You are reading content from Scuttlebutt
@Dominic %81aa5crwgUBEde6OhDCQI44Zv63iIC85QeDyJaqmX4A=.sha256
#scuttlebutt
Re: %7w2PaPHf7

@alannamix how ironic.

@juul I disagree with the mainstream (post-OTR) crypto community that deniability should be the primary goal. I think the landscape has changed, and the distant maybe of key compromise is not as much of a concern as the present and looming threat of metadata analysis. So, my approach to privacy is

  • step one, make usable software that people want to use everyday.
  • step two, make that as metadata private as possible. Metadata is easier to analyze than content! that is why it's more important to protect it!

That is, our goal is mass privacy and individual privacy is just a means to that end.

We are getting pretty good at step one, and our venturing into step two, well, we've made a good first step - it's immediately obvious who is talking to who, but there just arn't enough private messages. I'm hoping private groups are gonna change this though! We've talked about this for ages, but the enabling thing was out-of-order messages (which are working just need support to be implemented in clients!) so I'm gonna make a grant proposal for this in janurary.

okay, so signal has deniability, great, but it uses phone numbers for identifiers so every other app which of course requests access to the contacts (and they basically all do, because that's the nuts) can still see who you are friends with! Also, it's centralized - so xkeyscore selector is something like: who has signal installed / connects to signal's servers, and what are their contact lists?

Also, deniabilty only works with ephemerality, but users find chat history useful. (signal's explicit self destructing messages are good here, though)

So, for people who really want deniability, I have two ways I think we can go

  • explicit self-destructing messages, like signal has. I like the idea of explicitly sending someone a self-destructing "envelope" that they can send you a deniable message in.
  • once we get full p2p: on-the-side realtime chat, which is fully ephemeral, deniable, forward secure.
  • ps, if you want forward secrecy today, you can cycle your private keys occasionally.
Join Scuttlebutt now
AGPLv3 © ssb-viewer 38c61a5