• @ree@lemmy.ml
        link
        fedilink
        -42 years ago

        Yhea their double ratchet algo is a complete joke. I wonder why it’s been implemented in WhatsApp, xmpp, matrix , etc.

        • @southerntofu@lemmy.ml
          link
          fedilink
          12 years ago

          Disclaimer: i’m no cryptographer

          I think the crypto in Signal looks fine. The double ratchet isn’t bad, although it has some drawbacks (at least the OMEMO variant) about long-absent participants running out of published ephemeral keys.

          The problem with Signal is the centralized system (which relies on absolute trust in a server’s “trusted computing” module) and the business governance. I’m very critical of m0xie and friends in their political/economic decisions, but they seem to produce good cryptography…

          • @ree@lemmy.ml
            link
            fedilink
            12 years ago

            I was trolling.

            I know the direction of the project and their stance against centralisation is debatable but they produce good and reviewed software and libraries.

            What you do with it is a personal choice.

    • Sandro Linux
      link
      fedilink
      12 years ago

      Matrix does have some metadata problems (not hating on Matrix though)

        • @southerntofu@lemmy.ml
          link
          fedilink
          12 years ago

          In matrix pretty much everything is a public, logged append-only datastore (a room in matrix vocabulary). There is some access-control applied on top but it means that basically any server involved in some room (because their users are part of it) gets a full copy of the full history of the room including all user addresses.

          In contrast, XMPP has a clearer threat model: your server knows about you, the server of a user you’re communicating with knows about you, 3rd party services you employ know about you (eg. chatrooms) but other users of that 3rd party service don’t. Practical example: when i join room anarchism@chat.jabberfr.org from southerntofu@userserver.net address, i’m giving the chatroom server (MUC server) a nickname to identify me with. When other users receive messages in the chatroom from me, they see it from southerntofu from chatroom anarchism@chat.jabberfr.org but have no idea what my actual JID (XMPP address).

          That’s certainly good for reducing chances of having all your messages being logged by a sysadmin somewhere, but it’s even better for abuse-resistance. Having your address leaked in every public interaction is fine for most people but is a no-go for people who have stalkers or are targeted by harassment campaigns. See also this HN thread on XMPP and anti-abuse mechanism.

    • Tryp
      link
      fedilink
      02 years ago

      You can use VoIP with Signal so it’s not much of an issue.

      • @XpeeN@lemmy.ml
        link
        fedilink
        0
        edit-2
        2 years ago

        Do they require a phone number when registering? I remember they do, but I might be wrong. I compared all FOSS WhatsApp alternatives a while ago, and I think that’s one of the reasons I ruled out Signal. Element was the winner btw.

        BTW, even if they don’t, I still think Element is better. Signal doesn’t meet f-droid’s standard while Element does, and ofc Element is federalized while Signal is not (it’s centralized Oo).

        • @southerntofu@lemmy.ml
          link
          fedilink
          02 years ago

          I upvoted because the phone number requirement is the n°1 problem with Signal.

          But to be clear, Signal does meet F-Droid’s policy (albeit with a “centralized service” antifeature flag). The only reason Signal is not distributed on F-Droid is because Signal threatened legal action if it ever was (LibreSignal scandal).

          Also, i appreciate that Matrix (Element is just a client) is a federated protocol. Unfortunately, it consumes a lot of resources server-side (like A LOT of RAM and disk storage), and the default client Element is nearly unusable with high-latency links (eg. over Tor). I personally recommend getting into XMPP… there is no default client because XMPP is an ecosystem not a government-backed startup and some of them really suck (see joinjabber.org for the better clients) but at least the client and server don’t eat all your resources (a “big” XMPP server for hundreds of users uses <500MB RAM, a similar matrix server uses 5-20GB RAM).

          • Tryp
            link
            fedilink
            02 years ago

            XMPP+OMEMO or OTR is a great alternative, lots of people use it in the DNM realm.

            • @southerntofu@lemmy.ml
              link
              fedilink
              02 years ago

              Yup Jabber/XMPP has some interesting properties, although the ecosystem is far from the potential it could achieve with more full-time dedicated efforts (and/or more funding to employ people for that). What’s DNM though?

          • @XpeeN@lemmy.ml
            link
            fedilink
            02 years ago

            TIL. Tnx.

            I thought the reason they doesn’t at F-DROID is that they’re using google firebase (I think session uses that too because it’s a signal fork but I’m not sure).

