Back

@joelanman Signal is centralised and was nearly backdoored by the uks online safety bill and saved by signal threatening to walk. Matrix *is decentralised but with no quantum secure e2ee like signal nor its metadata privacy or secret group chats. SimpleX has the best of both worlds and more. more decentralised than matrix. quantum-secure e2ee, metadata privacy, ip protection, tor support, no persistent id basically "a burner phone for every contact" dms need invites so less spam than matrix

@ambiguous_yelp @joelanman This is false and outright FUD. Signal was not "nearly backdoored". Their position has always been that if UK or anyone tried to mandate backdoors they'd be treated like any other rogue state needing circumvention. Centralization is only minimally relevant because the central servers have no access to any information beyond minimal metadata. Any attempt to subvert would have to be via shipping malicious clients, and the clients are all open source and under heavy scrutiny, and there's no mandate to update client until long after there's been time to review/inspect new version.

@dalias @joelanman So Signal is safe because if the UK tries to backdoor it they will withdraw from the UK leaving the vast majority of UK activists that rely on it high and dry? Also you're trusting Signal LLC that theyll stick to their principles and leave entire markets, its a bit naive, SimpleX users don't have to worry about it at all. Yes signals open source and you could check if they added a backdoor, but that wouldnt negate the network effect, how long would it take to remigrate?

@dalias @joelanman If simplex gets backdoored you can just swap the client for a fork and the network ie contacts and usergroups can remain pretty much unchanged because its a trustless decentralised model. You cannot make a decentralised signal bc it has a single point of failure, signals servers. As for signal only collecting "minimal data" I explained in the thread how correlation of contacts is performed and SimpleX protects against this.

@ambiguous_yelp @joelanman AFAICT SimpleX comes from coinbro asshats and has not been reviewed by any real cryptographers. It's probably not secure.

@dalias @joelanman You're right about one thing the dev team are right wing ass hats, and it does attract right wingers because they can get away with saying the n word, but thats not really an infra critique its like saying theres right wingers on the web, simplex is just a messenger. The dev team control the "official" roomlist and that is a shit roomlist but apart from that they dont really have any structural control on who uses the platform

@ambiguous_yelp @dalias @joelanman

Who are the dev team and why are they right wing ass hats? I'd like to learn more about this, since SimpleX seems better then Signal in all other aspects. If you can provide further details and examples or links illustrating their right wing ideology or bad behavior I would appreciate this!

@jenkinse @ambiguous_yelp @joelanman Just looking at their website..?

@dalias @ambiguous_yelp @joelanman

True their website doesn't exactly pass a "vibes test" but do we have anything more concrete to go by?

@jenkinse @ambiguous_yelp @joelanman See above "The dev team control the 'official' roomlist and that is a shit roomlist" - looking at that roomlist probably makes it clear.

@dalias @ambiguous_yelp @joelanman

Where can I find the roomlist? I'm not sure I would recognize the people on the roomlist, but its worth taking a look at.

@jenkinse @dalias @joelanman the roomlist is organised through a user-bot on-platform, you message that bot asking for the top N rooms or keyword search for a room

@dalias @jenkinse @joelanman no you're missing the point, theres groups and group links, you can then optionally choose to invite a bot (also open source and published implementation) to your room so it can be indexed on whatever directory, that is of course opt in and very intentional process, all simplex relays can see is room links as they point to a queue on the relay.

@ambiguous_yelp @jenkinse @joelanman WTF is the point of having a strongly encrypted private platform then inviting bots to index that, subverting the whole thing??

@dalias @jenkinse @joelanman the same point as having any public room, bc you want to open the conversation to more people. Even in these cases you are still protected uniquely by simplex bc you have no unique identifier you cant be spam messaged/called or have your messages by correlated to other more restricted invite rooms