| ▲ | Bender 6 hours ago |
| Never rely on a platform used by the masses to perform E2EE. It is far too easy to strip away E2EE for targeted users without their knowledge as they maintain the server and client code. This advise is to protect from corporations gobbling up and ultimately leaking sensitive data. Spooks can target the device itself via debug access for nation state level threats. Consider instead using a code word or phrase to move sensitive conversations to something self hosted such as jabber using OMEMO XEP-0384 and XEP-0373 OpenPGP for XMPP and SASL SCRAM. OMEMO is an implementation of the Signal protocol on top of the XMPP protocol. e.g. "_Expletive_! I stubbed my toe!" other-person: "lol geezer watch where you are walking." conversation quietly and temporarily moves to the pre-shared self-hosted Jabber server. Temporarily because going dark can draw attention. Feed the big chat platform boring garbage and misdirection. |
|
| ▲ | impossiblefork 5 hours ago | parent | next [-] |
| People catch the spooks and their exploits all the time though. It is possible to defend against them. Maybe not on your phone though. |
| |
| ▲ | Bender 5 hours ago | parent [-] | | Agreed. I just mentioned that for the spooks who don't like I am suggesting moving sensitive conversations elsewhere using basic opsec. I assume the farm recruits on HN are probably just as concerned about AI taking their jobs. Surely someone has bought AI a coffee unprompted by now, maybe even flirted with the AI. | | |
| ▲ | impossiblefork 5 hours ago | parent [-] | | I don't quite understand your comment. I also disagree with some implications of the final bit of your first comment: encryption is obviously basic privacy, but the interesting bit is who you're talking to. So having a signal for switching mediums is something that I feel indicates thinking in the wrong direction. | | |
| ▲ | Bender 5 hours ago | parent [-] | | So having a signal for switching mediums is something that I feel indicates thinking in the wrong direction. It's not for everyone. I grew up with code phrases. My mom knew that if I said "I love you" to send in the cavalry. We had similar processes in the military. If I answered the phone a particular way they knew the remote site was under siege. | | |
| ▲ | impossiblefork 5 hours ago | parent [-] | | That's an okay use, but in that use you're not attempting to achieving privacy. Everyone knows you talk to your parents, but code phrases are not a way to get privacy. | | |
| ▲ | Bender 4 hours ago | parent [-] | | It's not for privacy in the way you may be thinking. This was long before cell phones or the internet existed and the conversation would have been over the rotary phone and it is assumed someone is in the house with me that should not be. Goal being police have authorization to kick down the door and assist the person or people that are nutritionally deficient in lead. |
|
|
|
|
|
|
| ▲ | Zak 5 hours ago | parent | prev [-] |
| Unless you're actually a spy, there's no reason to do this. Just use your secure solution all the time with those conversation partners who are willing to use it. |
| |
| ▲ | Bender 5 hours ago | parent [-] | | Unless you're actually a spy, there's no reason to do this. Just use your secure solution all the time with those conversation partners who are willing to use it. Fundamentally I agree with you but people will stay on the platforms where their friends are. To change that the platform would have to do something really bad such as forcing age checks and even then I think many will just put up with it to stay connected to their friends. |
|
