Molly - a better signal

molly.im Molly

Molly is an independent Signal fork for Android.

121 comments

A truly better signal is one that's not using a centralized service.
- I don't see an issue as signal is designed not to trust the server. Signal also uses sealed sender and Perfect Forward Secrecy, which is something almost all e2ee messengers lack. What it means in practice is signal leaks very little if any metadata, if you leak metadata you give away details about who your talking to and for how long, etc. Examples might include talking with a suicide hotline, or a doctor, maybe a customer service agent at a company and for how long. Those details will give a lot away about you, even if the messages or calls themselves are encrypted. Matrix is not recommended for communication because it fails to properly hide metadata and actively trusts the servers. When you make a call on signal, as long as both users have "Always Relay Calls" set to disabled, your calls will be peer to peer instead of trusting a central server to facilitate the connection and trusting a middle man. What this means is since the connection is peer to peer you can leak your IP address to the user you're talking to, however a VPN fixes this issue.
  
  Thanks for taking the time to reply. There are multiple issues with centralization.
  A prime one is that the entity that you (have no choice but to) trust today will eventually turn against you at some point down the road. In the case of Signal, the writing is on the wall already: using a 3rd party client is against Signal's ToS, and Signal has been seen pushing controversial features like crypto payments that, as a user of their captive ecosystem, you have no choice but to engage with.
  Signal is an entity that's incorporated in a jurisdiction and might be compelled by law not to provide service for certain users, or to degrade its encryption to comply with the local regulator. Using a centralized service like Signal makes you an easily identifiable/prime target in such a scenario.
  No matter what Signal says, nobody but themselves can verify what code runs on their servers, and what amount of logging/data processing goes there. Because every account checks in through them, because every message is routed through them, there is no technical barrier to knowing who's who, who's talking to whom and when, with the nature of the communication (text, video, image, …) from which a lot can be inferred. As far as I understand the American law, any agency could tap into that, either directly, or via Amazon on which the whole thing is running. I am not paranoid enough to believe that 3 letter agencies belong to one's typical threat model, but with SGX contact discovery from phone number and sealed senders, Signal kindah panders to those? Either way, those are unverifiable mitigations to problems that decentralized systems do not have.
  I could go on and on, but the first one is the main one IMO: we are past the need to trust anybody with our instant messaging and put a fundamental aspect of our lives at the mercy of (geo)political and societal woes. That's practically a solved problem in the opensource world, and we can make it ethical and sustainable by just opting out of the dominative model of monopolistic and centralized systems.
  
  signal is designed not to trust the server
  Unfortunately this is not enough. A malicious Signal server can mount a timing correlation attack and infer the social graph of an user. Having a centralized server makes it more difficult to mitigate such risk.
  
  Relying on a centralized service can still be problematic. If nothing else it's a central point of failure, even if you don't have any particular privacy concerns due to the usage of end-to-end encryption. Signal also relies on Intel SGX for some of their privacy features on the server, which is somewhat dubious. AFAIK this is currently mostly used for contact discovery, which would otherwise be an even worse situation, but it has seemed in the past like they were interested in expanding this, though maybe that's just all speculation. Regardless, my main concern with signal being centralized is that you have a lot less control over your chat. Signal can change on a moments notice and it's all just gone.
- Yes and no. decentralization is great for a lot of reasons but it does come with downsides. I don't know about you, but i convinced my family and friends to use and keep Signal for years now and i don't think i would have had such luck with Matrix/Element, let alone a p2p app.
  I'm glad decentralized options exist and think they deserve more funding and love, however.
  
  I managed to convince my family to use XMPP. Since about 2015. It's been great, and apparently is getting better since more are joining :)
  
  My family uses Matrix, and if some don't, I don't talk to them online.
  
  Just as a side note: You can easily use Matrix with a signal bridge if you selfhost (or use Beeper, which is Matrix with central bridge management)
- Look at https://simplex.im/ then. It's work in progress but the design is good.
  But I'm glad to have a better Signal client too.
  
  A wonderful chat application indeed! Wish SimpleX was built with Material You support though.
  
  The page isn't loading currently… What protocol is it using? and if neither XMPP or Matrix, then why even bother?
- Some interesting thoughts on this from the Signal creator: https://signal.org/blog/the-ecosystem-is-moving/
  
  And an objection by the author of a popular XMPP client: https://gultsch.de/objection.html
  
  Yeah and that doesn't change the fact that decentralization is better for freedom
  
  "It’s what Slack did with IRC, what Facebook did with email, and what WhatsApp has done with XMPP". Doesn't he also notice a certain thing in common? Y'know, that they turned hostile?
- You got me there. There aren't a lot of alternatives that have the same stability
- That's what Session is
  Which is actually on fdroid, unlike Signal who explicitly refuses to support degoogled ecosystems
  
  Weird as I get signal from f-droid.
  
  You can download the APK from their website and it auto updates itself. It fetches notifications without Google required.

Yes. You're right. When you make a post you probably should give a body to it rather than just a link to a project. Why do you think it's a better signal? Otherwise people aren't going to find it super useful
- It has a F-droid repo and has a completely foss option.
  I just assuming people would click the link
  
  You just posted a link to some app most people don't know about a "better Signal" , with no explanation of why. That's classic spammy vibes.
  
  Most people are not going to click the link, they might click in to see what you're talking about, but you just link to something else, so most people are just going to charitably just go away.
  
