Two years ago, I glanced at Matrix’s Olm library and immediately found several side-channel vulnerabilities. After dragging their feet for 90 days, they ended up not bothering to fix any of i…
It’s not a good discord alternative but simplex has been a solid secure chat option PQC working by default. It and mumble or jitsi serve my gaming needs.
XMPP would need one hell of an upgrade but it might be easier to refactor than the years of lazy bullshit in matrix’s code. Time will tell. Flux could hackathon and venture captial into the lead
It’s not a good discord alternative but simplex has been a solid secure chat option PQC working by default. It and mumble or jitsi serve my gaming needs.
https://simplex.chat/
XMPP would need one hell of an upgrade but it might be easier to refactor than the years of lazy bullshit in matrix’s code. Time will tell. Flux could hackathon and venture captial into the lead
I haven’t reviewed SimpleX, but it does some weird things (Curve448? Really??) that make me wonder about the author’s capacity for threat modeling.
Where? It’s all TLS and NTRU prime now to my knowledge. They have a couple audits now.
https://github.com/simplex-chat/simplex-chat/blob/stable/blog/20240314-simplex-chat-v5-6-quantum-resistance-signal-double-ratchet-algorithm.md