• hfond
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    10 months ago

    Don’t use Signal, use Session. A Monero based p2p net

    https://getsession.org/download


    80% of information is in metadata. What we want is to prevent opponents from even knowing that we communicate or what tools and protocolls we use.

    • rottenwheelOPM
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      10 months ago

      Yeah, no. Rather use SimpleX or Threema.

      • hfond
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        edit-2
        10 months ago

        SimpleX:

        users place a degree of trust in servers. This trust decision is very similar to a user’s choice of email provider;

        Threema: trust in servers + creates digital ID + requires Android 5.0

        • alphonse
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          10 months ago

          please explain how session is different, because from my limited understanding, if you want to contact someone you need some kind of reference or ‘ID’

          why also do you differentiate ‘trust in servers’ from what you do in session?

          to me, you’re using a bunch of buzz words and phrases that have no real technical grounding. if i’m wrong please elaborate

          if you’re going to promote a service you should be offering up that information freely, otherwise no one will take you seriously. DYOR doesnt work in this scenario because its your initiative. this is aimed at you and @[email protected]

          • hfond
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            edit-2
            10 months ago

            Sure. First I’m not promoting any project. Test and play and report your findings.

            if you want to contact someone you need some kind of reference or ‘ID’

            Thats the general problem of key exchange, unavoidable. You have to meet in person or establish trust any other way. Snail mail, key signin, etc. A good protocoll lets you create as many ID’s as you wish and doesn’t tie that to your phone or google ID. Like SimpleX supports GrapheneOS and linux.

            why also do you differentiate ‘trust in servers’ from what you do in session?

            Trust is not a dirty word. I do trust SimpleX servers, for example, say 75% and trust is needed in any case, whatever you do. You, for example don’t trust me blindly. Thats good.

            Session is different, incentivized not by FIAT and the p2p net is not run by the developers but 1959 miners. Latest whitepaper states it is PoW with a PoS overlay. I would say less than 100 peers should not be called a p2p network, not resilient enough. P2P is superior because metadata analysis is harder for an attacker. Particl’s secure messaging protocoll is another good example. Using RingCT is the key here.

            I offered my time and had a quick look at the code. Almost all of the crypto code is 1:1 from monero-core. That convinced me. I also like the idea to monitor the health of the network using a blockexplorer


            TL;DR You can use the same tech as Monero not to send money, but also to send messages.


            • alphonse
              link
              fedilink
              English
              arrow-up
              3
              ·
              10 months ago

              Don’t use Signal, use Session

              If you dont mean to promote one project over another, then i would suggest being more careful with what you write.

              Thanks for the brief elaboration

              • hfond
                link
                fedilink
                English
                arrow-up
                1
                ·
                10 months ago

                Looks like it. The 2000 staking nodes are maintaining a tor/i2p network with secure messaging built-in. That seems to be the idea. (if the whitepaper still holds) Thats is too bad.