleX. Sadly i cant say much specyficaly as i was reading this long time ago

      Blastoidea
      Signal does it when you create a new account. At least it used to, once I saw this, I uninstalled the stupid thing right away. Hell, even Molly does it, albeit with hCaptcha (not much better).

      The thing with chat apps is that if everyone/most people I care about aren't going to use it, its useless for me.

      I know nobody who uses XMPP, Session, or Simplex. I do know people who use signal and have convinced a few to use it. But that's it.

      If nobody else, or very few people I know are using it, I'm not going to bother using it. This is a network effect type problem I believe.

        My family and a few close friends, are all on signal, anyone else who wants my number, well they need to download Session. And if they don't- then I guess they don't really need to chat with me.

        Be a grain of sand in the workings of surveillance capitalism

          zkz

          Indeed, also depends of the country, in mine Whatsapp is the most used, then Telegram used for groups.
          I think most of the people has not privacity concerns, big tech knows how to exploit that vein of gold.

          If I'm honest, I don't think governments agree that a percentage of users cannot be spied on, there are excuses such as terrorism, jihadism, pedophilia, etc.... to keep us all under surveillance. They are not going to allow this to change, they handed over user data to the government, when they said it was impossible for that to happen. Remember Protonmail, one of the most secure email servers, delivering user data to the government when they said that was not impossible.

            Icecube JS based browser emails like Proton, Tuta, Posteo, etc. are not secure from a targeted guv attack. They can inject code into the JS in your browser and get your key. However, we all need email, and the ones I mentioned are better than the alternatives. Companies put ad trackers in the pixels of their corporate logo in an email to you. Proton blocks these. It helps and if you are not targeted by guv for a high level hack, having your emails encrypted at rest no matter who you email means Proton is not using them for ads. Use Signal or Session or your messenger choice e2e for high threat model. No useful metadata with Signal. The e2e emails have a fair bit of metadata.

            As for OP, I just flashed my 6a to GOS for the first time a few months ago. Downloaded the Signal APK from their GitHub. No CAPTCHA.

              Icecube Remember Protonmail, one of the most secure email servers, delivering user data to the government when they said that was not impossible

              Can you cite specifically what information was given to the government?

                MoonshineMidnight And, when I say JS attacks I am talking browser based e2e emails on laptops and desktops. For their apps on an Android/GOS phone their is no JS so they are very secure that way from a targeted guv attack. However, they all leave metadata like who you emailed and received email from. With a court order the guv gets that and will figure out who you are.

                router99 I can. France wanted the IP of some environmental terrorist, they went through the Swiss court system, which ordered Proton to give up the IP. Proton does not store IPs, but they can get them. Same with all e2e emails. The guy the guv wanted was stupid not to have signed-up for Proton and used it with an always on VPN with kill switch. That's how I have always used Proton and Tuta.