Oddbean new post about | logout
Jacob | Five Eye Tea | 14 hours ago (raw) | root | parent | reply | flag 
 If people enjoy SimpleX, more power to them, but I just don't find it to be a good experience at this point in time. There are also some valid concerns over its security that I'm also questioning myself.

That said, nothing about it is inherently bad, just not for me haha
chrizzz | 14 hours ago (raw) | root | parent | reply | flag +1 
 Fair enough 😁 Would you care to point me to some security concerns?
Jacob | Five Eye Tea | 10 hours ago (raw) | root | parent | reply | flag +1 
 The biggest is definitely the fact that a vast majority of its relays are run by the company, which is a for profit company that kinda just showed up out of nowhere. The tech itself seems solid but it's concening to me that the relays are overwhelmingly run by the company. 

Also, unlike Session, itd be incredibly easy for governments to set up honeypot relays. If I'm not mistaken, there isn't any onion routing in SimpleX, meaning they wouldn't even need to do a sybil attack to know metadata like your IP.
chrizzz | 10 hours ago (raw) | root | parent | reply | flag 
 Thanks, that’s very informative. I saw that @Start9 has a @simplex server package on their marketplace which means other people could run servers. But that is an issue in itself as you state in your second point 🙂
fiatjaf | 9 hours ago (raw) | root | parent | reply | flag 
 You can run your own relay and that should be pretty easy.

Compare that to Signal where there is only one relay that everybody should use and it's already a honeypot.