this post was submitted on 16 Mar 2026
13 points (100.0% liked)

Opensource

5784 readers
63 users here now

A community for discussion about open source software! Ask questions, share knowledge, share news, or post interesting stuff related to it!

CreditsIcon base by Lorc under CC BY 3.0 with modifications to add a gradient


founded 2 years ago
MODERATORS
pylapp@programming.dev
13
Session and SimpleX – encrypted messenger comparison (freedomnode.com)
submitted 1 week ago by tatoko556@reddthat.com to c/opensource@programming.dev
2 comments fedilink hide all child comments
top 2 comments
sorted by: hot top controversial new old
[–] onlinepersona@programming.dev 1 points 4 days ago

Paradoxically, if you want to start a conversation with someone you can't meet in person, you have to use another communication tool to forward/receive a QR invitation to open a new chat. And this is the same flaw that Session has.

This is the problem all messengers have that do not use some external ID like email or phone numbers. You first have to communicate over another channel to get started on that new app, unless of course you are physically present. Most people will do that over an insecure channel thus linking them to the account.

So much for "better privacy".

[–] refalo@programming.dev 3 points 1 week ago* (last edited 1 week ago)

I wouldn't blanket call the removal of PFS a "failure" as they put it... it does make the protocol much simpler (and hence easier to understand/audit as well) and it's not always a necessity for every single person's threat model... which is an important phrase the article doesn't even mention.

IMO arguing about security or privacy without both people first defining their threat models... is like claiming apples are objectively better than bananas in every way.