@nullagent I'm seeing a lot of recommendations for Signal, which I equally distrust as Telegram as well and Matrix. Secure communication is becoming a matter of life or death for many.
Conversation
Notices
-
Embed this notice
Shadow Heart (sh4d0w_h34rt@cyberpunk.lol)'s status on Tuesday, 12-Nov-2024 12:45:26 JST 
Shadow Heart
- Kari'boka likes this.
-
Embed this notice
Kari'boka (kariboka@social.harpia.red)'s status on Tuesday, 12-Nov-2024 12:46:13 JST 
Kari'boka
@jackemled @Sh4d0w_H34rt @nullagent you forgot the best player: #xmpp / #jabber -
Embed this notice
Luna Lactea (jackemled@furry.engineer)'s status on Tuesday, 12-Nov-2024 12:46:14 JST 
Luna Lactea
@Sh4d0w_H34rt @nullagent Signal is supposed to be perfect except for the phone number requirement. Matrix is alright since no company runs it, except for the shitty scaling & the encryption vulnerabilities, so it's fine for things that aren't sensitive. There are a few other encrypted messaging apps but they all seem to be either infested with cryptocurrency shit (Session, Jami) or underdeveloped (Briar, SimpleX Chat).
-
Embed this notice
Shadow Heart (sh4d0w_h34rt@cyberpunk.lol)'s status on Tuesday, 12-Nov-2024 12:46:30 JST
Shadow Heart
@bryanredeagle @nullagent Signal relies on centralized servers and encryption keys were being stored in plain text. Unless I can host an app myself I can't fully trust what it will do or who they give access to. It needs to support end to end encryption with no logging. Bonus if it can be deployed adhock over out of band networks.
What I recommend, well I don't know. I'm looking into Meshtastic, but that requires dedicated hardware, Matrix is good, but extra effort has to be made to make it secure. Sadly, projects like @supapp appear to be abandoned.
Kari'boka likes this. -
Embed this notice
Bryan Redeagle (bryanredeagle@beige.party)'s status on Tuesday, 12-Nov-2024 12:46:32 JST 
Bryan Redeagle
@Sh4d0w_H34rt @nullagent Why no trust for Signal? And what do you trust?
Kari'boka and Véia Redead repeated this. -
Embed this notice
Kari'boka (kariboka@social.harpia.red)'s status on Tuesday, 12-Nov-2024 12:48:02 JST
Kari'boka
@Sh4d0w_H34rt @bryanredeagle @nullagent @supapp why dont use #xmpp? @snikket_im is super easy to setup -
Embed this notice
Stefan Monnier (monnier@oldbytes.space)'s status on Tuesday, 12-Nov-2024 12:51:09 JST 
Stefan Monnier
@jackemled @Sh4d0w_H34rt @nullagent Interesting. Didn't know about "shitty scaling & the encryption vulnerabilities". Do you happen to have pointers to details?
-
Embed this notice
Luna Lactea (jackemled@furry.engineer)'s status on Tuesday, 12-Nov-2024 12:52:05 JST
Luna Lactea
@kariboka @Sh4d0w_H34rt @nullagent XMPP is outdated as shit sorry💔
It would be less of an issue if people would use up to date OMEMO that fails closed instead of failing open like the popular version does though. -
Embed this notice
Kari'boka (kariboka@social.harpia.red)'s status on Tuesday, 12-Nov-2024 12:52:05 JST
Kari'boka
@jackemled @Sh4d0w_H34rt @nullagent what you mean? We are using omemo just fine. Even the old omemo versions are robust, I mean good luck trying to brute-force those
C/c @adele @joinjabber -
Embed this notice
Luna Lactea (jackemled@furry.engineer)'s status on Tuesday, 12-Nov-2024 13:25:37 JST
Luna Lactea
@kariboka @Sh4d0w_H34rt @joinjabber @nullagent @adele If someone tha doesn't have OMEMO messages you it will be plain text. If you message them it will be plain text. If you both have it & your keys are mismatched your clients will fail open & go "oh well, we tried. just send the message again without encryption, I'm sure it's fine". A newer version that what's used in XMPP properly fails closed & does not send an unencrypted message. Encryption doesn't matter if you can simply jam the signal to make the people talking decide to turn off their encryption. Encryption only works while it's turned on.
Kari'boka likes this.Kari'boka repeated this. -
Embed this notice
Alfred M. Szmidt (amszmidt@mastodon.social)'s status on Tuesday, 12-Nov-2024 17:27:25 JST 
Alfred M. Szmidt
@nathanu @jackemled @Sh4d0w_H34rt @nullagent FUD much? #GNU Jami has nothing to do with cryptocurrency, nor has the concept of "buying tokens" -- whatever that is supposed to mean. It even uses DHT ...
