1. Main reasons why the app isn't recommended: Provide a transparency report
It is available online and updated at least quarterly, or if anything changes: https://simplex.chat/transparency/
Notices by SimpleX Chat (simplex@mastodon.social)
-
Embed this notice
SimpleX Chat (simplex@mastodon.social)'s status on Sunday, 25-Aug-2024 01:06:58 JST 
SimpleX Chat
-
Embed this notice
SimpleX Chat (simplex@mastodon.social)'s status on Sunday, 25-Aug-2024 01:06:57 JST
SimpleX Chat
3. Cryptographic primitives: Curve25519 / XSalsa20 256 / Poly1305 (downgraded for the absence of PQ encryption).
We added PQ encryption in March this year: https://simplex.chat/blog/20240314-simplex-chat-v5-6-quantum-resistance-signal-double-ratchet-algorithm.html
This is done in the same way as Apple describes as PQ3 here: https://security.apple.com/blog/imessage-pq3/
-
Embed this notice
SimpleX Chat (simplex@mastodon.social)'s status on Sunday, 25-Aug-2024 01:06:57 JST
SimpleX Chat
2. Company jurisdiction: UK
We disagree that there are any jurisdictions that are particularly good for privacy. Also, this might be important for centralised services, like Threema, where the users can't host servers, and much less important for decentralized network, such as SimpleX, where there are hundreds (if not thousands) of servers that we don't control.
-
Embed this notice
SimpleX Chat (simplex@mastodon.social)'s status on Sunday, 25-Aug-2024 01:06:56 JST
SimpleX Chat
5. Does the company log timestamps/IP addresses? Yes
This is incorrect, we never logged IP addresses and access timestamps of the users.
Further, the private message routing that is now enabled by default for all users prevents such logging by any 3rd party servers with modified code:
https://simplex.chat/blog/20240604-simplex-chat-v5.8-private-message-routing-chat-themes.html
-
Embed this notice
SimpleX Chat (simplex@mastodon.social)'s status on Sunday, 25-Aug-2024 01:06:56 JST
SimpleX Chat
4. Directory service could be modified to enable a MITM attack? Yes
This is incorrect, as there is no user directory service, and MITM by relays is not possible by design, even without optional security code verification (that exists to mitigate MITM by the channel you used to pass one-time invitation link, e.g. email).
-
Embed this notice
SimpleX Chat (simplex@mastodon.social)'s status on Sunday, 25-Aug-2024 01:06:55 JST
SimpleX Chat
Thanks to our users who highlighted these inaccuracies to us!
-
Embed this notice
SimpleX Chat (simplex@mastodon.social)'s status on Sunday, 25-Aug-2024 01:06:55 JST
SimpleX Chat
6. Is the design well documented? Somewhat
The design documentation was reviewed in preparation for design security audit - report is about to be published.
-
Embed this notice
SimpleX Chat (simplex@mastodon.social)'s status on Sunday, 25-Aug-2024 01:01:49 JST
SimpleX Chat
https://www.securemessagingapps.com is the great comparison of messaging apps, but there are several incorrect statements about SimpleX Chat.
Commenting in the thread below!
-
Embed this notice
SimpleX Chat (simplex@mastodon.social)'s status on Sunday, 02-Jun-2024 17:57:28 JST
SimpleX Chat
Protecting children's safety requires privacy and end-to-end encryption:
https://simplex.chat/blog/20240601-protecting-children-safety-requires-e2e-encryption.html
Proposed "upload moderation" would fuel the very problem it aims to solve, undermining rather than protecting children's safety.
-
Embed this notice
SimpleX Chat (simplex@mastodon.social)'s status on Sunday, 24-Mar-2024 07:56:05 JST
SimpleX Chat
SimpleX Chat: Real privacy via stable profits and non-profit protocol governance.
See the post about v5.6 release with quantum resistant end-to-end encryption and also how SimpleX network will deliver real privacy via a profitable business and non-profit protocol governance:
Esra'a Al Shafei (@alshafei) has just joined SimpleX Chat team to help us deliver these goals - welcome!
All GNU social JP content and data are available under the