this post was submitted on 30 Jan 2024
8 points (83.3% liked)

Privacy

31958 readers
994 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

As most people here might know, Session utilises a TOR-like onion routing system with some changes to route traffic. The username is the public key whilst the password is the private key.

Recently, a new project built on top of this seems to be in the works: https://simplifiedprivacy.com/freespeech/

I'd like to know the community's opinion of session and how much would you trust its technology. Thanks!

you are viewing a single comment's thread
view the rest of the comments
[–] LWD@lemm.ee 8 points 9 months ago (2 children)

Simplifiedprivacy dot com needs to be blacklisted from Lemmy communities, it's a blog trying to sell some really silly services.

As for Session, they've never made an original product that I've ever seen - they took Signal and Monero, peeled off the labels, and made them (especially Signal, IMO) worse in both aesthetics and privacy protection.

And the company behind this is in Australia, a country where you need to weaken products (by adding backdoors) upon government request.

[–] possiblylinux127@lemmy.zip 2 points 9 months ago* (last edited 9 months ago) (2 children)

Session is very much not a clone of Signal. They forked it way back and the entire back end and front end are different. Session uses the lokinet behind the scenes which stores messages encrypted and routes traffic. Session isn't completely decentralized to my knowledge as its a work in progress but for now it is harder to block or censor compared to signal.

Even if you have your doubts, its been audited and found to be reasonably secure so it shouldn't be a security risk. I still don't use it due to its lack of invites but if they add stable calls I might just switch. For now I use it to send text between my devices.

[–] LWD@lemm.ee 3 points 9 months ago

The encryption is a fundamental problem because they removed Signal's forward secrecy and replaced it all with a single leakable key you share among all your devices.

According to Season devs, Session does not use LokiNet but some other thing. It's been that way since way back....

[–] Pantherina@feddit.de 0 points 9 months ago (1 children)

For sending data I recommend wormhole or localsend, makes way more sense

[–] possiblylinux127@lemmy.zip 1 points 9 months ago (1 children)
[–] Pantherina@feddit.de 1 points 9 months ago

Localsend can also do text!

An alternative that I use is QR codes

Android:

Linux:

  • Decoder with the fix mentioned on the Link. That at least deals with autodeletion of history, but the text still has no password function. (Basically I use the awesomeness of Flatpak app storage and always delete it after the process is finished, works flawlessly and can be used with every app)
[–] Yesbutnotreally@lemmy.world 2 points 9 months ago

I agree. I do trust session as well, even if their “marketing” on mastodon is rather unprofessional.

It does however hurt serious actors when they get mentioned on sites that spam and claim to be serious like the one you mentioned. I hope that the mods here will clear up their spam posts