Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/gerowen/statuses/111616581631776905">Marcus (gerowen@mastodon.social)'s status on Thursday, 21-Dec-2023 13:57:34 JST</a><a href="https://mastodon.social/@gerowen" title="gerowen@mastodon.social"><img src="https://gnusocial.jp/avatar/24923-48-20241121062705.webp" width="48" height="48" alt="Marcus" style="position: absolute; left: 0; top: 0;">Marcus</a></section><article><p>I find myself these days hesitant to even consider any private messengers if they don't have the option to verify which devices/keys have access to your messages.  <a href="https://mastodon.social/tags/Signal" rel="tag">#Signal</a>, <a href="https://mastodon.social/tags/XMPP" rel="tag">#XMPP</a> / OMEMO, <a href="https://mastodon.social/tags/Matrix" rel="tag">#Matrix</a>, hell even Facebook Messenger's E2EE chats let you verify which devices can read your messages.  If you're encrypting your users' messages, but they can't verify whether a rogue device has access to their messages, then why even bother encrypting them?</p><p><a href="https://mastodon.social/tags/Encryption" rel="tag">#Encryption</a> <a href="https://mastodon.social/tags/Security" rel="tag">#Security</a> <a href="https://mastodon.social/tags/Cybersecurity" rel="tag">#Cybersecurity</a> <a href="https://mastodon.social/tags/Privacy" rel="tag">#Privacy</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2480707#notice-4908707">In conversation</a><time datetime="2023-12-21T13:57:34+09:00" title="Thursday, 21-Dec-2023 13:57:34 JST">about a year ago</time> <span>from <span><a href="https://mastodon.social/@gerowen/111616581631776905" rel="external" title="Sent from mastodon.social via ActivityPub">mastodon.social</a></span></span><a href="https://mastodon.social/@gerowen/111616581631776905">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/1996741">A collage of 3 different screenshots taken from my phone.  They depict, from left to right, Element (Matrix), Conversations (XMPP) and Signal, all displaying the ability to verify which devices actually have access to your account or messages.</a></label><br><a href="https://files.mastodon.social/media_attachments/files/111/616/576/660/552/180/original/6d1c366ffd0169aa.png" rel="external">https://files.mastodon.social/media_attachments/files/111/616/576/660/552/180/original/6d1c366ffd0169aa.png</a></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Marcus (gerowen@mastodon.social)'s status on Thursday, 21-Dec-2023 13:57:34 JST Marcus
I find myself these days hesitant to even consider any private messengers if they don't have the option to verify which devices/keys have access to your messages. #Signal, #XMPP / OMEMO, #Matrix, hell even Facebook Messenger's E2EE chats let you verify which devices can read your messages. If you're encrypting your users' messages, but they can't verify whether a rogue device has access to their messages, then why even bother encrypting them?
#Encryption #Security #Cybersecurity #Privacy
In conversationabout a year ago from mastodon.socialpermalink
Attachments
1. A collage of 3 different screenshots taken from my phone. They depict, from left to right, Element (Matrix), Conversations (XMPP) and Signal, all displaying the ability to verify which devices actually have access to your account or messages.
  https://files.mastodon.social/media_attachments/files/111/616/576/660/552/180/original/6d1c366ffd0169aa.png

Public

Embed Notice

HTML Code

Corresponding Notice