• Jeena@jemmy.jeena.net
    link
    fedilink
    English
    arrow-up
    138
    ·
    11 months ago

    I don’t understand why the article writes that iMessage is the only way for encrypted messaging between Android and iOS. I can thing of several off the top of my head:

    • Matrix
    • Signal
    • WhatsApp
    • Facebook Messanger (very soon)
    • Threema
    • Telegram
    • Viber
    • Line
    • Skype

    And there are surly more …

      • Jeena@jemmy.jeena.net
        link
        fedilink
        English
        arrow-up
        23
        ·
        11 months ago

        Then why are we shaming Apple and not the iOS users? I think Apple is totally reasonable here.

        • danhakimi@kbin.social
          link
          fedilink
          arrow-up
          43
          ·
          11 months ago

          Apple’s biggest crimes here are creating a proprietary platform with an exclusive protocol and making it the default messaging protocol on their devices. None of this is really new, though. All that shit is common. We need Signal or Matrix to improve in user-friendliness and even do some marketing to the point where they become viable solutions.

            • Eldritch@lemmy.world
              link
              fedilink
              English
              arrow-up
              4
              ·
              11 months ago

              I can send pictures and video over SMS that are viewable anywhere. An iMessage user can only send a patch of 64 color changing macro blocks with some audio. While it’s technically true it’s the default. it’s purposefully degraded to the point of unusability.

              • HeartyBeast@kbin.social
                link
                fedilink
                arrow-up
                2
                ·
                11 months ago

                Really? That seems odd. I’ve never had a problem sending reasonable quality photos to Android users and I can’t see a business reason why Apple would degrade image sending purposefully- it would drive its own users to get third party apps.

                • BearOfaTime@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  11 months ago

                  iMessage degrades images and video on MMS regardless of the capability of the network.

                  • HeartyBeast@kbin.social
                    link
                    fedilink
                    arrow-up
                    2
                    ·
                    11 months ago

                    I don’t think that’s correct - and I can’t find anything that substantiates the claim with a quick Google. Source?

                • Eldritch@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  11 months ago

                  The photos are less the issue than videos. But they definitely reduce the size of them far more than other clients do. At least for non iPhone/ iMessage users. It gets so bad that family doesn’t share videos with many of us anymore because of how difficult it is to use something other than iMessage. Or Facebook. But that’s a whole other problem.

                • paintbucketholder@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  11 months ago

                  I can’t see a business reason why Apple would degrade image sending purposefully- it would drive its own users to get third party apps.

                  Depends on what the majority of people are using.

                  In markets where iPhone users are not in the majority, that’s exactly what’s happening: iPhone users are switching to third party apps.

                  If iPhones users are in the majority, though, then people will just default to iMessage, and non-Apple phones get associated with poor messaging quality. Which creates social pressure for non-iPhone users to buy an iPhone.

                  So it makes perfect business sense for Apple to degrade the messaging quality when a non-Apple phone joins the conversation.

            • danhakimi@kbin.social
              link
              fedilink
              arrow-up
              2
              ·
              11 months ago

              in other words: the default messaging protocol is imessage, unless that’s impossible, in which case it falls back to sms.

          • Cheradenine@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            7
            ·
            11 months ago

            I am not an Apple fanboy at all, I have used iPhones for work previously.

            RCS debuted three years before iMessage, Apple developed iMessage because no one could get RCS standards together. We still don’t have this, Google has theirs, Samsung has another. Not all manufacturers support it and neither do all carriers. In my country it does not exist.

            I use SimpleX, but when I used a company iPhone, iMessage worked very well, and it worked everywhere regardless of carrier. RCS does not 15 years after its introduction.

            None of this is to say there should not be interoperability, clearly there should be. Historically at least, the blame lies with Google and mobile carriers.

            • GreyEyedGhost@lemmy.ca
              link
              fedilink
              English
              arrow-up
              5
              ·
              11 months ago

              I’m not letting Google off the hook, but Apple could also open the standard for iMessage and bypassed the whole problem. But they’d rather lock in customers than allow everyone to communicate securely and effectively.

          • Jeena@jemmy.jeena.net
            link
            fedilink
            English
            arrow-up
            3
            ·
            11 months ago

            I’m not sure about Signal being the one, then we just give the power from one company (Apple) to another (Signal). If we want to improve then we should push open protocols where people can host their own infrastructure.

            • Eager Eagle@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              11 months ago

              Ideally, I agree. In practice, until federation / decentralization is completely transparent to the end user (unless they choose otherwise), it’ll never be adopted at a large scale. IMO that’s one of the main obstacles of Lemmy, Mastodon, and others.

              Signal is only relatively popular among the privacy-respecting options because setting it up is as easy as setting up WhatsApp. Just by adding a “choose your instance” step, you can cut your user base by an order of magnitude. And that’s not mentioning the quality of service, which is much more achievable on a centralized platform, whether that’s in terms of feature parity, uptime, bug fixes, or cross-platform support.

