this post was submitted on 12 Jan 2024
81 points (75.8% liked)

Privacy

32159 readers
876 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

This is an article written by telegram's founder and CEO Pavel Durov in 2019 on "Why whatsapp will never be secure". Your thoughts?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 10 months ago (2 children)

Signal is not the best choice, it's just a somewhat aceptable middle ground. I prefer something that doesn't require a phone number and something you can self-host, like XMPP.

[–] [email protected] 5 points 10 months ago (2 children)

Good luck convincing normies to use some obscure messaging protocol. It's difficult with Signal, even harder with Matrix, basically impossible with XMPP. 99.99999% have never in their life heard about XMPP. Also most mobile clients absolutely suck. You also can't get proper push notifications without completely ruining your battery life. What a great choice!

[–] [email protected] 5 points 10 months ago (1 children)

I don't see a big difference, the hardest thing by itself is convincing someone to install one more program or app. Also Conversations does not suck.

[–] [email protected] 2 points 10 months ago (2 children)

Conversations is only available on Android. And that's the problem. You need different clients on different plattforms, etc. It's just a mess. Some clients don't support encryption and everything is just unnecessarily complicated, especially for new users. You can't just tell someone "let's chat on XMPP". You need to explain to them what XMPP is, what app to download depending on what OS they use, tell them how to set everything up, etc, etc...

Signal is definitely not perfect, but it's the best known private messenger and doesn't compromise on privacy and security. It's very simple to use, the setup process is basically the exact same as on WhatsApp or Telegram, it has good clients for every platform and they have operated safely with a great record for over 10 years.

I understand that other solutions might be better in theory, but if we keep suggesting a new obscure and hard to use messenger to noobs, they will never make the switch. In order to get more privacy for ourselves and the (potentially less technical) people we need to communicate with, let's just get them to use something simple and private like Signal.

[–] [email protected] 3 points 10 months ago (1 children)

Yea, ive gotten pretty wide adoption from friends and family on Signal, but id love to have a comparable product with even more features/security/privacy

Matrix may get there eventually, but for now its Signal.

[–] [email protected] 1 points 10 months ago
[–] [email protected] 1 points 10 months ago* (last edited 10 months ago)

When it comes to clients being not fully compatible - I understand where there might be a problem, but I personally never encountered it. Conversations covers Android, and Gajim is on both Windows and Linux. In my experience, they work just fine with each other, and Android+Windows+Linux covers the majority.

I do use Signal with a few people who refused to use XMPP, but I'd disagree they have good clients for every platform. Because the desktop one essentially doesn't work without a smartphone. Registering in something like Waydroid doesn't allow binding a desktop client because it wants to scan a QR code, and Signal-Cli just didn't work with binding a regular client. So I am stuck using the inconvenient Signal-cli, because the only alternative I saw so far would be using it on Waydroid, which is even less convenient. Not to mention that the client itself is on Electron.

[–] [email protected] 2 points 10 months ago (1 children)

You mean that XMPP protocol which is not encrypted by default? Oh yes you mean that.

XMPP would need to be redesigned from ground up as a secure and private messaging protocol to be a valid choice.

XMPP has it advantages but to many cry out that it is the savior when it is not. We need something better.

[–] [email protected] 1 points 10 months ago (1 children)

The major clients now do have OMEMO. Yea, I agree it's flawed but that's so far it's the one I settled on. Do you know other, more refined selfhostable solutions? I am now looking for development there but doubt I'd get few people that I already got there to switch again.

[–] [email protected] 1 points 10 months ago

Not aware that there is a modern decentralized secure and private chat protocol. Sadly. I also am not aware of any developmenta of something like that, so XMPP is the best we got (for decentralized open widly supported protocols)

I know that a lot of clients do encryption of the message body by default, but it still leaves a lot of stuff in plain text (afaik).