Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
hkt a day ago

Used it for years, it is great. Webxdc apps work in both android and desktop clients (not sure about iOS) so I can play chess, share calendars and to do lists, and even collaboratively edit documents, all by email, all privately.

Anyone who hasn't tried it really ought to.

To the haters talking about PGP: giving your entire social graph to Meta or even Signal is considerably worse.

woodruffw 14 hours ago | parent | next [-]

Signal does not have access to your social graph[1].

(Delta Chat markedly does leak your social graph, because it's email and email has no way to protect sender metadata from each user's email provider. That means full social graph recovery is one low-effort subpoena away in your attacker's municipality of choice.)

[1]: https://signal.org/blog/private-contact-discovery/

sudahtigabulan 8 hours ago | parent | next [-]

> Signal does not have access to your social graph

Their contact discovery uses SGX, which has a long list of vulnerabilities [1], and is even deprecated by Intel.

With access to the server, my guess is that getting someone's social graph is not entirely impossible.

[1]: https://en.wikipedia.org/wiki/Software_Guard_Extensions#List...

9 hours ago | parent | prev [-]
[deleted]
rlue 19 hours ago | parent | prev | next [-]

How is the latency? All mainstream chat apps have low-enough latency that a live conversation feels fluid and natural, whereas I frequently encounter situations where I have to wait up to five or ten seconds for an email to come through. That kind of latency would kill the experience IMO.

em-bee 19 hours ago | parent [-]

in my experience the "latency" for a person to reply to a message is always higher than the latency for a message to arrive. in fact, some latency is good. gives you a break to think.

singpolyma3 a day ago | parent | prev | next [-]

Besides the fact that hating on PGP is like hating on TLS. It's a spec and a container for just about anything you want to do. gnupg (the thing most people have come to dislike) isn't even spec compliant anymore and was always a power user tool not something most users should actually touch anyway

Avamander 17 hours ago | parent [-]

Nah, hating on PGP is like hating on SSLv3. The specs are bad, the entire system is very error-prone, and the cryptography itself is also outdated.

godelski 6 hours ago | parent | prev [-]

  > giving your entire social graph to Meta or even Signal
1) Signal does not have your social graph

2) you are not required to give the app access to your contacts

Stop spreading this misinformation, it is only making it harder to get people onto secure messaging systems. You need two people using secure systems to communicate and the result of all this horseshit is a bunch of armchair experts who haven't bothered to look into the actual security of the app making strong confident statements. Just stop.

Even if it had half the issues people pretend it does let's be honest, my grandma can use signal. That's a fuck ton better than most of the alternatives out there. Frankly, that's what 99% of people need, the app that everyone can use. Not the app that some techie says is trivial...

Side note) Comparing Signal to WhatsApp is wildly disingenuous.

Side side note) there's a 30 yo pgp hack. If you reply to a gpg email with "could not decrypt" you'll get back the email in clear text. (Joke is older than the average HN user)