Isn’t Element / Element X a paid app, though?
No.
Wow! What a mess.
A lot has happened while I was gone.
Well, um, thanks everyone for sharing your thoughts (…kinda 
).
Let’s see if we can salvage this conversation.
My Definition of Privacy
- The content of my communications should only be received by my intended audience.
- Who I am communicating with should only be known to those I am communicating with. No outside party.
Most communication apps fail on the first point.
Almost none pass the second point.
This is my criteria for privacy regardless of the threat model.
I will add one more criteria. Communication tools need to be usable out-of-the-box for the average user (no self-hosting required, tricky anonymous sign-up procedures, or a complicated user interface).
Who this post is for
People who value freedom and understand that privacy from adversaries is necessary to maintain our freedom.
In the context of this forum, it is for:
*App developers: particularly the makers of Simple X and Session, should they come along. I am going to tag @epoberezkin while I am thinking about it. This post is principally directed towards him.
*People looking for a way of communicating that meets the privacy criteria that I just laid out (presumably the rest of you).
What my initial post was NOT for
I was not asking for you to share your favorite messaging app.
I explained in the initial post why I rejected various platforms from consideration. I did not list all of my reasons for rejecting each app.
For apps that I expected some push back on (Signal), I gave several reasons and provided citations.
If my characterization of a platform is wrong feel free to offer a counterpoint with evidence.
Getting focused
As far as I know the only 2 apps that seem to meet my definition of privacy are Session and Simple X Chat.
If you are aware of a shortcoming of either of those apps and can offer an informed comparison beyond what has already been stated, please share.
If I have overlooked an app that meets my privacy criteria, feel free to bring it into the conversation for consideration.
If we can all agree to keep this discussion focused on the merits of Session vs. Simple X, then I think we can have a productive dialogue.
My apologies for not being more clear in my initial post.
Enjoy the holidays all you privacy warriors (…I mean geeks)!
3 Likes
If it’s free, why do I not see a free tier on their pricing page?
1 Like
Read the page.
Session doesn’t have forward secrecy and doesn’t have post-quantum cryptography afaik.
2 Likes
And is also buggy as hell.
That also applies to SimpleX Chat from my experience.
2 Likes
Could be the iOS version, idk. It’s miles better than Session on Android.
Yes, it’s a gocha I think it’s.
Wrong. You need trust to use other’s compiled binary, no way around it. That’s why it’s generally not recommend to install anything from a community maintain repo/source.
Yes, but only if you’re doing the check yourself in a reproducible build system. Otherwise, it requires trust. Anyone can just modify the source however they want and release the binary, including the official channel where it happens because of supply chain attack or intentionally, etc.
This is not limited to apps, but also your kernel, driver, etc.
Totally not true. The only possible realized attack surface and the vulnerabilities of the protocol you’ve shown until now requires a malicious home server, not when the user uses matrix.org server, or self-hosting. So, the user’s not required to self-host to get a decent security and privacy protections. It also depends on the user’s usage, e.g. among family members and close friends vs friends and public spaces
This could be true, but it’s not working like what you think it’s. In a federal setup, each other setup is transparent (not totally, but more than the centralized one), including their reputation, etc. The user needs to make their sane judgement when choosing their server and client to use, the same way when they pick up any centralized services. The clear difference is that in a centralized service, the user has no choice of the server and the client they can use, hence everything is controlled by 1 entity.
- Signal is worse.
- Not everyone is using the same setup. One might compile their client from source, while most people download the binary, and there’s definitely someone who grab the binary from unrepeatable source that could be malicious. Nonetheless, Signal themself could alter the binary at any time they want, and it would affect 99.99% of people downloading their app from the stores and their website. They control what the client the user can use, let alone the code that’s currently running on their server.
If you’re still thinking Signal doesn’t require trust, I think I just talked to the wrong person.
I’m sorry, what am I missing? That the pricing page is only for businesses? I don’t see a link for regular users where it says it’s free.
Wow this thread is a mess and I’m not going to address every single poin in it suffice to say if you’re selecting a messenger listed on our page it’s likely going to be secure enough.
While some messengers like Matrix have more metadata than say Signal due to the fact they’re federated, I would not describe them as “wildly insecure” or anything alike that.
Just note, though there are certain caveats with session and simplex, for example session does not allow for large attachment sizes (that may not be an issue), and Matrix allows for larger rooms with more participants.
1 Like