Chris Ely @ tcely @fosstodon.org

IT enthusiast. TV addict. A systems admin / tinkerer, who is also curious a

---

Read more

Posts

0

Comments

42

Joined

5 yr. ago

For Signal, they will know when and how often you receive Signal messages.

Notifications are used to "activate" the app on your device. Then it will connect to Signal servers and download the encrypted messages.

After the software on your device decrypted the message, then it has the sender details and message content.

There are settings to control how much of that information is used when creating the local notification. Because other apps might log notifications.

@jackalope
@L4s

That's terrifying for showing how little he understands about the problem he is attempting to solve.

Humans use up to four senses at times to accomplish the task of driving.

@mosiacmango
@cm0002

I take it you weren't aware that Google Wave was based on XMPP.

https://www.networkworld.com/article/757722/opensource-subnet-nine-new-apps-that-show-off-the-power-of-google-wave.html

@onlinepersona

How do they manage to make the same messages appear on multiple devices?

For a long time, they didn't.

I don't know for sure, but I expect it involves keys that multiple devices share. Any "linked" device would be able to download the encrypted copy and decrypt the message that way. Once any device has done that, it can send a copy to any other devices using the unique keys it knows for that device.

This link describes independent queues for devices: https://support.signal.org/hc/en-us/articles/5532268300186-Disappearing-Messages-with-a-Linked-Device

@MacNCheezus

Signal stores all your messages and media as well, the difference is they encrypt it on their servers.

What evidence do you have to support this claim?

The last time I looked into this, messages and media were only stored encrypted on servers until they were retrieved or expired.

After that, the local device is where things are stored.

@MacNCheezus

This is a good video explaining things, for anyone who doesn't know about the situation Apple created.

https://youtube.com/watch?v=BuaKzm7Kq9Q

Alternative 🔗:
https://yewtu.be/watch?v=BuaKzm7Kq9Q
https://piped.video/watch?v=BuaKzm7Kq9Q

@helenslunch
@gregorum

Eventually, the list of things Samsung doesn't make is going to be shorter.

@Reverendender

Why don't you ask the Matrix team why they decided to re-invent XMPP and add a stupid HTTP API?

@onlinepersona
@netchami

Don't negotiate with or give in to terrorists!

@ohlaph

It's both amazing and annoying that Google is perfectly able to create useful apps for iOS (despite the huge limitations the OS imposes) but Apple can't figure out how to make any Android app that isn't utter crap with fewer restrictions imposed on them.

@d3Xt3r
@hesusingthespiritbomb

Installing from F-Droid prevents sales like this from causing silent "upgrades" to advertising-infested versions.

@kpw

Done.

https://github.com/signalapp/Signal-Server

@MonkderZweite

There were two SMS mistakes by Signal:

1. https://signal.org/blog/goodbye-encrypted-sms/
2. https://signal.org/blog/sms-removal-android/

@MonkderZweite
@z0rg0n

Try out any of these:

Session @session
SimpleX @simplex
Threema @threemaapp

They all don't require a phone number, which makes them immediately better than Signal, for devices that don't have a SIM.

@rustyriffs
@utamtam

Here are the links to the documentation for these standards:

MLS - https://datatracker.ietf.org/wg/mls/documents/

Signal Protocol - https://www.signal.org/docs/

RCS - https://www.gsma.com/futurenetworks/rcs/universal-profile/ & https://www.gsma.com/futurenetworks/resources/rcs-up-2-4-uni/

@skullgiver

Accessing the keys from the server isn't really a mystery or hidden. It's technically possible for Apple to write software to query servers run by Google as well as any servers they created for themselves.

You don't need implementation source code when you have open standards already.

WhatsApp actually used Signal's development team to rollout the Signal protocol for them, but that app is still untrustworthy.

@skullgiver

What kind of openness are you hoping for? Google has built their solution with a bunch of already open pieces.

RCS + Signal protocol + MLS

https://www.androidauthority.com/google-messages-mls-3346918/

https://www.theverge.com/2023/7/20/23801536/google-messages-app-mls-support-announce

@Ghostalmedia

I would argue that bad experiences aren’t due to trains but due to poor investment and management.

I agree. I used trains to get to school as a commuter.

Nothing makes a train more unusable than not knowing when it will arrive at the destination (it was sometimes hours late) or if it will show up at all (the schedule was constantly changing, and some trains would just be cancelled when equipment was broken).

@luthis @scarabic

Google and Samsung were the only apps to implement RCS (and the infrastructure to support the app) so far.

Nothing Google has done prevents any other organizations that want to invest the time and money from also implementing the standard.

https://www.gsma.com/futurenetworks/rcs/universal-profile/

Apple, on the other hand, doesn't allow iMessage apps or servers that they didn't create themselves. Or even an SMS/RCS app on their devices.

@NENathaniel

RCS has always been an open standard.

Only Google has done the work to implement it for billions of devices, so far.

That has never prevented Apple from also implementing the standard on their devices.

https://www.gsma.com/futurenetworks/rcs/universal-profile/

@13617 @Corgana