Notices by SimpleX Chat (simplex@mastodon.social)

If the law is passed, two options are possible:
- we might need to stop offering preset servers to the EU users.
- we will not need to change anything - this is the most likely outcome.

Our operations are always consistent with our Privacy Policy (https://simplex.chat/privacy), and we would rather shut down than do anything that contradicts this agreement with our users. (2/2)

Our users asked many questions about Chat Control, as discussions were restarted in the EU this week.

SimpleX Chat is an open-source app where users control the code and the servers they use.

Therefore it is impossible to implement any client-side scanning, and it will not happen. (1/2)

Join & create SimpleX groups!

The directory can now be viewed on our website: https://new-site.simplex.im/directory

Livestream on X, February 11, 5pm UTC, 9am PT

SimpleX network: Power to the People!

Evgeny and Dan Keller (co-founder of Flux) will talk about:

- extreme decentralisation,
- Flux servers in the apps,
- future commercial model,
- large content channels,
- moderation & freedom of speech.

Join us at https://x.com/SimpleXChat

1. Main reasons why the app isn't recommended: Provide a transparency report

It is available online and updated at least quarterly, or if anything changes: https://simplex.chat/transparency/

3. Cryptographic primitives: Curve25519 / XSalsa20 256 / Poly1305 (downgraded for the absence of PQ encryption).

We added PQ encryption in March this year: https://simplex.chat/blog/20240314-simplex-chat-v5-6-quantum-resistance-signal-double-ratchet-algorithm.html

This is done in the same way as Apple describes as PQ3 here: https://security.apple.com/blog/imessage-pq3/

2. Company jurisdiction: UK

We disagree that there are any jurisdictions that are particularly good for privacy. Also, this might be important for centralised services, like Threema, where the users can't host servers, and much less important for decentralized network, such as SimpleX, where there are hundreds (if not thousands) of servers that we don't control.

5. Does the company log timestamps/IP addresses? Yes

This is incorrect, we never logged IP addresses and access timestamps of the users.

Further, the private message routing that is now enabled by default for all users prevents such logging by any 3rd party servers with modified code:

https://simplex.chat/blog/20240604-simplex-chat-v5.8-private-message-routing-chat-themes.html

4. Directory service could be modified to enable a MITM attack? Yes

This is incorrect, as there is no user directory service, and MITM by relays is not possible by design, even without optional security code verification (that exists to mitigate MITM by the channel you used to pass one-time invitation link, e.g. email).

Thanks to our users who highlighted these inaccuracies to us!

6. Is the design well documented? Somewhat

The design documentation was reviewed in preparation for design security audit - report is about to be published.

https://www.securemessagingapps.com is the great comparison of messaging apps, but there are several incorrect statements about SimpleX Chat.

Commenting in the thread below!

Protecting children's safety requires privacy and end-to-end encryption:

https://simplex.chat/blog/20240601-protecting-children-safety-requires-e2e-encryption.html

Proposed "upload moderation" would fuel the very problem it aims to solve, undermining rather than protecting children's safety.

#safety #privacy #encryption

SimpleX Chat: Real privacy via stable profits and non-profit protocol governance.

See the post about v5.6 release with quantum resistant end-to-end encryption and also how SimpleX network will deliver real privacy via a profitable business and non-profit protocol governance:

https://simplex.chat/blog/20240323-simplex-network-privacy-non-profit-v5-6-quantum-resistant-e2e-encryption-simple-migration.html

Esra'a Al Shafei (@alshafei) has just joined SimpleX Chat team to help us deliver these goals - welcome!

#privacy #security