When I said that your discord clone doesn’t need e2ee, I got a lot of comments along the lines of “ then how would I use it to organize the revolution!” The answer is: you don’t.
-
@ratsnakegames @0xabad1dea to be fair, e2ee is also useful for selling drugs
@me if i were to sell drugs, i wouldn't do it in a group chat
-
@5225225 sorry, I can't hear you. maybe we should both just delete all our keys and generate new ones? just click through whatever warning it shows you, this happens all the time
@0xabad1dea :sigh:
my point is it should be reliable enough to be mandatory and seamless.
are we there yet? no
should it be a goal, as opposed to saying "well, in 15 years we should still leak all our messages to whatever server hosts them"? yes
you don't click through invalid cert warnings when logging into your bank because TLS works, and e2ee should get to that point
is it okay for a discord "competitor" now to not bother with mandatory e2ee because they wouldn't be able to make it seamless?
honestly, sure. i don't care. the problems people have with discord aren't the lack of e2ee, so something else also lacking e2ee isn't making that problem worse.
but "e2ee is a misfeature" is because of bugs which can be fixed, and design decisions that can be weakened to favor usability over security in some cases, not e2ee being inherently bad.
-
R relay@relay.publicsquare.global shared this topic
-
@0xabad1dea to be honest, i disagree, not because it's safe to fedpost in a chat of hundreds of users, but because it makes e2ee itself less suspicious, and more noisy to infiltrate
yes, a fed can lurk in a large member count e2ee chat, but that still involves the effort to join, and possibly even talk sometimes when spoken to. and they'll absolutely not be in every chat.
as opposed to "hey discord let us run
grepacross your message database"like, we're at the point for the web where every website[maintained] is encrypted, even if it would be fine for most to be plaintext. (and we got to that point by making TLS pretty much free)
e2ee is only really considered optional/a misfeature in some cases because it's not free, but it should be.
@5225225 @0xabad1dea
"and they'll absolutely not be in every chat." They absolutely will be in ANY chat that has more than a fistful of participants. They are now silicon based. -
When I said that your discord clone doesn’t need e2ee, I got a lot of comments along the lines of “ then how would I use it to organize the revolution!” The answer is: you don’t. If you have more users than can comfortably share a Signal chat and hence want to use discord or something like it, you cannot POSSIBLY be vetting all of them to a high standard of trust. Your logs ARE leaking. End-to-end encryption between more people than can fit around a dinner table is pointless.
This article confirms what I already assumed, that “open source [information sense, not code sense] intelligence gathering on social media” includes, for the US government, asking for links to join groups that may *feel* private. My own discord has literally like a thousand idlers. It would be very *lucky* if none of them were logging for potentially nefarious purposes! And I remind the active users of this occasionally.
Exclusive: ICE Masks Up in More Ways Than One
Feds could be in your group chat
(www.kenklippenstein.com)
@0xabad1dea tbh if anyone is organizing the revolution on Discord maybe it's better if they keep using Discord 'cause the only revolutions that came out of Discord have been the ones that make people willingly speak to the feds before they happen
and also no, before it even comes up: there is no such thing as a "we're the good revolution" counter to that, anyone using Discord, or a direct alternative to Discord, to organize revolutionary efforts has lost touch with society and will either fail in their efforts or succeed in causing damage
also related to your second paragraph: even without the feds, plenty of psychopathic losers live alone and with too much time on their hands, logging and cataloguing Discord servers, some are so pathetic they manage backups, edit histories and manually sift for any tiny personal detail even in small communities like a vtuber Discord with 100-200 users that are manually approved and then post scribbled screenshots and maps on 4chan of trying to figure out where people are living, by matching conversations about weather, an isp outage and other random stuff over months and months of messages
-
@0xabad1dea :sigh:
my point is it should be reliable enough to be mandatory and seamless.
are we there yet? no
should it be a goal, as opposed to saying "well, in 15 years we should still leak all our messages to whatever server hosts them"? yes
you don't click through invalid cert warnings when logging into your bank because TLS works, and e2ee should get to that point
is it okay for a discord "competitor" now to not bother with mandatory e2ee because they wouldn't be able to make it seamless?
honestly, sure. i don't care. the problems people have with discord aren't the lack of e2ee, so something else also lacking e2ee isn't making that problem worse.
but "e2ee is a misfeature" is because of bugs which can be fixed, and design decisions that can be weakened to favor usability over security in some cases, not e2ee being inherently bad.
@5225225 @0xabad1dea matrix tried (and still tries) to make e2ee group chats work but either the problem is significantly harder than people imagine, their developers are incompetent, or both. because it is still a pain with hundreds of people, and a disaster with thousands. SSL/TLS works so well because the clients don’t generally need to auth themselves from the server point of view
-
When I said that your discord clone doesn’t need e2ee, I got a lot of comments along the lines of “ then how would I use it to organize the revolution!” The answer is: you don’t. If you have more users than can comfortably share a Signal chat and hence want to use discord or something like it, you cannot POSSIBLY be vetting all of them to a high standard of trust. Your logs ARE leaking. End-to-end encryption between more people than can fit around a dinner table is pointless.
