https://www.securemessagingapps.com is the great comparison of messaging apps, but there are several incorrect statements about SimpleX Chat.
Commenting in the thread below!
1. Main reasons why the app isn't recommended: Provide a transparency report
It is available online and updated at least quarterly, or if anything changes: https://simplex.chat/transparency/
2. Company jurisdiction: UK
We disagree that there are any jurisdictions that are particularly good for privacy. Also, this might be important for centralised services, like Threema, where the users can't host servers, and much less important for decentralized network, such as SimpleX, where there are hundreds (if not thousands) of servers that we don't control.
3. Cryptographic primitives: Curve25519 / XSalsa20 256 / Poly1305 (downgraded for the absence of PQ encryption).
We added PQ encryption in March this year: https://simplex.chat/blog/20240314-simplex-chat-v5-6-quantum-resistance-signal-double-ratchet-algorithm.html
This is done in the same way as Apple describes as PQ3 here: https://security.apple.com/blog/imessage-pq3/
4. Directory service could be modified to enable a MITM attack? Yes
This is incorrect, as there is no user directory service, and MITM by relays is not possible by design, even without optional security code verification (that exists to mitigate MITM by the channel you used to pass one-time invitation link, e.g. email).
5. Does the company log timestamps/IP addresses? Yes
This is incorrect, we never logged IP addresses and access timestamps of the users.
Further, the private message routing that is now enabled by default for all users prevents such logging by any 3rd party servers with modified code:
https://simplex.chat/blog/20240604-simplex-chat-v5.8-private-message-routing-chat-themes.html
6. Is the design well documented? Somewhat
The design documentation was reviewed in preparation for design security audit - report is about to be published.
Thanks to our users who highlighted these inaccuracies to us!
@simplex but there are quite a few UI bugs in the dark mode iOS app
@simplex Does it make sense to enable private message routing for all servers, including simplex servers, in the settings?
@sk8er @simplex I have the Private Routing option set to "Always use private routing", and the Allow Downgrade option set to "When IP Hidden". This keeps Private Routing active by default, but will send messages directly when the destination server doesn't support private routing as long as your IP is hidden (by tor). I think this is the best configuration for maximizing privacy as it minimizes required trust, and errs on the side of caution.
@simplex Im curious, how is MITM not possible by design?
@MarkAssPandi The invitation links contain all key material and is passed out of band. This results in a large links, but we are about to move to a new design where invitation link will be ~120 characters - it will be a hash of all data represented by that link, so it would still be protected from MITM (and from access by the relay to the information stored in the link). This new design is documented here: https://github.com/simplex-chat/simplexmq/blob/short-links/rfcs/2024-06-21-short-links.md