Session messenger android client currently feels unpolished while simplex seems to require it to run in the background for instant notifications. Is there an alternative that is better than those 2?

  • trickster@infosec.pub
    link
    fedilink
    arrow-up
    12
    ·
    edit-2
    5 months ago

    It depends on many things, such as a threat modeling, opsec, etc. In terms of privacy and security !simplex@lemmy.ml seems to be superior.

    Several reasons to that:

    • SimpleX doesn’t have IDs, unlike Session. Which makes it more anonymous and private;
    • Ofc things like E2E encryption, forward secrecy and others;
    • Message mixing is and underrated feature, as well as content padding;
    • It has amazing security features such as self-destruct passwords, and a couple of others;
    • Can be self-hosted;
    • No need for phone number;
    • Leverage several ‘accounts’;

    I have read their white paper, and is worth the time. Also, one of the episodes of the Opt Out podcast is with the SimpleX creator. I suggest listening. I personally liked the way he conceptualizes decentralization, and problematozes protocols.

    I found SimpleX to be the best of all private messengers. Better than Session, Signal, XMPP, DeltaChat, and others. It is also more convenient than Briar and Threema.

  • umami_wasabi@lemmy.ml
    link
    fedilink
    arrow-up
    7
    ·
    5 months ago

    Define your criteria for an ideal messenger. What do you need actually? What’s your security requirement?

    • schizoidman@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      5 months ago

      Probably something that does not require a phone number while still using google firebase notification system? Basically a less buggy version of session messenger.

        • schizoidman@lemmy.mlOP
          link
          fedilink
          English
          arrow-up
          4
          ·
          5 months ago

          To save battery life I suppose. Also some phones may kill a background app even when told not to thus preventing messages from being received.

          • kylian0087@lemmy.dbzer0.com
            link
            fedilink
            arrow-up
            5
            ·
            5 months ago

            may kill a background app even when told not to

            Most of the time this can disabled somewhere in the app permissions. i have done this for a couple of apps without much issue.

          • umami_wasabi@lemmy.ml
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            5 months ago

            I have simplex notification service running 24x7. while rarely open, i never missed a message when it arrive (i use it as a message bridge between my devices). Nor I feel it uses more battery that it can’t hold a day of use despite it running constantly in the background. I’m using S21FE btw.

  • Lime Buzz@beehaw.org
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    5 months ago

    Neither, they are both very much made for tech obsessives with no real advantages and thus won’t ever have anyone but those people on them.

    Until they have nice features like stickers and have nicer UIs, their usage will likely be limited to just those that think they are more private without having many people on.

    I do not personally think that using messengers with so few people on or the proliferation of such niche messengers is a good thing and there really isn’t anything like ‘ultimate’ privacy/security anyway.

    I personally think sticking to fairly mainstream messengers is better unless you have accurately done threat modelling for yourself and found you need something more secure, though in most cases these niche messengers won’t necessarily be that as they lack the funding and technical knowhow (or just make claims without necessarily being able to back them up), just selling the dream.

    Plus a lot of them are frustrating to use due to, as has already been pointed out in this thread, them having such drawbacks like needing to both be online usually or are not feature complete on all platforms if they are even on those platforms at all.

    I also do not think that operating over alternative networks like TOR necessarily is more private or secure than just having very good encryption and other well thought out and tested security features even over the ‘clearnet’.

    At the end of the day I still very much think it is best to stick to messengers most people have probably heard of, though I would still recommend open source ones, I don’t think that we need more messengers that claim to be better than the last, just a few really good ones that have shown under various conditions to work well, stand up to surveillance or cops etc and are a joy to use.