Basis of trust for mollyim-android
[deleted]
Volen no, you musn't turn it off. How else it would communicate with Google servers?
Nuttso No. We would want to make it possible to be able to still talk to signal users but with the possibility to use molly without signal and only random IDs.
When you say "random IDs". Do you mean using Molly without a phone number? When could that happen? Will it be like the upcoming feature "username" Signal will release soon? How fast after Signal released usernames Molly will do same?
@Nuttso Thank you for the replies, happy to see Molly is ready to innovate in this space even further.
A question regarding UnifiedPush, as of now Molly with UnifiedPush is a standalone, are there plans to merge it into the MollyFOSS and let UnifiedPush be a toggle in the settings? If yes, could some fallback be integrated into the app to fallback to the websocket when the connection to the UnifiedPush MollySocket fails?
[deleted]
Volen because the Firebase backend runs on Google servers and you need internet access to use it. That is why it needs network permission. Unless... You use Molly-FOSS from Github, which uses websockets bypassing further above. My way.
Volen Can you please confirm if GServices just send a wake signal to Molly, without seeing/accessing the message (as Some1 suggested).
Some1 got it right. It's the same mechanism that signal uses. We didn't change anything there. Only wakeup.
Volen If yes, will the setup (including notifications) work properly if I disable network access to GServices? Thanks a lot!
Gservices needs the permission to access internet. How should it otherwise wake up Molly?
PMUSR When you say "random IDs". Do you mean using Molly without a phone number?
Yes. But not on the signal infrastructure.
PMUSR When could that happen?
No timeline for that. There is lower hanging fruit. But it's definitely gonna be implemented. You'll be able to talk to signal users and/or use only molly to molly.
PMUSR Will it be like the upcoming feature "username" Signal will release soon?
No. It won't need a phone number.
PMUSR How fast after Signal released usernames Molly will do same?
When signal releases it molly will also have it.
hyetta are there plans to merge it into the MollyFOSS and let UnifiedPush be a toggle in the settings? If yes, could some fallback be integrated into the app to fallback to the websocket when the connection to the UnifiedPush MollySocket fails?
We prefer to keep it separated now. Fallback could be implemented.
Nuttso
How is the fallback implemented and triggered? Does Molly check of the MollySocket is accesible periodically (every 30 minutes), or does the push server handle that?
What happens if the push server goes down? Is there any fallback in this scenario (if something like this can even be implemented)
[deleted]
- Edited
Nuttso I don't use Molly at the moment, to note. Is there a way to verify which push method the app is using or a visual cue? As far as I understand, UP mollysocket needs to be manually set up otherwise it will allways fall back to websocket, thus resulting in higher battery drain. Or in other words how do I ensure that my unified push is set up correctly? Thanks.
Do you have to set up your own Mollysocket server? I have instead the ntfy app but Molly says "mollysocket server not found"
- Edited
Why so much recommandations with Molly from GOS community ? I understand it has more features than Signal in a way, especially vault for your messages.
But don't forget that, regarding privacy and security basis, by using Molly you'll have to trust a second entity which means more risks regarding your data : all it takes is a simple error, or a single piece of maliciously added code, and your data is at risk.
This can happen with Signal too, but that's why it's wiser not to trust any new entity that adds another risk to an already existing one.
In case of GOS, there should be no debate because strong encryption of your device already prevent anyone from accessing your applications, and so your Signal messages (except for very specific threat level implying letting your device turned on without you during minutes in front of other people), that's why Molly could be an interesting option but not for GOS users : only for people with devices with low encryption.
Nuttso Basically, such an audit can also be misleading. It is a snapshot, nothing more.
I agree with this, but the fact that developers of a FOSS app can afford to have an independent audit and does so says something about the financial well-being of the app/company and generally leadership that does audits is open, transparent and forward facing about who they are. Just one of many things to check off in regards to trustworthiness as well as the quality of coding in general - but not in minute detail. And, the Signal Protocol cryptography has been gone over in great detail by cryptographers/security researchers in white papers and this tells you something - that the interest is so strong, and that the protocol has withstood the scrutiny. And thus the Signal Protocol makes a good foundation for Molly.
PMUSR depends on your settings. If you don't set a timeframe, yes. If you set automatic lockdown with a timer. It locks the database in this time. If the lock is instant the key is wiped from memory the moment you lock the phone and no one can extract anything. No matter what tools forensics use. Molly is build exactly for that purpose. Resisting forensics.
Hey, just gave Molly another try after reading this, and I have some questions.
- is signal still not encrypting its database? Does this matter? I thought every android app has its own encrypted storage in /storage/emulated/0/android/data/
- I am confused about device pairing. Can Molly + Signal Desktop work? Because there is no "add device" button in Molly for me, so I would need a signal phone
- why cant you use fingerprint for unlocking the DB?
- in the f-droid repo there only is one molly client, no molly-foss one. Same with Accrescent. Why?
really cool project!