• zephorah@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    ·
    10 days ago

    Signal or WIRE.

    When the article about end to end user encryption messaging platforms mentions neither I have to question why it’s even an article.

    Signal or WIRE.

  • TheAlbatross@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    0
    ·
    10 days ago

    I’m actually really not concerned about foreign governments spying on me but I am bothered by my own government, the guys with the guns who can arrest me, doing it.

    Tho I suspect if the government is recommending ways to avoid messages being intercepted, they’ve already cracked how to intercept them.

      • pdxfed@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        10 days ago

        Yeah we can all trust Meta, who never should have been allowed to purchase Whatsapp for antitrust reasons exactly like this. Whatsapp was innovative and very successful outside the US, rather than compete with their own decent product Facebook just absorbed them and gulped their users.

      • ozymandias117@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 days ago

        Not to be too conspiratorial, but isn’t that a pretty good indicator that Meta capitulated and put a backdoor in WhatsApp for them?

  • SayCyberOnceMore@feddit.uk
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 days ago

    I don’t want WhatsApp & I avoid the 'stores, so it’s F-Droid options for me…

    Any opinions on Jami?

    I’m also seeing XMPP mentioned in the comments, so I might look at that a bit more…

    • rottingleaf@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 days ago

      Saving you the bother, Signal is good, but requires phone number and the desktop client sucks, while the generally recommended federated FOSS things are all over-engineered and morally obsolete. One can’t rework XMPP into a modern standard, and it’s complex. Actually Signal’s authors have published a couple of articles explaining their choices in making it.

  • rottingleaf@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    10 days ago

    Use Signal or XMPP+OMEMO or anything else.

    Mandate social media to expose an open API and use the chat function with an OTR plugin.

    The solutions are all old.

    It’s just interesting how it all went from promotion of corporate surveillance to comms protection when supposed corporate shills won the election.

      • rottingleaf@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        10 days ago

        It’s not outdated, it’s just differently intended. OTR you can use over any IM allowing custom clients. OMEMO requires support in the protocol.

        OTR is better than inline PGP for that purpose, because of temporary keys.

        So if you have a legislation mandating that a certain IM network or social platform supports open API for custom clients, you can use OTR over it, you can use inline PGP over it, but you can’t use OMEMO over it.

          • jagged_circle@feddit.nl
            link
            fedilink
            English
            arrow-up
            0
            ·
            9 days ago

            Yes. Asynchronous communication is dependent on both users servers software and config. And that’s exactly why XMPP is disused.

            • oldfart@lemm.ee
              link
              fedilink
              English
              arrow-up
              0
              ·
              8 days ago

              I’m sure there’s an option you can disable in server software to disable message storage. Why stop at this?

              XMPP can’t federate because there’s an option for disabling that too! 😧

              • jagged_circle@feddit.nl
                link
                fedilink
                English
                arrow-up
                0
                ·
                edit-2
                8 days ago

                Its the other way around. Asynchronous communication was a feature added later in some software. By default it didn’t have it

                I’m saying it’d a deal breaker if all users dont have asynchronous communication.

      • rottingleaf@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 days ago

        It went out of popularity for a reason. I’d love a new protocol with XMPP’s mistakes fixed.

        BTW, OMEMO highlights one of those - it’s not as good as Signal by which it is inspired. Basically no metadata protection, which means that it’s as good as OTR with multiple devices.

        Some kind of Signal with federation (and good clients, not like signal-desktop) would be interesting. Maybe even p2p with some kind of relays (like in NOSTR) for history, offline messages, some kind of Telegram channels and such.

  • ThePowerOfGeek@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    10 days ago

    That article may as well be sponsored by WhatsApp. Zero direct mentions of Signal, but tons pushing people to WhatsApp. That’s a bit disappointing.

    • Snot Flickerman@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      0
      ·
      10 days ago

      The second half of the article is about Signal.

      It sucks they mention WhatsApp first, but I think the bigger omission is that they don’t mention non-US entities or anything you can self-host and federate like Matrix.

      • Semperverus@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        10 days ago

        Matrix isn’t super private though. It’s halfway there, but compared to something like XMPP, it falls short due to the fact that any instance a user federates with gets a gigantic copy of all of their metadata, and the server operator can do whatever they want with it. So all you would have to do is spin up a new host, message a target user and get them to respond, and you’re done.

      • ThePowerOfGeek@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        10 days ago

        Oh, fair enough then!

        ETA: Yes, the lack of mentions of Matrix, etc are a bit disappointing. But I think Matrix is waaay outside their target democratic.

  • Zak@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    10 days ago

    Messages between two Apple devices are safe, and messages between two Android devices are safe, but messages between an Apple device and and Android device are vulnerable.

