You can use Orbot indeed

That’s correct, simplex.chat domain doesn’t participate in the connection, and the only attack possible is via GitHub replacing page code - I don’t consider it a real threat for now.

Also, you can replace https://simplex.chat/ with simplex:/

It’s probably time we make it an option in the app…

My talk at MoneroKon about SimpleX Chat current and future design https://youtu.be/0stN1SjZn0I?t=10572

In any existing browser without changes I mean

No web client for now, also it’s impossible to have the same security level in web browser

SimpleX Chat v5.1.3 released:

- Fixed video calls on iOS!

- Much faster group deletion.

- New preset SMP servers - add them in server settings!

- Many small fixes.

Incident with iOS notifications delivery (resolved)

During the server migration to a larger instance the certification authority file was not migrated and server failed to connect to Apple servers.

Our testing process was not properly followed during the migration, as the result notifications were not delivered for ~24 hours.

Really sorry for the inconvenience - we know how to improve it, this is not the level of service we want to operate. We are fully aware that some of you really depend on the service, however early stage it is, and it will be at a different level very soon.

Thank you. Whenever users can’t receive messages I can’t think of anything until it’s fixed. The team feels this pain too. We do try to fix issue as soon as possible, and in general last week incident we see as not acceptable even for beta releases, leave alone production. So we’re improving the test coverage now, and we will prioritise delivery receipts for 5.2 or 5.3 - that would reduce users’ and our stress a lot.

The cadence of f-droid is indeed a pain, there are two problems:

1) the time it takes to build the app. Because there is no Nix cache that holds GHC cross compiler and the stack it has to be compiled every time we build the app - it takes ~12 hours. On our CI the build takes either 20-60 min, depending on the scope of changes. We need to figure out how to use Nix cache, but the problem is that it’s not a priority when exactly two apps in f-droid use Nix…

2) the time it takes to update the whole F-Droid repo - I don’t fully understand the design, so not sure if it can be improved to have f-droid updated per app…

Users can of course switch to another source, but the app would be signed with another key (as it’s not a solved problem doing reproducible builds with GHC), which means they would have to export db, reinstall the app, and import again.

I don’t have a simple solution here…

SimpleX Chat v5.1.2 fixing message reception bug is released to GutHub, our F-Droid and on App Store. Play Store release is in review, and the main F-Droid will be updated in a couple of days.

Thanks for the patience and sorry for the trouble!

Message delivery issue in v5.1, possible temporary workarounds until we fix.

We just confirmed that there is some message delivery bug in v5.1, working to diagnose the root cause and to fix it.

The symptom is that the messages are stopped being received by some contacts (and group members), and some users say it happens in 2 days after establishing the connection.

Possible temporary workarounds, until we fix (either of these works):

- downgrade the app to 5.0 (you will be asked to confirm downgrade on start, and reactions will be lost, but it will work) - all stuck messages are delivered. After upgrading back to v5.1 disrupted contacts continue to work - difficult to say for how long. It would be great if anybody could confirm that this worked for you, as we only could confirm it on one device so far.

- create a new connection with the same contact - it seems to work for 2 days.

Certainly do not install v5.1 if you have a choice, looking if it's possible to temporarily pull v5.1 from app stores.

Sorry for the inconvenience and thanks for all your support!

Yes, that’s what we (= Moritz:) did to integrate the code we had working in the terminal into mobile apps in early 2022, as we also didn’t want to re-write, and now there is much more code to rewrite…

Haskell is very performant, and also very effective for concurrent programming (better than anything I used, including Erlang-based Elixir), and there is lots of potential to improve the performance with some code tweaks.

The binary size isn’t great. We will have to solve this problem eventually.

Compilation for web is getting stable in 9.6 though, so web client will become possible too (with some security compromises).

Android amrv7a support was done this year (Moritz did lots of fixes in GHC) - quite non trivial.

iOS

This is a classic UX fail, which I got trapped into even though I should now better not to tap again :))) We still have the same in “change address” button - everybody who finds it, taps 3 times (it seems a magic number we try something before concluding it’s broken), with a good probability disrupting the connection 🤦‍♂️

Yes. I suspect that I tapped post, nothing happened, so I tapped it again, and then again :). We had it too in SimpleX Chat. Solved by blocking the button while “post”

Is processed.

