Threema (Instant Messenger)

This is the main problem with them and I do not feel comfortable recommending them.

Their payment requirement indeed makes it near impossible to get it adopted. I prefer Signal’s subscription which I am happily paying for, but if I had to convince all my connections to switch and pay for an app to talk to me, that’s just impossible. I have a Threema licence, but I don’t use it.

4 Likes

sorry to necro, but now they’re shilling a shitty MediaTek phone that runs a GrapheneOS fork that also has a subscription on top: Partnership with Apostrophy: Win a Privacy Phone – Threema

:clown_face:

7 Likes

Huge breach of trust…

I might’ve missed on their website but it didn’t even look like they were sharing too much information on specs, let alone operating system; where’d you find them and also, where’d you confirm it is, in fact, a GrapheneOS fork? Not questioning you, just looking for the source to reference when people ask.

I’m likely blind. :grin:

Check the images.

@rottenwheel They have it on their support page.

1 Like

It looks like the phone doesn’t require a subscription, but the company that sells them (Apostrophy) offers privacy-focused cloud services that are subscription-based. I don’t really see the issue with this. Have we all forgotten about MobileCoin? That’s still in Signal to this day.

1 Like

Selling cheap, insecure, MediaTek phones and marketing them as good for privacy and security isn’t an issue? Okay.

1 Like

Oh god, the contrast.

Checking here, I see plenty of high-severity vulnerabilities associated with Qualcomm as well: Android Security Bulletin October 2024  |  Android Open Source Project

There is no totally secure hardware. Without evidence that the vendor is failing to offer timely patches, etc. I don’t think it’s fair to criticize them for being “insecure” only because of a specific chipset they chose to use. As far as performance goes, they also say this at the very top of their tech specs page:

We’re not in a tech spec race with the MC02 5G smartphone, that’s not its purpose. Rather a totally new and better way to live with a mobile phone.

It seems like they’re being pretty up-front about their phone being low-specced.

The issue with MTK is that they barely publish sources compared to Qualcomm.
ROM support, aside from GSIs, is generally not great at all for them.

3 Likes

Of course there isn’t totally secure hardware but there is absolutely some hardware which is more secure. Even without getting into providing firmware patches, they neglect to include many of the secure hardware features which are required for genuine GrapheneOS. So instead of selling a secure device, Apostrophy.ch is opting to sell a device running an outdated fork of GrapheneOS based on AOSP 13, which means they are also certainly lacking many Android Security Bulletin patches which are not backported.

Low specs is not really the issue. Although it is improving, Pixels for example have historically offered less than top-tier performance and yet they are the most secure Android devices on the market.

1 Like

I was referring to the “cheap” comment as being related to performance.