this post was submitted on 12 Aug 2023
73 points (92.9% liked)

Privacy

31973 readers
322 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hello everyone,

I have discovered SimpleX Chat (nothing to do with XChat or HexChat, or the favorite letter of some dumb billionaire), and it appears being a legit good effort at providing good privacy while retaining "mainstream" usability.

And it has been audited (by one company so far, it seems).

The only concern I have is with regards to battery life (given that it has to maintain roughly as many open connections as you have contacts, AFAICT).

Has anyone here used it? Any opinion?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 26 points 1 year ago* (last edited 1 year ago) (1 children)

I've been using it the past few months - since April, if memory serves me. I mostly interact with one contact, individually, and a small group with others.

There's definitely been a few hiccups. I use the default servers, and there's been times when they weren't reliable in the past, but that's been rare. The app itself is not really buggy, but it gives you options without really explaining them, regarding configuration of messaging servers and file transfer servers. You have to go and read the documentation, which is actually pretty good.

Regarding battery consumption, it's been very battery efficient for me, and this is considering I use the service to receive notifications instantly. This is on a degoogled Galaxy S8, so YMMV. Anyway, there's plans to use some implementation of UnifiedPush in the future, if I recall correctly?

The bad parts are not really a big deal, in my opinion. I've tried a few private messengers in the past, such as Jami, Briar, Signal and (even though this definition is controversial) Telegram, through Nekogram. SimpleX has been the best one so far.

One of the reasons is the feature set. It really tries to be a "mainstream" messaging app, with a sane default set of features. You can send messages, make groups, big and small (the biggest I've been in had some 400 members - it was the app's support and development group), send pictures, video, audio, use a command line client and, since last week, try out the desktop GUI client. I don't remember if this last one had other releases, but I tried the AppImage, on Linux. It's okay, if a bit slow.

Also, there's no user ID and the messages can be routed through Tor, and I think they are by default. Do your research on this, as I'm not too sure, but the way they manage not having a user ID is that they usage message queues on each server, and each is particular to a group or connection between contacts. So you don't have an ID, people can't search you, and it's only you that can give out a link to connect to you. Such a link can be revoked and regenerated at any time, so it's a platform that is inherently immune to spam.

Regarding the servers, there is the possibility to host your own. Even though I have a small personal server, which serves as a backup for my files and some other small stuff, I have not tried setting up a SimpleX server because my communication with the app is vital and I don't have the budget to build a trusty server just yet, so I can't make a review of self-hosting a server. Still, it's good that the option is there.

Anyway, what I like most about SimpleX is the steady pace of development. As I said, I've been using it for just a few months, but a lot has changed already - it's gone from version 4.something to 5.2. The file transfer, which was slow when I first used the app, has been through a whole redesign, in terms of the protocol used, and they've created what they call XFTP, which I think stands for simpleX File Trasfer Protocol. You can self-host your servers with this protocol and they've completely changed the game, in terms of sending and receiving files. It makes me very hopeful for the project to see features being steadily implemented. A ton of small others have been added since I've been using the app, but that's the big one, in my opinion.

Phew. That was quite the write. I don't have to say this, but I am quite invested in this app and want to see it succeed, so I obviously recommend people try it. The problem is convincing regular people to "download one more app".

[–] [email protected] 8 points 1 year ago (2 children)

Very good answer, thank you very much.

WRT battery life, the only device I have been able to use it with is a second hand device I just got, and have little metrics for. So, I'm not sure if the device battery is worn out, my expectations are from another time, or it has battery "problems". Given your testimony, probably one of the two first options. Maybe both.

I have tried Tox, Signal, Briar, Amethyst (Nostr) and lastly SimpleX.

I dropped Tox because of network and battery usage, and didnt actually get to try Amethyst because of its use of Google Push.

Usability wise, and userbase wise, Signal is by far the best, but its use of phone numbers as identifiers is absolutely terrible in my opinion.

Briar has features that others don't have, and works ok, but isn't really feature-complete when it comes to mainstream use.

SimpleX strikes me as a good middle ground between the two, with a very complete featureset, even if, as you mentionned, it is rather hidden behind all that UI.

Also thanks for telling me about the Desktop GUI, I was searching for one and didn't find it. So I'll look again.

Now, concerning the absence of identifiers, the marketing material clearly mentions "[not] any user identifiers". As I understand it, it still has identifiers, but as conversation endpoints, and they are unique to a given conversation. So, yes identifiers, but their meaning is a lot harder to infer than with user identifiers. It kind of is like with using unique cryptocurrency wallets per contact, and making transfer through exchanges, converting between currencies. It is a lot harder to track.

