I’m aware that Session has been discussed twice before on this community, but the last thread was 6 months old so excuse my starting a new one.
There’s one big concern I wanted to bring up, which is the disagreements over whether it has forward secrecy. The spec says it does, but I’ve found two other sources saying it doesn’t:
https://restoreprivacy.com/secure-encrypted-messaging-apps/session/ (search for “Perfect Forward Secrecy removed”) https://www.securemessagingapps.com
Why are they saying this? Is there a critical caveat to Session’s forward secrecy (does it not have it in closed groups?), or are both sources just wrong?
(I’ve also heard one source say its closed groups are limited to 10 members which would be a showstopper for me and another source say they’re limited to 100 and the spec says 500 so i don’t know what to believe.)
I’m also concerned about it being built on top of a blockchain and cryptocurrency, not because I’m suspicious of cryptocurrency in general but because I find it difficult to understand, and because that it costs thousands of dollars to run a Session node seems to me like the network is bound to be owned exclusively by a few rich companies and investors. Is it? Is there a place I can see who owns how much of it, particularly how much is owned by the Oxen developers?
UPDATE: I believe I’ve just learned that Sesison DOES NOT have forward secrecy or deniability; the whitepaper linked on their CURRENT website is outdated. https://getsession.org/blog/session-protocol-technical-information
I don’t really like cryptos at all, they’re way too laissez-faire/anarcho-capitalist for me, and not to mention the energy consumption, but let’s talk about them for a minute. I want to write down some thoughts. I have 0 crypto holdings, but I researched them a bit recently, it’s good to be informed.
Apparently, Oxen is a fork of Monero, which is apparently an almost fully private crypto. I’m all for privacy of information, knowledge and messages but I don’t think money aka power should be private. Incredibly bad for democracy, not to mention it goes against the idea of taxation. This is pretty much a deal breaker for me for a messenger that would strive to become mainstream and challenge the big tech oligopolies.
If a piece of software like this wants to use crypto, it should be a crypto that’s private only for small transactions (think, nobody needs to know you bought that candy, or that laundry detergent, I’m fine with the privacy of small purchases, in fact I think it’s good) but any transaction above a certain threshold should be public. In a crypto, this limit can be “voted” on, which is great, and I think in newer ones, like Polkadot, it doesn’t even require a hard fork.
Also, while we’re on the topic, I’d love if a crypto had in-built ”taxation” within the system itself, that takes a reasonable amount of money from big transactions or even wallets, divides it and distributes it randomly to other users. As it is now, crypto is essentially just a ”make the rich richer/increase the wealth gap” kind of thing, even more than normal money is, plus it’s a global casino/gambling on top, which also has the same end results. It’s hard for me to enthusiastically get behind it. Btw, I’m not surprised a "socialist” crypto like this hasn’t been created yet, the incentives and the type of crowd is just not there, but I would be surprised if it doesn’t get created eventually.
Secondly, the energy consumption. Apparently, Solana is a crypto that uses a new “proof of history” method (as opposed to proof of work or stake) that uses at least a 1000 times less energy than Bitcoin, and maybe even many more orders of magnitude less (1) and doesn’t suffer from the types of centralisation of power that happen with proof of work or even proof of stake. It’s apparently like a normal server in terms of energy consumption. If Session used this type of crypto I’d be more open to it.
As it is, I just don’t know what’s the purpose of Session. An attempt to create a private mainstream messenger? Can’t really support it, at least that’s how I feel about it, in its current form. A fully private messenger for extreme cases, like journalists or something? There’s Briar for that, without the iffiness of crypto.
You might be interested in GNU Taler. I heard Stallman talking about it in some podcast about Monero (I think Monero Talk). He was saying it’s being designed to be private for payers, but not payees, for tax purposes.
It was a dreadful listen though. The host just wanted RMS’s stamp of approval, kept trying to get him to say he liked Monero; and Stallman is the absolute worst, most obtuse podcast guest I’ve ever listened to lol.
A bit of this sounds like FreeCoin from Dyne ORG.
Another way of saying that is that democracy is great for the majority, but bad for the minority. Not everyone wants to labor for something they don’t want or believe. Cryptocurrency is about freedom.
Nobody wants to labor for something they don’t want or believe.
Democracy is about giving as many people as much freedom as possible, while putting emphasis and primacy on giving additional freedom to those with the least of it, first. It’s about leveling the playing field. It’s about compromise. It’s about everyone. But you can’t please everyone. Hence, reasonable compromises.
Private money (crypto or not) is not, it’s about giving more freedom to the select few, the rich. Being more poor than you deserve (common in unregulated taxless capitalism), robs you of your freedom. When there’s multiple agents in a limited space, freedom is a limited resource. This is true with any group of people, abstract or literal, you can’t move. Money is freedom, underserved and unfairly extra money is underserved and unfairly extra freedom. Private money is not about fair freedom.
Democracy is not about tyranny of the majority, fair democracies have protections for minorities infused into their cores. And that’s why in functioning democracies the rich get taxed.
How is cryptocurrency about freedom. What freedom does it grant me?
The freedom to not have your money controlled by state and/or capitalist institutions such as banks and payment processors. This is actually a huge deal IMO. With traditional fiat currency, you are completely at the mercy of every financial institution you deal with - your bank account can be closed or locked or your money seized by the government, and every time you buy anything with a bank card you’re really giving the merchant full access to all your money and just hoping they don’t abuse it. And they do. Who hasn’t had experiences having illegitimate charges appear in your account history, struggling to figure out how to cancel a subscription before the corporation charges you again without consent, or charged more money at a store than you were told it would be and not realizing it until it was too late? Cryptocurrency has issues, but the fact that it gives you control of your own money is very important to me.
The same thing is true with cryptocurrency though? Most people have their cryptobucks at a wallet that sits at an exchange? Which then has the same drawbacks as a bank.
I don’t know if it’s true that “most people” have their cryptobucks in custodial wallets, but the point of cryptocurrency is that you don’t need to do that. You can pay online using a wallet you control (and I have done so), which is impossible with traditional currency.
What cryptocurrency that’s properly decentralized can handle enough transactions for it to be useful?
I think having democratic control (via the state) over the money is pretty important. Also cash has a lot of advantages as well.
The state is the greatest enemy of human freedom and peace, so I will withdraw from this thread.
Are you anti government? I don’t like states as well, I meant to say government.
We probably aren’t going to agree here because undermining democracy and taxation is music to my ears :P
Though to be fair, I find your vision of taxation enforced by technology and given directly to poorer users rather than enforced by the state and given to the state, to be quite appealing.
As for Briar, I looked into it some time ago and came away thinking I would switch to it (away from Matrix) if it weren’t Android-only. Requiring a phone is a deal breaker for me.