this post was submitted on 06 Apr 2024
146 points (86.9% liked)
Privacy
31987 readers
437 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Run by a VC funded for-profit company. That really should tell you all you need to know. Sorry, but no thanks.
this is a wrong take for a few reasons, if we're talking about trust.
Also, Signal literally was taking money from the CIA for a decade and also is based in the US anyway, and no one hardly said a word π€£π€£ "Privacy" activists are a joke lmao. Also signal made a crypto coin and took away features like SMS, but of course they get a free pass for that too. Makes you wonder.
SimpleX is fully open source, verifiable, and audited. If there are changes that are bad, the community will talk about them, and at worst it can be forked
SimpleX has made it clear that they dont want you to trust them. It's decentralised and anyone can run their own relay, and the servers are designed prevent correlation. They also make it very easy to use TOR and multiple circuits. This is contrary to the inferior Signal model where you just have to trust that the centralized Signal org isnt leaking your phone and IP to the feds.
moving towards a decentralised, open, and trustless world is better for everyone. In this kind of system, I really dont give a damn where they are getting their money from, as long as they arent putting crap in the software, and if they do, we will all know about it. But so far they have shown that they are committed to extreme security and privacy, and they obviously arent trying to appeal to normies, so i doubt they would ever even try to put VC-pushed garbage in.
If you want a good app, you will need funding from somewhere. Look at apps like Session that arent funded well. They suck. So I'd rather SimpleX be funded by a VC instead of by the feds like Signal, as long as everything stays open, free, trustless, and decentralised
Time to get downvoted! See you guys at -50 π
Where did I even mention Signal? Total strawman argument, as I don't think Signal is a good option either.
But you go ahead and trust Simplex Chat Ltd. I guess some people only learn from their own mistakes π€·ββοΈ
you completely ignored what i said, as I specifically argued that simplex is made to be used without trust. so dont talk about me trusting people lol.
Also I agree with you on Signal, was just throwing it out there for others, not necessarily for you.
You walked right into my deliberate rethorical trap π
There is no such thing as trustless computing, and anyone that tries to sell you that is scamming you or drank the same kool-aid.
Exactly what I thought; if the technology is so decentralized does it make sense to care so much about who finances the project? Like if one instance of lemmy was funded by Microsoft, we could easily use another one and block it, right?
yeah it's like TOR. it's public knowledge that it was both made and is funded by the US Gov, but we all see it as the standard of anonymity online because everything is open, trustless, and decentralized.
How is TOR trustless?
I recommend to study how TOR works
I did. Can you maybe answer the question?
Would you say Tor is bad because its from the US navy?
originally it was. but it was given to the larger community as an open project, because they realized that without public use, it would be useless.
There is endless discussion on whether tor software is backdoored or not, but I severely doubt this with all the eyes on the open source code
There is also debate on how many nodes are owned by the feds, but the largest estimates at the peak were about 20%ish iirc. i doubt it's a significant number enough to worry about, from what I've seen.
tldr I'd recommend to look up all the opinions online yourself.
I'm in full agreement with you. Not even a little bit of disagreement.
This comment right here is the sanest in this thread
Upvoted bc VC eventually means enshittifiication. But with xz getting back-doored recently, what is the middle ground that keeps these things sustainable financially and operationally?
Maybe itβll be governments partially funding it. If Schleswig-Holsteinβs attempt is anything to go by, it might be a way
But do we trust entities that depend on our governments for funding? It could be argued that theyβre fundamentally compromised.
As opposed to whom? Are investors in VC startups less compromised or more? What are the incentives in either case? Who do you trust to be competent and/or incompetent enough to compromise it without you noticing it? Who is likely to change a project that was well intentioned first after the fact? In what ways?
Exactly.
Many question marks, one answer- Gitea
You have 4 basic options for funding:
-you rely on individual donations which doesnβt bring in enough money
-you force people to pay for it, which makes it less attractive when compared to traditional software, and makes much of the community pissy
-you rely on corporate money
-you rely on government money
None is perfect, but some amount of government funding (letβs say, 10% of what they would pay Microsoft for the equivalent software) might make sense
I wonder what that looks like fleshed out a little, though. Is that a mandatory or voluntary payment? And by paying for what they use is that per message or per month like a subscription?
Mandatory? And per month or year. Younger people might not remember but WhatsApp was $1/year (at least in the states.)
There shouldn't be anything wrong with expecting payment to pay for servers, etc. If it's free then you're the product right?
Threema.ch already do this. Maybe thatβs the answer?
Maybe. That is a one time payment but i guess they make their money on businesses. I like it but it's not the slickest app yet.
@timbuck2themoon @FarraigePlaisteach or self hosted :thinkerguns:
I do this but sadly not viable for everyone. It is a great option though.
Secure and private by design is the solution
Nobody can compromise you if they can't
I did not know it was run by a VC funded company. Isnβt it open source and audited though? https://simplex.chat/blog/20221108-simplex-chat-v4.2-security-audit-new-website.html
Either way, if one needs to communicate without the use of identifiers like a phone number (afaik signal requires one) I trust Session. SimpleX features cool new tech but letβs wait until it matures
AFAIK it is audited, and its threat model is rather extreme, like there is no unequivocally binding id, you can give every contact a different id
They talk about for profit/no profit in their last blog entry
https://simplex.chat/blog/20240323-simplex-network-privacy-non-profit-v5-6-quantum-resistant-e2e-encryption-simple-migration.html
Why should that be an issue? It's fully open source
Oh, my sweet sweet summer child... I have bad news for you π
Thanks, I just uninstalled it lol.