This article confirms what I already assumed, that “open source [information sense, not code sense] intelligence gathering on social media” includes, for the US government, asking for links to join groups that may *feel* private. My own discord has literally like a thousand idlers. It would be very *lucky* if none of them were logging for potentially nefarious purposes! And I remind the active users of this occasionally.
Exclusive: ICE Masks Up in More Ways Than One
Feds could be in your group chat
(www.kenklippenstein.com)
@0xabad1dea I want to make an E2E Discord clone because it sounds like a cool technical project. I know it would be trash.
-
@ratsnakegames no but this is mastodon so no-one’s sure what other social activities exist
-
When I said that your discord clone doesn’t need e2ee, I got a lot of comments along the lines of “ then how would I use it to organize the revolution!” The answer is: you don’t. If you have more users than can comfortably share a Signal chat and hence want to use discord or something like it, you cannot POSSIBLY be vetting all of them to a high standard of trust. Your logs ARE leaking. End-to-end encryption between more people than can fit around a dinner table is pointless.
This article confirms what I already assumed, that “open source [information sense, not code sense] intelligence gathering on social media” includes, for the US government, asking for links to join groups that may *feel* private. My own discord has literally like a thousand idlers. It would be very *lucky* if none of them were logging for potentially nefarious purposes! And I remind the active users of this occasionally.
Exclusive: ICE Masks Up in More Ways Than One
Feds could be in your group chat
(www.kenklippenstein.com)
@0xabad1dea "Three can keep a secret if two are dead" and all that.
-
When I said that your discord clone doesn’t need e2ee, I got a lot of comments along the lines of “ then how would I use it to organize the revolution!” The answer is: you don’t. If you have more users than can comfortably share a Signal chat and hence want to use discord or something like it, you cannot POSSIBLY be vetting all of them to a high standard of trust. Your logs ARE leaking. End-to-end encryption between more people than can fit around a dinner table is pointless.
This article confirms what I already assumed, that “open source [information sense, not code sense] intelligence gathering on social media” includes, for the US government, asking for links to join groups that may *feel* private. My own discord has literally like a thousand idlers. It would be very *lucky* if none of them were logging for potentially nefarious purposes! And I remind the active users of this occasionally.
Exclusive: ICE Masks Up in More Ways Than One
Feds could be in your group chat
(www.kenklippenstein.com)
@0xabad1dea@infosec.exchange Yeah, but, you know, what's the point of making anything and not overengineering it? -
When I said that your discord clone doesn’t need e2ee, I got a lot of comments along the lines of “ then how would I use it to organize the revolution!” The answer is: you don’t. If you have more users than can comfortably share a Signal chat and hence want to use discord or something like it, you cannot POSSIBLY be vetting all of them to a high standard of trust. Your logs ARE leaking. End-to-end encryption between more people than can fit around a dinner table is pointless.
This article confirms what I already assumed, that “open source [information sense, not code sense] intelligence gathering on social media” includes, for the US government, asking for links to join groups that may *feel* private. My own discord has literally like a thousand idlers. It would be very *lucky* if none of them were logging for potentially nefarious purposes! And I remind the active users of this occasionally.
Exclusive: ICE Masks Up in More Ways Than One
Feds could be in your group chat
(www.kenklippenstein.com)
@0xabad1dea Reminds me that I sometimes wonder who created this idea that we should encrypt everything, because as more and more time passes it more feels like a way to make people feel safer than they are, and weaken protocols.
If not entirely make things actually unsafe for people if it ends up with verifiable signatures which can't end up plausibly deniable (one reason why I have rotation on my dkim keys). -
@5225225 sorry, I can't hear you. maybe we should both just delete all our keys and generate new ones? just click through whatever warning it shows you, this happens all the time
@0xabad1dea @5225225 that's such a terrible reply.
-
@5225225 @0xabad1dea matrix tried (and still tries) to make e2ee group chats work but either the problem is significantly harder than people imagine, their developers are incompetent, or both. because it is still a pain with hundreds of people, and a disaster with thousands. SSL/TLS works so well because the clients don’t generally need to auth themselves from the server point of view
@0xabad1dea @uint8_t @5225225 i looked into this when i was considering making a discord clone a while back
the problem with e2ee is mainly that it doesn't scale to the point a Discordlike needs
there is no proper multi-party asynchronous key exchange mechanism that exists, so all clients must have the keys of all other clients and individually encrypt each message to everyone
that's not a problem with a single-channel Signal group, but the volume of messages is magnitudes higher even in a small Discord; with e2ee what would be one message in client-server encryption becomes as many messages as there are users
and it gets even worse when media is involved, let alone something like group video calls
-
@0xabad1dea @uint8_t @5225225 i looked into this when i was considering making a discord clone a while back
the problem with e2ee is mainly that it doesn't scale to the point a Discordlike needs
there is no proper multi-party asynchronous key exchange mechanism that exists, so all clients must have the keys of all other clients and individually encrypt each message to everyone
that's not a problem with a single-channel Signal group, but the volume of messages is magnitudes higher even in a small Discord; with e2ee what would be one message in client-server encryption becomes as many messages as there are users
and it gets even worse when media is involved, let alone something like group video calls
@0xabad1dea @uint8_t @5225225 and to add to that, i doubt an async multi-party async key exchange algo is coming anytime soon either, hell i'm not convinced it's even possible
-
@0xabad1dea @5225225 that's such a terrible reply.
