Molly
molly.im
Molly is an independent Signal fork for Android.
    • OtterEnglish
      158 months ago

      Yep

      The one useful feature here might be automatic backups. Losing chat data is the biggest downside for the friends who didn’t like signal. It’s not worth the risk for them.

      I have automatic backups set up with foldersync, and it works pretty well but feels janky to set up. I also have to periodically clear the files from my Google Drive trash folder else it eats up my storage.

    • Possibly linuxOPEnglish
      -318 months ago

      Well signal is full of proprietary software even though its core is Foss. That’s why molly doesn’t support absolutely proprietary operating systems

      • アルケミー船長English
        168 months ago

        Signal on the Google play store isn’t FOSS but it facilitates the delivery of notifications to the user. The protocol itself is open source and notifications are handled securely even with Google play services on the phone. If you want a FOSS version, use the APK on their website, it has an auto updater.

        • Possibly linuxOPEnglish
          -58 months ago

          I use molly because it has a F-droid repo and is more trustworthy in my mind

          • @jack@monero.town
            158 months ago

            Sorry, but an external repo added to F-Droid does nothing for your security. Even proprietary garbage can be on F-Droid as an added repo.

      • newIdentity
        158 months ago

        Molly doesn’t really remove the proprietary Google parts unless you download the FOSS version

        It simply isn’t for iOS, because they didn’t develop a version for iOS

      • @cjf@feddit.ukEnglish
        38 months ago

        The one anti-spam module in the server code and… what else is proprietary?

        FCM? The thing they need to give android users (with Google play services installed) notifications?

        • @baseless_discourse@mander.xyz
          18 months ago

          They have a websocket built in. So they dont really need FCM even on phone with GPlay.

          The websocket is fairly energy efficient, and much more reliable than FCM, in my experience.

          • @Carter@feddit.ukEnglish
            28 months ago

            It definitely isn’t energy efficient. I installed Signal as an SMS app out of curiosity when I first degoogled but the battery drain was insanely high and the highest of all my apps.

    • アルケミー船長English
      398 months ago

      I don’t see an issue as signal is designed not to trust the server. Signal also uses sealed sender and Perfect Forward Secrecy, which is something almost all e2ee messengers lack. What it means in practice is signal leaks very little if any metadata, if you leak metadata you give away details about who your talking to and for how long, etc. Examples might include talking with a suicide hotline, or a doctor, maybe a customer service agent at a company and for how long. Those details will give a lot away about you, even if the messages or calls themselves are encrypted. Matrix is not recommended for communication because it fails to properly hide metadata and actively trusts the servers. When you make a call on signal, as long as both users have “Always Relay Calls” set to disabled, your calls will be peer to peer instead of trusting a central server to facilitate the connection and trusting a middle man. What this means is since the connection is peer to peer you can leak your IP address to the user you’re talking to, however a VPN fixes this issue.

      • @u_tamtam@programming.dev
        148 months ago

        Thanks for taking the time to reply. There are multiple issues with centralization.

        • A prime one is that the entity that you (have no choice but to) trust today will eventually turn against you at some point down the road. In the case of Signal, the writing is on the wall already: using a 3rd party client is against Signal’s ToS, and Signal has been seen pushing controversial features like crypto payments that, as a user of their captive ecosystem, you have no choice but to engage with.

        • Signal is an entity that’s incorporated in a jurisdiction and might be compelled by law not to provide service for certain users, or to degrade its encryption to comply with the local regulator. Using a centralized service like Signal makes you an easily identifiable/prime target in such a scenario.

        • No matter what Signal says, nobody but themselves can verify what code runs on their servers, and what amount of logging/data processing goes there. Because every account checks in through them, because every message is routed through them, there is no technical barrier to knowing who’s who, who’s talking to whom and when, with the nature of the communication (text, video, image, …) from which a lot can be inferred. As far as I understand the American law, any agency could tap into that, either directly, or via Amazon on which the whole thing is running. I am not paranoid enough to believe that 3 letter agencies belong to one’s typical threat model, but with SGX contact discovery from phone number and sealed senders, Signal kindah panders to those? Either way, those are unverifiable mitigations to problems that decentralized systems do not have.

