
Session: An open-source private messenger that doesn’t need your phone number - webmobdev
https://itsfoss.com/session-messenger/
======
hnarn
Signal without phone numbers built on blockchain technology and with its own
crypto currency? I think I'll stick to Signal.

~~~
deepersprout
Signal depends on play services on android. I keep reading here that signal is
secure and we should all switch to that, but I just can't get over the fact
that it works only if you effectively give root to google on your phone. I can
not take Signal seriously when it tells me it is secure, but has that
requirement.

~~~
ewired
My device runs Android without Google Play Services. Signal has often
presented a feature to use its own HTTP WebSocket notification services after
I freshly upgrade my phone by re-installing an upgraded ROM. It's not specific
to any release of Signal, it just happens when it doesn't detect Google Play
Services. There is a process to correct this and make it use microG which is
much easier on battery life. microG still connects to Google's notification
services, but there is no Google malware on the device. From what I can tell,
Signal only uses Google's services to "wake up" the connection to Signal to
check for new messages.

~~~
balladeer
I might give Android another try seeing iPhones have also started growing
faster than my palm. But I don’t see any sanely sized phones for which there’s
a zero friction google-free Android migration available with at least 3-4
years of support.

------
Mathnerd314
Blockchain paper: [https://loki.network/wp-
content/uploads/2020/02/Whitepaper.p...](https://loki.network/wp-
content/uploads/2020/02/Whitepaper.pdf)

So it's a fork of Monero that gives rewards out to "service nodes"
periodically for not being ejected from the network. stores data. A service
node also have a "stake" that's lost if the node ejected. The service nodes
together form a "swarm" that routes messages and stores data and occasionally
does various tests to eject bad nodes.

IDK, doesn't seem that bad. I'm sure because of the complexity there's some
emergent bad behavior that will crop up, but the cryptocurrency is separate
from the message platform - there's no cost to send messages, it's a separate
proof-of-work Blake2b hash. So at worst the chain will fork and you'll have to
update the app again.

------
mirimir
OK, so the messaging app is a fork of Signal that uses arbitrary IDs instead
of phone numbers. That alone is a huge win for me.

But what I find most interesting is its built-in anonymity. Like Tor, it uses
an onion routing network where only entry nodes see users' IP addresses. Users
are anonymous from the swarms that cache messages, and also from other users.
Except of course for the ID, both that's not tied to anything in meatspace.

Edit: The onion routing network is Loki, which I gather is a fork of ZeroNet.

------
Natales
Wire (wire.com) doesn't require phone numbers either. I've been using it for
the last year or so to communicate with my family, and its usability for non-
technical users is very good, including top notch audio and video.

It syncs across all my devices (iPhone, iPad and laptops, Mac and Linux), and
I can quickly do full-text search over large amounts of data and docs we've
exchanged over time.

It's full OSS, including the clients. I don't know why it's not more widely
used.

~~~
balladeer
I can tell you why I stopped using it. It was clear after a few months that
features, layout, and UX wasn’t being developed keeping individual users in
mind. Later the CEO stated that they are not at all their concerns.

And compared to Signal, WhatsApp, and Telegram their call quality was
horrendous so not many of my contacts stayed.

------
Youden
I tried the app a couple of weeks ago after hearing about it elsewhere. It
looks interesting but as someone just looking to use a potential app, it
really put me off with these two "conversations" that you can't delete, remove
yourself from or permanently mute/ignore:

\- "Session Updates" \- I assume this is news about the app itself, like new
features. However the messages here all refer to "Loki Messenger" rather than
"Session".

\- "Loki News" \- Has weekly updates about "Loki". When I first installed the
app I had no idea what "Loki" was or why I should care.

Messages to these trigger notifications and everything else a message would
normally do. They're confusing and annoying and the first thing you see when
you finish the onboarding process.

~~~
mirimir
You can delete the "Loki News" contact, but not the "Session Updates" one.
Although I don't have a problem with either, it would be good if users could
opt out.

They _are_ messages. I'm guessing that's because Session has no other
connectivity except through the Loki network. I do recall reading that the app
only talks to the Loki entry node. And if that's true, it would be a _very
good feature_.

------
corobo
Holy crap. I’d left my iPad on cellular data so no pihole... what an absolute
state this site is!

[https://i.imgsir.com/Qw3y.png](https://i.imgsir.com/Qw3y.png)

As for the software

>it will simply generate a random (unique) Session ID.

>It’ll look something like this: 05652245af9a8bfee4f5a8138fd5c……..

>So, you just have to share your Session ID with the contact you want to add

Sorry but I truly believe this is DOA for this reason. Y’all blockchain nerds
ever heard of usernames?

~~~
mirimir
Huh? I just opened it in a virgin Firefox install, and see no ads.

And re IDs, there's Zooko's triangle.

~~~
mirimir
Sorry, I was referring to [https://getsession.org/](https://getsession.org/)
and not TFA.

------
xenonite
Threema, a well-proven app, already convers the use case of no phone number.
Instead, each user has his or her unique id.

[https://threema.ch/](https://threema.ch/)

~~~
ship_it
Not free. Huge privacy concern imo (who pays for it? who uses it? no visible
way to pay with cryptocurrency)

~~~
xenonite
Who pays? Well, as it’s not free, the users pay for it. And you can buy it in
the Apple/Google App Store, or if you really wish, with Bitcoin in the Threema
Store.

Regarding the privacy concerns: the end to end encryption can be validated by
yourself if you wish. Meta data is reduced to a minimum, see their FAQ.

------
tomcooks
Then there is that adoption share thing to fix and it's all going to be great
/s

------
m-p-3
Seriously, I wish Signal could detach itself from a phone number and make it
optional.

Sure, that'd make contact discovery worse but I could live with that shortfall
if it increased my privacy.

------
ty7yt
b637b5107b6b7abfd1153ea042b5e9fe474acb5d9cf35 is me if anyone wants to test it
out.

------
ta999999171
Any love for Riot?

------
Proven
I stopped reading after I saw "blockchain".

~~~
mirimir
It's a private blockchain.

