169

Recently discovered this. Molly supports link with existing device just like on signal desktop. It even has benefit of getting entire chat history unlike signal desktop. Just restore the signal backup file during setup and then click link with existing device. Then scan with you primary phone. Beauty of open source. Molly: https://molly.im/

top 50 comments
sorted by: hot top controversial new old
[-] GiantRobotTRex@lemmy.sdf.org 46 points 1 year ago

I've used signal to buy molly

[-] lemann@lemmy.one 7 points 1 year ago

Added benefit of not needing to purchase a secondary device... just imagine one!

[-] jet@hackertalks.com 27 points 1 year ago

100% Molly is amazing

Also you can run the normal signal client, and Molly on the same phone. To have two different signal accounts. If you use work profiles this could be four accounts etc

[-] Kusimulkku@lemm.ee 8 points 1 year ago
load more comments (1 replies)
[-] halvo317@sh.itjust.works 25 points 1 year ago
[-] Darkassassin07@lemmy.ca 10 points 1 year ago

Glad it wasn't just me...

[-] Piecemakers3Dprints@lemmy.world 4 points 1 year ago* (last edited 1 year ago)

Getcher tin ass over here, now. Please.

load more comments (1 replies)
[-] possiblylinux127@lemmy.zip 4 points 1 year ago

Compared to the other molly...

[-] DavidGarcia@feddit.nl 21 points 1 year ago

Molly should integrate Monero, the way signal has integrated their shitty Monero fork. Then I can finally buy molly on molly on Molly.

[-] jet@hackertalks.com 6 points 1 year ago* (last edited 1 year ago)
[-] DavidGarcia@feddit.nl 3 points 1 year ago

that's great to hear, thank you for sharing. seems like it is at least in semi-active development

[-] muggedTassi@feddit.de 19 points 1 year ago

Is there any real security-minimizing reason why it's not wanted by the official app to have multiple mobile devices linked to one Signal account? (I'm not even talking about a second phone with another SIM card, I just wanna use it on my tablet).
I would appreciate a simple/ELI5 style explanation if there is one, I don't work in IT.

[-] jet@hackertalks.com 9 points 1 year ago

No, there's no security benefit to this.

One goal of the signal foundation, has been making end-to-end encryption accessible for normal people. Keeping things simple one phone number per account is one method they used to do this. It does diminish an anonymity, it's using phone numbers as a form of global ID. Which isn't great.

So people could argue, that well having multiple signal accounts on the same device aren't against the philosophy, they're not going to spend any engineering effort making it happen.

[-] fmstrat@lemmy.nowsci.com 17 points 1 year ago

Element as a client with a Matrix server bridged to Signal works great, too. Centralizes your history on your own secure server, too.

More complex, though.

[-] pensivepangolin@lemmy.world 7 points 1 year ago

Also worth noting that communication between signal and matrix through most bridges requires the message to be decrypted and reencrypted, thereby breaking E2EE which kinda defeats the point.

Unless you’re running a bridge on a locked down home server on your own network, not sure it’s the most secure.

[-] fmstrat@lemmy.nowsci.com 4 points 1 year ago

Very good point. For me its a private server and I run both the bridge and the matrix server inside the same docker network.

[-] pensivepangolin@lemmy.world 3 points 1 year ago

Oh nice! I just like to warn people because I saw bridges get popular with Beeper and people don’t always catch that security-for-ease compromise

I’m not trying rip on Beeper, by the way. I don’t use them and never have. They could be totally legitimate and good-faith actors, but the reencryption issue with bridges sets my tinfoil hat off!

load more comments (1 replies)
[-] JubilantJaguar@lemmy.world 5 points 1 year ago

This is the solution I'm considering. Does it make sense if you have no actual contacts on Matrix? Do you think it would work on localhost instead of remote server? My use case is to get a single conversation view that includes Signal and Telegram contacts, but I don't need it on multiples devices, one desktop box is fine.

[-] fmstrat@lemmy.nowsci.com 4 points 1 year ago

I use it unfederated. Its on my local network server, running in docker with bridges to Signal, IRC, and Discord, no Matrix contacts. Works great for me.

[-] JubilantJaguar@lemmy.world 3 points 1 year ago* (last edited 1 year ago)

Useful, thanks. To be clear, you are using the official Matrix server Synapse as a Docker image, plus the Mautrix (sic) bridges also as Docker images?

[-] fmstrat@lemmy.nowsci.com 3 points 1 year ago

Correct. It was not trivial to set up, since there is a lot of configuration to read through, but it wasn't hard, either.