It was sent three times 🤦‍♂️

We don’t build the product for anonymity (although it can provide it), we build it for privacy of ordinary users from the operator and any observers.

Privacy means not just secrecy of my messages, by definition in includes the privacy of my associations.

I don’t need to hide my identity from people I talk to (=anonymity). But I absolutely don’t want my communication service provider observing my connections. Why is it so? Because apparently as this information is not private, and shared publicly, it can be further shared with the third parties - especially in the US.

And a lot of third parties having visibility of this connection graph doesn’t just create risks for freedom in oppressive regimes. It has a direct impact on the prices we pay online - targeted prices, aka price discrimination, becomes the norm for a growing number of online retailers. And if you think that it results in wealthier people paying more you are wrong - usually it works in the opposite direction, known as “poverty premium”.

So privacy doesn’t seem something only a niche market needs - it seems like something absolutely everybody needs, and that Signal, WhatsApp, Session etc. simply cannot provide whether they use phone numbers or not - any form of identification is good enough to reconstruct connection graph via correlation of communication patters with the existing public networks - it won’t be flawless but it will be precise enough for targeted pricing. So it’s just have to stop, and privacy of our associations from communication providers should become a norm, not an exception.

We don’t build the product for anonymity (although it can provide it), we build it for privacy of ordinary users from the operator and any observers.

Privacy means not just secrecy of my messages, by definition in includes the privacy of my associations.

I don’t need to hide my identity from people I talk to (=anonymity). But I absolutely don’t want my communication service provider observing my connections. Why is it so? Because apparently as this information is not private, and shared publicly, it can be further shared with the third parties - especially in the US.

And a lot of third parties having visibility of this connection graph doesn’t just create risks for freedom in oppressive regimes. It has a direct impact on the prices we pay online - targeted prices, aka price discrimination, becomes the norm for a growing number of online retailers. And if you think that it results in wealthier people paying more you are wrong - usually it works in the opposite direction, known as “poverty premium”.

So privacy doesn’t seem something only a niche market needs - it seems like something absolutely everybody needs, and that Signal, WhatsApp, Session etc. simply cannot provide whether they use phone numbers or not - any form of identification is good enough to reconstruct connection graph via correlation of communication patters with the existing public networks - it won’t be flawless but it will be precise enough for targeted pricing. So it’s just have to stop, and privacy of our associations from communication providers should become a norm, not an exception.

We don’t build the product for anonymity (although it can provide it), we build it for privacy of ordinary users from the operator and any observers.

Privacy means not just secrecy of my messages, by definition in includes the privacy of my associations.

I don’t need to hide my identity from people I talk to (=anonymity). But I absolutely don’t want my communication service provider observing my connections. Why is it so? Because apparently as this information is not private, and shared publicly, it can be further shared with the third parties - especially in the US.

And a lot of third parties having visibility of this connection graph doesn’t just create risks for freedom in oppressive regimes. It has a direct impact on the prices we pay online - targeted prices, aka price discrimination, becomes the norm for a growing number of online retailers. And if you think that it results in wealthier people paying more you are wrong - usually it works in the opposite direction, known as “poverty premium”.

So privacy doesn’t seem something only a niche market needs - it seems like something absolutely everybody needs, and that Signal, WhatsApp, Session etc. simply cannot provide whether they use phone numbers or not - any form of identification is good enough to reconstruct connection graph via correlation of communication patters with the existing public networks - it won’t be flawless but it will be precise enough for targeted pricing. So it’s just have to stop, and privacy of our associations from communication providers should become a norm, not an exception.

Let’s talk about it and brainstorm! :)

Thanks for such a positive comment #[1]​ . User traffic almost tripled yesterday from your tweet, some people thought it’s your creation :)

Lots of work to do to improve it. Exciting times :)