> # Goals of Berty<p>> Be resilient against mass surveillance by minimizing metadata leakage<p>While that's an admirable goal, it's also a really difficult-to-solve problem in the context of P2P, so simply mentioning a goal says nothing about the actual state of security of Berty or about whether it's achievable in the first place.<p>By default (i.e. without any countermeasures like onion routing), a p2p network will expose <i>more</i> metadata to the 3-letter agencies than a centralized app with Sealed Sender[0] like Signal. The people at GNUnet have spent more several man decades trying to solve this issue and last time I checked they were still not happy with their solution.<p>[0]: <a href="https://signal.org/blog/sealed-sender/" rel="nofollow">https://signal.org/blog/sealed-sender/</a>
> 100% Decentralized<p>> <i>Just like blockchain technologies</i>, Berty doesn’t pass your data through central servers - the place where internet service providers, hackers, and governments can intercept your data. Instead, Berty’s network is distributed, based on P2P direct messaging.<p>I know it's just marketing spiel, but kind of funny to read, as if "just like blockchain technologies" actually means anything to 99% of google play store users beyond "uhh bitcoin?" (or really means anything in this context too).<p>Maybe it does incorporate some shared ledger, but sounds like its just plain old P2P (which is fine!).
OK, but when will there be a privacy-respecting messaging app that I can use from my <i>computer</i>?<p>The proliferation of mobile-only apps is making me sick.
This looks really interesting. If cryptography holds up, this could be a great alternative to Signal, especially considering the unwarranted and opinionated design choices they have started forcing upon their users lately (dropping SMS, cryptocurrency integration, stories, and cloud backups). The removal of deanonymizing verification process is also to be applauded. Using a decentralized transport is a good idea in theory, however, remembering the P2P-induced asynchronicity of Tox, I will definitely remain a sceptic until I see it working at a comparable rate to Signal.
<a href="https://github.com/berty/berty/tree/master/docs/protocol" rel="nofollow">https://github.com/berty/berty/tree/master/docs/protocol</a><p>On the subject of rendezvous, some years ago I came across a personal P2P project where the author provided an unusual, additional, alternative method for a peer to succinctly and confidentially provide another peer with their address via any arbitrary web page, e.g., a pastebin. Unfortunately I cannot seem to find this project again. Running one's own rendezvous server that only serves up peer addresses and passes no traffic between peers is relatively easy and inexpensive, but it does involve some maintenance. This author had thought about other possible means of exchanging addresses over the public internet. IME that is unusual in P2P projects.
How is abuse/spam handled?<p>What prevents anyone from registering thousands of accounts and send messages to a single user until the account becomes unusable?
No links to their Github on the main pages. Here it is to save you effort
<a href="http://github.com/berty/berty" rel="nofollow">http://github.com/berty/berty</a><p>Personally, I find the "Stargazers over time" graph on the README to be a massive turn off. Why are so many people obsessed about Github stars.
I was glad to note that this is available on iOS too, but it seems like it needs more time to mature and be trustworthy.<p>The site clearly states that a security audit hasn’t been done and that it’s planned in the future. The makers caution people not to trust it completely at this point, especially in war situations.
What kills each of these occasionally popping up alternative messengers for me is the lack of usage by my actual social network. As long as people use WhatsApp, I will have to use it, too. And since I got everyone there, why install another app? I have too many apps already.<p>If only RCS wasn’t such a mess…
Is there anything comparable which doesn't require a smartphone? On the laptop and runs Linux?<p>I don't trust the large closed hardware blobs on my smartphone.<p>ps: does anything technically prevent berty from being used as an application on a computer?
How is photo/video sharing handled? I am looking for an e2e encryption channel to share family photos in a group chat style messager with grandparents and groups of friends.
bigegst single feature that makes this realy attractive:
You can create quick adhock private communicator betweenynlimited # of people without anytrace:<p>Node on VM with VPN server let cliens conenct communicate then kill it and there would be no trace of anyhting, and it all takes literally no time.
All these applications are useless. If it is on your phone it is not private. It is more private, yes.<p>Maybe we need to change our behavior, like not needing to talk to each other all the time, or saving our personal conversations for times when we are sitting next to the other in person.<p>Is this a solution in search of a problem? Or even a solution that is causing a problem?
Unfortunately homophonic with Ireland's former PM who (during corruption investigations) claimed that he did not have a bank account. (To be fair, he was merely the minister for finance at the time)<p><a href="https://en.m.wikipedia.org/wiki/Bertie_Ahern" rel="nofollow">https://en.m.wikipedia.org/wiki/Bertie_Ahern</a>