• ftbd@feddit.org
    link
    fedilink
    English
    arrow-up
    3
    ·
    22 minutes ago

    Article about encryption technology that doesn’t even mention the ol’ reliable PGP you can use over any communication channel?

    • ColeSloth@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      14
      ·
      13 hours ago

      It would already be mostly that way, but Apple, being the POS company that it is, refuses to switch their messaging system to RCS like everyone else. Apple wants to use only their proprietary imessage and it’s not compatible with everyone else. They are why all messages aren’t encrypted.

      They’re also being forced/pressured into changing this in the near future, I believe.

  • karashta@lemm.ee
    link
    fedilink
    English
    arrow-up
    45
    arrow-down
    3
    ·
    20 hours ago

    Showed this information to my boomer mother who then asked my also tech illiterate step father what he thought.

    “We don’t send sensitive information through texts.”

    The ignorance almost physically hurts… Thinking that only the actual message content is important.

    Or ignoring the pictures we send and the private things I talk about with my mom.

    Do I think that specifically my information would be useful to China? Likely not. But I also have no idea what all is possible with that kind of information in the aggregate.

    At the very least, I assume they will use it to manipulate us even more with disinformation.

    • JaddedFauceet@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      18 minutes ago

      But I also have no idea what all is possible with that kind of information in the aggregate

      so does your mom and the general public. This idea and its impact is far too remote to people’s day to day life.

      • “Yes, they can collect all they want, why should I care?”
      • “My data is too insignificant to be meaningful for anyone, LMAO, do you think I am some kind of a CEO?”

      it may help to try coming out with a story or incident that they can relate to. then again most of the time these stories will sound like a conspiracy theory,

    • rottingleaf@lemmy.world
      link
      fedilink
      English
      arrow-up
      17
      arrow-down
      2
      ·
      20 hours ago

      Easier, imagine half the strangers you’ve met during the day reading your messages aloud with orcish laughs and judging the pictures.

  • TheAlbatross@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    1
    ·
    20 hours ago

    I’m actually really not concerned about foreign governments spying on me but I am bothered by my own government, the guys with the guns who can arrest me, doing it.

    Tho I suspect if the government is recommending ways to avoid messages being intercepted, they’ve already cracked how to intercept them.

      • pdxfed@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        10 hours ago

        Yeah we can all trust Meta, who never should have been allowed to purchase Whatsapp for antitrust reasons exactly like this. Whatsapp was innovative and very successful outside the US, rather than compete with their own decent product Facebook just absorbed them and gulped their users.

  • Zak@lemmy.world
    link
    fedilink
    English
    arrow-up
    17
    ·
    19 hours ago

    Messages between two Apple devices are safe, and messages between two Android devices are safe, but messages between an Apple device and and Android device are vulnerable.

    This is not very accurate. Some Android devices come with Google Messages, which will use Google’s encrypted version of RCS if the carrier supports it. People who don’t know what all of that means should not assume their messages are encrypted.

    • BrianTheeBiscuiteer@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      17 hours ago

      Anyone know if Google Voice is encrypted? I can read copies of my texts online so I’m thinking no. I’ve felt like the service has outlived its usefulness for me and that would be the final straw.

      • Zak@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        16 hours ago

        I see no reason to believe that it is.

        I find it useful when outside the USA to be able to communicate with American luddites who refuse to install messaging apps.

  • rottingleaf@lemmy.world
    link
    fedilink
    English
    arrow-up
    12
    ·
    20 hours ago

    Use Signal or XMPP+OMEMO or anything else.

    Mandate social media to expose an open API and use the chat function with an OTR plugin.

    The solutions are all old.

    It’s just interesting how it all went from promotion of corporate surveillance to comms protection when supposed corporate shills won the election.

      • rottingleaf@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        12 minutes ago

        It went out of popularity for a reason. I’d love a new protocol with XMPP’s mistakes fixed.

        BTW, OMEMO highlights one of those - it’s not as good as Signal by which it is inspired. Basically no metadata protection, which means that it’s as good as OTR with multiple devices.

        Some kind of Signal with federation (and good clients, not like signal-desktop) would be interesting. Maybe even p2p with some kind of relays (like in NOSTR) for history, offline messages, some kind of Telegram channels and such.

      • rottingleaf@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 hours ago

        It’s not outdated, it’s just differently intended. OTR you can use over any IM allowing custom clients. OMEMO requires support in the protocol.

        OTR is better than inline PGP for that purpose, because of temporary keys.

        So if you have a legislation mandating that a certain IM network or social platform supports open API for custom clients, you can use OTR over it, you can use inline PGP over it, but you can’t use OMEMO over it.

  • ThePowerOfGeek@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    2
    ·
    edit-2
    20 hours ago

    That article may as well be sponsored by WhatsApp. Zero direct mentions of Signal, but tons pushing people to WhatsApp. That’s a bit disappointing.

    Edit: I was wrong, it does talk about Signal as well.

    • Snot Flickerman@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      21
      arrow-down
      1
      ·
      20 hours ago

      The second half of the article is about Signal.

      It sucks they mention WhatsApp first, but I think the bigger omission is that they don’t mention non-US entities or anything you can self-host and federate like Matrix.

      • ThePowerOfGeek@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        edit-2
        20 hours ago

        Oh, fair enough then!

        ETA: Yes, the lack of mentions of Matrix, etc are a bit disappointing. But I think Matrix is waaay outside their target democratic.

      • Semperverus@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        18 hours ago

        Matrix isn’t super private though. It’s halfway there, but compared to something like XMPP, it falls short due to the fact that any instance a user federates with gets a gigantic copy of all of their metadata, and the server operator can do whatever they want with it. So all you would have to do is spin up a new host, message a target user and get them to respond, and you’re done.

        • mox@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          9 hours ago

          any instance a user federates with gets a gigantic copy of all of their metadata,

          No, it does not. Instances get metadata only for the chat rooms in which they participate, not all of a user’s metadata.

          When chatting with someone on Matrix like you would with text messaging, only your instance and your contact’s instance are involved. Because they have to be, in order to exchange messages. Just like every other chat protocol that uses servers, including XMPP.

  • zephorah@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    2
    ·
    20 hours ago

    Signal or WIRE.

    When the article about end to end user encryption messaging platforms mentions neither I have to question why it’s even an article.

    Signal or WIRE.