Thread - Nostr Hypermedia

SimpleX Chat simplex@primal.net 1 year ago

4. Directory service could be modified to enable a MITM attack? Yes This is incorrect, as there is no user directory service at all (and no knowledge of even the number of users), and MITM by servers is not possible by design, even without optional security code verification (that exists to mitigate MITM by the channel you used to pass one-time invitation link, e.g. email).

↑ Parent

Replies (1)

SimpleX Chat simplex@primal.net 1 year ago

5. Does the company log timestamps/IP addresses? Yes This is incorrect, we never logged IP addresses and access timestamps of the users. Further, the private message routing that is now enabled by default for all users prevents such logging by any 3rd party servers with modified code:

SimpleX network: private message routing, v5.8 released with IP address protection and chat themes

1 replies ↓