GuardianPlasma on Nostr: SimpleX wins at 88 points if you stop punishing it for dodgingpossible ...
SimpleX wins at 88 points if you stop punishing it for dodgingpossible privacy/security issues such as:
Do you get notified if a contact's fingerprint changes?
Is personal information (mobile number, contact list, etc.) hashed?
Are messages encrypted when backed up to the cloud?
All of which are N/A therefore are given a white background and not green. This site wasn't setup for an arbitrary points system.
Also
Directory service could be modified to enable a MITM attack?
There is no directory service for discovering contacts, SimpleX hosts a public group directory and it could MITK those, but that's a separate service not included in the app.. in my opinion it should get another 3 points.
I disagree that Google Messages doesn't use a directory service as phone numbers are the directory service, and the carriers could definitely MITM as they control the phone numbers.
Do you get notified if a contact's fingerprint changes?
Is personal information (mobile number, contact list, etc.) hashed?
Are messages encrypted when backed up to the cloud?
All of which are N/A therefore are given a white background and not green. This site wasn't setup for an arbitrary points system.
Also
Directory service could be modified to enable a MITM attack?
There is no directory service for discovering contacts, SimpleX hosts a public group directory and it could MITK those, but that's a separate service not included in the app.. in my opinion it should get another 3 points.
I disagree that Google Messages doesn't use a directory service as phone numbers are the directory service, and the carriers could definitely MITM as they control the phone numbers.