Oh, well, look at this, libsignal is actually written in Rust.

aud@fire.asta.lgbt

Oh, well, look at this, libsignal is actually written in Rust. I wonder how easy it would be to tap into for reasonably private fedi/fedi messages???

(Note that I say private, not secure). I’ll have to look more into it?? I wonder… since it also has a JS API, does that in theory mean I can ship a JS function/module specifically for client side message encryption… AND potentially implement some sort of hashing for the JS function to ensure it hasn’t been tampered with? Hmmmmm.

A function that reliably calculates and ships its own hash; is that even fucking possible? I’d… have to think about that one. Nevermind the possibility of faking it.

aud@fire.asta.lgbt

Ugghhhhh look at the depths I would sink to. JavaScript. Bleh. Still, it’d be nice to have some reasonable amount of privacy against dickhead admins.

Like my instance admin reads MY DMs all the fucking time (it’s me, I’m the instance admin, to make it clear)

aud@fire.asta.lgbt

Maybe this whole thing is a terrible idea, actually. Any wrong move and it puts people at risk; if they trust and assume it’s secure and it’s not, well…

aud@fire.asta.lgbt

Like if I assume I have some “correct” method of ensuring the supplied encryption function hasn’t been tampered with, and I… actually do not, that’s worse than a system you openly know isn’t private. By a lot.

opendna@mastodon.sdf.org

@aud Yeah, I feel like putting a Signal username link in your profile is an safer and easier solution.

Remember the FBI's Protonmail exploit? They got a court order to force Protonmail to MitM js which captured login creds.

aud@fire.asta.lgbt

@[email protected] Jesus, no, I missed that. Fuck. Yeah, definitely better to not build it rather than build it poorly.