Signal-iOS
session-android
Signal-iOS | session-android | |
---|---|---|
130 | 174 | |
10,527 | 1,693 | |
1.1% | 3.8% | |
10.0 | 9.5 | |
1 day ago | 1 day ago | |
Swift | Java | |
GNU Affero General Public License v3.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Signal-iOS
- Signal 7.0 released for iOS – Private Phone s
- Police Can Spy on Your iOS and Android Push Notifications
- Police used Cellebrite to break into my phone, how do I prevent this in the future?
-
Governments spying on Apple, Google users through push notifications -US senator
Fortunately, they did foresee this! The push notification only contains enough information to tell the phone that it should fetch the actual notification content from Signal's servers.
Here's a Signal dev talking about it on the Signal-Android GitHub: https://github.com/signalapp/Signal-Android/issues/12961#iss...
And similarly for Signal-iOS: https://github.com/signalapp/Signal-iOS/issues/962#issuecomm...
-
Privacy is Priceless, but Signal is Expensive
This was a nice, detailed read. I was happy to note this about employee compensation since paying them well is a good thing apart from their personal motivation to work on this (even at a comparatively lower pay than in other companies/projects):
> When benefits, HR services, taxes, recruiting, and salaries are included, this translates to around $19 million dollars per year.
> We are proud to pay people well. Our goal is to compensate our staff at as close to industry wages as possible within the boundaries of a nonprofit organization.
That said, I really dislike Signal for a few reasons. The first is what many people have already talked about very often — forcing to use a phone number to register. Since the SMS or call costs are quite high, Signal could adopt the iMessage approach to verification, which is having the user send an SMS to the service (this will cost the user some money depending on which country the SMS is sent to). This could be decided based on the country code so that the current SMS OTP model can coexist.
Signal is obstinate on a few aspects on user experience, more so on iOS/iPadOS. Firstly, it refuses to provide a data backup mechanism for iOS/iPadOS. If someone loses their devices, there is no way to restore older messages. Even setting up a new device requires the old device to be in physical proximity to transfer the data. Signal does integrate with CallKit (to act like a phone app) and with Apple’s notification services, but refuses to allow the user to backup the data with a password to encrypt it.
Secondly, I found this paragraph in this post to be disingenuous:
> Such practices are often accompanied by “growth hacking” and engagement maximization techniques that leverage dark patterns to keep people glued to feeds and notifications. While Signal is also free to use, we reject this kind of manipulation, focusing instead on creating a straightforward interpersonal communications app. We also reject business models that incentivize such practices.
Signal on iOS/iPadOS wants the user to enable notifications and to share contacts. If notifications are disallowed and if contacts upload is disallowed, it will pester every few days about it. One might think this is a silly mistake that Signal isn’t aware of. But it was reported some years ago and Signal responded that it will not fix it because it believes this is the only way. [1] Not even an option where this is a toggle for those who want no notifications or don’t want to share contacts (Signal does have a toggle for contact joining notifications).
Signal is also not that reliable in delivering messages in a timely manner compared to other apps (the GitHub repo has many repetitive issues on this topic over all these years).
Finally, since Signal has poorer UX in general, which isn’t an easy or cheap thing to handle, I use it only with less than a handful of people who I know and who use it.
I’d donate occasionally so that Signal can continue to exist, but I don’t feel like supporting it every month with all these issues, some of which look like Signal showing me the middle finger.
[1]: https://github.com/signalapp/Signal-iOS/issues/4590#issue-72...
-
Telegram raises $210M through bond sales
I also use both extensively and I agree, Telegram has the best UX of any messaging app. The desktop app is QT I think so it feels very snappy compared to Signal's electron app.
Signal's iOS app is a native Swift/UIKit app and open source however, so I'd encourage you to report any bugs or issues you find: https://github.com/signalapp/Signal-iOS
-
App crashes on open | iOS 16.5 | will stop donation
Yeah I was able to find a few tasks that might be similar to your issue, though I don't know the exact details how the app behaves in your case, as in if you get error message or something like in this issue, or if it just closes on open like in this issue comment. Regardless, the generated crash report from the phone itself is probably good to add in your email to support (which is different from the debug log, just to specify in case you have been sending only that, here's a link for more details).
