Don’t Use Session (Signal Fork) - Dhole Moments
soatok.blog
Last year, I outlined the specific requirements that an app needs to have in order for me to consider it a Signal competitor. Afterwards, I had several people ask me what I think of a Signal fork c…
  • Rikj000@discuss.tchncs.deEnglish
    61·
    2 hours ago

    *Don’t Use Session,
    if your threat profile includes government’s spending ±100k to crack your encryption, since their encryption is not the best out there.

    Which they likely won’t for an average privacy conscious user, but they might for high ranking criminals.

    It was a good read though,
    I won’t invite new people to Session due to it.

    But the title is a little click-baity,
    “Session’s encryption is not the best”,
    would be a more honest title.

    • unexposedhazard@discuss.tchncs.de
      1·
      2 hours ago

      Do you happen to have an experience with using briar and can comment on it? It seems cool and using its mailbox system on a secondary old phone to get 100% uptime despite it being p2p is a nice concept. I just havent gotten around to really testing the UX when using it with multiple other people much.

  • Blisterexe@lemmy.zip
    11·
    4 hours ago

    tldr: their encryption sucks apparently

    frankly i don’t know enough about cryprography to be able to summatize it better.

    • Lojcs@lemm.ee
      8·
      4 hours ago

      They fucked up their encryption so it has half the entropy they claim, they verify messages solely based on information from the message and their pseudo-tor thing isn’t encrypted. Also you can drain someone’s battery by sending them specially crafted messages

  • Samsy@lemmy.ml
    11·
    5 hours ago

    Oh, I thought it’s because of the Loki Foundation. This article was surprisingly technical.