        I could go on and on, but the first one is the main one IMO: we are past the need to trust anybody with our instant messaging and put a fundamental aspect of our lives at the mercy of (geo)political and societal woes. That’s practically a solved problem in the opensource world, and we can make it ethical and sustainable by just opting out of the dominative model of monopolistic and centralized systems.

        • アルケミー船長English
          58 months ago

          A prime one is that the entity that you (have no choice but to) trust today will eventually turn against you at some point down the road.

          • How does that change with federation, you always trust someone. Why should I trust the shady person running software on their basement, even if you self host, you are trusting the developers not to ship bad or poorly written code.

          using a 3rd party client is against Signal’s ToS

          As far as it being against signals tos, molly exists and had not received any problems from the signal foundation to my knowledge, discord has the same clause and they don’t seem to give a rats ass. Sure they could enforce it but they don’t, and personally with how matrix clients are handled they have mixed security, fluffychat has security issues ranging from outdated SDK versions to quite literally ddosing homeservers because of a non-existent rate limit.

          pushing controversial features like crypto payments

          The crypto stuff wasn’t great but you know what’s cool? You don’t have to use it. Simple as that. You don’t have to engage with it and you and I both know that. It’s buried in settings and you have to find it yourself.

          Signal is an entity that’s incorporated in a jurisdiction and might be compelled by law or to degrade its encryption to comply with the local regulator.

          • I’ve always used integrity as a metric as to how trustworthy a service is, and in terms of signals e2ee, they’ve never lied about it, it’s been proven in court multiple times not having any data on their users, no government can compel anyone or any company for things they don’t have. Signal had everything to lose by lying about their encryption and nothing to gain, so why would they? Why would any company take a huge chance at a death blow just because? Signal is a non profit so they don’t have any incentive to degrade it, they would be dead tomorrow if they got caught.

          Using a centralized service like Signal makes you an easily identifiable/prime target in such a scenario.

          Signal is not an anonymity tool, and has never been advertised as such, if you need anonymity, signal is not a good choice. You can make it more anonymous by using a burner phone but that’s a different topic.

          No matter what Signal says, nobody but themselves can verify what code runs on their servers

          • You can’t really confirm what any software can or cannot do, even if it runs on your system. Open source software is bound to the same principals of code, it will do exactly what you tell it to do, even if it is not intended (a 0-day, bug, etc.). Thousands of people constantly are monitoring the Linux kernel and it is still found to have tons of 0 days baked in due to it running a fuck ton on ring zero. You can’t just inspect code and know exactly what it’s doing, unless it’s a hello world program it gets quite complicated. Verified safety numbers also make sure that no man-in-the-middle attacks can take place, making conversations even more trustworthy and still not trusting any server.

          As far as I understand the American law, any agency could tap into that, either directly, or via Amazon on which the whole thing is running.

          If everything is encrypted, what could Amazon tap? You do realize sealed sender and PFS take away any trust from the server correct? It’s all encrypted, your aren’t trusting the server at all, it’s completely trust-less, and unless you think Amazon or governments can at this very moment tap any encrypted data and decrypt it, I would recommend taking a walk outside and realize that no one, NO ONE can decrypt current encrypted standards.

          Unless you can point me to a reputable article showing in great detail that signal is lying about their e2ee claims then I’ll rest my case. Signal has been proven time and time again to not have any data on their users except the minimum required for the service to work, that’s called integrity.

          Also there will always be someone you trust on the internet, nothing will change that unless we completely rethink how the internet works.

          Edit: added quotes Edit 2: added extra info

          • @u_tamtam@programming.dev
            38 months ago

            A prime one is that the entity that you (have no choice but to) trust today will eventually turn against you at some point down the road.

            How does that change with federation, you always trust someone. Why should I trust the shady person running software on their basement, even if you self host, you are trusting the developers not to ship bad or poorly written code.

            Federation is different in that:

            • you can chose amongst a very diverse pool of providers, including local ones that you actually have a chance to meet in person, those with shared ideals that enable long-lasting/mutually-beneficial relationships, some operating truly in the open and enabling a just and provable retribution for the offered service (i.e. “you are not the product”), etc

            • you can be your own provider, and with “turnkey” self-hosting options like https://snikket.org/ , it’s never been easier to do it safely at small/medium scale, and cheaply (e.g. for a family/neighbourhood/association on a shared instance/RPi/…)

            • choosing a provider never cuts you off from the rest of the network: you are not tied to anyone, and you can migrate with no drama nor loss of contacts/histories/data like is the case when the captive networks “flavour of the year” inevitably shut down.

            using a 3rd party client is against Signal’s ToS

            As far as it being against signals tos, molly exists and had not received any problems from the signal foundation to my knowledge, discord has the same clause and they don’t seem to give a rats ass.

