| ▲ | throwaway82113 6 hours ago |
| Lack of retention can actually be a feature in these types of situations. It should be opt-in. The government would actually need to infiltrate the network in order to read the conversations, instead of just retrieving the messages from the cache on a confiscated phone |
|
| ▲ | wongarsu 6 hours ago | parent | next [-] |
| I'd consider end-to-end encryption to also be table-stakes, at least opportunistically after the first message in each direction. With encryption cached messages are far less harmful (though still leaking very useful metadata), without encryption it seems almost trivial to spy on any communications |
| |
| ▲ | eloisius 4 hours ago | parent [-] | | E2E encryption probably isn’t enough to protect activists trying to organize. Without doing onion routing where you pre-compute some nodes it in the network that it MUST transit prior to delivery and having them decrypt it until it arrives to the recipient (like Tor) you still leak who’s talking to who. | | |
| ▲ | thesuitonym 2 hours ago | parent [-] | | Neither E2EE or Tor are enough to protect someone being targeted by state level actors. They're helpful, but if you're a high enough value target, they only slow down your adversary. If you're relying on algorithms on your computer to protect you, you should be prepared to meet the hacking wrench. [1] [1] https://xkcd.com/538/ |
|
|
|
| ▲ | trueno 5 hours ago | parent | prev | next [-] |
| > instead of just retrieving the messages from the cache on a confiscated phone why wouldn't encryption be a part of recipe here rendering government acquisition of such a cache moot? |
| |
| ▲ | upofadown 4 hours ago | parent | next [-] | | If the user can get immediate access to older messages then normally those messages will be available on a confiscated phone. That's why things like Signal have you set a retention period. A retention period of zero (message is gone when it scrolls off the screen) is safest. If you want to protect older messages you can have the user enter a passphrase when they are in a physically safe situation. But that is only really practical for media like email. Good for organizing the protest but perhaps not so great at the protest. | |
| ▲ | engineer_22 5 hours ago | parent | prev [-] | | From white paper: >At its core, BitChat leverages the Noise Protocol Framework (specifically, the XX pattern) to establish mutually authenticated, end-to-end encrypted sessions between peers. | | |
| ▲ | ethin 2 hours ago | parent [-] | | I actually wrote a Noise implementation and someone wanted to make a Bitchat implementation with it, but my impl only supports BLAKE2B (and I got the impression this person really didn't know what they wanted to do in the first place). It's kinda sad more haven't moved to BLAKE2B (or BLAKE3, which I almost never hear anyone talking about). |
|
|
|
| ▲ | n4r9 6 hours ago | parent | prev [-] |
| > The government would actually need to infiltrate the network in order to read the conversations If I understand correctly, this would still be true if the recipient is connected. |
