Alex GleasonRant on E2EE messages:
Twitter says adopt E2EE encrypted messages based on Signal, but it has an impossible task ahead of it.
The reason Signal works is because it doesn’t scale. Yes, you can have it on your laptop and your phone, but even that’s a lot to ask.
When I send you a message on Signal, I actually send a separate message to every known device you have on Signal. If that’s 20 devices, I send 20 separate messages. If everyone has 20 devices, it becomes a big problem.
Therefore, Signal doesn’t have a website you can visit and log in, because it can’t afford for everyone’s browser tab to be a “device”. Also, new devices are blank slates that can’t sync data from old devices.
Signal exists to encrypt EVERYTHING about your conversations. If the CIA got into Signal’s database they wouldn’t be able to tell:
- who you’ve been sending messages to
- how many messages you’ve sent, or at what times
- if you’ve even sent messages at all
This is because of the double-ratchet algorithm that regenerates keypairs between every message as part of an agreement with the recipient.
Encryption can absolutely work in the Twittersphere, but we need to compromise a bit on privacy for better UX. The best solution is to just encrypt the message BODY. Then it becomes like email. Yes, we can see who you’ve been talking to and how many messages you’ve sent and at what times, but we can’t see what you were actually saying. It’s exactly the same as PGP encryption in email. That’s what makes sense. People who need that level of privacy should be using Signal instead of Twitter or the Fediverse.
Incidentally, there’s been some great work done recently by a gay furry that I think makes a lot of sense for encrypted messages on the Fediverse: https://github.com/soatok/mastodon-e2ee-specification
RT: https://spinster.xyz/objects/0d4533e8-fe31-4f6d-a021-2117697ff370
King Henry VIII
Cum_Death :verified:
d3n
@polarisera reposted your post
All GNU social JP content and data are available under the