poop,

All of the people recommending matrix don’t understand why signal is secure. Matrix offers the same level of end to end encryption as Facebook Messenger, but it’s federated so people who care more about federation than privacy like to misrepresent its safety

caboose20,
caboose20 avatar

I will admit I don't understand why Signal would be more secure than Matrix. I understood Signal to have E2EE just like Matrix.

poop,

That’s fair! If you’re on these type of forums, there are a lot of Signal haters and a lot of Matrix lovers, and sometimes they like to make confusing or just straight up inaccurate statements. The crux of the issue is not about the encryption of the text of messages themselves, which both platforms are capable of doing. Personally, I wish there was something like Signal but without the centralization, but the reality is such a thing doesn’t exist.

Signal (as in the Signal server and by extension the legal entity behind Signal) does not know what groups you’re in, does not know who’s in your contact list, does not know which groups you are sending messages to, doesn’t know which groups exist, and can’t tell the difference between a message, a reaction, a read receipt, a remote delete (“delete for everyone”), an edit… etc. Signal doesn’t have a way to send anything between two parties that the server can see. Signal has received a number of subpoenas which they typically fight, and if/when they lose they over all of the information they have about the subject of the subpoena, which tends to be whether or not they have a Signal account, when they registered the account and when they last used it. You can see these at signal.org/bigbrother/

Matrix (as in the Matrix server you’re registered on as well as the servers of whoever you’re talking to, for groups that means everyone in the group, notably this is not necessarily the same as the legal entity behind Matrix, but in practice a LOT of people use matrix.org for their home server so it frequently is) can see basically all of the things I listed above. The text of normal messages is encrypted. The group membership list isn’t encrypted. reactions aren’t encrypted. read receipts aren’t encrypted. Group membership lists are stored in plain text.

gelberhut,

Well, matrix, does not require your phone. You, theoretically, can selfhost a matrix server.

On the other hand, one can say that signal provides same level of e2e encryption and protection as WhatsApp, right?

poop,

“theoretically” being the operative word here. Most people don’t. And if they did, they wouldn’t be able to talk to anyone else without the metadata getting copied to that person’s server. Probably okay if it’s between two information security experts who operate their secure own servers, but in reality most people don’t do that. This could be summarized as: Matrix offers a lot of easy ways to be less secure, Signal does not.

As for WhatsApp, I know they have paid or maybe still do pay Signal for their encryption. I believe Facebook Messenger did or does as well. I’m not sure what the actual implementation looks like and neither is anyone else, because it’s closed source.

gelberhut,

Agree.

On the other hand, matrix offers anonymous chat, while signal requires a phone number. What software is really executed on signal servers knows only signal’s team - so, it is still, a matter of trust.

Signal also not good in cross device usage.

It looks there is no ideal options

poop,

But that’s not what’s being said here. In this post people op is asking for federated Signal. People are saying matrix is just as secure. This is wrong and I am pointing that out so people don’t go thinking this is correct. Making misleading statements about the security of this sort of thing is dangerous.

gelberhut,

You are right. One still, must not forget that signal knows you phone number, though.

I would say matrix is the closest what exist.

floofloof,

Matrix offers the same level of end to end encryption as Facebook Messenger

Can you please explain that in a bit more detail, for those of us who use these systems but aren’t up on the architecture?

poop,

Facebook Messenger offers optional end to end encryption just like Matrix. Just like Matrix, the server knows who you’re talking to, what groups your in, who else is in those groups, how many messages you sent to which group, who’s messages you react to, etc. But the actual text of the message is technically encrypted so Facebook can’t respond to subpoenas for your messages. I use Facebook Messenger as an example because Facebook is (correctly) generally considered not private or safe.

WhoRoger,
@WhoRoger@lemmy.world avatar

Not a fan of giving my phone number to federate to every server.

Session is like Signal but decentralised (like Tor, not like Fedi) and without the phone no requirement. That sounds better to me.

dismalnow,
dismalnow avatar

Appreciate the heads up on session.

flyoverstate,

What do you think of simplex chat? Open source, can host your own server, doesn't have relations with crypto (that I'm aware of)

Noki,
Noki avatar

Can you link the project you mean? Cant find “session”

WhoRoger,
@WhoRoger@lemmy.world avatar
ebc,

Signal had something good when it could simply be your default messaging app on your phone, and it’d transparently send either encrypted messages, or plain-text SMS. Now that they’ve removed SMS, they’ve just turned into a worse Whatsapp (because nobody is on it). Network effects are important in messaging apps.