    This is not very accurate. Some Android devices come with Google Messages, which will use Google’s encrypted version of RCS if the carrier supports it. People who don’t know what all of that means should not assume their messages are encrypted.

    • BrianTheeBiscuiteer@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      10 days ago

      Anyone know if Google Voice is encrypted? I can read copies of my texts online so I’m thinking no. I’ve felt like the service has outlived its usefulness for me and that would be the final straw.

      • Zak@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        10 days ago

        I see no reason to believe that it is.

        I find it useful when outside the USA to be able to communicate with American luddites who refuse to install messaging apps.

      • Noxy@yiffit.net
        link
        fedilink
        English
        arrow-up
        0
        ·
        10 days ago

        Yes it almost certainly is, though how they manage who can decrypt is another story

            • capital@lemmy.world
              link
              fedilink
              English
              arrow-up
              0
              ·
              edit-2
              8 days ago

              It sends SMS. not RCS. Does SMS even support any type of encryption? I’m under the impression it doesn’t.

              Edit: I just sent a message from my GV to my regular carrier number and it’s just SMS. Certainly not encrypted.

      • capital@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        8 days ago

        I just sent a test message from my GV to my normal carrier number. It’s regular old SMS. No, not encrypted.

  • ftbd@feddit.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 days ago

    Article about encryption technology that doesn’t even mention the ol’ reliable PGP you can use over any communication channel?

    • jagged_circle@feddit.nl
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 days ago

      User error is high with this one. Also doesn’t have PFS.

      But you’re right it should be mentioned.

      • qwerty@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 days ago

        Fixed. My screenshot cut off part of the text too. It would be cool to have a bot that would do that automatically @someone.

  • darkstar@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 days ago

    How, in 2024, are people still using TEXTs??

    There are so many apps for encrypted messaging, even fricken WhatsApp.

    How do people still use text messages

    • ouRKaoS@lemmy.today
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 days ago

      How do people still use text messages

      Text is super simple. Built in to every phone, universal compatibility, no downloads/accounts to deal with, don’t have to track which of your friends is on which protocol…

      There’s 1000’s of reasons to use something else, but it’s already there & takes zero effort to use which makes it the default.

  • Daemon Silverstein@thelemmy.club
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 days ago

    Such an advice coming from surveillance authorities, perhaps it’s a Harvest now decrypt later strategy?

    Harvest now, decrypt later, also known as store now, decrypt later or retrospective decryption, is a surveillance strategy that relies on the acquisition and long-term storage of currently unreadable encrypted data awaiting possible breakthroughs in decryption technology that would render it readable in the future - a hypothetical date referred to as Y2Q (a reference to Y2K) or Q-Day.

    The most common concern is the prospect of developments in quantum computing which would allow current strong encryption algorithms to be broken at some time in the future, making it possible to decrypt any stored material that had been encrypted using those algorithms. However, the improvement in decryption technology need not be due to a quantum-cryptographic advance; any other form of attack capable of enabling decryption would be sufficient.

    (Wikipedia)

    The more data, the better for surveillance authorities in the future, when E2EE is somehow broken.

    Maybe I’m too paranoid, but this (Harvest now decrypt later) is an ongoing known strategy.

    • ColeSloth@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      0
      ·
      10 days ago

      It would already be mostly that way, but Apple, being the POS company that it is, refuses to switch their messaging system to RCS like everyone else. Apple wants to use only their proprietary imessage and it’s not compatible with everyone else. They are why all messages aren’t encrypted.

      They’re also being forced/pressured into changing this in the near future, I believe.

  • 1985MustangCobra@lemmy.ca
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 days ago

    I have tried, over and over with the people i communicate with daily(family), and because i take medicine they always say “have you seen your phsyc recently?, have you taken your meds?”

    • underwire212@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      9 days ago

      Well that would be fucking annoying as fuck lmao. Sorry you have to deal with that

      For what it’s worth I’ve got a group of friends who don’t give a shit either. Like they take some weird pleasure in not using E2E communication apps and just use SMS. It takes 2 seconds to download a new app.

      They can spy on me all they want, I got nuthin to hide harhar

      • shastaxc@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        8 days ago

        Nothing to hide yet*. Just because you trust the current government and companies doesn’t mean you always will. Data harvested now can be used against you (or your family) in the future. How will these people feel when 20 years from now they are denied medical insurance coverage because they have some data on you that proves you used to consume something that is later proven to cause a medical issue. For example, 50 years ago people didn’t know that tobacco caused cancer. How would they feel if that information was used against them? What if just smoking even one cigarette increased their insurance premiums by double? These sorts of things could happen in the future. You never know how laws or economies will change, but one thing is certain: information collected on you now will never be used to your benefit, only to your detriment.