Ninjastic
PostEdited versionsQuotes to this post
Post was edited
 22 days ago (view)
Post
Topic
Board Service Announcements
Re: [ANN] █ Guaranteed No KYC / AML Checks █ Trêvoid's Swap Service CRYPTO ⇄ CRYPTO
by
OpenMonero
on 04/07/2025, 17:46:36 UTC
Quote from: dkbit98 on June 27, 2025, 07:26:06 PM
He is literally using Open Source app SimpleX chat, and this is the first time I heard stupid honeypot accusations (without proof).

The way SimpleX manipulates things is honestly crazy. 

This whole thing is pretty hilarious. So, SimpleX is now bragging about being the only "fully decentralized" messaging app, right? But then they add just one centralized server option controlled by a single company as a test run. And they call themselves fully decentralized? I kid you not. You can read the article from November 2024 and then go listen to Evgeny's OptOut interview from two months later, starting around 13:30. LMAO, it’s pure comedy.

https://simplex.chat/blog/20241125-servers-operated-by-flux-true-privacy-and-decentralization-for-all-users.html
https://optoutpod.com/episodes/improving-simplex/

Honestly, SimpleX offers no real metadata protection. It doesn’t stop servers from collecting your info, but they keep saying it does in their docs and FAQs, and fans buy into it. Most users stick to default servers, so their metadata is just sitting there, unprotected.

In any normal messaging app, your IP should be hidden from the person you’re chatting with. But with SimpleX, anyone can easily grab your IP in private or public chats.

Their network is super centralized, and all that “private message routing” is just a misleading term. It’s not truly onion routing (they’re pretending it is). The reality? Even with "private message routing" on, messages come straight from servers that can log your IP and other data.

So, basically, their “2-hop onion routing” isn’t really a thing. It’s a fake claim to make it seem more secure than it actually is.

Quote from: Trêvoid on June 27, 2025, 10:25:09 PM
SimpleX Chat has undergone independent security audits, most recently by Trail of Bits in July 2024
Trail of Bits mentioned some correlation attacks on the transport layer but totally missed the metadata collection stuff by SimpleX servers. I don’t think it’s a conspiracy, probably just outside their scope, which is pretty surprising and raises some questions.

Journalists or podcasters, you should ask Evgeny why the audit didn’t cover deanonymization attacks from SimpleX servers.

It’d be smart to get more audits done, especially by non-US companies.

https://github.com/simplex-chat/simplex-chat/blob/stable/docs/SimpleX_Design_Review_2024_Summary_Report_12_08_2024.pdf
https://monero.top/news/note1e94uvd0vx2k9mgdgnzzpqmdh0swkqmkhq6uy4c2g3pganxy96pvqlkvmsz

Quote from: dkbit98 on June 27, 2025, 07:26:06 PM
You are literally using centralized servers with cloudflare for your 0penm0ner0 website and your are logging everything, while accusing hosting company for hacking you Roll Eyes
This statement is inaccurate. The onion and i2p address is not proxied through Cloudflare. Additionally, high threat-model users have the option to enable self-destructing messages immediately after a trade. This method offers a higher level of security compared to encryption, as there is nothing to decrypt if the message is destroyed. My project is listed on multiple indexes, including monerica, kycnot.me, tor.watch, and several others. Frankly, I have not heard of monero.eco. However, since it requires JavaScript, I do not consider it relevant or trustworthy.