@iameli@iame.li @chetwisniewski@securitycafe.ca At a certain point, trade-offs must be made. If a monopoly persists in the name of security, work at making federation more secure. Either way, security is no excuse for abuse—especially considering that this is Meta-owned WhatsApp we’re talking about.
Conversation
Notices
-
Embed this notice
Chris Trottier (atomicpoet@calckey.social)'s status on Monday, 26-Jun-2023 14:20:56 JST 
Chris Trottier
-
Embed this notice
Chris Trottier (atomicpoet@calckey.social)'s status on Monday, 26-Jun-2023 14:30:06 JST
Chris Trottier
@iameli@iame.li @chetwisniewski@securitycafe.ca I’m personally fine with small servers that don’t federate with each other. Once it hosts 1 billion people, I call shenanigans.
-
Embed this notice
iameli (iameli@iame.li)'s status on Monday, 26-Jun-2023 14:30:29 JST 
iameli
@atomicpoet @chetwisniewski I’m in favor of there being lots of Signals! Whatsapp, Session, and OG Signal are three of many. I’m just not certain those Signal instances should federate with each other. My intuition tells me that’d open up a whole new class of potential vulnerability.
Federation while exchanging zero information about your users is hard. Not sure if even ZK blockchains promise that to their users.
-
Embed this notice
Chris Trottier (atomicpoet@calckey.social)'s status on Monday, 26-Jun-2023 14:32:52 JST
Chris Trottier
@chetwisniewski@securitycafe.ca @iameli@iame.li The real zealotry is believing that monopolies should exist. Again, WhatsApp has billions of users. In certain places like Southeast Asia, you can’t even do business without a WhatsApp. That should not happen.
-
Embed this notice
Chester Wisniewski (chetwisniewski@securitycafe.ca)'s status on Monday, 26-Jun-2023 14:32:53 JST 
Chester Wisniewski
@atomicpoet @iameli Being a zealot helps no one. Understanding risks, benefits and politics are all important factors. Spreading misinformation and then insisting that people should work harder to achieve likely impossible goals is not helping anyone.
Is Meta evil? Absolutely. Is federation the answer to all problems? Absolutely not. Stick to what you know and work to help people make better choices.
-
Embed this notice
Chris Trottier (atomicpoet@calckey.social)'s status on Monday, 26-Jun-2023 14:36:22 JST
Chris Trottier
@iameli@iame.li @chetwisniewski@securitycafe.ca Exactly. I’m in favour of small Signals. One massive WhatsApp is a different kettle of fish.
-
Embed this notice
iameli (iameli@iame.li)'s status on Monday, 26-Jun-2023 14:36:34 JST
iameli
@atomicpoet @chetwisniewski Haha yeah I’m pretty okay with “once you have a billion users these different rules kick in”
-
Embed this notice
Chester Wisniewski (chetwisniewski@securitycafe.ca)'s status on Monday, 26-Jun-2023 14:38:04 JST
Chester Wisniewski
@atomicpoet @iameli I don't disagree, but you are making a decision for others. You are asking they sacrifice their safety and security to achieve some misinformed version of fairness. My 30 years of working in security and privacy tell me this is a very bad way to solve the problem you are trying to solve. You are trying to reinvent SMS, which we already have and is already terrible.
-
Embed this notice
Chris Trottier (atomicpoet@calckey.social)'s status on Monday, 26-Jun-2023 14:38:04 JST
Chris Trottier
@chetwisniewski@securitycafe.ca @iameli@iame.li Once monopolies exist, people are no longer making decisions regarding what they use. They’re forced into using it. That’s what makes a monopoly a monopoly.
-
Embed this notice
iameli (iameli@iame.li)'s status on Monday, 26-Jun-2023 14:39:17 JST
iameli
@atomicpoet @chetwisniewski Worth pointing out that part of the reason for Whatsapp’s dominance in that area is they released the Whatsapp app for dirt-cheap feature phones for people that don’t have any other option. Accessibility is everything
-
Embed this notice
Chris Trottier (atomicpoet@calckey.social)'s status on Monday, 26-Jun-2023 14:39:17 JST
Chris Trottier
@iameli@iame.li @chetwisniewski@securitycafe.ca Yeah, and it’s tragic that for so many people, Meta is the Internet for all intents and purposes.
-
Embed this notice
Chris Trottier (atomicpoet@calckey.social)'s status on Monday, 26-Jun-2023 14:42:36 JST
Chris Trottier
@chetwisniewski@securitycafe.ca @iameli@iame.li Who’s saying anything about decreasing security and privacy?
No, security and privacy are absolutely essential—but that’s no excuse for maintaining a monopoly. -
Embed this notice
Chester Wisniewski (chetwisniewski@securitycafe.ca)'s status on Monday, 26-Jun-2023 14:42:37 JST
Chester Wisniewski
@atomicpoet @iameli I'm sure the women and minorities who will be stalked and harassed when their privacy is impacted by your proposed solution will find solace in the world being a more just place.
-
Embed this notice
Chris Trottier (atomicpoet@calckey.social)'s status on Monday, 26-Jun-2023 15:07:36 JST
Chris Trottier
@chetwisniewski@securitycafe.ca @iameli@iame.li How to solve those problems specifically is for another conversation. Nevertheless, it is ludicrous to say that a monopoly should continue in the name of security.
-
Embed this notice
Chester Wisniewski (chetwisniewski@securitycafe.ca)'s status on Monday, 26-Jun-2023 15:07:37 JST
Chester Wisniewski
@atomicpoet @iameli federation by definition will decrease security and privacy. We all want a pony, but it's just not possible. Side channel attacks, differential communication analysis, key distribution/generation and many other issues make federation a dangerous compromise.
We would all like CSAM to be eliminated, but it isn't possible to have secure & private communication and yet still scan for it. Similarly federation requires compromises that would put many people at risk. (1/2)
-
Embed this notice
Chester Wisniewski (chetwisniewski@securitycafe.ca)'s status on Monday, 26-Jun-2023 15:07:37 JST
Chester Wisniewski
@atomicpoet @iameli It sounds good, but I don't see it being possible without compromising many people's safety. Suggesting it is safe without having studied the underlying risks is dangerous and irresponsible. (2/2)
-
Embed this notice
All GNU social JP content and data are available under the