  I wouldn't recommend using fdroid due to security concerns. When you download a fdroid so it is signed by fdroid instead of the developer, what this means it's if fdroid gets hacked all your fdroid apps are insecure and can receive malicious updates. You also trust fdroid as another party in the chain, when in reality you should remove as many parties as possible. They also tend to host outdated apps with no updates in years. Use obtainium as it will pull directly from the developers GitHub page and will be signed by the developer instead.

Now if someone could make a desktop app (perhaps using Qt or some similar cross-platform toolkit) that isn’t Electron bloatware, for all the people who don’t have a few spare CPU cores and gigabytes of RAM to spend on a messaging client.
- There’s Flare, a Signal client written in GTK4. It still has some features missing iirc, check their wiki for that.
- You got to be careful as signal as sent S&D letters
- Is Signal known for being resource hungry? I've never noticed tbh
- You can download it here!

Molly added multi-device support, including secondary Android devices - phones, tablets, etc.

I don't understand. What makes Molly more trustworthy than Signal, if they both use the same central sever? The website doesn't really provide much data.
- It has a completely Foss option and reenables pin codes
  It also has a F-droid repo which makes it much easier for me to use
- The database is encrypted
  
  How does that work, though? It's the same servers and protocols, right? So it would verify with an sms. Or is Molly not compatible with Signal (Molly users talking with Signal users), and I'm just completely misunderstanding the statement of being a hardened Signal?

I've been using Molly on my GrapheneOS phone for about a year. It's been pretty great so far.
- Molly on Graphene is the only way to live.
  
  Been solid so far!
- Does it allow you to exchange messages with people on non-FOSS OSes?
  
  Yeah, I message one of my friends who has stock Android and stock Signal.
- I used to be addicted to Signal on Stock Android, but I've been sober for over a year using Molly on GOS.

This is actually more than welcome. I never understood why you could have your signal on your phone and ipad, but not on two phones. Applaud molly to do so!

What is the difference between regular signal app I am on iOS so doesn’t matter just curious?
- Molly is only available on Android, as far as differences it is a hardened fork of signal with an encrypted database, what that means in practice is even if someone was actively probing your phone to try to gain access to messages they wouldn't be able to due to the encryption. It's very useful if you are an active target or you don't trust your phone os to play nice. I personally use it myself and really like it but in general it's not terribly different.
  
  [This comment has been deleted by an automated system]
  
  Yeah I realize it is android only and that makes sense that is exactly what I was looking for surprised signal doesn’t encrypt the database honestly.
- It has a completely FOSS version that is available on F-droid. It also implements a pin which signal removed for convenience.
  Its not available for ios
  
  Yeah I know it’s not on iOS I still love Android so I try to stay up to date on Android as well even not having one. My iPhone is paid for by work so I just don’t complain .

The RAM shredding feature seems kind of silly to me, but I don't know the details. Ideally the operating system should clear pages before giving them to other applications... While I can see the appeal in also doing it in the application, it seems kinda wasteful, and I wouldn't trust the application to do a good job of that anyway. If the point is to prevent the app itself from leaking private keys on a buffer overflow or whatever... I guess I can see the value of that, but I'd rather see mitigations for the buffer overflows highlighted instead. I guess this just makes me a little suspicious of the actual value provided by the app.
- Okay, I got curious and looked into it... These are the relevant files for the "RAM shredding"
  https://github.com/mollyim/mollyim-android/blob/d7997fceb68696582fea0cbf3f8dd0e0af64e8b2/app/src/main/java/org/thoughtcrime/securesms/service/WipeMemoryService.java#L102
  https://github.com/mollyim/mollyim-android/blob/2f2b603faaa2f6db20cd9e654b5ac1635b9a9353/jni/utils/org_thoughtcrime_securesms_service_WipeMemoryService.c
  I'm not an Android dev, but at first glance it looks like all this does is try to allocate all of the free memory in the system, and walks through the pages and uses rand() to fill in all of the bytes. Technically it's possible for the pages returned by malloc to contain old data, but only if it was allocated by your process in the first place (maybe that's not the case on Android?)... So I guess the idea is that if Molly itself is compromised and an attacker is able to allocate memory in the Molly process they could conceivably get an old page from memory and that page might contain secrets from the Molly app itself... But at that point, surely you're fucked anyway, and the attacker can presumably read all of the currently allocated memory which is certainly far more of a security concern anyway? I just don't think it's worth the cycles.
- The biggest thing molly has going for it is its f-droid repo and fully Foss version.
  
  That’s fair. Just when applications tout dubious security features it makes me a little sceptical of the expertise of the developers. At the very least I’m disappointed that they don’t have more details on this. If it is valuable, I’d be interested to hear more about it.

A signal of hope

Are there any downsides to Molly vs vanilla app?
- I don't really know as I have mostly just use molly

This post once contained a bad take about Signal in service of a not particularly funny gag. It has been removed.
- Signal is definitely not compromised. It has and is being reviewed by many cybersecurity professionals and is considered pretty secure. It has some downsides like its use of centralized servers and some metadata leakage but other than that its solid.
  So to update your comment:
  "Don't use signal its compromised!"
  The glowies
  
  You're right, of course. I was in a dark place mentally and was spiralling when I wrote that. I will remove it. In hindsight it wasn't even that funny.

121 comments