            • @southerntofu@lemmy.ml
              link
              fedilink
              12 years ago

              Well that’s the reason upstream Signal was not packaged on F-Droid, that it required Google Play Services to run. That’s why Signal was forked into LibreSignal (which didn’t change anything beyond removing this dependency) which could be distributed on F-Droid. [This ticket]https://github.com/LibreSignal/LibreSignal/issues/37) is where the discussion took place. m0xie from Signal team said:

              I’m not OK with LibreSignal using our servers, and I’m not OK with LibreSignal using the name “Signal.” You’re free to use our source code for whatever you would like under the terms of the license, but you’re not entitled to use our name or the service that we run. (…) It is unlikely that we will ever federate with any servers outside of our control again, it makes changes really difficult. (…) I understand that federation and defined protocols that third parties can develop clients for are great and important ideas, but unfortunately they no longer have a place in the modern world

              This discussion ultimately led to an article (and a CCC talk) called The ecosystem is moving, to which Conversations developer Daniel Gultsch replied. There was also a more XMPP-centric reply to the talk. Happy reading.

        • Tryp
          link
          fedilink
          0
          edit-2
          2 years ago

          I didn’t explain myself very well but yes they do require a phone number. What I meant was you can use any VoIP number with Signal and it’s fine, TextNow or any service that lets you retain the number works.

  • @toneverends@lemmy.ml
    link
    fedilink
    62 years ago

    Yet another IM protocol. Walled garden. Fees to be paid to a central company.

    There’s plenty to criticise about signal, but “mesibo” is not the solution.

    Besodes, the signal-dissing in the article seems mostly a FUD exercise.

    • @X_Cli@lemmy.ml
      link
      fedilink
      0
      edit-2
      2 years ago

      Can you elaborate on how this is FUD, please?

      Introducing socialist millionaire verification to ease fingerprint verification does not seem a bad idea.

      Using phone numbers as identifiers is a well-known Signal flaw.

      And while CBC is indeed less robust that GCM regarding certain types of attacks, it is true that “up-to-date” CBC implementation have no known vulnerability. Yet, would you claim that TLS1.3 is FUDing for dropping CBC support as well?

      I am not promoting mesibo, which I never heard about before. I am just trying to understand how this criticism of Signal would be invalid, or FUD.

      • @southerntofu@lemmy.ml
        link
        fedilink
        12 years ago

        Introducing socialist millionaire verification to ease fingerprint verification does not seem a bad idea.

        Oh no it’s a pretty good idea, and unfortunately mosibo isn’t the first project to implement it… in an entirely new protocol that nobody will ever adopt. Implementing SMP in a widely-used protocol (email/PGP, IRC/OTR, XMPP/OMEMO) would benefit a lot more users.

        Using phone numbers as identifiers is a well-known Signal flaw.

        Indeed, but once again we have dozens of protocols providing messaging primitives, whether federated or centralized. Why should we even consider Signal or Mesibo? To be honest, i appreciated Mosibo’s criticism of Signal: it’s fair and strongly deserved. I would add to this that Signal dropped on-disk database encryption which is horrible: users set a passphrase expecting some security… only to find out later that the passphrase is purely cosmetic and the local DB is unencrypted.

        I am just trying to understand how this criticism of Signal would be invalid, or FUD.

        I don’t think it’s either FUD or invalid. It just looks like yet another corporation making yet another protocol for yet the same usecases we already have a dozen protocols for. If mesibo is only about cryptographic research, OMEMO/MegOLM could use a refresher… but unfortunately they’re promoting an entire ecosystem and it’s really not clear what the technical/business model is (i found the code for libmesibo but i don’t see any server implementation on their github).

        I think given the very fragmented ecosystem we already have, the burden is on them to prove that their project is interesting/useful. From my perspective, it looks like some cryptographers wanted to do cool stuff, but need a bullshit business front (like any startup) to operate… like a lot of crypto research, unfortunately…

  • @angarabebesi@lemmy.ml
    link
    fedilink
    32 years ago

    I’m somewhat cautious of Signal. Given what the US government is, I don’t trust any entity based in thr US.

    • @southerntofu@lemmy.ml
      link
      fedilink
      12 years ago

      By this standard you should probably not trust any entity at all because all governments are evil and their secret police are after revolutionary troublemakers. I agree that Signal being centralized is a huge problem, but i personally believe the bigger problem is that it requires a unique identifier (the phone number).

      We all use centralized services sometimes, for example to sign up on a forum. But when we do so over Tor and with a nickname (pseudonym) that’s a reasonable security practice.