NENathaniel,

I’ve just kinda made anyone I message regularly message me on Signal or Telegram. Fuck Meta 🤷

DarkThoughts,

I don't see the issue? Just use your native messenger for SMS. Why does it need to be part of Signal? It just makes things convoluted and confusing to have an unsecure messaging service inside an otherwise secure messaging app.

mossy_capivara,
@mossy_capivara@midwest.social avatar

Trust me I know, having my whole family try it out and then have them pull that later was a punch in the face

Encode1307,

Same here. It’s pretty frustrating.

brill,

My family still uses it vs texting. We like the video calls as well. :)

sadreality,

Ya, got banned on that sub for questioning that decision but more likely calling CEO a clown... either way, bad business decision.

I am starting to suspect new leadership is in place to gut Singal, just a speculation tho.

Still use it but they are not taking it where the core user groups sees the future IMHO

sarsaparilyptus,

Was that the punch in the face, or was it all the morons intentionally misinterpreting this argument and saying “but why would u want to send nonsecure messages are you aware SMS isn’t secure it’s like so insecure to send SMS bro it’s not secure it’s like literally a security risk bro SMS isn’t secure at all and also are you aware SMS security is poor”

dismalnow,
dismalnow avatar

Not doubting that pushy idiots are going to pushy idiot, but I think you've strawmanned the actual reason hard enough.

Most people who want it back don't need, want, or understand why secure messaging exists.

Here's the simple facts:

SMS is not secure, or private.
Signal is for secure, private comms.

As mildly inconvenient as it is, Signal explained their reasoning in great detail, and I happen to agree: There should never have been an insecure option on a secure messaging app.

ChaosSauce,

Totally agree. Good opsec is all about building good habits. Having 1 app for secure and a different app for normal creates a healthy compartmentalization in the mind for ease of building and maintaining habits.

dismalnow,
dismalnow avatar

Indeed.

It's a very basic trade that it seems few understand. You MUST trade a bit of convenience to increase your security, or mistakes will happen.

sarsaparilyptus,

Question: are you missing the point deliberately, or is it genuine obliviousness?

effingjoe,
effingjoe avatar

You literally made up an argument no one made in this thread.

The fact of the matter is that it is unwise to have both secure and insecure messaging side-by-side. Depending on where you live, this could translate to a simple mistake resulting in imprisonment or worse. It's very important that a "secure messaging app" only allow secure messaging.

You, like myself, probably live in an area where accidentally sending a message critical of the government over an insecure message would not have any tangible consequences, so perhaps you're weighing the convenience as more important due to lack of perspective.

WhoRoger,
@WhoRoger@lemmy.world avatar

By that logic tho, you can also accidentally open a different app and send an sms, because on Android all the apps need to look and behave basically exactly the same for some reason.

effingjoe,
effingjoe avatar

This is not a very thoughtful response.

dismalnow,
dismalnow avatar

I recognize you're probably not the original commenter, but this is the same flavor of strawman.

App is app. Other app is other app.

In one app, it was possible to send both SMS and encrypted messages. In the other, just SMS.

WhoRoger,
@WhoRoger@lemmy.world avatar

Strawman, one of those big words people use when they can’t make a decent argument.

Would it be that difficult to have two versions of the app then? One without sms for the more security conscious and easily distracted people, and one with sms, that I could install on any grandma’s phone?

Difficulty of implementation was never an argument, only ideological ones, with which Signal fucked over so many people. Literally all of my Signal contacts have gone offline soon after they axed the sms support, and so I have no use for Signal at all.

So, mission accomplished I guess. Secure messaging has won- oh wait, everyone is back on WhatsApp.

Noki,
Noki avatar

All my friends and familiy are still on signal.
This is a you problem not a signal problem.

Maybe you should have told your familiy why facebook is bad instead of being “look fancy chat”
I never needed the sms tool(who writes sms anyways?) what i need is more secure coms that I can use.

One thing that still bothers me is that with the phone number…. I am still waiting for uniq identifiers to uncouple my phone from my messenger!

WhoRoger,
@WhoRoger@lemmy.world avatar

I’m not here to do Signal’s marketing for them, especially since I never liked it in the first place (due to the phone number thing). They had a good thing going for being an acceptable alternative, and they fucked it up. Definitely not my problem.

sarsaparilyptus,

You literally made up an argument no one made in this thread.

