Michael J Burgess1d ago

Session, a decentralised and anonymous messenger, is at risk of shutting down within 90 days without funding. No phone numbers, no central servers, no metadata tracking, yet no sustainable backing either.

Source:
https://itsfoss.com/news/session-call-for-donations/

Should critical privacy tools rely on donations to survive?

#Privacy #FOSS #Decentralisation #DigitalRights

Privacy Messenger Session Is Staring Down a 90-Day Countdown to Obscurity

With paid developers gone and only volunteers remaining, the app has until July 8 to secure funding or fade into irrelevance.

It's FOSS
Show threadLinux Is Best
@beitmenotyou

Why I don't donate or recommend Session is Session has a "cage code".

What Is a CAGE Code?

A CAGE Code (or NCAGE in NATO contexts) is used to identify suppliers to government or defense organizations. It's administered per country by each nation's National Codification Bureau, and organizations must register — often via systems like SAM.gov — to obtain one. Simply being a private company or app developer doesn't automatically grant you a CAGE Code.

It was initially developed in Australia, but due to increasing regulatory pressure, governance transferred in 2024 to the Session Technology Foundation based in Switzerlan. The Loki Foundation (Session’s original parent organization) had a CAGE code with the U.S. government. CAGE CODE Z16D4

U.S. CAGE Code Lookup (SAM.gov)

Website: https://sam.gov

NATO NCAGE Lookup Tool

Website: https://eportal.nspa.nato.int/AC135Public/CageTool/home
Home | SAM.gov

Apr 11 at 2:14pmWeb
Show threadMichael J Burgess1d ago
@Linux A CAGE code on its own is not proof that Session is compromised, captured, or unsafe. Plenty of organisations register for procurement or compliance reasons without defining the product itself. The real question is whether the app's code, architecture, metadata model, and governance actually protect users. That is where the scrutiny should stay.
Show threadLinux Is Best1d ago
@beitmenotyou

It's enough, as it signals intentions. Furthermore, the code in your app is not the code on your server, which no one sees but you.