Mastodawn

@pake_preacher : I forgot the details of PAKE and SRP, but in the end the most secure client authentication requires:

1️⃣ Strong, long term, human comprehensible, *serving endpoint* authentication;
*AND*
2️⃣ TLS channel binding (enforcing known endpoints).

(Apart from those, both serving endpoint AND client MUST be trustworthy).

🚨 The -corrupt- CA/B forum breaks 1️⃣ by:
a) Advocating anonymous Domain Validated certificates, which render secure account creation IMPOSSIBLE;
b) Continuously decreasing certificate lifetime.

🚨 Furthermore, "legitimate" MitM's * break 2️⃣.

* Man in the Middle, like on-device virusscanners and firewalls that "open" TLS tunnels (both requiring installation of a dedicated root certificate) and proxies such as (definitely not limited to) Cloudflare and Fastly.

😱 Passkeys enforce NEITHER 1️⃣ NOR 2️⃣.

😱😱 Worse, because passkeys (or FIDO2 hardware keys) can be easily irretrievably "lost", servers typically provide WAY EASIER phishable authentication methods (such as "rescue codes").

@cendyne @soatok @chazh

#AitM #MitM #SecureOnlineAuthIsHARD #SecureAuthentication #OnlineAuthentication #Authentication #Impersonation #ChannelBinding #TLSchannelBinding #UTM #TLS #TLSinterception #TLSscanning #Proxy #Proxies #GoogleIsEvil #CloudflareIsEvil

Neustradamus :xmpp: :linux:Feb 2, 2025

#Conversations 2.17.9 has been released (#Jabber / #XMPP / #Android / #OMEMO / #ChannelBinding / #TLSChannelBinding / #ChannelBindingforTLS) https://conversations.im/

Conversations - Jabber/XMPP client for Android

An open source instant messaging client. Easy to use, reliable, battery friendly. With built-in support for e2e encryption, group chats and media transfer.

Neustradamus :xmpp: :linux:Jan 13, 2025

#Conversations 2.17.8 has been released (#Jabber / #XMPP / #Android / #OMEMO / #ChannelBinding / #TLSChannelBinding / #ChannelBindingforTLS) https://conversations.im/

Conversations - Jabber/XMPP client for Android

An open source instant messaging client. Easy to use, reliable, battery friendly. With built-in support for e2e encryption, group chats and media transfer.

Neustradamus :xmpp: :linux:Dec 11, 2024

#Conversations 2.17.5 has been released (#Jabber / #XMPP / #Android / #OMEMO / #SCRAM / #SCRAMSHA / #SCRAMSHA1 / #SCRAMSHA1PLUS / #SCRAMSHA256 / #SCRAMSHA256PLUS / #SCRAMSHA512 / #SCRAMSHA512PLUS / #ChannelBinding / #TLSChannelBinding / #ChannelBindingforTLS) https://conversations.im/

Conversations - Jabber/XMPP client for Android

An open source instant messaging client. Easy to use, reliable, battery friendly. With built-in support for e2e encryption, group chats and media transfer.

Neustradamus :xmpp: :linux:Oct 25, 2024

#Conversations 2.17.2 has been released (#Jabber / #XMPP / #Android / #OMEMO / #SCRAM / #SCRAMSHA / #SCRAMSHA1 / #SCRAMSHA1PLUS / #SCRAMSHA256 / #SCRAMSHA256PLUS / #SCRAMSHA512 / #SCRAMSHA512PLUS / #ChannelBinding / #TLSChannelBinding / #ChannelBindingforTLS) https://conversations.im/

Conversations - Jabber/XMPP client for Android

An open source instant messaging client. Easy to use, reliable, battery friendly. With built-in support for e2e encryption, group chats and media transfer.

Neustradamus :xmpp: :linux:Oct 11, 2024

#Conversations 2.17.0 has been released (#Jabber / #XMPP / #Android / #OMEMO / #SCRAM / #SCRAMSHA / #SCRAMSHA1 / #SCRAMSHA1PLUS / #SCRAMSHA256 / #SCRAMSHA256PLUS / #SCRAMSHA512 / #SCRAMSHA512PLUS / #ChannelBinding / #TLSChannelBinding / #ChannelBindingforTLS) https://conversations.im/

Conversations - Jabber/XMPP client for Android

An open source instant messaging client. Easy to use, reliable, battery friendly. With built-in support for e2e encryption, group chats and media transfer.

Neustradamus :xmpp: :linux:Jun 1, 2024

#Cheogram 2.15.3-1 has been released (#Sopranica / #Conversations / #Jabber / #XMPP / #Android / #OMEMO / #SCRAM / #SCRAMSHA / #SCRAMSHA1 / #SCRAMSHA1PLUS / #SCRAMSHA256 / #SCRAMSHA256PLUS / #SCRAMSHA512 / #SCRAMSHA512PLUS / #ChannelBinding / #TLSChannelBinding / #ChannelBindingforTLS) https://cheogram.com/

Cheogram: Extensible Messaging and Presence for the Telephone Network

Neustradamus :xmpp: :linux:Jun 1, 2024

#Conversations 2.16.2 has been released (#Jabber / #XMPP / #Android / #OMEMO / #SCRAM / #SCRAMSHA / #SCRAMSHA1 / #SCRAMSHA1PLUS / #SCRAMSHA256 / #SCRAMSHA256PLUS / #SCRAMSHA512 / #SCRAMSHA512PLUS / #ChannelBinding / #TLSChannelBinding / #ChannelBindingforTLS) https://conversations.im/

Conversations - Jabber/XMPP client for Android

An open source instant messaging client. Easy to use, reliable, battery friendly. With built-in support for e2e encryption, group chats and media transfer.

Daniel Gultsch Nov 13, 2023

I'm going to be at the Berlin XMPP Meetup on Wednesday, December 13th to talk about the attack on Jabber.ru and possible counter measures.
#XMPP #MITM #channelbinding

Neustradamus :xmpp: :linux:Nov 1, 2023

#MonoclesChat 1.7.6.7 has been released (#Monocles / #Conversations / #Jabber / #XMPP / #Android / #OMEMO / #SCRAM / #SCRAMSHA / #SCRAMSHA1 / #SCRAMSHA1PLUS / #SCRAMSHA256 / #SCRAMSHA256PLUS / #SCRAMSHA512 / #SCRAMSHA512PLUS / #ChannelBinding / #TLSChannelBinding / #ChannelBindingforTLS) https://monocles.de/

Conversations - Jabber/XMPP client for Android

Conversations - Jabber/XMPP client for Android

Conversations - Jabber/XMPP client for Android

Conversations - Jabber/XMPP client for Android

Conversations - Jabber/XMPP client for Android

Cheogram: Extensible Messaging and Presence for the Telephone Network

Conversations - Jabber/XMPP client for Android

monocles search