| ▲ | palata 9 hours ago |
| First, Chat Control refers to a proposition in the EU, which has not been accepted at this point. So no, it's not Chat Control. > People believe private chats to be, well, private. You have to choose an app that seems private enough. Signal is one of the few, because it can be audited easily. > as if the problem isn’t the censorship, but my failure to follow the rules. The problem I see is that you disagree with how Meta handles Messenger, but still use it. Chat Control or not, there is no law preventing Meta from reading your messages for moderation. > I guess we still have Signal. For now. Yes, and that's a good thing. |
|
| ▲ | pancsta 9 hours ago | parent | next [-] |
| Everyone should be selfhosting a matrix server, with a guest web inbox. Then, some ppl may connect into networks if they want. Lets not forget that Signal is also a for-profit company. IMs should be like DNS, email, or IRC. |
| |
| ▲ | palata 8 hours ago | parent | next [-] | | > Lets not forget that Signal is also a for-profit company. Source? Last time I checked it was a non-profit. But that's not the point. The point is that the Signal app is open source, so you can check what it does. Matrix is inferior to Signal. | |
| ▲ | sputr 8 hours ago | parent | prev [-] | | Didn't we go through this before with PGP-encrypted emails? 90+% of users are not technically competent enough to even understand, in the vaguest of terms, what you are saying. Even fewer have the time, ability and resources to do so. | | |
| ▲ | Bender 7 hours ago | parent [-] | | Long ago this was an issue. Now with Thunderbird people can trivially PGP encrypt the body of their emails. With IRC this is done with OTR e.g. irssi-otr. I've manage to get lawyers and family members to use PGP so it can't be that hard. | | |
| ▲ | sputr 6 hours ago | parent [-] | | Ask a teenager what a folder is. There's a good chance they'll not know what you are talking about. They can use apps and that's about it. Thunderbird? Good luck with that. | | |
| ▲ | Bender 6 hours ago | parent [-] | | I hear you. It's about incentives. Any time a teenager can learn a method to get around content restrictions will will become a tool in their toolbox. They might reach for the Discord tool by default but when that is compromised such as recent events and governments start looking into all the DM's and voice-to-text transcripts they may reach for that old tool to prove they can not be censored or monitored. I would not expect teenagers to use it otherwise. |
|
|
|
|
|
| ▲ | sputr 8 hours ago | parent | prev [-] |
| > First, Chat Control refers to a proposition in the EU, which has not been accepted at this point. So no, it's not Chat Control. The EU proposition of Chat Control is the proposition to make it mandatory. Facebook has already been performing it voluntarily (as I've discovered today). > The problem I see is that you disagree with how Meta handles Messenger, but still use it. Chat Control or not, there is no law preventing Meta from reading your messages for moderation. Meta isn't just some random company who's decisions don't have wide and far reaching societal effects. Moderation of private 1v1 chats only make sense in case of harassment - i.e. when one side complains. In all other cases, except with a courts decree based on legitimate suspicion of wrongdoing, it's absurd. > Yes, and that's a good thing. For now. |
| |
| ▲ | true_religion 26 minutes ago | parent | next [-] | | I don't know about social media companies, but all web forums will 'moderate' 1v1 chats because of spam controls. | |
| ▲ | palata 7 hours ago | parent | prev [-] | | > Meta isn't just some random company who's decisions don't have wide and far reaching societal effects. So what? There is no law saying that messages should always be e2ee, period. If you want such a law, you need to convince politicians to think about it. But that is orthogonal to Chat Control. | | |
| ▲ | Bender 7 hours ago | parent [-] | | It is technically impossible for a large platform to implement E2EE without having a way to target one person to bypass it. True E2EE will always have to be a program external to the chat platform that handles keys out of band like OTR. Legally it will never truly happen. Any platform saying they have E2EE is outright lying. Lavabit was an example of what happens when a large platform makes lawful intercept impossible. People keep telling me that Proton and Signal are E2EE and I will always offer them a tropical island for sale on the dark side of the moon, heavily discounted. Moxie of all people should know better. | | |
| ▲ | palata 5 hours ago | parent [-] | | > It is technically impossible for a large platform to implement E2EE without having a way to target one person to bypass it. You'd have to explain what you mean here. If you mean that it's impossible to have encryption that is resistant to someone putting a gun on your face and asking for the password, then... well duh. | | |
| ▲ | Bender 5 hours ago | parent [-] | | If someone or something else is managing keys for you, even the javascript in your client, then it can be altered by the server just for you. It's really just that simple. If you are creating and managing key trusts outside of the application then they can not tamper with them or add their own keys. | | |
| ▲ | palata 4 hours ago | parent [-] | | I still don't understand what you are saying. You claim that Signal is not E2EE. Please explain. Signal is an open source mobile app that I can audit and compile myself. How is it "obviously not E2EE"? | | |
| ▲ | Bender 4 hours ago | parent [-] | | Open source chat and open source AI just mean that the code you are looking at does not have an obvious back door. That has no bearing on run-time use and monkey-patching. As for Signal not being E2EE I already explained. I don't play the contrarian game so you will have to do your own research. | | |
| ▲ | palata 3 hours ago | parent [-] | | > As for Signal not being E2EE I already explained. Either you have not, or it was wrong. It's not clear because there were a bunch of mixed up things (JavaScript has nothing to do with Signal, so I assume you were talking about the Proton web pages, and I would agree there). > I don't play the contrarian game so you will have to do your own research. That's not how it works: you say Signal is not E2EE, you prove it. I am convinced that it is, so from my point of view, you don't understand how it works. The only way I can help you understand is if you explain what you believe is wrong there. Google won't tell me that. |
|
|
|
|
|
|
|
