THE CHAT PROTOCOL OF THE FUTURE
-
the scope is that western democracy is in a state of freefall and we are actively losing ground to fascist oligarchs in both the US and EU.
in such a scope, cute toys like OMEMO and IRC's blowfish scripts and things of the same shape like Matrix's OLM/MegOLM do not provide an acceptable level of personal assurance.
telling people to depend on these technologies as a security engineer is malfeasance.
Signal also is not truly good enough (because it is proprietary), but it is at least accessible to non-technical people and cryptographically sound.
the real answer is Tox, but somebody needs to build the plumbing to make it accessible to non-technical people.
@kkarhan @tapafon@soc.ua-fediland.de @ariadne Isn't Tox that P2P thing? There's @cwtch developed by amazing folks like @sarahjamielewis
-
@kkarhan @tapafon@soc.ua-fediland.de @ariadne Isn't Tox that P2P thing? There's @cwtch developed by amazing folks like @sarahjamielewis
@tris @kkarhan @cwtch @sarahjamielewis yes. Cwtch would also work, but I am less familiar with it. It also needs plumbing for non-technical people.
BBM worked with fingerprints back in the day because PGP fingerprints were 32-bit at the time. Asking non-technical people to memorize 100s of bits of public key material isn't going to work.
-
@tapafon @ariadne @monocles @kkarhan sure, but you talked about honeypots and controlled opposition and that's normally not true for the people I mentioned.
Also, albeit a bit philosophical, you always have to trust someone. You seem to make the cut at the client side (so you trust the client developers to not sneak some surveillance code in) and I make the cut somewhere on the server side, not trusting all servers, but some
-
@tapafon @ariadne @monocles @kkarhan sure, but you talked about honeypots and controlled opposition and that's normally not true for the people I mentioned.
Also, albeit a bit philosophical, you always have to trust someone. You seem to make the cut at the client side (so you trust the client developers to not sneak some surveillance code in) and I make the cut somewhere on the server side, not trusting all servers, but some
-
-
@tris @kkarhan @cwtch @sarahjamielewis yes. Cwtch would also work, but I am less familiar with it. It also needs plumbing for non-technical people.
BBM worked with fingerprints back in the day because PGP fingerprints were 32-bit at the time. Asking non-technical people to memorize 100s of bits of public key material isn't going to work.
@tris @tapafon @cwtch @sarahjamielewis @ariadne Until then, there needs to be something that actually works, is easy to self-host and transition to as a first step.
Granted, one could do a fully-decentralized system to a degree, but either way anything would necessitate teaching #TechLiteracy to the people.
Call me weird, but that's sadly not a new problem either!
-
@tris @tapafon @cwtch @sarahjamielewis @ariadne Until then, there needs to be something that actually works, is easy to self-host and transition to as a first step.
Granted, one could do a fully-decentralized system to a degree, but either way anything would necessitate teaching #TechLiteracy to the people.
Call me weird, but that's sadly not a new problem either!
@tris @tapafon @cwtch @sarahjamielewis @ariadne as for #BlackBerryMessenger: That shit had #Govware #Backdoors (otherwise it would've never been legal in most juristictions!)…
-
-
