So, I was told to not use Signal, so all that is left is Matrix. And I am not techy enough to have my own server and neither are my relatives, so Matrix.org is the only option
So, I was told to not use Signal, so all that is left is Matrix. And I am not techy enough to have my own server and neither are my relatives, so Matrix.org is the only option
OMEMO is a mixed bag. Some clients are still preferring older versions that aren’t the best for security & almost every client does a bad job explaining that new keys are being used need to be verified… Gajim only recently gave a decent in-client pop-up for it, but it’s doesn’t work all the time. That said, this is basically the same issue Matrix has in the space. Both are based on
libsignalif not outright using it, except Signal gets a point of privilege in basically having just one client …one that must be on Android/iOS according to their statements… so they can do a ‘better’ job managing who, what, & how many keys are being used. Many XMPP clients will recommend blind trust by default just because it can be a real hassle to deal with multiple clients & users coming back to less-often-used devices. There have been proposals to fix it, but I haven’t seen anything really take off (meanwhile considering just using the PGP encryption option as less flaky).Yeah, I agree it has some issues. Personally was fine verifying keys tho - either in-person or wherever I met them (usually IRC).
And yeah, the insistence on mobile in Signal bugs me a lot - a desktop is A LOT easier to make private (Linux runs on damn everything) while most phones won’t allow making them not spy due to locked bootloader.
I am just thankful so far that Signal has let WhisperFish exist as an alternative—even if it goes against what they say—which gives me an alternative to the Android/iOS duopoly.