Others even dislike drinking milk without being a cow.
Because that’s not their job. I know for a fact that this will be an unpopular opinion, but I am glad that there are people whose only/main job is to poke around software trying to find security vulnerabilities. How else are we consumers supposed to get secure software for daily use?
BTW, Threema is not at all FLOSS, only the client code is (for long), but not the server.
Additionally the client code is of no use: It connects only with credentials bought from Threema, one cannot run an own Threema server, it is deliberately a completely closed “ecosystem”.
Furthermore the security of Threema and its home-brewed encryption is abysmal: Messenger billed as better than Signal is riddled with vulnerabilities | Ars Technica
Afair the security issues mentioned in that research paper are rather of theoretical than practical manners and refer to the old protocol and stone old, long fixed bugs anyways.
Telegram is the same. However you dont need the server to verify if secret chats are e2e encrypted in a sound way, do you? (well, except when they aren’t, and never in groups). But then you also don’t have the backup fiasco of say, whatsapp).
Security vs openness vs usability: pick two…
(btw, open whisper has the server open, but you can’t verify that, nor use that for any purpose)
I think this is not true, look here: Threema OnPrem – Selbstgehostetes Enterprise Messaging
But I’m not sure if I understand this correctly
Threema onprem is on premise installation of threema work.
so not possible for normal threema
and you can expect the costs …
Ah right, I forgot that, I’m sorry.
I disagree wholeheartedly and name Matrix and XMPP with OMEMO as counterexamples. IMO they both fulfil the triple “security, openness, usability”.
Plus: Security software has to be open to be secure. The basis of this fact is Kerkhoffs’s principle from 1883.
Obscurity (on many levels) is the main reason for insecure software.
Furthermore I hate the definitely wrong assessments, that there is any truth in the notions “security versus usability” and “openness versus security”.
(Sorry this is off-topic for Threema)
“Openness vs security” is in no way a discussion I want to have, fully agree there is no security without openness. I was trying to be “clever” by quoting a “pick two” rule.
However the “security versus usability” is still at challenge.
Entering secure group chats lets you chose between “wait for all players to re-send their message with your key” or “don’t look up” - because there is no previous message.
Add that to that the fact that most popular mobile messengers are “social networks of SIM contacts” (so you don’t have to ‘create an account’ and ‘add a friend’, they’re just there) - this is where XMPP and Matrix are presenting some resistance, and the all-too-comfy user picks the less resistance path…
Security usability has come a long way recently though, I agree.
Back on topic Threema, just picking some usability issues from wikipedia (sorry if the source is wrong):
- It doesn’t use “social network of SIM contacts” (good!), requires only to be a paying user (good!), but how do you pay may still identify you.
- btw, using checksums or any algorithm on phone numbers is highly insecure, since the input space is so small (10^13 max?)
- It cannot run on multiple devices unless your phone is one of them and is connected. (security annoyance?)
- It uses random generated user IDs if you don’t provide your name/number (hello ICQ)
- Chats are limited to 256 people (must be a threshold for security power hog to send a message encrypted 255 times)
- calls are only one to one, no group calls (maybe security hard at work again)
I am not arguing that one should not choose security.
I just say that the choice is not as easy as it looks.
L.E. the wikipedia article doesn’t mention backups, or what do you have to do to switch devices with Threema. Since the limitations above are similar to Signal (or Whatsapp, which doesn’t count here, on any count), I would guess there are hoops to jump in this case too.
Actually, it seems that they “fixed” this: