Hello. I am looking for an alternative to Telegram and I prefer an application that uses decentralised servers. My question is: why is the xmpp+omemo protocol not recommended on websites when it is open source and decentralised? The privacyguides.org website does not list xmpp+omemo as a recommended messaging service. Nor does this website include it in its comparison of private messaging services.
https://www.privacyguides.org/en/assets/img/cover/real-time-communication.webp
Why do you think xmpp and its messaging clients such as Conversations, Movim, Gajim, etc. do not appear in these guides?
good to know leaking phone numbers and being the main Discord alternative used by congress and Jeff Bezos on a centralized server isn’t a problem on .world
TOR nodes are mostly run by the US government and independent cryptocurrency entrepreneurs (Jeffrey Epstein email chain inhabitants)
if you had half a brain you would use i2p
@tastemyglaive
@theherk
Bold claim. Any reliable sources about your statements?
Cool strawmen; I didn’t say any of that. Signal protocol is awesome for privacy, not anonymity. Maybe I don’t have half a brain, but I happen to think the double ratchet implementation is an impressive piece of tech. Maybe I’m as dumb as your fever dream, but compromised exits doesn’t make tor any less of an achievement. Though i2p is also superb. I guess my brain is too weak to understand why those statements are mutually exclusive.
The “privacy, not anonymity” dichotomy is some weird meme that I’ve seen spreading in privacy discourse in the last few years. Why would you not care about metadata privacy if you care about privacy?
Signal is not awesome for metadata privacy, and metadata is the most valuable data for governments and corporations alike. Why do you think Facebook enabled e2ee after they bought WhatsApp? They bought it for the metadata, not the message content.
Signal pretends to mitigate the problem it created by using phone numbers and centralizing everyone’s metadata on AWS, but if you think about it for just a moment (see linked comment) the cryptography they use for that doesn’t actually negate its users’ total reliance on the server being honest and following their stated policies.
Signal is a treasure-trove of metadata of activists and other privacy-seeking people, and the fact that they invented and advertise their “sealed-sender” nonsense to pretend to blind themselves to it is an indicator that this data is actually being exploited: Signal doth protest too much, so to speak.
It isn’t a meme. It is a fact of modern cryptography in many settings. For example TLS, which is a huge bulk of the traffic, guarantees again privacy not anonymity. I’m not saying one shouldn’t care about metadata privacy. Every communication one engages in requires risk benefit analysis. If your threat modeling shows that for a given message, anonymity is required, then signal, and nearly every single other protocol out there is insufficient.
That doesn’t mean TLS or lib signal, or any other cryptographic tool is not useful, especially in conjunction with other tools.
There are many cases where I want my messages to be private and the cost of entry for the message receiver to be low. Signal is great for that. But I’m not saying no other tools should be considered, just that signal is good at what it does.
“Anonymity” is a vague term which you introduced to this discussion; I’m talking about metadata privacy which is a much clearer concept.
TLS cannot prevent an observer from seeing the source and destination IPs, but it does include some actually-useful metadata mitigations such as Encrypted Client Hello, which encrypts (among other things) the Server Name Indicator. ECH a very mild mitigation, since the source and destination IPs are intrinsically out of scope for protection by TLS, but unlike Sealed Sender it is not an entirely theatrical use of cryptography: it does actually prevent an on-path observer from learning the server hostname (at least, if used alongside some DNS privacy system).
The on path part is also an important detail here: the entire world’s encrypted TLS traffic is not observable from a single choke point the way that the entire world’s Signal traffic is.
Don’t mistake me for saying you’re wrong. I agree with you, mostly. But sealed sender isn’t theater, in my view. It is a best effort attempt to mitigate one potential threat. I think everybody would like that solved but actually solving it isn’t easy as I understand it. Maybe not intractable, but if you have a solution, you can implement it. That is one of the things I like about free software.
In any case, I’m only saying Signal is good for a subset of privacy concerns. Certainly not that it is the best solution in all cases.
But, what is the potential threat which is mitigated by sealed sender? Can you describe a specific attack scenario (eg, what are the attacker’s goals, and what capabilities do you assume the attacker has) which would be possible if Signal didn’t have sealed sender but which is no longer possible because sealed sender exists?
Sure. If a state serves a subpoena to gather logs for metadata analysis, sealed sender will prevent associating senders to receivers, making this task very difficult.
On the other hand, what it doesn’t address is if the host itself is compromised where sealed sender can be disabled allowing such analysis (not posthoc though). This is also probably sensitive to strong actors with sufficient resources via a timing attack.
But still, as long as the server is accepting sealed sender messages the mitigation is useful.
Pre sealed-sender they already claimed not to keep metadata logs, so, complying with such a subpoena[1] should already have required them to change the behavior of their server software.
If a state wanted to order them to add metadata logging in a non-sealed-sender world, wouldn’t they also probably ask them to log IPs for all client-server interactions (which would enable breaking sealed-sender through a trivial correlation)?
Note that defeating sealed sender doesn’t require any kind of high-resolution timing or costly analysis; with an adversary-controlled server (eg, one where a state adversary has compelled the operator to alter the server’s behavior via a National Security Letter or something) it is easy to simply record the IP which sent each “sealed” message and also record which account(s) are checked from which IPs at all times.
it would more likely be an NSL or some other legal instrument rather than a subpoena ↩︎
@cypherpunks @theherk
In most countries, sharing your phone number is equivalent of sharing you full home address. It would be great to see how people would react if instead of providing their number for an account registration, they were asked to give their home address.
I Facebook said they enabled E2EE, theres zero evidence and zero way to verify that. Facebook has been caught in lie after lie. They most likely lied about that too.
Many people have reverse-engineered and analyzed whatsapp; it’s clear that they are actually doing e2ee. It is not certain that they don’t have ways to bypass it for targeted users, and there is currently a lawsuit alleging that they do, but afaik no evidence has been presented yet.
I personally wouldn’t consider it E2EE if they can easily bypass it, which all logic would dictate they can. Your message isn’t going to be picked up by a 3rd party, but if a techno-fascist corporation in league with a rouge fascist state can read it, then its not secure at all.
In case it wasn’t clear, I’m certainly not advocating for using WhatsApp or any other proprietary, centralized, or Facebook-operated communication systems 😂
But I do think Facebook probably really actually isn’t exploiting the content of the vast majority of whatsapp traffic (even if they do turn out to be able to exploit it for any specific users at any time, which i wouldn’t be surprised by).
Like I said, Facebook is actively in cahoots with Trumps fascist agenda. I fully believe if you live in America at least they are using your chat history to build a profile on you for Palantir’s surveillance system. Like you said, there is no hard evidence for it, but based on their history, their lack of morals, their zero ethical standards, and the lack of legal repercussions for anything big tech does, you’d have to be a fool to trust any software they’ve developed.
Removed by mod
You’re the one making insults and I’m smug? Care to actually dispute anything said with reason?