• einfach_orangensaft@feddit.de
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    i like the whole concept but it seamed to good to be true and not some type of backdoored honeypot, ill guess ill check it out when enough people reviewed the sourcecode

    • Cheradenine@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Well, since it was audited quite awhile ago you could probably check it out now.

      simplex.chat/blog/20221108-simplex-chat-v4.2-security-audit-new-website.html

      • onlinepersona@programming.dev
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        Thanks.

        So it has a new ID for each tunnel/channel/whatever. As usual, that comes with the downside of discoverability: how do you find all your contacts when installing the app? You always need an out of band transfer of the user ID - be it email, username, or a transient one like this.

        I’m not sure how much better that is than existing chat apps that don’t have discoverability.

          • onlinepersona@programming.dev
            link
            fedilink
            English
            arrow-up
            0
            ·
            1 year ago

            How?

            If the OOB is not encrypted --> hello MITM attack or impersonation (unless of course you’re physically in the same place, which is quite limiting)

            If it’s encrypted, why not just keep using encrypted channel? I have to find an encrypted channel to initiate an encrypted chat?

            I’m not seeing the benefit

  • fmstrat@lemmy.nowsci.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    Oof, bad timing for that name selection. Especially with payment processing.

    The invitation method is interesting, but will likely be its limiting factor vs its draw. Regular Jane/Joe wants to share their username, just not their number or email. Not being able to share verbally is tough.

    • BearOfaTime@lemm.ee
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      1 year ago

      Simplex has been out for a year or so.

      It’s tough getting people used to systems that respect privacy, since Out-of-band ID sharing is part of that.