cross-posted from: https://monero.town/post/934733
SimpleX Chat
Private and Secure messaging platform without user IDs
Will this new messenger replace Signal?
by Evgeny Poberezkin
Oof, bad timing for that name selection. Especially with payment processing.
The invitation method is interesting, but will likely be its limiting factor vs its draw. Regular Jane/Joe wants to share their username, just not their number or email. Not being able to share verbally is tough.
Simplex has been out for a year or so.
It’s tough getting people used to systems that respect privacy, since Out-of-band ID sharing is part of that.
i like the whole concept but it seamed to good to be true and not some type of backdoored honeypot, ill guess ill check it out when enough people reviewed the sourcecode
Well, since it was audited quite awhile ago you could probably check it out now.
simplex.chat/blog/20221108-simplex-chat-v4.2-security-audit-new-website.html
No link to a repo? I’m not going to watch a video to know what a project does or how it does it. No thanks.
Thanks.
So it has a new ID for each tunnel/channel/whatever. As usual, that comes with the downside of discoverability: how do you find all your contacts when installing the app? You always need an out of band transfer of the user ID - be it email, username, or a transient one like this.
I’m not sure how much better that is than existing chat apps that don’t have discoverability.
OOB is arguably better for privacy.
How?
If the OOB is not encrypted --> hello MITM attack or impersonation (unless of course you’re physically in the same place, which is quite limiting)
If it’s encrypted, why not just keep using encrypted channel? I have to find an encrypted channel to initiate an encrypted chat?
I’m not seeing the benefit
I can give someone my ID in person. I control how it’s delivered.