watching people explain E2EE threat models at @0xabad1dea has been major source of facepalming these past 24h
-
watching people explain E2EE threat models at @0xabad1dea has been major source of facepalming these past 24h
@gsuberland @0xabad1dea The other thing that was killing me in that overall set of exchanges was people doing the usual nerdshite of "I can't understand why anyone would want to do $thing" and/or "This is wrong and people should do it the very specific way I think things should be done, and if you don't think that way, you're an idiot" that infects every discussion of this nature since ever.
-
@jpm it's not even just techbros. people seem to be dead-set on this idea that it has to be Signal-level secure and federated while simultaneously supporting realtime voice and video calls (good fucking luck) and delegated identities and everything else under the sun, while remaining self-hostable, just wiiiiiildly missing the point.
-
@jpm it's not even just techbros. people seem to be dead-set on this idea that it has to be Signal-level secure and federated while simultaneously supporting realtime voice and video calls (good fucking luck) and delegated identities and everything else under the sun, while remaining self-hostable, just wiiiiiildly missing the point.
@gsuberland @jpm i think mmmmaaaaybe (nostr-style) federated is something you‘d arrive at as mandatory because it has to be free and it can’t require the user (and someone making A Discord Server for their community / circle of friends is also a *user* who will *not self host*) to install anything but someones still gotta pay for that infra. So maybe that’s the easiest way to get there. But that’s getting into specifics already and feels beside the point, so I wasn’t going to like, open up Big Discussion (about something I’m not seriously considering trying to work at anyways, or if I would, probably legally couldn’t) lol
-
@gsuberland @jpm i think mmmmaaaaybe (nostr-style) federated is something you‘d arrive at as mandatory because it has to be free and it can’t require the user (and someone making A Discord Server for their community / circle of friends is also a *user* who will *not self host*) to install anything but someones still gotta pay for that infra. So maybe that’s the easiest way to get there. But that’s getting into specifics already and feels beside the point, so I wasn’t going to like, open up Big Discussion (about something I’m not seriously considering trying to work at anyways, or if I would, probably legally couldn’t) lol
-
-
@gsuberland yeah, it could well be that having just a client that can display things the right way is plenty enough, but idk about load
even irc *is* „federated“ in a sense, right? *relay* chat. but also i guess computers are very fast now so maybe it is not needed
but that’s what I meant by „getting into details“
-
@gsuberland yeah, it could well be that having just a client that can display things the right way is plenty enough, but idk about load
even irc *is* „federated“ in a sense, right? *relay* chat. but also i guess computers are very fast now so maybe it is not needed
but that’s what I meant by „getting into details“
@halcy IRC just operates with multiple servers for technical reasons, you can't talk from freenode to ircnet for example.
-
@halcy IRC just operates with multiple servers for technical reasons, you can't talk from freenode to ircnet for example.
@halcy (I'm pretty sure this was originally for reasons relating to paying for international phonecalls)
-
@jpm @gsuberland Some people will launch themselves into LEO for the express purpose of missing the point.
-
@halcy (I'm pretty sure this was originally for reasons relating to paying for international phonecalls)
@gsuberland my assumption was latency and having to manage user sessions, but
-
@halcy (I'm pretty sure this was originally for reasons relating to paying for international phonecalls)
@gsuberland @halcy Fun fact: the original splitting of the monolithic major IRC network was actually due to a late good friend of mine (RIP), back then a high level ircop, pissing off some of his US counterparts.
Later there were other reasons such as forks with additional features creating incompatibility, etc.
-
also very funny* how the majority of seasoned infosec professionals I know (including actual cryptographers working on E2EE systems) fully agree with her point, and she herself is a well-qualified security professional, yet the thread is lousy with far less qualified people yelling security-maximalist positions
(*not in a ha-ha sense)
@gsuberland I tend to agree that most people don't need encryption for everything themselves. But that's also missing part of the problem. If only leakers and dissidents use encryption, it's VERY easy to pinpoint those messages. You need to encrypt everything to _also_ protect those very few people.
In that way it's a little bit like a vaccination. You really need almost everyone to do it, so that you gain herd-immunity.
We're all talking private or nobody is talking private.
-
@gsuberland I tend to agree that most people don't need encryption for everything themselves. But that's also missing part of the problem. If only leakers and dissidents use encryption, it's VERY easy to pinpoint those messages. You need to encrypt everything to _also_ protect those very few people.
In that way it's a little bit like a vaccination. You really need almost everyone to do it, so that you gain herd-immunity.
We're all talking private or nobody is talking private.
@claudius @gsuberland but it is absolutely not the case that only dissidents and leakers use encryption; we already solved that. When my MIL texts her aunts and cousins about birthday party arrangements, it is e2ee. And they all know each other personally and would notice very quickly if one of them were not actually them, whether there’s a meaningless “key error” or not. Hundreds upon hundreds of millions of DMs and small-group chats are e2ee’d like this every day.
It is, *very specifically,* many-to-many e2ee in chat rooms full of hundreds of people who don’t know each other like that which is self-defeating.
-
@claudius @gsuberland but it is absolutely not the case that only dissidents and leakers use encryption; we already solved that. When my MIL texts her aunts and cousins about birthday party arrangements, it is e2ee. And they all know each other personally and would notice very quickly if one of them were not actually them, whether there’s a meaningless “key error” or not. Hundreds upon hundreds of millions of DMs and small-group chats are e2ee’d like this every day.
It is, *very specifically,* many-to-many e2ee in chat rooms full of hundreds of people who don’t know each other like that which is self-defeating.
@0xabad1dea @gsuberland thanks, I'm aware. This is a hypothetical, because right now, a "discord alternative" is widely being discussed, and people are also debating if encryption is even necessary.
This is, why I'm bringing it up.
(this is also very much an oversimplification of that whole debate, of course, but I had 500 chars minus this disclaimer).
-
R relay@relay.infosec.exchange shared this topic
