170

Recently discovered this. Molly supports link with existing device just like on signal desktop. It even has benefit of getting entire chat history unlike signal desktop. Just restore the signal backup file during setup and then click link with existing device. Then scan with you primary phone. Beauty of open source. Molly: https://molly.im/

you are viewing a single comment's thread
view the rest of the comments
[-] jet@hackertalks.com 5 points 1 year ago

The signal source code is open source, it is hard to prove that the servers are running the source code that's published, and we know they have admitted to having source code they don't publish for anti-spam purposes.

But you could take the signal server source code and stand up your own signal servers today.

[-] Dark_Arc@social.packetloss.gg 5 points 1 year ago

it is hard to prove that the servers are running the source code that's published

impossible*

[-] netchami@sh.itjust.works 2 points 1 year ago* (last edited 1 year ago)

The Signal protocol is built in a way where you don't have to trust the server. The servers could be run by the NSA, it wouldn't matter. Especially now that the Signal protocol uses post-quantum cryptography.

[-] zShxck@lemmy.ml 1 points 1 year ago

And how do I tell may client to use only a specific server?

[-] jet@hackertalks.com 3 points 1 year ago

If your going to run a independent signal server cluster, you will also need to modify the client applications to connect to your cluster.

You probably would find the molly developers happy to accept a push request to have some configurable backend selection.

Session demonstrates this is possible.

[-] zShxck@lemmy.ml 3 points 1 year ago

If yo run your signal server does it come with the new quantum E2EE?

[-] jet@hackertalks.com 2 points 1 year ago

Good question, check with the signal github

[-] zShxck@lemmy.ml 2 points 1 year ago

I don't know man, seems to me XMPP is more secure (unless you trust Signal) and simple to use because you have to jump less hoops

[-] jet@hackertalks.com 1 points 1 year ago* (last edited 1 year ago)

By all means, go with the platform you like better!

https://www.privacyguides.org/en/real-time-communication/

Are all perfectly acceptable options

[-] netchami@sh.itjust.works 1 points 1 year ago

AFAIK it's entirely done in the client. The server doesn't perform any encryption/decryption other than TLS.

this post was submitted on 02 Nov 2023
170 points (95.7% liked)

Privacy

32177 readers
618 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS