THE CHAT PROTOCOL OF THE FUTURE
-
matrix E2EE channels are fucking stupid because they leak all sorts of metadata
for example, the topic is unencrypted
reactions are unencrypted
replies reference unencrypted MXIDs so you can tell what is being replied to even if the payload itself is encrypted
do not use them. do not waste your time on them. it is not worth it.
@ariadne is this something that could be fixed or is it too fundamental to how Matrix works?
-
THE CHAT PROTOCOL OF THE FUTURE
@ariadne Are there any good, federated and E2EE IMs? Signal has good E2EE but not federation, XMPP has better federation but no E2EE out of the box.
IMHO, Matrix is currently the best of what we got, in terms of both decentralisation and privacy. -
@ariadne Are there any good, federated and E2EE IMs? Signal has good E2EE but not federation, XMPP has better federation but no E2EE out of the box.
IMHO, Matrix is currently the best of what we got, in terms of both decentralisation and privacy.@tapafon when it comes to E2EE federation is not a priority for me, safety is the priority.
-
THE CHAT PROTOCOL OF THE FUTURE
-
@tapafon when it comes to E2EE federation is not a priority for me, safety is the priority.
-
-
Well, I'd say some public xmpp servers hosted by people actively developing clients or being active in the XSF (xmpp standards foundation) are safe to use, too. For example: conversations.im or yax.im.
Both are listed as default in Monal and I know both admins personally
You can of course use any server with Monal.
-
@tapafon @ariadne The whole "Metadata" discussion is for the most part FUD by Signal fans.
OFC this doesn't mean I deny the problem.
- But if you are concerned about said issue then you'd already only communicate with you own private self-hosted servers that are only reachable with a VPN over Tor.
The truth is that as of now there are no good options out there, unless you consider sending #PGP-encypted messages to a self-hosted, hidden ntfy.sh server to each other.
-
@tapafon @ariadne The whole "Metadata" discussion is for the most part FUD by Signal fans.
OFC this doesn't mean I deny the problem.
- But if you are concerned about said issue then you'd already only communicate with you own private self-hosted servers that are only reachable with a VPN over Tor.
The truth is that as of now there are no good options out there, unless you consider sending #PGP-encypted messages to a self-hosted, hidden ntfy.sh server to each other.
> The whole "Metadata" discussion is for the most part FUD by Signal fans.
lmao no it isn't. CIA kills based on metadata.
-
Well, I'd say some public xmpp servers hosted by people actively developing clients or being active in the XSF (xmpp standards foundation) are safe to use, too. For example: conversations.im or yax.im.
Both are listed as default in Monal and I know both admins personally
You can of course use any server with Monal.
-
the solution to Signal being proprietary is to build a libre clone of Signal, not to pretend that Matrix and XMPP are safe.
-
But if you are concerned about said issue then you'd already only communicate with you own private self-hosted servers that are only reachable with a VPN over Tor.
Again: Layering & Defining your Scope is critical.
If we expect "#TechIlliterate #Nirmies" to "migrate to #Tails & #GrapheneOS or die" they'll give us all the finger and most likely add a restraint order on top of it.
- OFC we need to work on this scope, but I'd rather offer the "best possible" than being complicit in the Starus Quo.
Feel free to name alternatives that actually work and have actual support…
-
@tapafon @ariadne that won't hapoen because #Signal are so fucking criminally incompetent that they are hard locked-in on #aws on their inrastructure.
- It would likely be easier and cheaper in terms of personnel hours needed to just make better, hardened clients for existing protocols rather than "unfuck" the mess that is @signalapp, which at best is just a big-ass #Honeypot!
-
But if you are concerned about said issue then you'd already only communicate with you own private self-hosted servers that are only reachable with a VPN over Tor.
Again: Layering & Defining your Scope is critical.
If we expect "#TechIlliterate #Nirmies" to "migrate to #Tails & #GrapheneOS or die" they'll give us all the finger and most likely add a restraint order on top of it.
- OFC we need to work on this scope, but I'd rather offer the "best possible" than being complicit in the Starus Quo.
Feel free to name alternatives that actually work and have actual support…
the scope is that western democracy is in a state of freefall and we are actively losing ground to fascist oligarchs in both the US and EU.
in such a scope, cute toys like OMEMO and IRC's blowfish scripts and things of the same shape like Matrix's OLM/MegOLM do not provide an acceptable level of personal assurance.
telling people to depend on these technologies as a security engineer is malfeasance.
Signal also is not truly good enough (because it is proprietary), but it is at least accessible to non-technical people and cryptographically sound.
the real answer is Tox, but somebody needs to build the plumbing to make it accessible to non-technical people.
-
the scope is that western democracy is in a state of freefall and we are actively losing ground to fascist oligarchs in both the US and EU.
in such a scope, cute toys like OMEMO and IRC's blowfish scripts and things of the same shape like Matrix's OLM/MegOLM do not provide an acceptable level of personal assurance.
telling people to depend on these technologies as a security engineer is malfeasance.
Signal also is not truly good enough (because it is proprietary), but it is at least accessible to non-technical people and cryptographically sound.
the real answer is Tox, but somebody needs to build the plumbing to make it accessible to non-technical people.
@kkarhan @tapafon@soc.ua-fediland.de @ariadne Isn't Tox that P2P thing? There's @cwtch developed by amazing folks like @sarahjamielewis
-
@kkarhan @tapafon@soc.ua-fediland.de @ariadne Isn't Tox that P2P thing? There's @cwtch developed by amazing folks like @sarahjamielewis
@tris @kkarhan @cwtch @sarahjamielewis yes. Cwtch would also work, but I am less familiar with it. It also needs plumbing for non-technical people.
BBM worked with fingerprints back in the day because PGP fingerprints were 32-bit at the time. Asking non-technical people to memorize 100s of bits of public key material isn't going to work.
-
@tapafon @ariadne @monocles @kkarhan sure, but you talked about honeypots and controlled opposition and that's normally not true for the people I mentioned.
Also, albeit a bit philosophical, you always have to trust someone. You seem to make the cut at the client side (so you trust the client developers to not sneak some surveillance code in) and I make the cut somewhere on the server side, not trusting all servers, but some
-
@tapafon @ariadne @monocles @kkarhan sure, but you talked about honeypots and controlled opposition and that's normally not true for the people I mentioned.
Also, albeit a bit philosophical, you always have to trust someone. You seem to make the cut at the client side (so you trust the client developers to not sneak some surveillance code in) and I make the cut somewhere on the server side, not trusting all servers, but some
-
-
@tris @kkarhan @cwtch @sarahjamielewis yes. Cwtch would also work, but I am less familiar with it. It also needs plumbing for non-technical people.
BBM worked with fingerprints back in the day because PGP fingerprints were 32-bit at the time. Asking non-technical people to memorize 100s of bits of public key material isn't going to work.
@tris @tapafon @cwtch @sarahjamielewis @ariadne Until then, there needs to be something that actually works, is easy to self-host and transition to as a first step.
Granted, one could do a fully-decentralized system to a degree, but either way anything would necessitate teaching #TechLiteracy to the people.
Call me weird, but that's sadly not a new problem either!