-
Embed this notice
Luna Lactea (jackemled@furry.engineer)'s status on Tuesday, 12-Nov-2024 17:27:26 JST
Luna Lactea
@nathanu @Sh4d0w_H34rt @nullagent No fucking clue. It's stupid as hell. Something about spending more money means you're more trustworthy & the names you define are trusted before anyone else. I can see it being used to lie about names for scams.
-
Embed this notice
Nathan (nathanu@lounge.town)'s status on Tuesday, 12-Nov-2024 17:27:26 JST 
Nathan
@jackemled @Sh4d0w_H34rt @nullagent Bizarre. I expected better from a GNU project with EFF backing.
-
Embed this notice
Nathan (nathanu@lounge.town)'s status on Tuesday, 12-Nov-2024 17:27:27 JST
Nathan
@jackemled @Sh4d0w_H34rt @nullagent Jami is related to crypto shit?
-
Embed this notice
Luna Lactea (jackemled@furry.engineer)'s status on Tuesday, 12-Nov-2024 17:27:27 JST
Luna Lactea
@nathanu @Sh4d0w_H34rt @nullagent They're using some kind of cryptocurrency blockchain thing as a "distributed" nameserver but it's actually centralized & they just want to make people buy "tokens" or something. The entire thing falls apart when you remember that DHT exists & has none of the issues that their blockchain thing has.
-
Embed this notice
Nathan (nathanu@lounge.town)'s status on Tuesday, 12-Nov-2024 17:27:27 JST
Nathan
@jackemled @Sh4d0w_H34rt @nullagent I don't understand; where/how/why do you buy tokens and what do they do?
-
Embed this notice
Alfred M. Szmidt (amszmidt@mastodon.social)'s status on Tuesday, 12-Nov-2024 17:42:02 JST
Alfred M. Szmidt
@jackemled @nathanu @Sh4d0w_H34rt @nullagent "blockchain" isn't "shit" -- you should maybe learn what it is first from the looks, and how it actually is used in #GNU Jami before saying something.
-
Embed this notice
Luna Lactea (jackemled@furry.engineer)'s status on Tuesday, 12-Nov-2024 17:42:03 JST
Luna Lactea
@amszmidt @nathanu @Sh4d0w_H34rt @nullagent They're switching to some blockchain shit. I can't understand why when DHT works completely fine & even better than a blockchain ever could.
-
Embed this notice
Alfred M. Szmidt (amszmidt@mastodon.social)'s status on Tuesday, 12-Nov-2024 18:00:46 JST
Alfred M. Szmidt
@jackemled How are you supposed to change it?
That is the whole point of a blockchain. It has nothing to do with cryptocurrency. A blockchain is just a data-structure, nothing more, nothing less. Even git is essentially a blockchain!
And really? Name calling? Seems like you're a cryptobro. *plonk*
-
Embed this notice
Luna Lactea (jackemled@furry.engineer)'s status on Tuesday, 12-Nov-2024 18:00:49 JST
Luna Lactea
@amszmidt @nathanu @Sh4d0w_H34rt @nullagent I learned what it is. It's a chain of immutable blocks. It is fucking stupid. How are you supposed to change it? Add another block? Pay money, waste power, or grind time to prove something & have your block be accepted by others? Stupid as fuck. You didn't even know it was used or planned until I brought it to your attention & now you're defending it just because it's GNU. Cool of you to place tags in the middle of a post to make it hard to read. Very cool of you to suck GNU's blockchain or whatever, techbro. Some kind of dick sucking joke can be made here but techbros don't deserve my attention span so I won't do it.
Anything cryptocurrency is invariably shit. Being shit is a fundamental part of blockchain technology. Please don't kiss ass about cryptocurrency to me because I will talk shit about it until you run out of arguments & start making shit up if I'm feeling patient enough that day. Stupid system, whoever came up with it shouldn't be allowed human contact
-
Embed this notice
Adële (adele@phpc.social)'s status on Tuesday, 12-Nov-2024 20:58:17 JST 
Adële
@jackemled @kariboka @Sh4d0w_H34rt @joinjabber @nullagent
the only feature I need about encryption is to be enabled when I think it is necessary (when the conversation is sensible)Look at what we are doing just know, our conversation is not encrypted and all is fine.
Kari'boka likes this. -
Embed this notice
Kris (kris@outmo.de)'s status on Tuesday, 12-Nov-2024 22:39:51 JST 
Kris
@jackemled @kariboka @Sh4d0w_H34rt @joinjabber @nullagent @adele Nothing is "plain text", as everything is always transport encrypted. Together with a self-hosted xmpp server that is pretty good already, and OMEMO on top works just fine in most cases. Kari'boka likes this.
All GNU social JP content and data are available under the