            You must be new on the internet to believe that this is a sustainable state of affairs. Google was letting you use GApps for free until it didn’t. Reddit used to be mostly usable and ads/clutter-free until it wasn’t. Recently Unity pulled a weird one against their users and customers for a quick buck. Examples are plenty, and more recently people have referred to this as “enshittification” or “the tyranny of the marginal user”. Such monopolistic networks are particularly prone to that phenomenon, by design. Personally I don’t want to live under the constant threat of a single entity potentially changing its mind/ToS, and I certainly don’t want to drag my family, friends and peers into the gamble.

            pushing controversial features like crypto payments

            The crypto stuff wasn’t great but you know what’s cool? You don’t have to use it. Simple as that. You don’t have to engage with it and you and I both know that. It’s buried in settings and you have to find it yourself.

            fair but you missed the point: Signal already controls and enforce this aspect of your user experience, which only benefits themselves, in spite of the significant backlash. Sure you can feign blindness, but what’s next and what recourse will you have ?

            Signal is an entity that’s incorporated in a jurisdiction and might be compelled by law or to degrade its encryption to comply with the local regulator.

            I’ve always used integrity as a metric as to how trustworthy a service is, and in terms of signals e2ee, they’ve never lied about it, it’s been proven in court multiple times not having any data on their users, no government can compel anyone or any company for things they don’t have.

            Integrity has nothing to do with that, Signal can absolutely be forced by law to suspend its service in some countries (e.g. to implement sanctions) and whole regions can disappear from the network overnight. In terms of resiliency, that’s pretty much how email (federated) just works from anywhere, but things like WhatsApp are blocked in e.g. China or allowed to work without E2EE (e.g. in some Gulf countries).

            You can’t really confirm what any software can or cannot do

            Sure, but you missed my point, in case of sealed senders and contacts discovery, we are not talking about zero-knowledge/E2EE but about Signal basically saying “trust us, bro, we ain’t looking at it” which can’t be proven one way or the other.

            If everything is encrypted, what could Amazon tap? You do realize sealed sender and PFS take away any trust from the server correct?

            I’m not sure that you understand what’s really going on. All your messages are routed through Signal. You can absolutely infer who’s talking to whom with enough frames by just matching packets popping out of X and being received by Y. Encryption plays no role in that because this takes place at a lower level. At least some protocols like XMPP let you host services entirely on Tor or to even skip the central server.

        • @upperleft
          28 months ago

          with the nature of the communication (text, video, image, …) from which a lot can be inferred

          If the messages are E2EE, the server wouldn’t have access to this information.

      • @federico3English
        38 months ago

        signal is designed not to trust the server

        Unfortunately this is not enough. A malicious Signal server can mount a timing correlation attack and infer the social graph of an user. Having a centralized server makes it more difficult to mitigate such risk.

      • @Chobbes@lemmy.world
        18 months ago

        Relying on a centralized service can still be problematic. If nothing else it’s a central point of failure, even if you don’t have any particular privacy concerns due to the usage of end-to-end encryption. Signal also relies on Intel SGX for some of their privacy features on the server, which is somewhat dubious. AFAIK this is currently mostly used for contact discovery, which would otherwise be an even worse situation, but it has seemed in the past like they were interested in expanding this, though maybe that’s just all speculation. Regardless, my main concern with signal being centralized is that you have a lot less control over your chat. Signal can change on a moments notice and it’s all just gone.

    • @gibson@sopuli.xyz
      318 months ago

      Yes and no. decentralization is great for a lot of reasons but it does come with downsides. I don’t know about you, but i convinced my family and friends to use and keep Signal for years now and i don’t think i would have had such luck with Matrix/Element, let alone a p2p app.

      I’m glad decentralized options exist and think they deserve more funding and love, however.