@seliaste ma’am it’s a lot more efficient to block me yourself than to ask me to block you for you
-
@0xabad1dea tbh if anyone is organizing the revolution on Discord maybe it's better if they keep using Discord 'cause the only revolutions that came out of Discord have been the ones that make people willingly speak to the feds before they happen
and also no, before it even comes up: there is no such thing as a "we're the good revolution" counter to that, anyone using Discord, or a direct alternative to Discord, to organize revolutionary efforts has lost touch with society and will either fail in their efforts or succeed in causing damage
also related to your second paragraph: even without the feds, plenty of psychopathic losers live alone and with too much time on their hands, logging and cataloguing Discord servers, some are so pathetic they manage backups, edit histories and manually sift for any tiny personal detail even in small communities like a vtuber Discord with 100-200 users that are manually approved and then post scribbled screenshots and maps on 4chan of trying to figure out where people are living, by matching conversations about weather, an isp outage and other random stuff over months and months of messages
@hellpie @0xabad1dea That is why i never talk about the weather, not because it's not interesting hahaha.
-
When I said that your discord clone doesn’t need e2ee, I got a lot of comments along the lines of “ then how would I use it to organize the revolution!” The answer is: you don’t. If you have more users than can comfortably share a Signal chat and hence want to use discord or something like it, you cannot POSSIBLY be vetting all of them to a high standard of trust. Your logs ARE leaking. End-to-end encryption between more people than can fit around a dinner table is pointless.
This article confirms what I already assumed, that “open source [information sense, not code sense] intelligence gathering on social media” includes, for the US government, asking for links to join groups that may *feel* private. My own discord has literally like a thousand idlers. It would be very *lucky* if none of them were logging for potentially nefarious purposes! And I remind the active users of this occasionally.
Exclusive: ICE Masks Up in More Ways Than One
Feds could be in your group chat
(www.kenklippenstein.com)
@0xabad1dea I do think there's a point to E2EE that isn't about trying to thwart nation state adversaries. honestly you should probably not talk about your illegal actions on Signal either.
-
@volkris ... social media already is the world's largest and most-used web of trust though?? we just call it the follow graph
I personally don't see how getting more cryptography involved would help anything except making it sound more like a 90s cyberpunk novel. In all seriousness, what exactly are you envisioning here?
-
@5225225 @0xabad1dea matrix tried (and still tries) to make e2ee group chats work but either the problem is significantly harder than people imagine, their developers are incompetent, or both. because it is still a pain with hundreds of people, and a disaster with thousands. SSL/TLS works so well because the clients don’t generally need to auth themselves from the server point of view
i suspect the problems with matrix as opposed to signal(signal group chats do work, subject to their scaling factors) is a fair few factors
wasn't designed as an encrypted tool by default, so features aren't gated on "how does this work in an encrypted room?"
linear, consistent history. you will always see every message(assuming the signal servers aren't fucking with you) in a consistent order, there's no disagreement over message ordering, or discovering messages that are backdated.
there is one client implementation and one server implementation. there's no room for "oops a third party client/server made a bug that broke e2ee" since that doesn't exist.
-
@0xabad1dea I do think there's a point to E2EE that isn't about trying to thwart nation state adversaries. honestly you should probably not talk about your illegal actions on Signal either.
@0xabad1dea but yeah anything that for all practical purposes is basically open to the public anyway doesn't need encryption. I just don't know that that contains all likely use cases.
though I do see the risk of encryption giving folks a false sense of security.example: we're in a signal group with several hundred local folks where people share about events, ask recommendations for doctors and the like. at that point the encryption is basically pointless. this is just the chat app everyone happens to have.
-
@0xabad1dea I do think there's a point to E2EE that isn't about trying to thwart nation state adversaries. honestly you should probably not talk about your illegal actions on Signal either.
@elexia my conversations with my mother-in-law about dogs, horses and babies are e2ee. because e2ee with one other party that a rando couldn't successfully impersonate long-term to you is a pretty solved problem.
many-to-many e2ee does not work. it simply, absolutely does not work, in either a technical or social sense, and accomplishes nothing while introducing significant problems.