          • Otter@lemmy.ca
            link
            fedilink
            English
            arrow-up
            2
            ·
            11 months ago

            More marketing would be nice

            As for features, an easy remote backup solution (similar to be bettet than WhatsApp) is the big one for me. Especially on iOS

            • danhakimi@kbin.social
              link
              fedilink
              arrow-up
              2
              ·
              11 months ago

              Android has an easy remote backup system built in. You can save a file to any location, including cloud locations, as long as the cloud service provider plugs into the API. Signal actively disables this feature because they would rather spite users than risk even the shadow of a chance that a user upload an encrytped backup to an internet service that could theoretically then be hacked and hypothetically maybe one day decrypted.

              Matrix doesn’t have this issue, it just stores encrypted messages on servers.

        • HeartyBeast@kbin.social
          link
          fedilink
          arrow-up
          8
          ·
          11 months ago

          Message works, it’s seamless and does a good job. Sure I’ll change to something else if I need to send images or group chat with Android uses, but in the UK that generally means WhatsApp, which I am definitely not keen on.

        • Alto@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          11 months ago

          There is absolutely nothing reasonable with using an inferior and outdated standard compared to what literally everybody else uses.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      32
      ·
      edit-2
      11 months ago

      Most of those are proprietary. My list:

      • Matrix
      • Session
      • Signal and signal clients
      • Simplex Chat
      • Jami
      • Briar (android only)
      • Nextcloud talk (needs nextcloud)
      • probably a lot more
    • vrighter@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      10
      ·
      11 months ago

      telegram is not encrypted by default, and does its best to make you forget to enable it for each individual contact. if you want to do a group chat, you’re out of luck.

      Telegram is only (partially) secure for pedantic power users, which most people aren’t.

        • vrighter@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          9
          ·
          edit-2
          11 months ago

          so, relative to pretty much all other messaging services, it might as well not be.

          You’re saying “by default not everyone can read your messages, only you, the recipient, telegram themselves and anyone who they might decide to share them with, with neither your consent, nor knowledge”

          When compared to “nobody except you and the recipient” that becomes effectively equivalent to “nothing”.

          also, not end-to-end ever when it comes to group chats

          • Liquid_Fire@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            11 months ago

            Almost all services in that list are closed source, so even if they use end-to-end encryption nothing stops the client from sending all your messages to anyone they like after decrypting (in fact some of them already have it as a built-in feature in the form of backups).

            • vrighter@discuss.tchncs.de
              link
              fedilink
              English
              arrow-up
              3
              ·
              11 months ago

              that would be very quickly caught by a network sniffer, because it would have to be sent from your own device. Otherwise they’d just be sharing the undecryptable ciphertext you sent to their servers

              • Liquid_Fire@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                11 months ago

                Just encrypt it before sending it to their servers. How would you tell that apart from any other traffic it sends? (E.g. to check for new messages, to update who of your contacts is online, etc)

                • vrighter@discuss.tchncs.de
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  edit-2
                  11 months ago

                  what does that have to do with anything? if you have to encrypt your messages manually yourself, that kind of proves the point that the service itself is not secure. And it’ll still show up on a network sniffer that they’re sending it to two places

                  • Liquid_Fire@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    edit-2
                    11 months ago

                    Ok, let me break it down because clearly I didn’t explain it well.

                    What is supposed to happen, scenario 1: the client encrypts your messages with the public key of the recipient, sends it to the servers of WhatsApp (or whatever service) along with some encrypted metadata indicating the recipient, which then forward the message to the recipient.

                    What could happen, scenario 2: the client does the same, but also encrypts another copy of your message with a public key that belongs to WhatsApp, and send both versions to the WhatsApp servers. They decrypt and keep the second version while forwarding the first one to the recipient.

                    Or, scenario 3: they just never bother with end-to-end encryption, and always encrypt it with the WhatsApp key, still sending it to their servers which then reencrypt with the recipient’s key before forwarding.

                    In all cases, messages are sent only to the WhatsApp servers, not two places. The only visible difference is in scenario 2 where the communication is larger. You can’t inspect the metadata of the message with your network sniffer, because it is also encrypted, so there’s no way to rule out scenario 3.

                    If the protocol is designed to be transparent by not encrypting the entire payload sent to the servers, and you have access to the recipient’s private key (those are big ifs) then you could show that there is indeed an end-to-end encrypted message in there. But this is true for how many of these proprietary services? Maybe for WhatsApp.

      • Jeena@jemmy.jeena.net
        link
        fedilink
        English
        arrow-up
        4
        ·
        11 months ago

        I assume that if people are too lazy to switch to a solution which works for every one then they are not very interested in talking to you anyway.

        • Mongostein@lemmy.ca
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          11 months ago

          Except it’s not a solution that works for everyone. It’s 9 solutions. If it were one it would be a lot easier.

          7 once you take out the ones owned by Facebook.