Vitor Pamplona's avatar
Vitor Pamplona _@vitorpamplona.com 10 months ago
You can always connect incoming requests with IP and IP with location. You can see who is starting channels, who is participating on which channel and if you use the same server across many contacts, the server can link all of them together. SimpleX says in their own spec that each contact should use a different server. But that is never true in practice. 99% of people just use the same default servers. So those servers can see everything.
↑ Parent

Replies (1)

Vulkora Nightbender's avatar
Vulkora Nightbender 10 months ago
Thanks for the insightful reply! I'm still fairly noob, so excuse if this is an ignorant question: would a trusted VPN be enough to mitigate this? For context, my threat model for online communications assumes everything will be weaponized against everyone eventually. (I'm aware of badness enumaration and it's unfeasability, but I find it CAN be useful)