huh, yeah that's fair i did not actually notice that :/
JohnDoe
yeah i'm rethinking some stuff too, even in some utopia i think some information related to me might make life inconvenient, so the best way to protect that (e.g. not disclosing it digitally) maybe needs outta the box solutions.
related, does anyone even bother to look at physical mail for stuff? like if i put a cipher in a letter with no return address, using that pen ink that you can erase (which comes back if you put it in a freezer) and only i and my contact have the key to the cipher which we exchanged in-person; could anyone reasonably know it?
it seems digital stuff might be a carrot for surveillance people, maybe it can be made into a honeypot and physical or analog means can make a return.
Hi, could you touch on why F-Droid is less safe? Is it because they package (I think that's the term?) stuff themselves?
I think they wanted to be, they were advertising themselves!
I have a newer Redmi Phone and I can install an app at least twice. There's the 'second space' as well which is like having a cordoned off user. I use a different fingerprint or PIN and it takes me there.
SimpleX looks neat.
Yeah, fair. It can't delete your messages to the extent a centralized system, and that's an indication of the lack of centralized control? It's a different threat model I think many find satisfying (though perhaps not most).
I think most of your criticism makes sense.
The part about "not reading private messages" I think is mistaken, or rather, maybe amiss. I mean I don't have evidence, so this is all conjecture. The sophistication of data surveillance and data gathering makes the content of the message rather meaningless in my view.
EDIT: Oh, I don't think any adversaries of US, even if working together, make any meaningful threat towards it. It's really hard to imagine, esp. considering the US has a bunch of successful coups & stuff under their belt.
Huh, would it be possible to provide a source? I might be bad at searching, I'm not finding anything...
EDIT: Ok I found one with some search operators. I can provide links, most were less trustworthy, I'd reserve judgement.
- An organization which was initially responsible for Matrix, AMDOCS, is allegedly (I say allegedly since I didn't confirm it to a reasonable extent) an organization based in Israel which appears to have products related to surveillance
- By association, Matrix is tainted, perhaps it has sophisticated backdoors along with the other myriad of issues mentioned by other commenters
To give an alternative explanation with plausible hypotheses
- An organization linked to intelligence surveillance, created and discarded software, which occurs with most software, and I would imagine occurs with software developed at an organization linked with surveillance as well (if it's publicly funded, i.e. by a government, I'd lean into this)
- Though suspect in origin, the amount of time the software has been independent, and with its open codebase, means any backdoors or other nefarious artifacts can be reasonably said not to exist
- An organization linked to an intelligence agency would perhaps be the one to expect to have a secure messaging platform, one could imagine said organization would develop a solution in-house as even with software audits, they may not be certain of any external software which may itself be compromised by an antagonist or have vulnerabilities which they could not control
Some food for thought. I'm not one to jump to conclusions, I think claims require proportional evidence, and obviously my judgement isn't the same as a security researcher or clandestine operator, so settling on what 'appears' to be true without proper investigation isn't something I do.
Thanks for the info though!!
I think super-apps are the way to go, only way to prevent one company from monopolizing click-stream data for advertising.
some apps already do this and their users don't suffer from the same issue (granted, they have different issues)