Oddbean new post about | logout
 SimpleX Chat don´t know how many servers they have!

Then they also don't know who is behind some servers!

This provides a large attack surface for collecting metadata. The big tech companies only need the IP address and they know which user it is.

How do they do that?
85% of all smartphones use Google's Android and this sends encrypted data packets to Google every day. This means that Google knows the IP address of every user.

Amazon (online shopping monopolist in Western countries) knows the names & addresses of users (if an order was recently placed with the IP)

Microsoft (operating system monopolist worldwide) knows the IP of the home computer and Internet router.

This is the reason why it is insanely dangerous to get involved with money from big tech companies.

They don't put their money into SimpleX because the logo looks so great, but because they want a “foot in the door” and data.

PS: The same goes for Signal, they also run all their traffic through Google, Amazon, Microsoft & Cloudflare.

What does Threema's server do?

It only stores messages until they have been successfully delivered to the recipient and then deletes them again. The message is then overwritten by new messages on the server disk. This means that the deleted message cannot be recovered.

This seems to me to be a much safer way than using a service like SimpleX, where the operators don't even know who is behind their server.