Top
Best
New

Posted by ristello 8 hours ago

Briar is in maintenance mode(briarproject.org)
122 points | 84 comments
__MatrixMan__ 5 hours ago|
I've been attempting to build something similar and every time I take an honest look at the state of affairs on mobile phones I'm end up leaning towards running the way meshtastic users do: either strictly on dedicated hardware, or over a bluetooth link from my phone to dedicated hardware which I'll keep in my backpack or glovebox.
pogue 6 hours ago||
Sounds like it's basically dead. The issue with messenger apps is that they're a dime a dozen, there are so many of them and they offer so much variability in security, privacy, but most importantly usability and uptime. If your friends won't switch to them, there's almost no point in having them or using them.
embedding-shape 6 hours ago||
For most IMs I agree, Briar is/was slightly different though, being P2P and E2E encrypted. There isn't many IMs out there supporting Bluetooth connections between users for example.
rglullis 4 hours ago|||
Being p2p, network effects are even larger: you have to convince not only your own friends to install and use, but also rely on enough density in your area?
ijustlovemath 4 hours ago|||
Helene survivor here. I will be spreading the word about this project and keeping some APKs for if the shit hits the fan again. FDroid being able to sync between local devices means all you need is to get fdroid onto someones phone. Wish they had an iphone app though!
fwip 4 hours ago|||
You only need to rely on density in your area if you have no other network - it will happily use mobile data or Wifi connections if you have them.
raybb 6 hours ago||||
Anyone have an idea how good https://qaul.net/ is?

I saw it shared at dweb camp and it seemed like a pretty long term serious project for P2P.

copperx 5 hours ago|||
Bitchat is great, but I don't understand why it's Bluetooth only. I would think Wifi reaches further.
dewey 4 hours ago||
Because Bluetooth has a low energy mode which it uses.
unethical_ban 2 hours ago||
Briar was unique in its ability to discover peers over local networks and Bluetooth - Very few if any other messaging apps do that.

Unfortunately the security/usability tradeoffs mean it never was going to hit Whatsapp levels of use, but it certainly fills an important niche.

nubinetwork 6 hours ago||
> unreliable background operation on android

Pretty much every app I have has delayed notifications, and no matter of battery optimization settings can fix it.

foresto 4 hours ago||
Some time back, I had a similar problem: the LineageOS Messaging app was frequently late with SMS notifications when the phone was in idle state. Adding the package to Android's deviceidle whitelist fixed it right up. (This was done with the dumpsys shell command, since the setting for com.android.messaging was not exposed in the GUI.)

https://source.android.com/docs/core/power/app_mgmt#testing-...

I wonder if this setting could help Briar, and if so, whether an equivalent could be built in to their app packaging so users wouldn't have to fiddle with it.

tadfisher 1 hour ago||
Fairly sure the user whitelist is equivalent to "Unrestricted background usage", which should be visible for user-installed apps like Briar. I have a couple of apps that need this setting enabled, and there isn't an API or manifest flag to toggle it.
ValdikSS 4 hours ago|||
Do you use VPN? This is a common misconfiguration of a server-side NAT related to too long or too short NAT timeouts combined with "act like a blackhole if we don't know anything about this connection".
nubinetwork 2 hours ago||
No, not on that phone...
dist-epoch 5 hours ago||
It seems to me this only happens if you don't use the app much. Or maybe some apps are "allowlisted", I've never had delayed WhatsApp/Slack notifications.
napkid 5 hours ago|||
Not GP, but most of the apps I use that works without Google Play Services (specifically, FCM) have this problem too. Vendor-agnostic notification on Android, and as far as I know iOS, is still painful. Ofc Slack and WhatsApp works fine : they use the Google notification system.
Joe_Cool 4 hours ago||||
There should be a category: "Background Check" in the Android developer options. You can pretty finely tune or alter the automatically set priorities and permissions for background activity there.