      • @u_tamtam@programming.dev
        38 months ago

        I managed to convince my family to use XMPP. Since about 2015. It’s been great, and apparently is getting better since more are joining :)

      • @philpo@feddit.de
        18 months ago

        Just as a side note: You can easily use Matrix with a signal bridge if you selfhost (or use Beeper, which is Matrix with central bridge management)

      • @jack@monero.town
        178 months ago

        He is dodgy af. Doesn’t want any Signal forks (Molly being the only one tolerated) and won’t let them connect to the server. That’s why the open source version LibreSignal was shut down. He also doesn’t want Signal to be on F-Droid, a store which only allows 100% free/open source software.

        Take everything coming out of his mouth with a grain of salt.

        • Oliver Lowe
          48 months ago

          Totally agreed the project’s actions against the community are shit. From a LibreSignal issue:

          I understand that federation and defined protocols that third parties can develop clients for are great and important ideas, but unfortunately they no longer have a place in the modern world.

          This sounds like a jaded, cynical individual. It’s hilarious, sad, probably even delusional. How do they think the Internet and their operating systems work in this “modern world”? Magic fairy dust? It’s difficult, thankless work put in by loads of people around the world despite enormous commercial pressure to do otherwise. Over decades. I respect Signal’s work, but it’s boneheaded attitudes like moxie’s which impede progress, especially for the younger generations.

      • @EngineerGaming@feddit.nlEnglish
        28 months ago

        “It’s what Slack did with IRC, what Facebook did with email, and what WhatsApp has done with XMPP”. Doesn’t he also notice a certain thing in common? Y’know, that they turned hostile?

        • Oliver Lowe
          38 months ago

          For sure he notices; the author runs their own email server and founded a direct competitor to WhatsApp. The author is making the point that what each of those have done - build proprietary software around federated protocols - is a financially lucrative business model. I’m sad to agree.

          FWIW my opinion is that Signal’s actions against these clients is petty and just shit. Thankfully, elsewhere we can see things happening differently: the interaction between Tailscale, Headscale and Wireguard gives me hope. Sourcehut is a cool project too.

    • Possibly linuxOPEnglish
      18 months ago

      You got me there. There aren’t a lot of alternatives that have the same stability

    • 👁️👄👁️English
      -18 months ago

      That’s what Session is

      Which is actually on fdroid, unlike Signal who explicitly refuses to support degoogled ecosystems

      • @chockblock@lemmy.world
        08 months ago

        You can download the APK from their website and it auto updates itself. It fetches notifications without Google required.

            • @version_unsorted
              28 months ago

              The point is that the community asked multiple times and they only started allowing apk downloads so people would stop asking. The signal project is open source for auditing purposes only, they have voiced their lament of forks and threatened to ban/block anyone not using an official client and refuse to make it easy to install through a package manager of the user’s choosing. The version without Google cloud messaging has unreliable message delivery, even though there is unifiedpush as a standard that would allow people to register with any push notification service.

        • Forbo
          38 months ago

          Is there some signing in place to ensure it’s not a malicious repo? I don’t really trust unofficial F-Droid repos.

          • @Oddbin@lemmy.world
            28 months ago

            Unfortunately not. I’m trusting others who know better but if you want trusted as best as it can be you’re stuck with the play store sadly.

            • Forbo
              28 months ago

              If I remember correctly F-Droid supports reproducible builds, but it’s a matter of the app developer supporting them. So there is light at the end of the tunnel, we’re just not there yet.

  • @jet@hackertalks.comEnglish
    498 months ago

    Yes. You’re right. When you make a post you probably should give a body to it rather than just a link to a project. Why do you think it’s a better signal? Otherwise people aren’t going to find it super useful

    • Possibly linuxOPEnglish
      -378 months ago

      It has a F-droid repo and has a completely foss option.

      I just assuming people would click the link

      • @sfgifz@lemmy.world
        678 months ago

        You just posted a link to some app most people don’t know about a “better Signal” , with no explanation of why. That’s classic spammy vibes.

      • @jet@hackertalks.comEnglish
        148 months ago

        Most people are not going to click the link, they might click in to see what you’re talking about, but you just link to something else, so most people are just going to charitably just go away.

