@velartrill if signal isn't a complete honeypot run by spooks, it at least is "tolerated" because said spooks might be very well able to just do timing attacks etc. at the borders of their network.
remember that there were cryptographic curves weakened "by accident". that's the level of sophistication one has to think about.
why signal is tolerated, but tor isn't and node operators are constantly harassed. maybe one of them works and the other doesn't.
@TheFuzzStone@fosstodon.org
@velartrill @TheFuzzStone@fosstodon.org @bonifartius at this point I use signal because I dragged my friends there and they'll throw a fit if i try to drag them somewhere else
(tbh I'm not even sure what credible alternatives there are, telegram seems even worse)
at least the CIA/FBI is a smaller set than everyone that zuckerberg sells whatsapp data to
@velartrill @TheFuzzStone@fosstodon.org @bonifartius
thanks for the recommends, will check them out
as i say, for day to day comms, at least signal isn't known to indiscriminately sell data to corporate as a revenue stream
@velartrill just my 2 cents, i don't want a heated discussion: matrix is open source and you can host your own element and turn off integrations support. or just use a different client like fluffychat. or just build your own. server side dendrite seems to be running quite well.
there is quite valid criticism of some parts of the matrix ecosystem, but the protocol is just git on speed in the end. libolm is reviewed crypto, having well designed multi device group chat crypto is really a killer feature.
@TheFuzzStone@fosstodon.org @skells
@Xalef .. thats why the messages are stored encrypted with forward security if the room has crypto enabled.
the git part was more of an analogy, i found the distributed synced graph idea to be a quite nice change from the "stream distribution" of xmpp/irc.
@TheFuzzStone@fosstodon.org @skells @velartrill
@Xalef
public encrypted rooms aren't scaling as you would have giant cyphertext messages if you have really many people in a room.
in the default setting, encrypted rooms are invite only. messages are forwarded to the servers involved, not "everybody". additionally it's kind of braindead to use crypto without invites, you get the same security as irc with tls.
it really isn't hard to understand, but somehow people like to scream devil.
if you don't like it, don't use it. i don't force anyone.
@TheFuzzStone@fosstodon.org @skells @velartrill
@bonifartius the goal of the distributed synced graph is to syphon as much data as possible to the main server
https://www.hackea.org/notas/matrix.html
@velartrill
iirc it was the "integrations" stuff of element and not "matrix". it is is kind of obvious that if you load stuff from another server it will be loaded from another server. i think this behavior was noted somewhere, because i disabled integrations for my element nee riot installation back then.
it also might have been the 3rd party id stuff, where it is also kind of obvious that you need a centralized registry if you want to map things like phone numbers or mail addresses to usernames. again, nobody is forced to use that and it was noted in the manuals.
it's just interesting that everyone repeats what that one "revealing" blog post by someone said. "leaked metadata" which every admin knew about because it's clearly noted in the manuals, and "OMG THEY WORKED FOR AN ISREALI COMPANY", as if this would still mean anything in this world. could as well been a US company. or german. everything is shady.
if i stopped using anything by anyone who worked with anyone shady, i could stop using computers. if i want to still use computers i can only try to rely on open source and selfhosting (and reading the manuals of the software i use).
i used the "alternatives". i tried hard with xmpp, but it was just shit for 10 years. file transfers never worked. e2ee never worked. it's a burning wreck of XEPs. if i got nobody to talk with on a protocol, it's worthless, that's what happened to xmpp for me.
like i've said, i don't force anyone to use matrix, and i'll mute this thread now. i'm really not in the mood for this discussion (as i wrote a few posts back).
@TheFuzzStone@fosstodon.org @skells
@bonifartius @velartrill @TheFuzzStone@fosstodon.org infosec hellthreads are custom af
Data sent on a potential regular basis based on a common web/desktop+smartphone usage even with a self-hosted client and Homeserver: The Matrix ID of users, usually including their username. Email addresses, phone numbers of the user and their contacts. Associations of Email, phone numbers with Matrix IDs. Usage patterns of the user. IP address of the user, which can give more or less precise geographical location information. The user’s devices and system information. The other servers that users talks to. Room IDs, potentially identifying the Direct chat ones and the other user/server. With default settings, they allow unrestricted, non-obfuscated public access to the following potentially personal data/info: Matrix IDs mapped to Email addresses/phone numbers added to a user’s settings. Every file, image, video, audio that is uploaded to the Homeserver. Profile name and avatar of users. https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0
no one (well, maybe ideologically committed antisemites, but i doubt that describes the author of the essay i think you're talking about, who talks like an sjw) is saying that Amdocs is bad because it's israeli, people are saying it's untrustworthy because it is connected with the notorious israeli intelligence service, which is affiliated with numerous local spyware corporations. it would be just as concerning if Amdocs had ties to CIA, GCHQ, BND, or the Saudi royal family. i agree unreservedly that xmpp is shit, but that's a poor reason to send your data to mossad. > i'm really not in the mood for this discussion (as i wrote a few posts back). 🤷 then i'm not sure why you said anything in the first place. mischaracterizing peoples' arguments (not to mention calling them "retarded" without offering any justification) and then expecting nobody to disagree with you is kind of unreasonable, and it's uncharacteristic of you. i understand having strong reactions to certain subjects that are personal sore points, but at that point it may be better for your own sake to just keyword-mute them. nobody is attacking you for any decisions you have made in terms of what software to use, obviously understanding the tradeoffs better than anyone else will in your particular use cases; those of us who criticize matrix's security flaws and sketchy behavior are trying to warn other people away from making choices that may unknowingly cause them substantial personal harm, or at the very least making sure they have more information available for their own decision-making processes than simply the "matrix is totally secure you guys" propaganda from the corporation and its boosters.@velartrill
i think this is most of the stuff you referred to with some commentary from Matthew Hodgson:
https://matrix.org/~matthew/Response_to_-_Notes_on_privacy_and_data_collection_of_Matrix.pdf
seems pretty.. unspectacular. surely some fuckups, but i'd really assume that spooks would be a bit more subtle. if anything, their heavy usage of webshit is really something worthy of critique.
