1. 16

  2. 10

    Shockingly, centralized decryption system controlled by third party allows snooping by other third party. This should be absolutely expected from Facebook, since Facebook’s perspective on privacy (from FB) has been well established, and since the system allows it.

    Signal seems to be better. But, I look forward to having a fully independent crypto real-time messaging system that federates (i.e., allowing you and your friends to stand up a server and control its software), which would overcome the well-documented issues with Signal’s design.

    1. 2

      I look forward to having a fully independent crypto real-time messaging system that federates (i.e., allowing you and your friends to stand up a server and control its software)

      Check out https://conversations.im. It’s federated (based on XMPP), and supports multi-end to multi-end encryption using OMEMO, an improvement on the Off-The-Record protocol that Signal and WhatsApp use.

      1. 2

        Has OMEMO been audited or formally proven secure? Until that’s been done, you probably should assume it’s broken. Innovations in security protocols tend to be of the disastrous kind when rolled out into production.

        1. 1

          Yes, Radically Open Security published an analysis last June.

          The OMEMO standard provides a protocol for secure communication with multiple devices. This protocol is only secure if both users apply good operational security in securing their devices and in adding devices of the other party. When both users are careful, they can set up a secure multi-device session. However, if one of the users makes a mistake and adds a malicious device, or if just one device of the users gets compromised, the authentication of all messages is compromised

      2. 2

        Like matrix.org/riot.im? Been using it with a few friends. They have E2E encryption with a system to easily trust/distrust other clients keys and they put a lot of work toward bridge to external network such as really well working IRC and an incoming full Slack bridge.

        1. 2

          this will sound like a pedantic weasel way of saying things, but like has no place in the area of crypto. “What are the qualities provided by the solution, have these qualities been vetted, and do they suit the needs of the operators?” is the question set I ask.

          Matrix has gotten some press and has some momentum. I have not evaluated it. I would prefer to see a transparent audit by a trusted third party before I recommend or suggest it to people. I haven’t heard of such. It may be a rotten heap of vulns. It may be amazing. Assume it’s compromised until demonstrated otherwise; layer that compromise into your threat model.

        1. 5

          When I’ve been worried about FB injecting keys to decrypt messages, I’ve been called tinfoil.

          This is much more devious :(

          1. 10

            Over the years, I’ve found that it’s not worth discussing degrees of paranoia, and the reasons behind paranoia, without first finding out the level of value a person has invested in them. (…or maybe invests in themselves)

            When you start discussing security and paranoia with a person who has been entrusted with private and/or financial information of millions of users across the internet, they will very readily tune into discussions that consider an adversary in the loop, and respond with serious and measured discourse.

            When you bring the same topics up with your drinking buddies on a camping trip, and try to clue them in on how things work, they may laugh at you, worry about you, or find themselves unexpectedly brimming with new fears they didn’t sign up for.

            Trying to help people, who are not immediately cognizant of whether they might even need help, is very often a thankless job. Most people would rather just not know.

            1. 3

              Well said, and I very much appreciate the perspective.

          2. 1

            Whisper Systems says that there isn’t so I really dunno who to believe