https://soatok.blog/2024/07/31/what-does-it-mean-to-be-a-signal-competitor/
https://x.com/securitybrahh/status/1896190092961542194
https://proton.me/support/encryption-lock-meaning
https://dev.gajim.org/gajim/gajim/-/merge_requests/995
Normal calls are not encrypted as PSTN is outdated.
jmp.chat calls are encrypted for the last mile (so it protects you from local attacks)
RCS/imessage maybe encrypted, depends on client implementations and the future.
https://9to5mac.com/guides/rcs/
Simplex uses a lot of client RAM.
servers only relay on SimpleX afaik. so a relay won't cost much to a cloud provider, and can be done on "good will"
VC shit - get money coz you have distribution, no biz model.
fear-mongering privacy narrative pushing donations?
https://x.com/kaepora/status/1811454454232694847
dumb servers, Wise clients.
https://github.com/simplex-chat/simplex-chat/blob/stable/docs/rfcs/2024-04-26-commercial-model.md
software is free speech, lobbyin g for privacy is what it takes it seems.
so it was nostr after all?
https://signal.org/docs/specifications/doubleratchet/#recovery-from-compromise
xmpp or matrix? not really. but signal maybe, but how to do tg topics & groups?
https://soatok.blog/2024/08/14/security-issues-in-matrixs-olm-library/
HOW does even signal EARNS?? How will SimplexCha t earn??? <I don't endorse or like simplexChat rn but may change in the future>
signal was given a 50$ mil loan by Brian Acton for some reason.
donations from ppl because "its bankrupting", recent desktop bug fiasco shown that its not!
Simplex plan to make a "stamp" (not a coin), users will be able to donate to 3rd party hosters wirh legally binding / build verifiable directly.
https://soatok.blog/2025/01/20/session-round-2/
https://web.archive.org/web/20211215132539/https://infosec-handbook.eu/articles/xmpp-aitm/
TL;DR
- Server-side parties (e.g., administrators, attackers, law enforcement) can transparently modify, log, and monitor nearly everything when communicating via XMPP---independent of end-to-end encryption. "Transparently" means your XMPP client doesn't learn about these server-side actions; showing no warnings in most cases.
- Contrary to claims, law enforcement can easily detect and block XMPP traffic. Furthermore, many XMPP servers are physically centralized, hosted by a small number of hosting companies.
- Federation, decentralization, encryption, and "use Tor" don't solve these issues as XMPP processes data in cleartext and produces tons of metadata.
https://telegra.ph/why-not-matrix-08-07
Matrix linked Amdocs found tapping South African cell phones - https://archive.ph/iFJ0n
Matrix Metadata Leaks? - https://web.archive.org/web/20210202175947/https://serpentsec.1337.cx/matrix
I feel pgp >> s/meme or omemo
pgp relies on curcle of trust, And I think that's what we should rely on.
https://notes.valdikss.org.ru/jabber.ru-mitm/
session??
adding a coin to a messaging protocol is a joke + lokinet is a joke.
matrix spaces come close, there is a discord open source alternative but feels dubious.
A security analysis comparison between Signal, WhatsApp and Telegram - https://eprint.iacr.org/2023/071.pdf
Also good for LAN messaging.
https://code.briarproject.org/briar/briar/-/wikis/Mailbox-Architecture
https://divestos.org/pages/messengers
https://eylenburg.github.io/im_comparison.htm
whatsapp/tg people use to serve clients (frontend), slack for backend team