I’m missing the point. Was it that systems like Briar can’t work in iOS because they aren’t mesh net? If so, why not choose one that does, like Session?
Session provides protections against these types of threats in other ways — through fully anonymous account creation, onion routing, and metadata minimisation, for example.
What about Session, the Signal fork?
That is meshnet based
And? It works on iOS.
I’m missing the point. Was it that systems like Briar can’t work in iOS because they aren’t mesh net? If so, why not choose one that does, like Session?
For anyone considering Session messenger:
The Session developers dropped Perfect Forward Secrecy because it would be hard to work around it.
Source: https://getsession.org/session-protocol-explained
In plain English, they dropped a security feature for their convenience to the detriment of their users’ security.
For anyone unsure what PFS provides:
Source: https://en.wikipedia.org/wiki/Forward_secrecy
The Session devs also claim:
Reading between the lines, we can interpret that as introducing security through obscurity, which is generally considered bad practice - https://cwe.mitre.org/data/definitions/656.html
The point is being able to communicate when the internet is shut off
Session has made some insecure solution surrounding important design elements like forward secrecy