I don't know exactly what the option is called but since Android 8 there is at least a toggle there per app. Later versions have lots more settings.

ozyschmozy 4 hours ago||||
I use signal a lot (probably has 30-60 minutes screen time per day), and still notifications are extremely finicky no matter what battery optimization settings I tweak. So I'm leaning towards some apps being blessed
well_ackshually 2 hours ago||||
On Android, FCM notifications sent with priority HIGH are usually available within 30 seconds and bypasses Doze (unless you're on ultra battery saver mode). Notifications sent with normal priority run within doze windows, so every 15 minutes or more.

Unused apps also indeed go in different App Standby buckets, which while it shouldn't affect FCM notifications, it does on some older android versions (https://developer.android.com/topic/performance/power/power-...)

If you're not using FCM, well you're limited to having to check for notifications yourself, either within doze windows, or by registering a foreground service that keeps your app alive and checking.

nubinetwork 5 hours ago|||
I use twitch almost every day, its notifications are usually off by 10-15 minutes... /shrug
imhoguy 5 hours ago||
Briar will thrive once EU Chat Control 2.0 passes, P2P E2E encryption is the only way to bypass bullshit laws.
joecot 5 hours ago||
Briar is dead because it doesn't work on iPhones. It doesn't work on iPhones because iOS will only allow waking the app from background when there's a push notification. Push notifications have to go through Apple's servers, which defeats the purpose of a decentralized app where your messages (and metadata) can't be traced.
lou1306 5 hours ago||
What about a "fake push" that does not leak message contents, sender etc.? Fuzz the time the push notification is sent by a random amount of time and you have something plausibly private given the constraints?
_heimdall 4 hours ago|||
You're still dependent on Apple continuing to allow such a use.

If the goal is messaging that avoids government spying or censorship its a lost cause - the government would simply compel Apple to pull the app in their jurisdiction.

joecot 4 hours ago||||
Briar is designed to work over 1) tor, 2) ad-hoc wifi, 3) bluetooth. None of those are going to be conducive to sending push notifications through Apple's servers.
thayne 4 hours ago|||
That still exposes some metadata. Depending on your threat model, leaking the timing may or may not be a problem.

Also, how do you avoid leaking the sender? You can avoid giving Apple that information by routing the notification through a server, but then that server would know the sender and recipient.

tensegrist 5 hours ago|||
only insofar as it is 1. not illegal to do so or 2. the cost-benefit of violating such laws makes sense for the majority of users, who are not doing things that are actually illegal

because without such a critical mass of normal users you get something like tor or grapheneos that the state begins to associate with people engaging in unsavoury activity

dewey 4 hours ago|||
No, because most people (not on HN) value convenience much higher than privacy.
zelphirkalt 5 hours ago||
Only, if they manage to improve it, so that regular photos and voice messages can be sent. I am mostly fine with texting only, but such things are an instant no-go for most people.
grommz 5 hours ago||
CIA funding dried up. Briar had already started development when Starlink wasn't even a concept. Nowadays every CIA goat herder has their own Starlink terminal.
rob74 5 hours ago||
Plus people at the top level of the current administration just use Signal for discussing ongoing military operations and other classified stuff, so they don't see the need for solutions like Briar either...
ignoramous 2 hours ago||
> Nowadays every CIA goat herder has their own Starlink terminal.

Can the Starlink radio be sniffed? If so, it might act like a beacon, a tell-tale sign (especially, in countries where Starlink is illegal).

Karrot_Kream 3 hours ago||
Anything that tries to read a "mailbox" on a smartphone is bound to run into difficulties. Smartphones manage to keep battery life high by keeping the modem inactive most of the time. The way to implement any mailbox functionality, i.e. an incoming message that needs attention, is usually done through a centralized push notification endpoint socket. Rather than wasting battery life polling multiple sockets, the OS listens to a single endpoint and farms out pushes that way. Of course to tune this precisely for battery life and for centralization of the platform, both Apple and Android have their own push notification services. Rooted or 3rd party smartphones can change the push notification service.

Any service like Briar that wants to sit atop base smartphones will need to deal with this tension. A fallback is to poll intermittently for new messages, which when tuned correctly can indeed be fairly battery life forward. Of course then your messaging experience is lower bounded by your refresh interval. Modern smartphone OSes also will ruthlessly cut long-running connections in the face of power-save events on device.