[-] ArcaneSlime@lemmy.dbzer0.com 16 points 1 year ago

Instructions unclear, am now rolling face and signal needs a phone number.

[-] badelf@lemmy.ml 14 points 1 year ago

Why is it not actually in F-droid? They want me to install a private repo? Has it been audited or is this a shill?

[-] jack@monero.town 8 points 1 year ago

F-Droid doesn't want to host Molly because Signal doesn't want any forks on F-Droid. Seriously, that's the whole reason. Molly devs would be fine with it.

Molly is actually reproducible and has a fully FOSS version, so it is trustworthy.

[-] badelf@lemmy.ml 3 points 1 year ago

Is that because Signal has trackers in it and F-Droid would remove them?

[-] neutron@thelemmy.club 2 points 1 year ago

Wait, Signal dev forced f-droid admins not to upload Molly to its official repo? How?

[-] netchami@sh.itjust.works 6 points 1 year ago

No. The F-Droid team just doesn't want beef with the Signal guys.

[-] jet@hackertalks.com 3 points 1 year ago* (last edited 1 year ago)

That's a good question, It really should be in the main repository.

[-] toastal@lemmy.ml 9 points 1 year ago* (last edited 1 year ago)

Molly now merged the long-awaited UnifiedPush feature that Signal refuses. This means the notifications go thru my server instead of Google’s.

That said, I hate the entire concept of only allowing one Android device but also requiring an Android device with a SIM or you get no service. iOS is also supported but feeds into that duopoly, requirements to have a phone, & the freedom use whatever devices you want how you want.

I would prefer XMPP, but I have too many folks that refuse to move from Signal despite the conspiracies.

[-] Grass@sh.itjust.works 6 points 1 year ago

My too many folks are on Facebook messenger, Whatsapp, and telegram. 'and' not 'or'...

load more comments (2 replies)
[-] EngineerGaming@feddit.nl 5 points 1 year ago

Yea, the mobile device requirement is so pointless and annoying! I have to use Signal with only a couple of people and had to use signal-cli, which is pretty annoying because it doesn't display history. Now I have it on Waydroid, but you should NOT have to do that.

[-] zShxck@lemmy.ml 7 points 1 year ago

I'm using molly for several months now it is really nice but recently I dive myself in XMPP and it is superior to molly/signal just because XMPP servers are auditable amd you can actually see if the server is using encryption or not while signal servers are closed source unfortunately, it's their only flaw

[-] jet@hackertalks.com 5 points 1 year ago

The signal source code is open source, it is hard to prove that the servers are running the source code that's published, and we know they have admitted to having source code they don't publish for anti-spam purposes.

But you could take the signal server source code and stand up your own signal servers today.

[-] Dark_Arc@social.packetloss.gg 5 points 1 year ago

it is hard to prove that the servers are running the source code that's published

impossible*

[-] netchami@sh.itjust.works 2 points 1 year ago* (last edited 1 year ago)

The Signal protocol is built in a way where you don't have to trust the server. The servers could be run by the NSA, it wouldn't matter. Especially now that the Signal protocol uses post-quantum cryptography.

load more comments (7 replies)
[-] jack@monero.town 2 points 1 year ago

Your client encrypts and decrypts everything, so it is actually not a privacy concern regarding message content when we don't know what the server does.

load more comments (3 replies)
load more comments (1 replies)
[-] eruchitanda@lemmy.world 7 points 1 year ago* (last edited 1 year ago)

Secondary phone, or any other additional android device (let's say a tablet).

[-] DaCookeyMonsta@lemmy.world 6 points 1 year ago

Instructions unclear, now comfortable with pissing myself.

[-] Nerrad@lemmy.world 4 points 1 year ago

Does Molly require a phone number?

[-] zShxck@lemmy.ml 8 points 1 year ago

Molly is a different client for signal so yes it will require it because signal does

[-] SatyrSack@lemmy.one 3 points 1 year ago
[-] calmluck9349@infosec.pub 4 points 1 year ago

Every time I want to try molly the version is too far behind to restore backup of signal. Currently my signal is at 6.37.2 and latest Molly is at 6.35.3

[-] NENathaniel@lemmy.ca 3 points 1 year ago

I’ve been doing this and like it but, it’s been crashing a lot in the background and draining battery

[-] Catsrules@lemmy.ml 3 points 1 year ago

Well I guess I don't have any more excuses not to use Signel.

[-] Gilgamesh@lemmy.ml 2 points 1 year ago

Only if simplex-chat had better UI...

load more comments
view more: next ›
this post was submitted on 02 Nov 2023
169 points (95.7% liked)

Privacy

32024 readers
1073 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS