fsebugoutzone.org:9999

       Post AcoEXRE4rgN19dRuKG by cherti@chaos.social
 (DIR) More posts by cherti@chaos.social
 (DIR) Post #AcnunTiNNiTOQHzZw0 by Bernard@friends.ravergram.club
       2023-12-14T15:19:52Z
       
       1 likes, 0 repeats
       
       Is it not better for #Signal to encourage people to use decentralized self hosted communication channels instead of Signal?I assume Signal would want to reduce its operation costs and not be high value target of APT&#39;s.Signal needs to pay AWS based on usage and traffic. Too many people on a particular server makes it more of a target for threat actors.I want Signal to thrive. So shouldn&#39;t Signal and communities actively promote alternatives such as Simplex, Session, XMPP, Matrix..?
       
 (DIR) Post #Aco7HW2CWJ9JksM2W8 by cherti@chaos.social
       2023-12-14T17:39:42Z
       
       0 likes, 0 repeats
       
       @Bernard not really, because ultimately, the price is the same, but decentralization has proven to not work effectively in this space (plenty of decentralized solutions were there before Signal and none of them range close to what Signal pulls nowadays). Signal is the way it is because they acknowledged that decentralized solutions were not actually successful in the long-term.Signal&#39;s founder, Moxie Marlinspike, has operated decentralized solutions before and has stated that he would love to…
       
 (DIR) Post #AcoD2YjUnybZVMrBFQ by cherti@chaos.social
       2023-12-14T17:41:32Z
       
       0 likes, 0 repeats
       
       @Bernard … be proven wrong in his assessment that decentralized solutions will not cut it, but he has come to the realization that this is the case.And so far, it seems he still remains correct in his assessment.Also, decentralized solutions spill a lot more metadata. The matrix people have a slide deck in which they explicitly acknowledge that Matrix leaks metadata (specifically due to the decentral.), for example, while Signal is carefully designed not to do that/to minimize metadata leakage
       
 (DIR) Post #AcoD2ZZFhY0O5t4Vv6 by Bernard@friends.ravergram.club
       2023-12-14T18:44:16Z
       
       0 likes, 0 repeats
       
       @cherti Yes there is a tradeoff. Keeping all messages on a single server cluster reduces external metadata exposure but makes the server a more valuable target. Spreading it to thousands of servers reduces targeting value. The amount and type of metadata exposed when passing between servers depends on the protocol. Simplex and Session do a good job of addressing this, but yes some metadata always exists.
       
 (DIR) Post #AcoEXRE4rgN19dRuKG by cherti@chaos.social
       2023-12-14T19:01:02Z
       
       0 likes, 0 repeats
       
       @Bernard But that&#39;s what Signal&#39;s design is for, just don&#39;t have any avoidable metadata on the server in the first place, so there is nothing to get there.Session in particular is a good example, because they actually dropped perfect forward secrecy, allowing an intermediary to collect encrypted messages and just obtain the decryption key after the fact, something that is not possible in Signal.Session&#39;s architecture choices apparently forced them to actually reduce cryptographic protections.
       
 (DIR) Post #AcoGgjYMIIuwVeUnGi by cherti@chaos.social
       2023-12-14T19:19:28Z
       
       0 likes, 0 repeats
       
       @Bernard so there is absolutely a tradeoff, but generally, Signal&#39;s design is a result of having a lot of prior experience with these tradeoffs and things like Session having to weaken their security protocols in many ways seems to indicate that Signal is not entirely off in their design, on the contrary actually.
       
 (DIR) Post #AcoGgnmgYykpdFEI9g by Bernard@friends.ravergram.club
       2023-12-14T19:25:05Z
       
       0 likes, 0 repeats
       
       @cherti My intent is not to debate all the tradeoffs. You can choose to trust that Signal will not run out of funding and not be compelled by an ever more authoritarian government to insert malicious lines in the closed source part of their code. My suggestion is not to put all your eggs in one basket. Have alternative comms channels ready and in use. It won&#39;t hurt Signal if we do so and should help them by reducing processing load and reduce incentives to an adversary.
       
 (DIR) Post #AcoHLV6QvQfnZ6sBiS by cherti@chaos.social
       2023-12-14T19:32:29Z
       
       0 likes, 0 repeats
       
       @Bernard That is of course always true. Funnily enough, Signal being phone-number based includes a fallback contact method automatically, by basing your social graph in your phone contacts instead of using a service-specific identifier as many other services do.Signal will also get service-specific identifiers soon given popular demand, because of course giving out your phone number is nothing you wanna do in every circumstance, but this is definitely an advantage of phone numbers.