Remix.run Logo
klabb3 21 hours ago

> Forward secrecy and metadata privacy are table stakes in any modern secure messaging design

I think this is counter-productive, limiting the adoption of meaningful security improvements. The engineering and UX implications of PFS and full metadata encryption (in particular social graphs) are severe. Not even signal has that, and they are above and beyond for a mass consumer product.

From the physical world, it’s like saying that having addresses on the letter is the same as the government opening and scanning the contents of every letter. Of course I don’t like the indiscriminate metadata collection, but there are worse things.

If you’re a spook or dissident, by all means, take extra precautions. You’re gonna need to anyway, in many more disruptive ways than your messaging app. Personally I just want to share shitposts with friends and speak freely without second guessing if I’m gonna be profiled by a data broker, or someone is gonna scan and store the pictures I send forever. Keep in mind that the status quo (Gmail, DM on social media) is incredibly bad.

tptacek 20 hours ago | parent | next [-]

No. Unless your messenger is at pains to make sure people don't use it in life-or-death situations (for instance: because they're being targeted by ICE, or the law enforcement and security apparatus of their country), the exact opposite thing is true.

These kinds of message board discussions invariably pose a dilemma: "send messages in plaintext using normal email, or use whatever secure messaging tool is available regardless of its strength". That's false. People always have a third option: not sending the message electronically. Most of us here have messages they wouldn't send even with their most trusted messaging tools; people who are at serious risk from message interception have much more dangerous messages than that.

Recommending that at-risk people use weak secure messaging as a "better than nothing" step towards real secure messaging isn't just bad advice. It's malpractice.

klabb3 5 hours ago | parent [-]

This conversation is important, and weighing these aspects against each other is critical in order to form better opinions. We clearly both agree there are subtle and counter-intuitive effects at play. I don't think there's anything wrong with debating them, and I'm happy to be convinced otherwise.

> Unless your messenger is at pains to make sure people don't use it in life-or-death situations [...] the exact opposite thing is true

Right, this is the false-sense-of-security effect. It exists and it's real. But there are more aspects that weigh in.

> People always have a third option: not sending the message electronically.

I challenge this assumption. In reality the effect is not about what they can do if they listen to the advice of Bruce Schneier, but what they will do. Navel-gazing on security and throwing your hands up if people don't act "the way they should" is what's really irresponsible, imo. I.e. if your contacts are not physically close, they won't (or even can't) schedule a flight to send a message. They'll generally use what's socially convenient, even if they're discussing something like abortion in an oppressive state. If you're lucky non-techies will say "Hey, maybe we should try that app Signal, I heard it's more secure". That's as good of a win as it gets.

The counter-example would be going around saying Signal is worthless because they collect phone numbers, they don't enforce public key validation, and they don't use onion routing to protect your social graph. I don't think we disagree about how ridiculous that would be, even if we disagree on which aspects are most important.

Basically, if set the weight of all security properties to ∞, you will get something that's so wildly inconvenient that nobody would use it. Even PGP that's relatively easy to use was at its peak about as popular as starting a yak farm.

tptacek 37 minutes ago | parent [-]

Advising people to use messaging systems that you know to be faulty because they optimize in some other non-personal-safety area like "federation" or "open standards" or "compatibility with email" means that you are putting your own aesthetic preferences above other people's safety. It's simply malpractice.

bastawhiz 20 hours ago | parent | prev | next [-]

Metadata security isn't table stakes? I guess just pray your app's UX isn't good enough that the US Secretary of Defense decides to use it.

woodruffw 20 hours ago | parent | prev | next [-]

I don’t understand how asking for things that are bog-standard is somehow counter-productive. I think the really counter-productive thing here is flogging the dead horse of encrypted email; ordinary people deserve better than that.

> Not even signal has that, and they are above and beyond for a mass consumer product

What parts of this do you think are missing from Signal? Signal has had PFS for as long as it’s been called Signal, and has famously minuscule metadata on users.

jjav 11 hours ago | parent | next [-]

> famously minuscule metadata

Famously minuscule? They demand a phone number, which blows up any possible anonymity story.

klabb3 8 hours ago | parent | prev [-]

> What parts of this do you think are missing from Signal?

The social graph isn’t e2ee in any app that works because the server needs to route the message. And the social graph is metadata.

maqp 18 hours ago | parent | prev [-]

>Personally I just want to share shitposts with friends and speak freely without second guessing if I’m gonna be profiled by a data broker

You are welcome to live your privileged life with your privileged friends using any software you feel is good enough. Just don't assume everyone can afford that luxury.

https://pressgazette.co.uk/news/rsf-moves-downgrades-global-... is a decent index to assess in what kind of country you're living in.