@Natanox @freundTech @delroth yeah, we're against it. it's such a strange way to implement things... it probably felt natural because they treated the encryption as a bolt-on feature that happens in addition to the cleartext protocol, not instead of it, but there are very good security and architecture reasons not to do that.
@ireneista @Natanox@chaos.social @freundTech@chaos.social @delroth Are there any credible ways to prevent this in a general-purpose protocol like Matrix? Because I always see people bringing up Signal's sealed sender in response but as far as I can tell it does nothing of the sort.
@joepie91 @Natanox @freundTech @delroth the fix is that privacy and security need to be things that are considered from the earliest steps of product development, in the initial requirements, not towards the end of the process.
@ireneista @Natanox@chaos.social @freundTech@chaos.social @delroth Okay, but say that they do. How do you address metadata around who talks to whom, on a technical level?
Because from what I've seen, there just seem to be no known ways to do this, that don't involve severe usability tradeoffs that would make something unusable as a general-purpose messenger.
@joepie91 @Natanox @freundTech @delroth you really need an onion routing protocol to fully have public trust, and it needs to go further than current ones do on preventing timing attacks by global passive adversaries
@joepie91 @Natanox @freundTech @delroth unfortunately that's, like, hard :/
@joepie91 @Natanox @freundTech @delroth but like, sorry to be blunt, but we understand people's reasons for wanting cleartext messaging but in a world where the world's largest democracies are taking substantial steps towards criminalizing queer existence, cleartext is obsolete and dangerous
@ireneista @Natanox@chaos.social @freundTech@chaos.social Sure, you'll find no disagreement from me here.
But my question is a technical one, not a "devil's advocate" one - I *do* build communication systems, and I have been fruitlessly searching for answers to this question for a very long time now.
And a perfectly secure system is all well and good, but if nobody actually can be convinced to *use* it because it's too inconvenient, it might as well not exist.
@joepie91 @Natanox @freundTech yeah honestly, Meredith said something in an interview once that almost felt like criticism of our personal approach: it's all well and good to say we should do this as a research project, but having an organization that has actual recurring funding sources lets you move way faster. we do respect that.