I literally was not confined to this thread, which is blatantly obvious if you know how context works.

The fact of the matter is that it is unwise to have both secure and insecure messaging side-by-side.

Skill issue. If it’s too hard for some people to pay attention to what they’re doing and use a tool correctly, they can buy a Vsmile. This is all ignoring the fact that no human being could possibly fuck it up on Signal unless they’re too illiterate to send text messages—or indeed use a cell phone—in the first place.

effingjoe,
effingjoe avatar

I literally was not confined to this thread, which is blatantly obvious if you know how context works.

Making up an argument no one in the discussion has made is called the "Strawman Fallacy". Why should anyone in this thread care that you talked to someone (allegedly) that was so dense that they made a bad argument that you got frustrated with?

If it’s too hard for some people to pay attention to what they’re doing and use a tool correctly

Ah, so much hyperbole. If I'm successfully stripping all of it away, is seems that your argument is that it is impossible (P=0) to accidentally send an SMS message in Signal, thinking it was a secure message. Is that really your stance? Admittedly, there was a lot of hyperbole so I might have missed the actual point. Please correct me if I'm wrong.

sarsaparilyptus,

“muh fallacy”

I didn’t know this was reddit

I might have missed the actual point.

You deliberately missed the point, and seem to think I can’t tell you’re being deliberately obtuse.

effingjoe,
effingjoe avatar

A fallacy is just pointing out that your argument isn't likely to arrive at the truth. As I explained, your "I met a dumb person and so all arguments against this are dumb" stance isn't useful, even if we agree you're not just making that all up.

I asked for clarification. Is that your stance? That it's fundamentally impossible that someone could accidentally send a SMS in Signal while thinking it is secured? I'm going to assume that you don't believe it's fundamentally impossible, so that mean your real stance is that if that happens and someone gets sent to jail or worse, that's a small price to pay for your convenience of not having to *checks notes* switch between two apps.

Do you see how your lack of perspective might be leading you to make a poor argument?

sarsaparilyptus,

Being this obnoxious is practiced and you’re clearly conversing in bad faith, that’s the only response you get

effingjoe,
effingjoe avatar

What's bad faith about my argument? There's only two options: You believe what you typed and that it's impossible to make this mistake, or that you were using hyperbole, and you acknowledge that it is possible to make this mistake. These two options are both mutually exclusive and binary-- there can be no other stances. (and notably you haven't actually clarified which one you believe.)

I didn't make you choose to defend a poorly thought out stance. That's on you.

ebc,

Well, I happen to disagree. I’m a privacy-conscious person, but I’m not an activist. Most of my contacts in real life (i.e the people I need a messaging app to talk to) are non-technical, and not really privacy-conscious. They’re not going to install a different app just to talk to me. The big draw of TextSecure (before it became Signal) was that they could just set that as their default SMS app, and it’d magically start to send encrypted messages if the other end was also using TextSecure, and they had to change exactly 0 of their habits.

I guess it depends on how you view it:

  1. Move as many people as possible over to encrypted comms with the least friction possible, or
  2. Provide a niche secure messaging platform for niche activists with niche needs.

I thought the goal was 1, but turns out it was 2. All my contacts are now back to Facebook Messenger…

poop,

It sounds like you’re slightly mis-remembering this oft-cited Hacker News comment from Moxie from 2015. I’m going to quote the main bit here because honestly a lot of people in this thread could stand to think about it:

If we were going to rank our priorities, they would be in this order:

  1. Make mass surveillance impossible.
  2. Stop targeted attacks against crypto nerds.

It’s not that we don’t find #2 laudable, but optimizing for #1 takes precedence when we’re making decisions.

ebc,

I wasn’t actually quoting this, but yeah, I think that’s the point. Supporting SMS was helping adoption by promoting a seamless transition for users. Dropping it feels like prioritizing #2 to me. (All this comment thread about opsec, compartimentalization, activism, etc is really about #2, IMO)

Steve,

This always struck me as strange thinking.
Are most people really unable to understand and use different messengers with different contexts and groups?

