Yeah, qksms’s handling of group messages is really klunky, too.
Deku SMS looks nice, but it doesn’t understand group SNS at all. Neither does Connect You (it also doesn’t have search-by-name for texts, and has trouble linking contacts to texts). Simple SMS is now verboten.
Despite warts, I’m stuck with qksms as well.
Edit Fossify Messages has been released on fdroid. It supports groups, looks nice, and is working for me so far!
My biggest issue wouldn’t even be the kernel level access, but the fact that the stuff is written and tested by no one in particular. The possible bugs are the issue for me.
If that thing would be bullet-proof, hackers trying for years to break it without success, yeah. Ok. I could be convinced. If it is cracked after two days already… Then nope.
It seems F-droid won’t accept the new versions, as the Suite has been acquired over a month ago and they haven’t accepted any new versions, all Simple apps I’ve checked haven’t been updated for 3-4 months; in fact, I can’t find Simple Gallery there anymore at all.
Huh, perhaps the problem is on my end then? But I can neither find it by searching the repository, nor is it on the list of my installed F-Droid apps, even though all the other Simple apps are there. And I’m 100% certain I’m not using the Play Store version.
I’m not sure, it seems others can’t find it either. My own simple gallery works fine and without the new stuff everyone is complaining about here (I got it from f droid, so that’s why). Maybe it’s because it can’t take down the page for a downloaded app?
Simple Gallery hasn’t and couldn’t have received the privacy-intruding update yet, as its last update was in October, according to the data on Play Store, i.e. before the acquisition. People are complaining about Simple Messenger, for now.
My own install of Gallery is from F-Droid, just as yours, yet I don’t see it there anymore. It’s not visible on the F-Droid website, unlike e.g. f-droid.org/en/…/com.simplemobiletools.keyboard/
Maybe you can see it if you’re using some repository other then the default one? Or your repository data hasn’t been updated recently? Idk, just guessing.
I think C and C++ are safer options, because GNU doesn’t use this technology in particular. But Dart are obviously using opt-out telemetry. You should disable it manually. Idk the case of Ruby, sorry :(
This is the sad true. Nowdays, sdk haves tons of these analytics and telemetry. According to Dart documentation we can disable its analytics. And the first time the CLI is executed, this analysis is not used (respecting the opt-out concept). Is at your discretion trust Google’s words (or investigate Dart’s source code to find out if it is true or not, or if there are even other unethical means, although I find it a bit unlikely). If you wanna do the second, You can use something like CatFish to help you.
Both WhatsApp and Telegram suck. Just like any other messenger that’s either proprietary or not end to end encrypted. Signal is clearly the best choice.
Signal is not the best choice, it’s just a somewhat aceptable middle ground. I prefer something that doesn’t require a phone number and something you can self-host, like XMPP.
Good luck convincing normies to use some obscure messaging protocol. It’s difficult with Signal, even harder with Matrix, basically impossible with XMPP. 99.99999% have never in their life heard about XMPP. Also most mobile clients absolutely suck. You also can’t get proper push notifications without completely ruining your battery life. What a great choice!
Conversations is only available on Android. And that’s the problem. You need different clients on different plattforms, etc. It’s just a mess. Some clients don’t support encryption and everything is just unnecessarily complicated, especially for new users. You can’t just tell someone “let’s chat on XMPP”. You need to explain to them what XMPP is, what app to download depending on what OS they use, tell them how to set everything up, etc, etc…
Signal is definitely not perfect, but it’s the best known private messenger and doesn’t compromise on privacy and security. It’s very simple to use, the setup process is basically the exact same as on WhatsApp or Telegram, it has good clients for every platform and they have operated safely with a great record for over 10 years.
I understand that other solutions might be better in theory, but if we keep suggesting a new obscure and hard to use messenger to noobs, they will never make the switch. In order to get more privacy for ourselves and the (potentially less technical) people we need to communicate with, let’s just get them to use something simple and private like Signal.
Yea, ive gotten pretty wide adoption from friends and family on Signal, but id love to have a comparable product with even more features/security/privacy
Matrix may get there eventually, but for now its Signal.
The major clients now do have OMEMO. Yea, I agree it’s flawed but that’s so far it’s the one I settled on. Do you know other, more refined selfhostable solutions? I am now looking for development there but doubt I’d get few people that I already got there to switch again.
Not aware that there is a modern decentralized secure and private chat protocol. Sadly. I also am not aware of any developmenta of something like that, so XMPP is the best we got (for decentralized open widly supported protocols)
I know that a lot of clients do encryption of the message body by default, but it still leaves a lot of stuff in plain text (afaik).
It seems like a dystopian system, that we litterely can not hide from our governments without turning off our smartphones
That’s basically it.
However SIM cards that aren’t tied to people usually ends up scenarios like the US have where SIM swap attacks are common and you’ve a LOT of identity fraud. Note that we’ve an increasing number of services sending information and validation codes via SMS like banking apps and whatnot and you don’t secure the SIMs anyone will be able to get a replacement SIM because “I got my phone stolen” and you’ll have zero security.
I recently heard the episode of darknet diaries about it. I would think a simple PIN-Code that is mandatory would solve this issue? Or a letter send to the owner of the SIM?
Both solutions would make it safer, but not impossible to get around. Someone can get the PIN Code in some more analog (getting the paper with the PIN) or digital way (interception with physical access to a phone) and getting into the persons mailbox.
Even if those attacks wouldn’t happen there’s always the chance of something more complex like calling the carrier support and saying you’ve change your address and then a week later ask for a new SIM. It can go wrong very quickly, asking for a govt ID is the easy way to solve it all.
To be fair we can have a better solution, we simply force the fucktards that run banks and other places who send SMS codes to use a simple 2FA method without bullshit apps, just provide a QR code and live with it.
I think it’s actually the other way around. BECAUSE phone numbers are linked to our accounts and identities, it makes us vulnerable to SIM swapping. They should only be used for calling and texting people, nothing more. But nowadays we need to link our personal details to them, our accounts, which introduces this vulnerability because then it creates this incentive for an attack
If you live in a country where carriers are required to identify phone numbers and do identity checks for SIM swaps they’ll never, ever, allow someone to get a SIM with your number without providing valid govt ID. That’s why it solves the issue and its safe. Just look at the numbers / stats and you’ll find that the SIM swapping attacks happen on countries where no identification is required.
Honestly, it would just be nice if someone made a mobile computing device that wasn’t phone-capable at all. It is outdated functionality to have just one or two services use a totally separate protocol from everything else.
The ones I had which allow mobile data connections also allow use as a phone. Not to mention that most tablets are the wrong size to carry them around all the time.
As others have said, it’s quite good on privacy. For the truly paranoid, IIRC you can even self-host the sync server.
From the security perspective of privacy, do make sure to use a good password for the Mozilla account, the account password is also the encryption key for the E2E encryption.
You can activate it with these scripts github.com/…/Microsoft-Activation-Scripts (I think it’s the easiest way for you as you are already using it and the only issue it’s the stupid message to force you to pay for it)
But would be nice if you were not forced to use Microsoft Office.
privacy
Top
This magazine is from a federated server and may be incomplete. Browse more on the original instance.