In general I think an external radio that you connect your smartphone to via Bluetooth, like Meshcore or Meshtastic, is a better experience overall than simply using a smartphone. Dedicated radios keep smartphone batteries topped up, and having the option to setup an antenna means that if you happen to be in an area where permanent radio setup is plausible, you can lean on good site characteristics, antennas, and filters. It’s hard for a government to ban radios altogether and ISM-ish band devices have a variety of uses in pretty much any developing or developed country (often used in small things like meters or monitors.) And for folks who just some off-grid data capabilities, this approach offers high flexibility without the burden of licensing.

For folks considering going into this, I suggest joining Meshtastic or Amateur Radio communities. I find the further you get from amateur radio or networking communities (mesh* communities have a mix of folks and some can have pretty poor understanding of how radios work), the more the information becomes unreliable and more suffuse with political/social goals than matters like understanding signal propagation or congestion. If you’re in a developed country, Amazon likely has all you need to get started with the Mesh* world of LoRa UHF radios.

davexunit 4 hours ago||
I sympathize with the developers. Mobile OS push notifications are a big impediment to the adoption of p2p technology and it's hard to do anything novel in the chat space because there's a million chat apps.
api 4 minutes ago|
Mobile maintains good battery life mostly by being idle almost all the time, and P2P can’t work that way. Even P2P with central server assist is hard on mobile.

It could if we’d never broken the full end to end principle and put stateful firewalls and NAT in front of everything, but that ship has sailed. All net connections require keepalive or a firewall will close them. This is even true these days in the cloud for the most part unless your machines are “naked” VMs directly on the globally routed Internet.

nyolfen 1 hour ago||
at least two of its funders were usaid-backed (internews, access now), wonder if that has anything to do with it
vmg12 6 hours ago||
> We considered completely rebuilding the application from the ground up, or even splitting it into separate applications for online and offline use

This is actually non-trivial. There's an app I was working on where I wanted to have a local first mode that allowed people to use the app for free without an account and there was also a cloud hosted version that allowed for team collaboration, etc.

For this kind of thing to work chunks of the app essentially need to be written twice. So, not fun.

allthetime 5 hours ago||
Why? I use a similar model in a few mobile apps. Free, not logged in usage stores a restricted set of user activity data ephemerally (lost upon uninstall) in the phone. For subscribed users, this offline storage mechanism is still the primary storage mechanism, but then we add a cloud sync mechanism on top of it that enables usage across multiple devices and permanent storage in the cloud. Curious why you need to write the app twice when in my mind you are simply adding and enabling extra functionality on top of the core product.
dist-epoch 5 hours ago||
Is this still relevant in the age of LLMs? They can write it 5 times without sweating.
HelloUsername 6 hours ago|
That's too bad. Anyone know of a fork or similar project? Maybe Meshtastic/MeshCore/BitChat. Berty Messenger's last update on iOS was in January 2025.
marssaxman 21 minutes ago||
MeshCore is growing rapidly. Check out this map of CascadiaMesh - connectivity all the way from Vancouver down to Klamath Falls, and now east to Spokane:

https://cascadiamesh.org/map/

nunobrito 6 hours ago|||
Instead of a fork, there is completely new development going on here: https://github.com/geograms/aurora

BLE/LoRa/radio/internet mesh with reticulum that combines chat, social and torrents over NOSTR (decentralized protoocol).

Still beta, around August should be stable.

monkaiju 4 hours ago||
No way am I going to trust a heavily LLM-generated app as a replacement to Briar...
nunobrito 48 minutes ago|||
Geogram started even before AIs were available for coding.

I'm a dinosaur but you remind those complaining in the 90s that Turbo Pascal wasn't real programming because it was too easy to copy code and compile.

I don't have a team of developers nor funding to hire them. AI amplifies by 26 times what I can do in a year. It was never about the code, what matters is what you do with it.

fwip 3 hours ago|||
Claude is the only contributor? 100% vibed.
maqp 5 hours ago||
https://docs.cwtch.im/ has P2P Onion Service based messaging.
More comments...