Don’t Use Session (Signal Fork) - Dhole Moments
soatok.blog
Last year, I outlined the specific requirements that an app needs to have in order for me to consider it a Signal competitor. Afterwards, I had several people ask me what I think of a Signal fork c…
    • itslilith@lemmy.blahaj.zoneEnglish
      3·
      2 hours ago

      Don’t care too much about the supposed hardening, but it’s on FDroid and has UnifiedPush, so I use it over Signal

    • dracs@programming.devEnglish
      5·
      4 hours ago

      I’ve been using it for several months mostly due to it’s UnifiedPush notifications support and been really happy with it.

  • aport@programming.devEnglish
    291·
    22 hours ago

    I’m OOTL, why do people want an alternative to Signal? It thought that was the good app

    • kbal@fedia.io
      24·
      20 hours ago

      It’s centralized, it doesn’t officially allow 3rd-party clients, it requires a phone number, and the desktop app kinda sucks. I use it anyway, but it could be better.

      • rottingleaf@lemmy.worldEnglish
        2·
        3 hours ago

        The “centralized” part is not a problem with their protocol and it’s well explained.

        The 3rd-party clients thing … I agree with, but one can find justifications for that too. They probably don’t want people to use it for filesharing with uuencode and base64. Or even for VPNs, like they did with Tox when it seemed to have a future.

        The phone number thing sucks, but there’s a need to defend against bot registrations somehow.

        The desktop app sucks absolutely and conclusively. If there were a library one can use to make a Pidgin plugin, it would be a godly gift.

    • Confetti Camouflage@pawb.socialEnglish
      21·
      21 hours ago

      I don’t know about other people, but the only thing I don’t like about Signal is that it is centralized. It seems to be the only option to actually get everything right for security though from what I hear.

      • rottingleaf@lemmy.worldEnglish
        1·
        3 hours ago

        I personally think they could replace the “centralized” part with the “relay” part. Seems technically possible with their protocol. Their center plays mostly the relay role. So it would be a bit similar to Usenet, or to NOSTR, or even maybe to something like old Freenet.

        But yes, there are good arguments that making it decentralized would slow down necessary changes and fixes.

      • Soatok Dreamseeker@pawb.socialEnglish
        16·
        20 hours ago

        That’s a reasonable thing to dislike about it.

        I dislike that I can’t reply to another message with a sticker.

        I also dislike that, despite having admin access, I can’t delete abusive messages left in groups for anyone but myself. That makes it unsuitable for building communities.

        • ZaphodWilde42@lemmy.worldEnglish
          2·
          14 hours ago

          The replying with stickers bugs me so much, your pack has been helpful too. Hopefully we’ll eventually be able to edit created packs though.

  • vollkorntomate@infosec.pubEnglish
    34·
    23 hours ago

    […] it uses the X25519 public key… as a symmetric key, for AES-GCM.
    […] anyone that knows the public key can decrypt it.

    Ouch.