I find myself these days hesitant to even consider any private messengers if... - The Unofficial Signal Messenger Community - kbin.social

gerowen, 5 months ago

I find myself these days hesitant to even consider any private messengers if they don't have the option to verify which devices/keys have access to your messages. #Signal, #XMPP / OMEMO, #Matrix, hell even Facebook Messenger's E2EE chats let you verify which devices can read your messages. If you're encrypting your users' messages, but they can't verify whether a rogue device has access to their messages, then why even bother encrypting them?

#Encryption #Security #Cybersecurity #Privacy

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

+ vascorsd, nono2357

Image

Image alternative text

jabberati, 5 months ago

@gerowen If your contact has verified your OMEMO keys and a rogue key is added, messages are not encrypted to this key.

I wonder how other apps let you "verify" which other devices were added. In an ongoing MitM attack the server simply wouldn't tell you about the rogue keys. Maybe it's just security theater?

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

Federation

Status:

Instances:

/m/Signal

Microblog (467)

Thread

gerowen

@gerowen@mastodon.social

Added: 5 months ago
Online: -
Boosts: 2

Magazine

The Unofficial Signal Messenger Community

@Signal@kbin.social

This community is dedicated to all things Signal Messenger, the open-source secure and private messaging app developed by the non-profit Signal Foundation.

Donate and support Signal
Donate and support Kbin

Rules

🏷️ INFO

What is Signal? Mashable
Official Website: Signal.org
Signal Donations: Signal.org
Signal on Twitter
kbin Donations: Buy Me a Coffee

🏷️ RELATED COMMUNITIES

🏷️ RULES

In addition to kbin.social's standard terms, this magazine adopts the following specific rules:

Be respectful: Treat all community members with respect and courtesy. Avoid personal attacks, discrimination, or offensive language. Healthy and constructive discussions are encouraged.
Stay on-topic: Keep your discussions focused on Signal Messenger-related topics. Avoid unrelated or spammy content that doesn't contribute to the topic.
No solicitation or self-promotion: Do not use the community to advertise products, services, or personal websites. This includes promotional links, affiliate marketing, or any form of solicitation.
Protect privacy: Do not share personal or sensitive information of yourself or others. Respect the privacy of other community members and refrain from posting private messages or conversations without consent.
No illegal content: Do not engage in or promote any illegal activities or share content that violates copyright laws, intellectual property rights, or any other legal regulations.
Be mindful of language: Use appropriate language and refrain from excessive use of profanity or offensive language that may offend or alienate other community members.
Report violations: If you come across any content or behavior that violates the forum rules, promptly report it. Do not engage in public arguments or attempts to enforce the rules yourself.
Follow instructions from moderators: Respect the instructions and decisions made by the community moderators/administrators. Their role is to ensure a positive and productive forum environment for all members.
Report bugs on GitHub, and request features on the Signal Community forum.
No NSFW content please & thank you.

Created: 11 months ago
Owner: LollerCorleone
Subscribers: 523
Online: -

Tags

#signal #signalmessenger #privacy #signalapp

Moderators

Active people

Support Us