Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
i've been using berty for a couple of months now, not as a primary messenger, but more so in situations where I want to transfer some information in the form of text/images/videos in situations where there is no internet connection
it has some issues, but it's relatively robust imo
Any idea how it compares to Briar by chance?
i'm not familiar with briar, so i can't really tell :(
They sound quite samiliar, with Berty you have to have the recipient on the app as well, ya? In other words no SMS/MMS messaging I believe from the break down? Briar is marketed for activists and journalist being a decentralized and encrypted messager which works without WiFi and can be routed over Tor.
yeah, you need both peers to have the berty app installed and it can't use SMS to send messages, but just like briar, berty is able to communicate via local wireless network, bluetooth, via other berty peers, over tor etc
so they are actually similar, but while berty uses ipfs, i'm not exactly sure what technology briar uses 🤷♀️
That's good to hear. As always with P2P networks though you have to know some people to get connected as otherwise you have a messenger with zero contacts. And that is always the part of the more difficult onboarding for P2P.
Skimming their website, I noticed two issues with their dependencies.
First, https://berty.tech/docs/protocol/ says
*The only non-standard packages used in the Berty Protocol are the following two, although they have been written by experts are widely reviewed by the community:
- libp2p/go-libp2p-core/crypto
- agl/ed25519/extra25519
Clicking through to ed25519/extra25519, one can see that the upstream author replaced that code two years ago with a readme that says "This repository is unmaintained" and "Uncared for code is not a foundation to build upon". (The part that was merged in to golang's standard crypto library does not include the "extra25519" code that this project requires.)
Second, I see that their Go-Tor-Transport relies on go-libtor which currently is using a year-old snapshot of the -dev branch of upstream tor. (I haven't yet discerned if Tor is fundamental to their design or if it is an optional thing, but i suspect the latter?)
They do say it is early days still and not fully dependable V1.0. So there is work in progress, and they still want to have an independent security audit done. I think they are pretty open and forthcoming about what is not yet done. They were quite clear to state the product is not ready yet for the Ukraine war for example, and state people should not consider it for that use.
Certainly in principle one does not want to build on unmaintained code (different from code that has not requited an update for any good reason for a while).
So it is really a proof of concept now that is usable, but not yet declared finished as far as the security side goes (implying some of those loose ends mentioned). I gather from that we should not yet be judging it as a finished or production ready product.
Will it also be available on f-droid or the like, or maybe as direct apk download?
That's when I'd consider using it. Hopefully it gets added to F-Droid soon.
You'd have to ask them on their site I reckon
they do
join their discord, they have a beta-onboarding channel where you have to react to a message or smth in order to automatically be added to additional hidden channels that give all the appropriate links (including direct .apk download)
everything is explained in the beta-onboarding channel more concretely :)
you can also ask them there about their plans for f-droid 🤷♀️
A privacy focused messenger that gathers on Discord? 😬
It shows no concern for how easily our network graph is used to control us, we should be able to lift and shift our messaging abilities anywhere after 100 years of consumers wanting that exact feature.
discord is popular and convenient, and provides a lot of capabilities that other messengers don't 🤷♀️
You could say the same thing about all proprietary services that the privacy community is against though. Telegram is more popular and convenient than Berty, for example.
It just feels like a weird choice to go with Discord for this.
eh, idk, you're prolly right, but i'd much prefer for projects like berty to be organized on discord rather than nowhere at all 🤷♀️
What pro does it offer you? We must ask ourselves this.
You don't think that their comparison matric table with some other products shown on their website, is sort of leaning towards the pro's? That to me did sort of highlight their pro's vs what the other producst don't do?
Honestly I have my doubts
afaik ipfs is "permanent" immutable storage. If you want your chat to be permanently on the record then this is ok, but not everyone may want that. Having the ability to permanently delete can be useful.
ipfs is not permanent and immutable, it can hardly even be called storage, as in, content exists on ipfs only as long as someone is interested enough in it to continue distributing it from their own computer, and after the last peer is gone the file disappears from ipfs
it's similar to bittorrent in a way, so this is in no way a blockchain
How well does it work on iOS?
It installs but for some odd reason I don't see any family or friends, so have not tested messsaging yet....
i think you need to enable low-energy-bluetooth and a few other points in the settings and then restart the app in order to enable discoverability and offline p2p communication
but berty has updated their app since then, so i'm not exactly sure, but you probably still need to go through the settings in the app and toggle on anything that looks relevant 😉 (some important stuff is off by default)
Been looking for a good offline messenger. Going on a cruise soon. I want to chat with my family. Will have access to the ships WiFi but not internet. Dont want to pay the $100s for a weekend. By biggest hurdle is being on iOS and android. Most apps are not on iOS.
Was attemptingtoo download this open source app but its not on fdroid?
iOS especially is a problem for WiFi enabled apps or cell to cell direct. Could also maybe look at SimpleX https://simplex.chat/.
Does simplex work offline?
Actually no, sorry I see SimpleX is via a server. But why would Berty not work as it is offline and does iOS as well? Tox is another option https://en.wikipedia.org/wiki/Tox_(protocol) but bear in mind their point made, that if there is no central server used, both (or all) clients needs to be actually online for any connection. There is no store and forward server in the middle.
It may. seems like it only connects via bluetooth LTE. That range is not ideal. Will be testing it one of these days.
The only ipfs component it uses is libp2p, right?
So we decided to abandon our custom network to start Berty V2 from scratch based on a full IPFS node [...].
Wat, that would be insane battery usage. They would have had this problem anyways, just because they do p2p messaging, a c2s model is way better for battery life. But going with a full ipfs node?? Whyyy, what purpose does it have? Content-addressable storage isn't really any use to them, right? Do they want to integrate filecoin?
berty uses gomobile-ipfs, which is a version of libp2p adapted to run on mobile, therefore much more efficient, but also less capabilities iirc; gomobile-ipfs is rather efficient in my experience, i run two apps that use it and don't notice any unusual battery drain
the reason to run a full ipfs node is in order to pin(upload)/download content to ipfs, you have to run one if you want to do that; you can sort of get around it by using the ipfs-http-api, but that defeats the purpose of using ipfs, as utilising the http gateways makes the entire thing censorable and centralised
Interesting. Maybe I am underestimating the capabilities of modern smartphones. But libp2p has to keep a connection at all times in the background, right? For connectivity?
libp2p is actually a stack of different networking technologies: different components activate depending on whether you need them at the moment or not
there are some ways to implement messaging that require both peers to be online at the moment of message transmission, and there are some ways to implement messaging so that the receiving peer can be offline, i'm not exactly sure how berty implements it, you can surely get a exact answer to that on their discord :)
Yes it is not doing file sharing etc