Agreed that having the option to run your own server is invaluable. One could for example deploy an entire SimpleX infrastructure on a different network, such as DN42. And in the event of a global apocalyptic event, the distribution of both clients and servers would allow users of local or regional networks to still have usable private messaging.

And as for people adopting the app, it is via people like me and you. I run the operations for around 6-10 people in my immediate surroundings (friends and family), and my recommendations mean a lot to them (it often influences entirely what they get to use). Besides, I also advise people professionally. And, so, assuming we each influence a dozen people on average, they will, in turn, create momentum for their own social circles. That's exactly how gmail gained traction.

Now, I don't see people who are using only whatsapp adopting SimpleX any time soon, but honestly, those people aren't using Signal either (and if they are, it is very temporary), and will always be the last to move.

[–] [email protected] 6 points 1 year ago* (last edited 1 year ago) (1 children)

Well, thanks for taking the time to answer me, in turn!

Also thanks for telling me about the Desktop GUI, I was searching for one and didn't find it. So I'll look again.

Mind you, this is very recent and it's in the releases page of their GitHub under a pre-release. It's in the assets of the 5.3-beta release, which, now that I've checked, has packaging for MacOS, Ubuntu and AppImage. They're the ones with the *-desktop affix.

Now, concerning the absence of identifiers, the marketing material clearly mentions "[not] any user identifiers". As I understand it, it still has identifiers, but as conversation endpoints, and they are unique to a given conversation. So, yes identifiers, but their meaning is a lot harder to infer than with user identifiers. It kind of is like with using unique cryptocurrency wallets per contact, and making transfer through exchanges, converting between currencies. It is a lot harder to track.

Yes, I think you've done a better job of explaining it than me. It's impossible, to my knowledge, to communicate without any kind of identifier, but their model is a rather ingenious one for people concerned with privacy. Couple that with onion routing, and I feel very safe talking to people on the app.

And as for people adopting the app, it is via people like me and you. I run the operations for around 6-10 people in my immediate surroundings (friends and family), and my recommendations mean a lot to them (it often influences entirely what they get to use). Besides, I also advise people professionally. And, so, assuming we each influence a dozen people on average, they will, in turn, create momentum for their own social circles. That's exactly how gmail gained traction.

You sound more hopeful than I am, lol. But I too hope that technologies such as SimpleX take off, if only because of early adopters such as us.

Edit: also, something that SimpleX does is markdown editing, which is just… 👌

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

Mind you, this is very recent and it's in the releases page of their GitHub under a pre-release. It's in the assets of the 5.3-beta release, which, now that I've checked, has packaging for MacOS, Ubuntu and AppImage. They're the ones with the *-desktop affix.

Great info, thank you!!

Yes, I think you've done a better job of explaining it than me. It's impossible, to my knowledge, to communicate without any kind of identifier, but their model is a rather ingenious one for people concerned with privacy. Couple that with onion routing, and I feel very safe talking to people on the app.

First, 🙏

Second, if you generate an entirely new key for every next message, appending it at the end of the current message, while merely depositing the message at a known place (deaddrop), while using tor (or similar), there is literally no way to link two messages without decrypting the first. That would forego any kind of identifier, but if a single message gets lost, communication entirely breaks. So, I'm no a cryptography expert, but I believe there are ways to do a similar design (mitigating the shortcomings), and eliminate identifiers entirely.

You sound more hopeful than I am, lol. But I too hope that technologies such as SimpleX take off, if only because of early adopters such as us.

Yes, maybe, but also, a sudden swing in userbase can happen, look at Reddit and Lemmy. So it is important to have good, usable software (at least moderately) ready to kick in with a sudden increase in adoption (modulo server loads, this can usually be solved with more servers). And that is IMHO where our most important role is: bringing normies to the group, getting their feedback, and relaying that feedback upstream. So that when the user rush happens, the app/platform isn't immediately cancelling the movement due to inaccessibility/poor UX.

Edit: also, something that SimpleX does is markdown editing, which is just… 👌

Yes, it is quite essential, I agree there too. Signal has formatting, but you need to use the UI to set it, and that just doesn't feel as right...

[–] [email protected] 3 points 1 year ago (2 children)
[–] [email protected] 4 points 1 year ago* (last edited 1 year ago)