A little bit about why your email are considered as a SPAM by Microsoft and Google.
-
-
@will said in A little bit about why your email are considered as a SPAM by Microsoft and Google.:
Signal
Based on Exodus Privacy Audit, Signal is not better than TelegramX.
Also based on Exodus, the app for your communication and privacy, if it really exist, would be Freygo
-
@JOduMonT First off, that site is just reviewing app permissions. It’s docking Signal for requesting things like access to camera (used for taking and sending photos). That’s not really relevant here.
From a security standpoint, the Signal protocol is the gold standard for secure messaging. Other apps , like WhatsApp have even implemented it themselves.
Signal is also a non-profit and spends a considerable amount of effort in reducing knowledge needed to operate on the server. Their goal is to get to a point you don’t have to trust the server at all.
I have never heard of the app you’re recommending, but I don’t see any information about how they manage their encryption. Their website link (from Google Play) lands on some obscure website that doesn’t really load unless I turn off my tracker blockers. The site then doesn’t really indicate why I should trust them. No information on their funding or security. Also, the Play Store listing says it includes Ads. Which is a huge no-no for privacy.
Telegram is a popular app, but Signal is often recommended for security/privacy. First off, Telegram offers both encrypted and unencrypted messaging and defaults to unencrypted. Group messages cannot even be encrypted at all. In Signal, all is encrypted. Furthermore, when using encryption, Telegram uses a custom crypto algorithm they wrote rather than industry trusted ones like Signal does. This goes against a common maxim in the security industry “don’t roll your own crypto”. It could be just as secure, but less eyes on it means we just don’t know enough about it. Most professionals prefer a tried and true system.
Anyway, I’m pretty passionate about secure messaging, so I’ve done a bit of research here. All that said, unless they are willing to switch, the best one is the one your friends are using. Messaging is useless if you’re the only one with it. Kinda relates to the article will posted about encrypted email in the first place.
-
Signal has zero trackers and all 65 permissions are kosher:-
https://reports.exodus-privacy.eu.org/en/reports/114396/ -
@iamthefij said in A little bit about why your email are considered as a SPAM by Microsoft and Google.:
I have never heard of the app you’re recommending
I've never heard about this Freygo, and I didn't recommend it, I even mention I was suspecting this app don't really exist.
I don't know much about Signal, but it is often the apps people mention. But after that if Signal have as neighbor apps such as FaceBook and Messenger does it really matter ? Your Friend on Signal is probably your Friend on Facebook and by correlation you just help them to crack the code. (I'm saying you as us, them, not necessarily you)
Personally I prefer using my own set of key, I say that because apps like Telegram, WhatsApp, Messenger yes they use encryption but they also generate the key and have both the private and public key so it's only a matter of semantic and if you trust their business.
And Yes I'm agree with you, you could have the best app of the world from privacy perspective but if you know no one using it become a notepad for yourself.
-
@JOduMonT said in A little bit about why your email are considered as a SPAM by Microsoft and Google.:
Personally I prefer using my own set of key, I say that because apps like Telegram, WhatsApp, Messenger yes they use encryption but they also generate the key and have both the private and public key so it's only a matter of semantic and if you trust their business.
You still have to trust the application, but private keys for Signal are generated on the device and not sent to the server. To improve trust in the application, Signal actually has reproducible builds. WhatsApp should, in theory, function the same way, but they are not open source and do not have reproducible builds so you have no way to verify that is actually how it’s functioning.
-
As a security consultant for the world's number 1 security company (depending on how you measure it), I can say that out of the major applications, Signal is hands down the gold standard. SO much so that other apps have taken their tech stack for their backend.
The only downside in my eyes is the use of a phone number, but they have been doing insane ammounts of work to get around that need. Def a cool space to watch. Hell signal can even be self hosted. Maybe we'll see it on Cloudron. -
@will said in A little bit about why your email are considered as a SPAM by Microsoft and Google.:
The only downside in my eyes is the use of a phone number, but they have been doing insane ammounts of work to get around that need.
I saw that!! I can't wait. For my main use case (since I care about privacy/security and not much about anonymity), I don't mind a phone number for discoverability, since I actually want people do discover me and message me there rather than SMS. However it's very valuable for others who need greater anonymity.
I do look forward to it personally for things like registering bot accounts so that I can send notifications from my web servers to my Signal devices.