this post was submitted on 31 Jul 2023
42 points (97.7% liked)

Privacy

31974 readers
377 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod@lemmy.pt
Yayannick@lemmy.ml
ranok@sopuli.xyz
42
Molly, Signal FOSS (TwinHelix), Molly FOSS - Better than Signal? (lemmy.ml)
submitted 1 year ago by gianni@lemmy.ml to c/privacy@lemmy.ml
23 comments fedilink hide all child comments
 

Molly advertises itself as a "hardened version of Signal," & its FOSS variant is the same without proprietary dependencies. TwinHelix's FOSS Signal fork goes further, adding OSM support instead of GMaps. Are these forks trustworthy, & are they worth using for added security compared to mainline?

top 23 comments
sorted by: hot top controversial new old
[–] Skimmer@lemmy.zip 7 points 1 year ago* (last edited 1 year ago)

My biggest problem is the delayed updates, which I don't think they add enough to justify using imo. I think the base Signal itself already has excellent privacy, it can be used for notifications without Google Play Services (which I do myself), which works great. I haven't used any maps features so not sure how that compares. I've never seen it make any connections to Google in my usage. I'd just stick to the main Signal so you're getting updates as soon as possible. With these apps, you're just adding another trusted party, and delaying updates, which can decrease security.

[–] shreddy_scientist@lemmy.ml 6 points 1 year ago (1 children)

Does Molly or TwinHelix still allow sms? If so, on top of having no Google dependencies, it'd be a no brainer switch for me.

[–] beeng@discuss.tchncs.de 5 points 1 year ago (1 children)

You want SMS but not Google. How does that line up?

Spying is OK, but not if it's Google?

[–] shreddy_scientist@lemmy.ml 9 points 1 year ago* (last edited 1 year ago) (1 children)

My reference is regarding signal removing SMS and how ~75% of my messaging is SMS. If signal still offered SMS, it would make having others switch much much easier. I do use a security and privacy based VOIP service for sms and calls currently. But the moves I make are almost always much more than my friends are willing to do.

[–] beeng@discuss.tchncs.de 1 points 1 year ago (4 children)

How are they switching if they're still using SMS? Get them to install signal is getting them to install signal...

[–] optissima@lemmy.ml 1 points 1 year ago

Baby steps. First they get used to the interface, then they transition.

load more comments (3 replies)
[–] mtchristo@lemm.ee 6 points 1 year ago

Are they allowed to use signal servers ? last time I heard third party apps or forks were banned from using signals servers.

[–] ashtrix@lemmy.ca 5 points 1 year ago

For me, it doesn't add enough to switch from the base Signal and slow down those updates

[–] itchy_lizard@feddit.it 4 points 1 year ago (1 children)

Won't use it until I can securely install it through F-Droid

[–] notenoughbutter@lemmy.ml 1 points 1 year ago

you can add the official molly fdroid repo

[–] jet@hackertalks.com 4 points 1 year ago (1 children)

Since signal is not on fdroid I've been using Molly. Works fine for me. If having a third party developer modify the signal source code is an unacceptable risk for you then it's unacceptable. So far the Molly developers haven't done anything worrisome

[–] gianni@lemmy.ml 4 points 1 year ago (1 children)

Have you tried Molly FOSS, or are you using the standard one with proprietary dependencies? Is there a meaningful difference in day to day functionality?

[–] jet@hackertalks.com 3 points 1 year ago (1 children)

Foss, basically new messages might not show up immediately

[–] merde@sh.itjust.works 3 points 1 year ago

if that's the case for you, your preferences may need some tweaking.

[–] FarLine99@lemm.ee 4 points 1 year ago

I think they can be trusted as their build process is open. I recently learned that the official client supports reproducible builds as well, so I don't see the point in using those versions for myself. Now I trust the Signal authors' builds. If you want to use them because of the extra features, it's probably worth it.

[–] possiblylinux127@lemmy.zip 1 points 1 year ago (1 children)

Signal is anti free software. They are extremely hostile to anyone who wants to exersize there rights.

I would use other encrypted messages instead.

[–] itchy_lizard@feddit.it 1 points 1 year ago

Doesn't this solve those issues tho?

[–] merde@sh.itjust.works 0 points 1 year ago (2 children)

if you uninstalled GMS, than you have no choice, it's Molly for you.

can't understand people who complain about privacy standards of Signal, yet they have GMS sitting at the core of everything their phone does.

[–] Skimmer@lemmy.zip 3 points 1 year ago (2 children)

if you uninstalled GMS, than you have no choice, it's Molly for you.

No? Signal on their official app works perfectly without any Google apps or Play Services installed, including notifications, I use it daily on my deGoogled phone. I don't know where this misinformation is coming from.

[–] merde@sh.itjust.works 1 points 1 year ago

from experience. i tried to re-register signal after degoogling my phone and couldn't. I already had Molly in my test list, so i tried and i was back online.

maybe signal has to be installed without gms for the configuration to work?

if that's misinformation (i will trust you), i'm sorry and i'll keep it to myselves

[–] merde@sh.itjust.works 1 points 1 year ago

do you have microG instead of gms?

[–] gianni@lemmy.ml 2 points 1 year ago

I have MicroG