- I have absolutely had it with Signal (lack of basic backup options)
-
Rewriting the Messenger codebase for a faster, smaller, simpler messaging app
My bet is on "object-oriented obfuscation" and bloat caused by "modern" coding styles. Looking through the Signal source you linked to, I see tons of the former. There is an absolutely insane amount of boilerplate-looking code in here, for example: https://github.com/signalapp/Signal-iOS/tree/main/Signal/src...
I don't know Swift or the iOS UI API, but a lot of that code seems to be manually creating and positioning UI elements and otherwise implementing UI functionality that I'd expect the OS to handle. It's a lot of code that should really be data (arrays, structures).
To offer a huge contrast, a long time ago I wrote an MSNP chat client in pure Win32, and it was around 2kloc. The binary was 24KB. Of course it only supported contacts, presence, and text messaging, but I still can't see features like audio/video or the crypto that Signal has needing 100x more, especially if they use OS functionality for much of them.
- Camera quality during video call
session-android
- Signal: Keep your phone number private with Signal usernames
-
What are you shocked people are still doing nowadays?
Other alternatives include Session (free) and Threema (paid - 5€).
-
Tyranny Censorship? No problem, Self-custody your content distribution
Test it by downloading session at getsession.org and DM the bot by starting a new message and sending it to “Simple” (without quotes)
- Launching Default End-to-End Encryption on Messenger
- Which communication App is most secure / anonymous?
-
Official/Unofficial Monero Session Community Hangout?
Figured there should be moves to set one up if not - https://getsession.org/
- Session: Send Messages, Not Metadata
-
Signal: The Pqxdh Key Agreement Protocol
* marketing "Perfect Forward Secrecy" AKA "Forward Secrecy"[0].
I favor Session Private Messenger[1] because it is decentralized and allows third party clients, but Signal enthusiasts warn me that the Session client may, hypothetically, at some future date, integrate a cryptocurrency, as the Signal client already does[2].
[0] https://en.wikipedia.org/wiki/Forward_secrecy
[1] https://getsession.org
[2] https://www.stephendiehl.com/blog/signal.html
-
U.K. Abandons, for Now, Legislation That Would Have Banned End-to-End Encryption
If you have a mobile phone number, the domestic intelligence agency knows exactly where you are at all times and any LEO (without a warrant) can also find you. In addition, there have been numerous CCC presentations showing how insecure the global (excluding US) and (separately) US carriers are guilty of promiscuous metadata trafficking ($$) and insecure SS7 setups. As a consequence, for low $, you can go to any one of several shady websites and find the last location of almost any phone number (person unique ID) globally. There are additional varying exploitable vulnerabilities depending on the exact combination of {handset x carrier x country} to impersonate them, tap their line, reveal their exact location, and redirect their phone number through a third-party handset or even a PBX. These are more expensive and some capabilities are forbidden for all but a few selective intelligence uses.
Session (Signal fork) doesn't use phone numbers. It's pretty well-designed overall and uses an onion routing approach. It's already a superset of Signal except it doesn't use phone numbers. https://getsession.org
Also look interesting:
* (unproven) https://www.olvid.io/technology
* (unproven) https://simplex.chat
PS: Using regular TOR on home broadband or cloud servers is relatively risky and inefficient. Sybil attacks on it are common. And to network operators and security agencies it gives an easy "flow tag" of your uplink and exit node data traffic as automatically suspicious.
- E2EE messenger for who want absolute privacy and freedom from any surveillance
What are some alternatives?
mollyim-android - Enhanced and security-focused fork of Signal.
simplex-chat - SimpleX - the first messaging network operating without user identifiers of any kind - 100% private by design! iOS, Android and desktop apps 📱!
berty - Berty is a secure peer-to-peer messaging app that works with or without internet access, cellular data or trust in the network
LibreSignal - LibreSignal • The truly private and Google-Free messenger for Android.
session-open-group-server
Signal-Desktop - A private messenger for Windows, macOS, and Linux.
loki-network - Lokinet is an anonymous, decentralized and IP based overlay network for the internet.
wire-ios - 📱 Wire for iOS (iPhone and iPad)
lokinet-gui - GUI Control panel for Lokinet built using electron
Unigram - Telegram for Windows
µWebSockets - Simple, secure & standards compliant web server for the most demanding of applications