the client is open source. but the server? not so much.
in any case, if security is the concern… they should probably switch to a government-built system that only runs on gooberment devices. Will it be shitty? absolutely. But data is owned by whoever has the hardware it sits on. if it’s not your device its not your data.
No trust in servers
Persistent security even in case of a compromised server
From Olvid website
They are advertising the fact that the security does not depend on the server.
I don’t know what is worth.
Also it’s developed by a French company, I think this is the main argument for the French government, they want to have options that does not rely on US companies.
Only the client. Though that’s probably enough to make sure messages leave your device suitably encrypted. Depending on the algos it could be quite vulnerable to hndl attacks, though, or (less likely) any undiscovered backdoors in the implementations. Of course, even for Signal one has to trust they’re using the public server code anyway, but at least we know they’re folding in a quantum-resistant algo.
From their Google play store page: “Olvid is the first private instant messaging application for everyone.”
https://github.com/olvid-io
At least it’s open source, so we should know soon enough how it compares to Signal
the client is open source. but the server? not so much.
in any case, if security is the concern… they should probably switch to a government-built system that only runs on gooberment devices. Will it be shitty? absolutely. But data is owned by whoever has the hardware it sits on. if it’s not your device its not your data.
From Olvid website
They are advertising the fact that the security does not depend on the server.
I don’t know what is worth.
Also it’s developed by a French company, I think this is the main argument for the French government, they want to have options that does not rely on US companies.
Without the server-side code there’s no way to validate that. (This is the reason open source is preferred.)
It’s definitely being selected because it’s French. (And has all the buzzwords,)
Jack-shit without evidence and demonstrations.
Only the client. Though that’s probably enough to make sure messages leave your device suitably encrypted. Depending on the algos it could be quite vulnerable to hndl attacks, though, or (less likely) any undiscovered backdoors in the implementations. Of course, even for Signal one has to trust they’re using the public server code anyway, but at least we know they’re folding in a quantum-resistant algo.
That thing has some of the most verbose documentation I’ve ever seen. Stuff that should be a paragraph takes multiple pages.