upvote

points

by RandomGerm4n7 hours ago |
comments
upvoteby Jigsy4 hours ago|
next
[-]
My issue with SimpleX is that the company is in the UK, and it's developed in the UK under UK law. https://simplex.chat/transparency/

Considering how fiercely anti-encryption the UK is/has become (because "only child molesters care about encryption!"), this is sadly reason enough for me not to trust it.

Do I believe they have a backdoor in their software? No.

But if the UK passes a law demanding they introduce one...

reply
upvoteby seanw4444 hours ago|
prev|
[-]
Or the mature and robust XMPP + OMEMO.
reply
upvoteby RandomGerm4n4 hours ago|
parent|
[-]
The problem with XMPP is that most clients use an outdated and insecure implementation of OMEMO. This includes popular clients such as Conversations and Gajim. Currently only Profanity and Kaidan use the latest version and you must always assume that the encryption has been secretly downgraded because the other person is using an insecure client. I highly recommend Soatek's blog post on this topic. https://soatok.blog/2024/08/04/against-xmppomemo/
reply
upvoteby zaik2 minutes ago|
parent|
[-]
I do not understand the security implications of this post, but I would prefer XMPP even without any end-to-end encryption over a walled garden like Signal or Session.
reply