Recently discovered this. Molly supports link with existing device just like on signal desktop. It even has benefit of getting entire chat history unlike signal desktop. Just restore the signal backup file during setup and then click link with existing device. Then scan with you primary phone. Beauty of open source. Molly: https://molly.im/
I’ve used signal to buy molly
Is there any real security-minimizing reason why it’s not wanted by the official app to have multiple mobile devices linked to one Signal account? (I’m not even talking about a second phone with another SIM card, I just wanna use it on my tablet).
I would appreciate a simple/ELI5 style explanation if there is one, I don’t work in IT.Element as a client with a Matrix server bridged to Signal works great, too. Centralizes your history on your own secure server, too.
More complex, though.
Also worth noting that communication between signal and matrix through most bridges requires the message to be decrypted and reencrypted, thereby breaking E2EE which kinda defeats the point.
Unless you’re running a bridge on a locked down home server on your own network, not sure it’s the most secure.
Very good point. For me its a private server and I run both the bridge and the matrix server inside the same docker network.
Why is it not actually in F-droid? They want me to install a private repo? Has it been audited or is this a shill?
F-Droid doesn’t want to host Molly because Signal doesn’t want any forks on F-Droid. Seriously, that’s the whole reason. Molly devs would be fine with it.
Molly is actually reproducible and has a fully FOSS version, so it is trustworthy.
Wait, Signal dev forced f-droid admins not to upload Molly to its official repo? How?
No. The F-Droid team just doesn’t want beef with the Signal guys.
I’m using molly for several months now it is really nice but recently I dive myself in XMPP and it is superior to molly/signal just because XMPP servers are auditable amd you can actually see if the server is using encryption or not while signal servers are closed source unfortunately, it’s their only flaw
The signal source code is open source, it is hard to prove that the servers are running the source code that’s published, and we know they have admitted to having source code they don’t publish for anti-spam purposes.
But you could take the signal server source code and stand up your own signal servers today.
And how do I tell may client to use only a specific server?
If your going to run a independent signal server cluster, you will also need to modify the client applications to connect to your cluster.
You probably would find the molly developers happy to accept a push request to have some configurable backend selection.
Session demonstrates this is possible.
If yo run your signal server does it come with the new quantum E2EE?
Good question, check with the signal github
I don’t know man, seems to me XMPP is more secure (unless you trust Signal) and simple to use because you have to jump less hoops
The Signal protocol is built in a way where you don’t have to trust the server. The servers could be run by the NSA, it wouldn’t matter. Especially now that the Signal protocol uses post-quantum cryptography.
Molly should integrate Monero, the way signal has integrated their shitty Monero fork. Then I can finally buy molly on molly on Molly.
