evacide

And now for some good news: Discord rolls out end-to-end encryption of audio and video.

https://discord.com/blog/meet-dave-e2ee-for-audio-video

Meet DAVE: Discord’s New End-to-End Encryption for Audio & Video

We’re rolling out end-to-end encryption for voice and video calls! We’d like to share why we’re bringing E2EE A/V to Discord, share our design and implementation goals, and provide a high-level technical overview of how it works.

Sep 17, 2024 at 6:03pmWeb
Show threadJJ Sep 17, 2024
@evacide messaging layer security!! cool to see it used
Show threadAsil Igarl🍉Sep 17, 2024
@evacide Unless it has a proper implementation like Signal, Discord is still dead to me after their insane intrusiveness. They have killed any trust into themselves as a platform. The partnership with the Trail of Bits also raises further suspicion.
Show threadMaxi 12x 💉Sep 17, 2024
@evacide But how can you be sure it’s actually E2E?
Show threadPauliSep 17, 2024
@frumble @evacide de- and encryption, happens on the device/in the browser using web apis, so you can just look at traffic arriving at and leaving the browser.
Show threadMaxi 12x 💉Sep 17, 2024
@u1l @evacide But on mobile devices? And how can you discern between E2EE and regular transport encryption?
Show threadCMDR Yojimbosan 🅅⁂Sep 17, 2024

@frumble @evacide They're publishing tech reviews :-

"In the past few months, we collaborated closely with Trail of Bits, a renowned independent cybersecurity firm, to conduct a thorough review of both the design and implementation of DAVE in our code base. With DAVE’s launch, Trail of Bits is publishing their findings from both the design review and implementation review."

You have to decide whether to trust the reviewer of course, and to trust that what was reviewed is what you're using today.

Show threadHaelwenn /элвэн/ Sep 17, 2024
@evacide With Discord banning third-party clients it's complete snake oil though.
Show thread Tired Bunny  Sep 17, 2024
@lanodan @evacide
Apart from the fact that you have barely any reason to spy on peoples voice chat when you have plain text messages that are easier to put through data alghorithms, yeah.

At least they claim to have open the source code, so hopefully better software could use it 
Show thread🌸 lumi-nhac    🌱Sep 18, 2024
@untsuki @lanodan @evacide yeah, e2ee on dms is way more important than this. not having that just means they're a big database of people's private chats, which, ew

but as long as they're proprietary software and centralized, the entire system is compromised and can't be trusted anyways, even with e2ee...
Show thread[Yaseenist] CauseOfBSODSep 17, 2024
@evacide finally, e2ee cslip+minimodem dialup
Show threadtyzbitSep 17, 2024
@evacide discord committed the cardinal sin of rolling your own encryption
Show threadBaumSep 17, 2024
@evacide At this pace it will only take til like 2033 until they announce their never-seen-before feature, E2E encrypted text messages...
Show threadBogDrakonovSep 17, 2024
@evacide well this is something I was not expecting.
Show threadirelephantSep 17, 2024
@evacide wait, i thought they did that a few years ago?
Show threadshadowwwindSep 17, 2024
@irelephant @evacide I think the development was spotted some time ago, but it seems to have released now
Show threadGatekeeper..Sep 17, 2024
@evacide
Very cool..
Show threadMegatronicThronBanksSep 17, 2024
@evacide Pity it's discord lol