> then i'm not sure why you said anything in the first place. mischaracterizing peoples' arguments (not to mention calling them "retarded" without offering any justification) and then expecting nobody to disagree with you is kind of unreasonable, and it's uncharacteristic of you. i understand having strong reactions to certain subjects that are personal sore points, but at that point it may be better for your own sake to just keyword-mute them. nobody is attacking you for any decisions you have made in terms of what software to use, obviously understanding the tradeoffs better than anyone else will in your particular use cases; those of us who criticize matrix's security flaws and sketchy behavior are trying to warn other people away from making choices that may unknowingly cause them substantial personal harm, or at the very least making sure they have more information available for their own decision-making processes than simply the "matrix is totally secure you guys" propaganda from the corporation and its boosters.
i called the blog post i have seen some time ago "retarded", because it was full of technical misunderstandings/wrong simplifications. if anyone thought i called him directly a retard, it wasn't my intention.
the point with the reported issues is: if one wants to declare something absolutely b0rken, it's a requirement that said person _understands_ the technology. the stuff above is more or less a critique of the default configuration. if it would be voiced like this, it'd be _perfectly_ fine by me (remember that i have disabled integrations stuff from the config manually). the devs of matrix have chosen the "out of the box" approach, which isn't optimal. another point is that i've seen no sketchy behavior, i follow the matrix development for a few years now. if there was an issue it got communicated timely and quite well, imho. i know other messenging projects who are much more shitty with this stuff.
i can follow the line of thought that said default configuration of things isn't good if you say something is "totally secure" (whatever that might be ;). i also require people who set up servers to use their brain and review the configuration for anything with unintended effects. that's just due diligence if you want to setup something secure.
i'm a bit tired of the "matrix is spyware" meme where the same points get iterated over and over again when the alternatives (with roughly the same set of functionality) are centralized and closed source. concerning the (old, if one can believe wikipedia) amdocs connection, i've already argued it's hard to use any computer where no shady company was involved (intel management engine etc.).
i at least haven't seen suspicious activity on my server.
@TheFuzzStone@fosstodon.org @skells
@velartrill
tl;dr: i just don't like the _way_ (which is kind of panicy) this is discussed, not that it _is_ discussed.
@TheFuzzStone@fosstodon.org @skells
@velartrill I don't understand your criticism of XMPP. You don't need to understand the protocol in order to use it, it's not like you're telnetting into the server
https://takebackourtech.org/xmpp-comeback/
what are you trying to accomplish? what is your threat model? why are your messages sensitive, who are you concerned about spying on them, what are the possible consequences if they are disclosed? what non-security-related features do you need, like file transfer or inline images? (these are rhetorical questions, obviously don't answer them)
there are various decentralized privacy-respecting messenger apps like briar, as well as protocols like IRC (kinda sorta but not really federated) or tox (decentralized, privacy-focused). they all have different properties and use various different technologies -- IRC is ephemeral and can be protected with TLS, but you need to trust the server not to log shit so it's best to run your own. tox and briar have perfect forward secrecy and use modern crypto based on keypairs, but there's no multi-device support, which makes it a pain to use (although you really shouldn't be using cell phones for sensitive comms in the first place). XMPP has various security plugins but the protocol itself is a mess and hard to get working; i don't generally recommend it to anyone. then there's matrix ofc, but i think that's just as suspect as signal, and nobody should be using it for anything sensitive.
anything that uses a single corporate-controlled server or network (zoom, facetime, until recently matrix, disord) should be completely out of the question as far as secure comms is concerned. if you can't easily host your own isolated server, assume it's compromised.
signal is pushed as a "silver bullet" one-size-fits-all solution to privacy and security, and this is just another way you can tell it's bullshit, because there is never any such thing. most people would be better off just using SMS for non-sensitive comms simply because it doesn't put themselves and their friends in extra danger by getting their names on government lists.