@silverwizard @Rosalinya :blobCatBounce::pleading_cat_collar: I think it is actually a legitimate concern, at least for newbs who sign up to rando instance. If the 'verse becomes the leader in social media, like some people want, there likely will be Nigerian princes and other online scammers spinning up their own instances for various reasons. One of the many reasons I try to recommend people try to get their feet wet before getting "locked in" to a particular platform instance so they can make a better decision of where they actual trust the people (another reason to avoid the mastodon.socials of the 'verse, though I think its a fine place to start). Does that make sense?
@Nick | OneThingWell.dev but they have per-device preshared keys if you drop your phone in the toilet and get a new one, all your old messages are gone and you're TOFUing new keys
@silverwizard the only reason anyone bats and eye, is because Mastodon acutally calls out the fact that its not. I think that is actually better than actually doing so as it leads to this conversation.
if I were upset, I would have expanded my blocklist without saying a word.
I am merely annoyed.
please attempt to comprehend the following:
popping out of the digital undergrowth unbidden and saying, effectively, "ah but you're incorrect and here's several reasons why" to strangers comes across as - at minimum - extremely rude and thoughtless.
@Nick | OneThingWell.dev so when I pop on to my work laptop I need to grab my zero knowledge backup creds and pull them from cold storage to read the message "Hey, can you grab cheese on your way home"?
@Nick | OneThingWell.dev I refuse to use the decrepit and broken Matrix protocol. I use XMPP+OMEMO quite regularely. I don't use proton mail, I do mail myself.
How do you backup keys? Do you just huck them on an unencrypted Samba share? Managing keys is a thorny issue, and I don't want to do that for low end and low importance messages. Threat modelling matters.
why am I not surprised from a guy who's domain ends in .email have you tried Delta Chat? Its a modern e2ee instant messaging application handled via IMAP.
but it's relatively convenient for people I'm interacting with.
how has this gone for you? Save getting my mom to swith to it to video chat with my daughters after Google shit the bed on the hangouts/duo/whatever-they-call-it-now transitions, the response I usually get form family& IRL friends is "why should I download a new app just to talk to you?"
@Nick | OneThingWell.dev @Alexis @silverwizard how do you define private? If I have a fedi post that I have set to visible only to friends, or only to people tagged, is that private? How about a XMPP group chat?
@Nick | OneThingWell.dev @Ji Fu @Alexis so you value accessibility that much less than confidentiality? You'd rather lose all your messages whenever you made a single error?
@Nick | OneThingWell.dev @Ji Fu Ok, so you don't want E2E encryption, you want... what? S2S? If you want S2S why the concern about DB dumps, since a DB dump will reveal the key?
For key management, I guess you need to do *more* key management, every single thing I work with has its own keyflow and backup strategy, and needing to do that for another things sucks, and is an onboarding burden for a new device, and why should that be default.
*Also* if you don't trust your admin, why would you trust your admin to do the encryption they said they would?
Fundamentally I am.unsure how your threat model works, and what the attacker model is, and how you balance it within the CIA Triad.
@Nick | OneThingWell.dev @Ji Fu well, optional means both sides need encryption to be turned on to get a benefit, so sure, but use signal
As for DB dumps not revealing keys, how do you envision them stored. Cryptography doesn't exist without key management, and it's *hard*. And thus network isn't designed for it, so LARPing crypto is way.more dangerous
@silverwizard I don't host my own, but I do have my own domain. I often get people thinking I'm backwards on my actual email when I tell them its [organization]@[myname].com
@Nick | OneThingWell.dev @Ji Fu I... don't understand the value of this really - right? This feels like it strongly values an attack by an ephemeral attacker? I guess?
Alexis
•like this
Luna Dragofelis ΘΔ and silverwizard like this.
Rosalina Saige :blobCatBounce::PCCFlower:
•silverwizard likes this.
silverwizard
Ji Fu likes this.
Ji Fu
•furicle
•silverwizard likes this.
Ji Fu
•silverwizard
silverwizard
if you drop your phone in the toilet and get a new one, all your old messages are gone and you're TOFUing new keys
Ji Fu
•silverwizard
Alexis
•Alexis
•@unixroot buddy,
pal,
fellow traveler on this wet ball of gas and rock,
if I were upset, I would have expanded my blocklist without saying a word.
I am merely annoyed.
please attempt to comprehend the following:
popping out of the digital undergrowth unbidden and saying, effectively, "ah but you're incorrect and here's several reasons why" to strangers comes across as - at minimum - extremely rude and thoughtless.
Ji Fu likes this.
silverwizard
silverwizard
@Nick | OneThingWell.dev I refuse to use the decrepit and broken Matrix protocol. I use XMPP+OMEMO quite regularely. I don't use proton mail, I do mail myself.
How do you backup keys? Do you just huck them on an unencrypted Samba share? Managing keys is a thorny issue, and I don't want to do that for low end and low importance messages. Threat modelling matters.
4223 likes this.
Ji Fu
•@silverwizard
why am I not surprised from a guy who's domain ends in .email have you tried Delta Chat? Its a modern e2ee instant messaging application handled via IMAP.
Ji Fu
•@Nick | OneThingWell.dev
how has this gone for you? Save getting my mom to swith to it to video chat with my daughters after Google shit the bed on the hangouts/duo/whatever-they-call-it-now transitions, the response I usually get form family& IRL friends is "why should I download a new app just to talk to you?"
Ji Fu
•silverwizard
@Ji Fu I use Delta Chat quite heavily and love it!
And yes, people get annoyed when I tell them my email is [theircompany]@convenient.email ;)
Ji Fu likes this.
Ji Fu
•silverwizard
silverwizard
silverwizard
@Nick | OneThingWell.dev @Ji Fu Ok, so you don't want E2E encryption, you want... what? S2S? If you want S2S why the concern about DB dumps, since a DB dump will reveal the key?
For key management, I guess you need to do *more* key management, every single thing I work with has its own keyflow and backup strategy, and needing to do that for another things sucks, and is an onboarding burden for a new device, and why should that be default.
*Also* if you don't trust your admin, why would you trust your admin to do the encryption they said they would?
Fundamentally I am.unsure how your threat model works, and what the attacker model is, and how you balance it within the CIA Triad.
Ji Fu likes this.
Frost, Wolffucker 🐺:therian:
•silverwizard likes this.
silverwizard
silverwizard
@Nick | OneThingWell.dev @Ji Fu well, optional means both sides need encryption to be turned on to get a benefit, so sure, but use signal
As for DB dumps not revealing keys, how do you envision them stored. Cryptography doesn't exist without key management, and it's *hard*. And thus network isn't designed for it, so LARPing crypto is way.more dangerous
Ji Fu
•silverwizard