Hanshan's avatar
Hanshan hanshan@nostrplebs.com 1 year ago
I understand that they're encrypting the sender information, but they can still do timing analysis on IP addresses and when messages were sent, because it's all flowing through a central server. So, OK, it's an overstatement to say that they can see who's messaging who and when, my apologies. also shitting on a company as being for profit ia dumb. it's a valid data point, but you can't say that therefore they're compromised and less trustworthy. We could just as easy to criticize signal for having WEF members on their board.
↑ Parent

Replies (1)

Jacob | Five Eye Tea's avatar
Jacob | Five Eye Tea 1 year ago
Sure, but that's a flaw with all messengers, even decentralized ones. The reason I see Session as more secure is because of the onion routing. Thrice encrypted and bounced across the world. SimpleX decentralization isn't conducted that way. It's better than nothing but most of the servers are hosted by the company and seizing those servers would get you a lot more metadata. Also, yes, them being for-profit is completely relevant and concerning. A for-profit corporation has to maximize profits, meaning they aren't quite as trustworthy to host a privacy service. Meanwhile, a non-profit doesn't have to go wild to maximize profits. They actually directly have a necessary reason to do what they claim they're doing or donations will dry up.