This obsession with e2ee in the fediverse just makes no sense to me whatsoever.
-
This obsession with e2ee in the fediverse just makes no sense to me whatsoever. It's hard to get right—harder still when you have eight million man-in-the-middle vectors who aren't necessarily trusted—and the way we use the protocols today are basically antithetical to the tools you would need for this to work.
Sure, there are reasons to want it in at least some form, but if you want _actual e2ee_ and not just "some extra privacy from snooping" then what you want is signal.
-
Jenniferplusplusreplied to Hrefna (DHC) last edited by
@hrefna I don't get it either. It's completely impossible to have both end to end encryption and serendipitous discovery. And clearly the reason we're all here is for serendipity. Otherwise we would already be having this conversation over signal.
-
Even if people claim that it is a huge blocker for them basing themselves on the fediverse I have trouble believing that it will actually drive adoption either.
Maybe around some sub-group or another, but in general: if you want multiparty secure messaging, there are better tools in existence that you are probably using already.
Why would you switch operations? Even if it is a dealbreaker if the fediverse doesn't have it, would it having it really make that big of a difference?
-
Anders Eknertreplied to Jenniferplusplus last edited by
@jenniferplusplus @hrefna the way I had imagined an implementation is pretty much DMs handled out of band (via Signal or whatnot) but that AP/Mastodon provided some *convenience* functions for this. Like using my identity from here for DMs rather than my personal/family account, or whatever.
Is something like that unrealistic?
-
Jenniferplusplusreplied to Anders Eknert last edited by
@anderseknert @hrefna that's possible. I plan to build it, even, over xmpp. But there are a *lot* of people who insist that every message sent through the fediverse should be e2e encrypted. Sometimes even in the replies to one of my posts, which were not addressed to them. And with no acknowledgement that it would have made that exact interaction mathematically impossible.
-
Anders Eknertreplied to Jenniferplusplus last edited by
@jenniferplusplus @hrefna Well, in fairness, I can't say that I never wished some interactions to be mathematically impossible
But yeah, that all makes sense. Thanks! -
@hrefna
I don't know the reasoning of people there, but recently I've seen companies marching to e2ee being more about not needing to care about moderation ("we can't see inside anymore sorry") and selling it as privacy -
A lot of what I've seen people talk about falls under one of two camps:
1. e2ee ALL THE THINGS.
2. Implement it for private messages.
Usually these proposals are based on MLS and, as @jenniferplusplus would point out for (1), it's kind of antithetical to what we are even trying to accomplish. While for (2) I would argue that others do it better, more reliably, and safer.
But integration with external systems is a different matter, same with key visibility type things.