      • アルケミー船長English
        38 months ago

        I wouldn’t recommend using fdroid due to security concerns. When you download a fdroid so it is signed by fdroid instead of the developer, what this means it’s if fdroid gets hacked all your fdroid apps are insecure and can receive malicious updates. You also trust fdroid as another party in the chain, when in reality you should remove as many parties as possible. They also tend to host outdated apps with no updates in years. Use obtainium as it will pull directly from the developers GitHub page and will be signed by the developer instead.

        • Possibly linuxOPEnglish
          -38 months ago

          What happens if the developer starts shipping anti features though? F-droid adds a layer of protection and verification. F-droid also allows you to find apps quickly.

          • アルケミー船長English
            58 months ago

            Wdym anti features? The only thing fdroid does is take the developer APK, sign it themselves and release it. If any anti features exist (I assume you’re talking about the anti features tab in the fdroid app) it won’t make any difference where you obtain it as fdroid doesn’t do code checks. They only check to make sure it’s under a open source licence. Fdroid adds no protection to any apps and you trust them to ship clean packages. If you get packages from the developer and they sign it and it happens to be malicious it’s only one app instead of all your apps you have from fdroid. You trust them a lot and I’d recommend reading this if anyone is interested. https://privsec.dev/posts/android/f-droid-security-issues/

            • Possibly linuxOPEnglish
              -48 months ago

              F-droid rejects any code that doesn’t respect you basic freedom.

              • アルケミー船長English
                38 months ago

                Freedom from what? Good security practices? Open source does not equal security nor freedom. You’re pedaling digital politics instead of fact based privacy and security. Trust me I’d love my apps to be open source but ignoring blatant security issues is going to put someone at risk. You can’t have privacy without security and vice versa.

                edit: like I mentioned previously, use obtainium and you can still use open source software

  • @AllNewTypeFace@leminal.spaceEnglish
    258 months ago

    Now if someone could make a desktop app (perhaps using Qt or some similar cross-platform toolkit) that isn’t Electron bloatware, for all the people who don’t have a few spare CPU cores and gigabytes of RAM to spend on a messaging client.

    • 10EXPEnglish
      48 months ago

      There’s Flare, a Signal client written in GTK4. It still has some features missing iirc, check their wiki for that.

    • N-E-N
      18 months ago

      Is Signal known for being resource hungry? I’ve never noticed tbh

  • 𝕸𝖔𝖘𝖘English
    228 months ago

    I don’t understand. What makes Molly more trustworthy than Signal, if they both use the same central sever? The website doesn’t really provide much data.

    • Possibly linuxOPEnglish
      118 months ago

      It has a completely Foss option and reenables pin codes

      It also has a F-droid repo which makes it much easier for me to use

      • 𝕸𝖔𝖘𝖘English
        58 months ago

        How does that work, though? It’s the same servers and protocols, right? So it would verify with an sms. Or is Molly not compatible with Signal (Molly users talking with Signal users), and I’m just completely misunderstanding the statement of being a hardened Signal?

        • @couragethebravedog
          58 months ago

          I had mistaken molly for a different signal fork. Molly just uses an encrypted local db that doesn’t rely solely on the OS encryption method.

          • 𝕸𝖔𝖘𝖘English
            78 months ago

            Ok, so besides being mostly FOSS (Molly) or all FOSS (Molly-FOSS), the only difference, is that Molly encrypts your db on top of the laughably easy to decrypt Signal db encryption and OS encryption? Wouldn’t that make push notifications impossible, though?

            • Free Palestine 🇵🇸
              28 months ago

              You get notifications but you don’t see the sender of the message or the content. At least I haven’t found an option to enable that.

  • Lettuce eat lettuce
    188 months ago

    I’ve been using Molly on my GrapheneOS phone for about a year. It’s been pretty great so far.

    • Sha'ul
      118 months ago

      Molly on Graphene is the only way to live.

        • Sha'ul
          48 months ago

          I have been fulltime Molly on Graphene for over a year and a half, zero glitches or issues.

    • Em AdespotonEnglish
      108 months ago

      Does it allow you to exchange messages with people on non-FOSS OSes?

      • Lettuce eat lettuce
        218 months ago

        Yeah, I message one of my friends who has stock Android and stock Signal.

    • @trippingonthewire
      18 months ago

      I used to be addicted to Signal on Stock Android, but I’ve been sober for over a year using Molly on GOS.