Honestly I use a few myself. My job has Tiger Connect. I use Signal with all my family and friends. Then I use SMS for some companies automatic notifications. It’s pretty simple and easy.

ebc,

Well, yes. But when all your friends are already on Facebook Messenger, good luck getting them to install Signal only to talk with you. Network effects are important; a messaging app has no use when you have nobody to message on the app. Supporting SMS was taking advantage of its network effect, and I don’t think their network was big enough to be self-sustaining for most users (it wasn’t in my case, my only contact in there is my wife).

gizzle,

If a friend doesn’t care about you enough to perform the 1 minute task of installing signal they’re not worth your time

Steve,

Convincing people to leave Facebook Messenger isn’t that hard. Just let them know Zukerberg and everyone at Facebook can see everything they send.

It is easier with a whole group of friends. If none of your friends known each other, you should work on that for other reasons. Groups of friends are better in general.

comcreator,

Matrix is the federated alternative to Signal.

However it would be cool to see Signal implementing their encryption into Matrix and turning Signal into a Matrix provider, becoming a federated messanger.

Molecular0079,

I believe Matrix already supports olm which is the same encryption technique used by Signal. The main issue with Signal becoming federated is that in order to make the federation work, a lot of metadata will leak and that could be a cause for concern when using Signal as a private messenger for important things like whistleblowing, etc.

comcreator,

True

philip_the3rd, (edited )
philip_the3rd avatar

Thank you, I'll probably keep Signal away from it, but WhatsApp and SMS hoover up my metadata anyway, so nothing to lose there.

mossy_capivara, (edited )
@mossy_capivara@midwest.social avatar

Given everyone’s advice, I’ll look into matrix

hitagi,

Do you mean decentralized or federated? I don’t really see how Signal would work with something like ActivityPub where so much information is meant for public viewing.

There’s also Matrix if you’re looking for just decentralized and federated.

mossy_capivara,
@mossy_capivara@midwest.social avatar

I was thinking more in the finding contacts way since Signal only uses phone numbers

hitagi,

Try Matrix or XMPP.

nickavem,

Though the fediverse is good for a lot of things, security is not one of them. Maybe this will change in the future, but right now there are just too many chances for bad actors.

mossy_capivara,
@mossy_capivara@midwest.social avatar

I heard that’s the case, but hey it’s FOSS maybe it’ll change in the future

noodlejetski,

they’ve been pretty clear in the past about their lack of interest in decentralisation.

if you want to see what a federated (although separate from the Fediverse), private messenger looks like, try Matrix.

mossy_capivara,
@mossy_capivara@midwest.social avatar

Yeah I’ve really interested in it just haven’t made the leap yet

gelberhut,

Then, it would be called matrix? 🤔

mossy_capivara,
@mossy_capivara@midwest.social avatar

I’m not super familiar with matrix, is it end to end encrypted likesignall?

WheelcharArtist,

Yes it is. But there are also unencrypted chats/rooms

mossy_capivara,
@mossy_capivara@midwest.social avatar

Oh that’s actually really awesome

JoeKrogan,
@JoeKrogan@lemmy.world avatar

I seen in a matrix talk on YouTube they are bringing interactive multi user vr to matrix too and it can be end to end encrypted because its built on matrix

poop,

Only if the signal crew collectively fell down, hit their heads and forgot about their whole mission of protecting metadata privacy. Matrix is a privacy nightmare (compared to signal). It offers optional encryption for the actual text of the messages sent, but everything else from room membership lists to reactions are unencrypted and stored forever by the server. The end to end encrypted message feature was bolted on after the rest of the thing was built, and it shows.

We’ve seen signal.org/bigbrother/ where signal proudly shows that they don’t have any metadata about their users to turn over. There’s a reason we don’t see anything like this for matrix.

Matrix is good at federating, but fucking horrible at keeping your information safe.

Semi-Hemi-Demigod,
Semi-Hemi-Demigod avatar

I assume everything I do on the Fediverse is public because it's the commons. Hooking that into my private messaging would be like leaving my door open at home.

philip_the3rd,
philip_the3rd avatar

Genuine question: where are you guys on Beeper, privacy-wise?

derin,

Beeper is just matrix with a bunch of preconfigured bridges for you. I’ve deployed a few of their bridges (as they’re open source) for my own matrix server and can confirm they work perfectly.

Haven’t had whatsapp installed on my phone for over 2 years. I even support the devs via github sponsors, I’m that happy with their bridges.

