Like the title states looking for E2EE apps (Android and iOS) without going into much details or needs to be robust enough and easy to use for anyone and stable for operations that are susceptible to constant electronic warfare. I did some research and thought about replacing Signal with Molly and wondering if it will still work if Signal leaves the EU, but am also worried about its updates to patch vulnerabilities in a timely manner. I appreciate the help I am a “Jack of all trades and master of none” when it comes to these types of programs, but am also the go to currently in my unit since I am somewhat knowledgeable about exploits and attacks that can compromise systems would be great if there was an desktop as well (like Signal) and would also be nice if it was FOSS and auditable ( I know that’s kind of redundant ) I know it’s a tall order to ask but figured I would try. I really appreciate the help so much and hope I did things by the rules here and don’t get flamed if this has already been covered ( I searched but my skills with searching the fediverse is low
There are over 200 alternatives to Signal, Open Source and encrypted, out there. The attempt by governments to ban them all seems a little far from reality to me. https://alternativeto.net/category/social/encrypted-chat/?feature=end-to-end-encryption&license=opensource
It depends on what you want. I encourage people to use Jami (distributed, so might be a thing, if not self-hosting your own service, since what is said decentralized in reality is a set of centralized services). If too hard, then XMPP + OMemo. And only then, Matrix (by design it gives up more meta data than XMPP).
Much has been said about the idea of ‘signal leaving UK or EU’. Little has been said about how exactly that would happen.
AFAIK, Signal has no business presence in the UK or EU. IE, no offices, no registered corporate entities. Thus, they (arguably) have no more requirement to comply with UK’s or EU’s regulations than, say, Iran’s or China’s or any other jurisdiction where they do not do business and have no presence.
Signal’s leadership has a record of giving any regional restrictions the middle finger, so I doubt Signal would voluntarily block EU countries. So that means the EU would either pressure Google and Apple to delist Signal (easily worked around, at least on Android, and soon on Apple too as EU is trying to force sideloading) or they’d pressure ISPs to block connections to Signal (more or less impossible).
If EU tried to do that, it’d just create a giant game of whack-a-mole. And people doing real CSAM shit would just move to even more private distributed systems.
expired
The only alternative that’s FOSS and not centrally controlled is Matrix. By being decentralized, anyone can run their own server and good luck stopping that.
There may be 200 other “alternatives”, but they’re irrelevant to the point where I consider then non-existent. Nobody has heard of them. Nobody is using them. Trying to push them on normal people will most likely result in them no longer talking to you as often or at all, and none of the other ones has any chance of reaching a critical mass. Matrix at least has some recognition among nerds and some, tiny amount of adoption outside.
Stop pushing random niche shit, it does privacy a disservice.
Pretty sure signal won’t be forced to do anything:
Encryption plays an essential role in securing communications. The international human rights law test of legality, necessity and proportionality should be applied to any measures that would affect encryption. Both the UN Commissioner for Human Rights[1]and the European Data Protection Supervisor[2]have concluded that the EU’s proposal for a regulation on child sexual abuse material fails this test[3].
this is from May this year, when Spain proposed this. How in the everliving fuck the EU can get away with violating human rights?
So yeah I’ll eat my hat unsalted if this actually will break encryption
If they actually ban E2EE, I’d like to see all banks, for a start, and most web sites, downgrade https to http. See how long the ban will last then.
“I was just following the law!”
I give it a month before either the ECJ steps in or they quietly change the law/interpretation (Article 13/17 says hi)
It’s ok the banks have a “too essential to be punished” card
Well, they don’t need to break encryption, since the scanning of messages is supposed to happen client-side.
And by defenition breaks e2ee. https://en.wikipedia.org/wiki/End-to-end_encryption
Technically not touching your valuable encryption would still be an excuse they’d make, wouldn’t it
Even though it functionally does break encryption
deleted by creator
They want to also check them with ai. Hash alone would be bad. But ai is worse. Ya got/are young looking gf. Well if ya send nudes some cop will most likely see your nudes if chat controll really comes.
Source: the new law proposal
deleted by creator
Here. On page 52, Article 10 3.a
The technologies shall be: (a) effective in detecting the dissemination of known or new child sexual abuse material or the solicitation of children, as applicable;
They are explicitly talking about known or new material. Even though they don’t state the technology, AI is the only possible one (maybe there are more but they WILL have the same issue, ai has)
They also go indepth in a centralized db, where all this shit will be stored, to retrain this model.
Yea it is fucked up.
Yes.
They will check their own images and police themselves lol (actually there will be an extra committee for this so just joking)
I would still use Signal. By ignoring bad laws you are turning the EU government into a laughing stock
You can just continue using Signal. All the alternatives will disappear from the app stores too unless they spy on you.
A recent alternative with even better privacy is SimpleX: https://simplex.chat/
the author has a lemmy community about it too: !simplex@lemmy.ml
https://www.privacyguides.org/en/real-time-communication/
If signal is banned all of these other apps will be banned, but maybe they’ll not enforce it completely
Your best bet is to start using a privacy respecting VPN today, always on on your phone. Like Mullvad
VPNs won’t fix all of your issues. In fact, I don’t think it will do much in this situation
Both are E2EE. Unlike Signal, they also have the benefit of not requiring a phone number, so your account isn’t linked to you that way. In my experience, Session feels more mature, having apps on more platforms and more reliable notifications. However SimpleX has some really nice features, like the ability to have multiple profiles (including hidden profiles).
SimpleX is definetly THE solution. One year from now and it will be truly awesome product!
