this post was submitted on 06 Apr 2024
144 points (86.7% liked)

Privacy

32456 readers
558 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

SimpleX Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.

-privacyguides.org

It's clearly proving to be the most innovative technology when it comes to decentralized communication, in my opinion.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 101 points 8 months ago (5 children)

SimpleX Chat Ltd is a seed stage startup with a lot of user growth in 2022-2023, and a lot of exciting technical and product problems to solve to grow faster.

Run by a VC funded for-profit company. That really should tell you all you need to know. Sorry, but no thanks.

[–] [email protected] 50 points 8 months ago (5 children)

this is a wrong take for a few reasons, if we're talking about trust.

Also, Signal literally was taking money from the CIA for a decade and also is based in the US anyway, and no one hardly said a word 🀣🀣 "Privacy" activists are a joke lmao. Also signal made a crypto coin and took away features like SMS, but of course they get a free pass for that too. Makes you wonder.

  1. SimpleX is fully open source, verifiable, and audited. If there are changes that are bad, the community will talk about them, and at worst it can be forked

  2. SimpleX has made it clear that they dont want you to trust them. It's decentralised and anyone can run their own relay, and the servers are designed prevent correlation. They also make it very easy to use TOR and multiple circuits. This is contrary to the inferior Signal model where you just have to trust that the centralized Signal org isnt leaking your phone and IP to the feds.

moving towards a decentralised, open, and trustless world is better for everyone. In this kind of system, I really dont give a damn where they are getting their money from, as long as they arent putting crap in the software, and if they do, we will all know about it. But so far they have shown that they are committed to extreme security and privacy, and they obviously arent trying to appeal to normies, so i doubt they would ever even try to put VC-pushed garbage in.

If you want a good app, you will need funding from somewhere. Look at apps like Session that arent funded well. They suck. So I'd rather SimpleX be funded by a VC instead of by the feds like Signal, as long as everything stays open, free, trustless, and decentralised

Time to get downvoted! See you guys at -50 😁

[–] [email protected] 19 points 8 months ago (1 children)

Where did I even mention Signal? Total strawman argument, as I don't think Signal is a good option either.

But you go ahead and trust Simplex Chat Ltd. I guess some people only learn from their own mistakes πŸ€·β€β™‚οΈ

[–] [email protected] 13 points 8 months ago (1 children)

you completely ignored what i said, as I specifically argued that simplex is made to be used without trust. so dont talk about me trusting people lol.

Also I agree with you on Signal, was just throwing it out there for others, not necessarily for you.

[–] [email protected] 8 points 8 months ago (1 children)

Exactly what I thought; if the technology is so decentralized does it make sense to care so much about who finances the project? Like if one instance of lemmy was funded by Microsoft, we could easily use another one and block it, right?

[–] [email protected] 8 points 8 months ago (1 children)

yeah it's like TOR. it's public knowledge that it was both made and is funded by the US Gov, but we all see it as the standard of anonymity online because everything is open, trustless, and decentralized.

[–] [email protected] 5 points 8 months ago (1 children)
[–] [email protected] -1 points 8 months ago (1 children)

I recommend to study how TOR works

[–] [email protected] 3 points 8 months ago

I did. Can you maybe answer the question?

[–] [email protected] 3 points 8 months ago (1 children)

Would you say Tor is bad because its from the US navy?

[–] [email protected] 1 points 8 months ago

originally it was. but it was given to the larger community as an open project, because they realized that without public use, it would be useless.

There is endless discussion on whether tor software is backdoored or not, but I severely doubt this with all the eyes on the open source code

There is also debate on how many nodes are owned by the feds, but the largest estimates at the peak were about 20%ish iirc. i doubt it's a significant number enough to worry about, from what I've seen.

tldr I'd recommend to look up all the opinions online yourself.

[–] [email protected] 0 points 8 months ago

I'm in full agreement with you. Not even a little bit of disagreement.

[–] [email protected] -1 points 8 months ago

This comment right here is the sanest in this thread

[–] [email protected] 23 points 8 months ago (3 children)

Upvoted bc VC eventually means enshittifiication. But with xz getting back-doored recently, what is the middle ground that keeps these things sustainable financially and operationally?

[–] [email protected] 6 points 8 months ago (1 children)

Maybe it’ll be governments partially funding it. If Schleswig-Holstein’s attempt is anything to go by, it might be a way

[–] [email protected] 4 points 8 months ago (2 children)

But do we trust entities that depend on our governments for funding? It could be argued that they’re fundamentally compromised.

[–] [email protected] 8 points 8 months ago (2 children)

As opposed to whom? Are investors in VC startups less compromised or more? What are the incentives in either case? Who do you trust to be competent and/or incompetent enough to compromise it without you noticing it? Who is likely to change a project that was well intentioned first after the fact? In what ways?

[–] [email protected] 1 points 8 months ago
[–] [email protected] 0 points 8 months ago

Many question marks, one answer- Gitea

[–] [email protected] 6 points 8 months ago

You have 4 basic options for funding:

-you rely on individual donations which doesn’t bring in enough money

-you force people to pay for it, which makes it less attractive when compared to traditional software, and makes much of the community pissy

-you rely on corporate money

-you rely on government money

None is perfect, but some amount of government funding (let’s say, 10% of what they would pay Microsoft for the equivalent software) might make sense

[–] [email protected] 2 points 8 months ago (1 children)

People paying for what they use. It's that simple.

[–] [email protected] 1 points 8 months ago (1 children)

I wonder what that looks like fleshed out a little, though. Is that a mandatory or voluntary payment? And by paying for what they use is that per message or per month like a subscription?

[–] [email protected] 1 points 8 months ago (2 children)

Mandatory? And per month or year. Younger people might not remember but WhatsApp was $1/year (at least in the states.)

There shouldn't be anything wrong with expecting payment to pay for servers, etc. If it's free then you're the product right?

[–] [email protected] 2 points 8 months ago (1 children)

Threema.ch already do this. Maybe that’s the answer?

[–] [email protected] 1 points 8 months ago

Maybe. That is a one time payment but i guess they make their money on businesses. I like it but it's not the slickest app yet.

[–] [email protected] 0 points 8 months ago (1 children)
[–] [email protected] 1 points 8 months ago

I do this but sadly not viable for everyone. It is a great option though.

[–] [email protected] 1 points 8 months ago

Secure and private by design is the solution

Nobody can compromise you if they can't

[–] [email protected] 13 points 8 months ago (1 children)

I did not know it was run by a VC funded company. Isn’t it open source and audited though? https://simplex.chat/blog/20221108-simplex-chat-v4.2-security-audit-new-website.html

Either way, if one needs to communicate without the use of identifiers like a phone number (afaik signal requires one) I trust Session. SimpleX features cool new tech but let’s wait until it matures

[–] [email protected] 9 points 8 months ago

AFAIK it is audited, and its threat model is rather extreme, like there is no unequivocally binding id, you can give every contact a different id

They talk about for profit/no profit in their last blog entry
https://simplex.chat/blog/20240323-simplex-network-privacy-non-profit-v5-6-quantum-resistant-e2e-encryption-simple-migration.html

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago) (1 children)

Why should that be an issue? It's fully open source

[–] [email protected] -5 points 8 months ago

Oh, my sweet sweet summer child... I have bad news for you πŸ˜†

[–] [email protected] -1 points 8 months ago

Thanks, I just uninstalled it lol.