If you’re not technical but want the benefits of bridging other networks into Matrix, Beeper is a great choice.

caboose20,
caboose20 avatar

Curious about this as well. Since Beeper uses bridges to communicate with other networks, (Signal, Whatsapp, Facebook, etc) and it needs to decrypt the messages before sending them over these bridges it is inherently less secure than using something like signal directly.

derin, (edited )

I don’t think you understand why current servers operate the way they do.

Matrix server implementations function on the idea that your data lives in the server, so of course it needs that information (who is here, who is talking to whom) - or else, as an example, if you lost your devices you wouldn’t be able to recover your info (like on Signal).

I don’t want Signal’s Peer-to-Peer solution. I own my server, so I’m okay with keeping my own metadata. I want my communications with others to be encrypted, but recoverable if I lose access to my devices.

I think what you want is a Peer to Peer encrypted solution, which Matrix is working on, but isn’t available yet.

Follow this site for info on Matrix’s progress in that space: arewep2pyet.comWhat you’re looking for is info on Pinecone.

TLDR: poop wants a peer-to-peer encrypted network, Matrix is not that (yet).


Further reading:

Matrix’s architecture today means that the servers can see who their users are talking to, and when - but not what (assuming it’s end-to-end encrypted). Just like a PGP mail service like Protonmail. Because Matrix stores conversation history on the server (unlike Signal) so you can get at it when from multiple logins, you end up with that metadata stored on the server.

We’re fixing this by working on P2P Matrix (as per the blog post - it’s one of the main initiatives that the funding is going towards). matrix.org/blog/2020/…/introducing-p-2-p-matrix explains how P2P addresses the metadata problem.

(…)

poop,

Not sure why you think I don’t understand why matrix operates the way it does and I’m especially not sure why you think you know what I want. To help clear it up: I want a secure, decentralized encrypted messaging system that doesn’t let anyone but the participants access any information about their conversations, just like everyone else. What I DONT want is people misrepresenting the current landscape, as many in this thread are doing. End to end encryption of the actual text of the messages is not at all good enough, and Signal has made enormous strides in demonstrating alternative options. I’m not a fan of the usual things people don’t like about signal (phone numbers, centralized server architecture, mixed feelings on removing SMS from Android). Matrix addresses almost all of these, and does a lot of other cool things, but does so at the cost of a lot of privacy. I want people to stop acting like matrix and signal offer the same level of privacy. I get it, decentralization is good, but can we please not misrepresent the offerings of current decentralized solutions compared to current centralized ones just because we like the architecture of one more?

I’ve operated matrix servers and I’ve looked at the database to see what it knows. It knows a lot, and if a service provider was compelled to turn that over, it could be bad. We should be honest about what the server knows so people can make rational decisions.

derin,

I understand that end to end encryption of messages alone is not good enough… For you.

The current landscape is very exciting, and I see matrix taking the correct steps in the correct direction. I don’t see that with Signal.

Signal’s core design isn’t great for me, bordering unusable. It’s peer to peer - I want the security of a server (my server) managing my shit.

As an aside: If I have one more person message me asking what happened to their signal messages, after reading a post from someone online and switching to signal for a while, I’m going to lose it. It’s a platform the prefers security over usability.

On matrix I get a new device, log in, authenticate the new session from my old one, and watch as my content comes back. That’s it right there. That’s the magic I want.

What I don’t want is “got a new device, don’t have recovery keys? Fuck you.”

Your desire of a secure, decentralized encrypted messaging system is shared by me, I’m just not going to trash a system that does the majority of what I want over minor concerns regarding metadata.

And the alternatives you’re touting apply to you, a person whose needs are different from mine. They are unusable to me.

I hope my tone wasn’t too incendiary, I’m trying to make the point that our needs are different, not that either of us is invalid.

Honestly I feel like XMPP handles the majority of what you want, why not just use that?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • fediverse@lemmy.world
  • DreamBathrooms
  • magazineikmin
  • cubers
  • InstantRegret
  • cisconetworking
  • Youngstown
  • vwfavf
  • slotface
  • Durango
  • rosin
  • everett
  • kavyap
  • thenastyranch
  • mdbf
  • megavids
  • khanakhh
  • modclub
  • tester
  • ethstaker
  • osvaldo12
  • GTA5RPClips
  • ngwrru68w68
  • Leos
  • anitta
  • tacticalgear
  • normalnudes
  • provamag3
  • JUstTest
  • All magazines