  • @Decentralizr@lemmy.world
    98 months ago

    This is actually more than welcome. I never understood why you could have your signal on your phone and ipad, but not on two phones. Applaud molly to do so!

    • アルケミー船長English
      138 months ago

      Molly is only available on Android, as far as differences it is a hardened fork of signal with an encrypted database, what that means in practice is even if someone was actively probing your phone to try to gain access to messages they wouldn’t be able to due to the encryption. It’s very useful if you are an active target or you don’t trust your phone os to play nice. I personally use it myself and really like it but in general it’s not terribly different.

        • アルケミー船長English
          28 months ago

          It’s only encrypted in a BFU state, (before first unlock). Police can probe your phone for data using a tool by cellebrite without root. GrapheneOS includes a auto rebooting feature to place it back in a BFU state but other phones will lack this feature. Using Molly’s database lock allows you to not trust the OS itself by encrypting it.

          edit: corrected cellbrite to cellebrite

      • @LiveLGNProsper@lemmy.world
        48 months ago

        Yeah I realize it is android only and that makes sense that is exactly what I was looking for surprised signal doesn’t encrypt the database honestly.

        • アルケミー船長English
          78 months ago

          The main issue with encrypting the database using Molly’s setup is you’ll miss notifications and calls until you unlock, this might be able to be fixed using a different database encryption setup but as it stands it would be inconvenient for many.

    • Possibly linuxOPEnglish
      18 months ago

      It has a completely FOSS version that is available on F-droid. It also implements a pin which signal removed for convenience.

      Its not available for ios

      • @LiveLGNProsper@lemmy.world
        38 months ago

        Yeah I know it’s not on iOS I still love Android so I try to stay up to date on Android as well even not having one. My iPhone is paid for by work so I just don’t complain .

        • Possibly linuxOPEnglish
          08 months ago

          For android Lineage os the best with F-droid as a app store.

          Many will disagree with me but Lineage os has the best support and is updated once a month. None of your privacy ROMs can compete with that

          • @LiveLGNProsper@lemmy.world
            38 months ago

            Yeah but Linage OS does not relock the bootloader for extra security so if you lose physical access to your phone it is now vulnerable.

            • Possibly linuxOPEnglish
              -48 months ago

              True so don’t lose your phone. Its encrypted and you can use third party apps to auto wipe under certain circumstances

              • @zwekihoyy
                28 months ago

                the more third party apps you have, the higher your attack surface and a decrease in security. I love my mods but this isn’t really a solution and should be an os feature.

                • Possibly linuxOPEnglish
                  08 months ago

                  How would that be implemented? The way stock does it is though proprietary software

              • @LiveLGNProsper@lemmy.world
                28 months ago

                True but I work outside and have lost devices before sometimes it is out of are control and we still misplace devices especially when the fall out a pocket I was only pointing out I personally won’t use it for that reason is all I still would rather use Lineage OS over Graphene OS but I don’t think I will because of that one thing. I am looking at buying a used pixel hopefully soon.

  • @Chobbes@lemmy.world
    58 months ago

    The RAM shredding feature seems kind of silly to me, but I don’t know the details. Ideally the operating system should clear pages before giving them to other applications… While I can see the appeal in also doing it in the application, it seems kinda wasteful, and I wouldn’t trust the application to do a good job of that anyway. If the point is to prevent the app itself from leaking private keys on a buffer overflow or whatever… I guess I can see the value of that, but I’d rather see mitigations for the buffer overflows highlighted instead. I guess this just makes me a little suspicious of the actual value provided by the app.

  • N-E-N
    18 months ago

    Are there any downsides to Molly vs vanilla app?

    • Possibly linuxOPEnglish
      28 months ago

      Signal is definitely not compromised. It has and is being reviewed by many cybersecurity professionals and is considered pretty secure. It has some downsides like its use of centralized servers and some metadata leakage but other than that its solid.

      So to update your comment:

      “Don’t use signal its compromised!”

      • The glowies
      • Thordros [he/him, comrade/them]English
        28 months ago

        You’re right, of course. I was in a dark place mentally and was spiralling when I wrote that. I will remove it. In hindsight it wasn’t even that funny.

        • Possibly linuxOPEnglish
          28 months ago

          Yeah no problem. I wasn’t offended or upset but I just wanted to give a correction