Mastodawn

When I said that your discord clone doesn’t need e2ee, I got a lot of comments along the lines of “ then how would I use it to organize the revolution!” The answer is: you don’t. If you have more users than can comfortably share a Signal chat and hence want to use discord or something like it, you cannot POSSIBLY be vetting all of them to a high standard of trust. Your logs ARE leaking. End-to-end encryption between more people than can fit around a dinner table is pointless.

This article confirms what I already assumed, that “open source [information sense, not code sense] intelligence gathering on social media” includes, for the US government, asking for links to join groups that may *feel* private. My own discord has literally like a thousand idlers. It would be very *lucky* if none of them were logging for potentially nefarious purposes! And I remind the active users of this occasionally.

https://www.kenklippenstein.com/p/exclusive-ice-masks-up-in-more-ways

Exclusive: ICE Masks Up in More Ways Than One

Feds could be in your group chat

Ken Klippenstein

Ratsnake Games 🔞Feb 13

@0xabad1dea i also don't think that organizing revolutions is the majority usecase for Discord

abadidea Feb 13

@ratsnakegames no but this is mastodon so no-one’s sure what other social activities exist

LOL!

@0xabad1dea @ratsnakegames

derptron Feb 13

@0xabad1dea @ratsnakegames I don't understand. Are you saying mastodon users are particularly unaware of the existence of Tor, rheticulum, meshtastic, briar, secure scuttlebutt, signal, jitsi, ...

Reading, fishing, mountain biking, horseshoing, needlework, 3d printing, manafesto writing, martial arts, yoga, karayoki....

Than the people who frequent other places like X or whatnot?

Interesting take if so :p

Marcial 🇨🇷🇻🇪Feb 13

@crazyeddie @0xabad1dea Generally, yeah, a little bit.

The Fediverse is still by-and-large a place where people REALLY into privacy, F/LOSS, and digital sovereignty come together; I remember a post from someone who tried to get into Lemmy as a Reddit replacement, and lamented the fact that every thread would consistently end up talking about Linux or politics. This is a platform where many don’t realize that their opinions and interests are highly rare IRL.

derptron Feb 13

@moshimotsu @0xabad1dea So someone shows up and is annoyed that people are talking about unfamiliar topics that go outside of their little box and so they bitch about it and you side with THEM???

While I don't know...I rather appreciate the fact that my really rare hobbies are actually shared by others here and I get to talk about them without people telling me they're stupid and boring and why don't I talk about real wives or what some douchebag streamer said.

Marcial 🇨🇷🇻🇪Feb 13

@crazyeddie @0xabad1dea I don’t see any sides to take; it IS great that there’s a space for people with more niche hobbies to be find each other (I’d be hard pressed to find as many F/LOSS advocates on corporate social media!) But the topic HERE is of people trying to consider what it would take to make a F/LOSS alt to a corporate product—ideologues like ourselves will be less apt to figure out what that is for the layperson, since we AREN’T the layperson.

Marcial 🇨🇷🇻🇪Feb 13

@crazyeddie I also don’t know that denigrating someone else’s interests does any good in mainstreaming the spaces we consider the ethical alternatives to corporate social media… that’s the kind of elitism that keeps people away, leaving them to the platforms that fund genocides and steal data. Because the alternatives aren’t fun to be on.

It also exemplifies what I mean about not being the layperson, since the interests of Discord’s user base aren’t interests WE share.

derptron Feb 13

@moshimotsu @0xabad1dea So the corporate folk keep telling me. I'm rather regretting that I ever paid any mind to that bullshit at all. I would have done a MUCH better job of this shit.

Whatever though. If they're right I don't give a shit anymore.

@crazyeddie @moshimotsu @0xabad1dea FYI you are being exactly the problem that is being described to you here. it isn't unfamiliar to them, they just don't want to talk about that. it's very normal for people to join communities that don't think the same way as everyone else does, if you think that they're wrong for that then that's gatekeeping

derptron Feb 14

@eblu @moshimotsu @0xabad1dea You can fuck right off with that. Thanks.

Alexa Fontanilla Feb 13

@crazyeddie
#PostOfTheWeek (season 3):
Homeland security is increasing the use of undercover techniques to infiltrate and interact with social media users in order to collect intelligence and target individuals, documents leaked to me reveal.

The new program, called “masked engagement,” allows homeland security officers to assume false identities and interact with users—friending them, joining closed groups, and gaining access to otherwise private postings, photographs, friend lists and more.

Alexa Fontanilla Feb 13

@crazyeddie
A senior Department of Homeland Security official tells me that over 6,500 field agents and intelligence operatives can use the new tool, a significant increase explicitly linked to more intense monitoring of American citizens.

For years, homeland security has been conducting what it calls “Open Source Intelligence” (OSINT) collection, using social media to enhance general "operational awareness” and for investigating targets in a criminal, civil, or administrative context.

Bredroll Feb 13

@AlexaFontanilla2024 @crazyeddie OSINT isn't a new idea, but to get anything really juicy, someone has to "think" they are talking privately. sneaking into private chat groups is not new thing, The SignalGate idiocy just reminded everyone how bad it can be.

Much more worrying to me is the prolific harvesting of devices fingerprints via things dressed up as helpful stuff like 'find my iphone' the fact you can track your lost headphones 500 miles away if someone with an apple device walks nearby!

derptron Feb 13

@Bredroll @AlexaFontanilla2024 That's a very interesting and scary rabbit hole to hop into if you have not already. There are services you can sign up for that let you track pretty much anything any other user with a scanner has picked up and shared. Actually can be tracked by the little thingies in your tires because pretty much everything emits a MAC on some wireless protocol or other.

derptron Feb 13

@AlexaFontanilla2024 What a trip!

This is like on the front page of mastodon and you think I haven't seen it?

I guess I have a different view of mastodon or something. People I see post all sorts of stuff about these protocols and have all sorts of activities they do outside computers. They're very well informed.

I guess not everyone gets the same view of it. I didn't realize they were so THAT different though. I feel like I'm in a sea of people MORE intelligent and informed than me.

vOv

Bredroll Feb 13

@crazyeddie @0xabad1dea @ratsnakegames what is this karry-ya-okey you speak of?

Kevin Granade Feb 13

@crazyeddie @0xabad1dea @ratsnakegames not that they're unaware of it, but that they're claiming that general-purpose chat tools (and recently this is directed at "discord killers") MUST support e2ee as a bare minimum, which is just not necessary and gives a false sense of security for a group chat without membership vetting, which is one of the other "must have" features.

I've seen the same insistence in several places.

Kevin Granade Feb 13

@crazyeddie @0xabad1dea @ratsnakegames what people think this is giving them is "my messages aren't stored in plaintext anywhere that can have access to it trivially granted", but if you don't have strong access controls in the first place, someone can just join and bam they have access granted?
And if you have strong access controls you're not actually talking about a discord killer or general purpose chat framework because the join overhead is much, much higher.

@crazyeddie @0xabad1dea @ratsnakegames r u real

@ratsnakegames @0xabad1dea to be fair, e2ee is also useful for selling drugs

Ratsnake Games 🔞Feb 13

@me if i were to sell drugs, i wouldn't do it in a group chat

SpaceFlounder Feb 14

@me @ratsnakegames Dm sent

a worm among doves Feb 13

@me @ratsnakegames @0xabad1dea seems like the OP point about feds would apply equally to that too

Space Hobo Feb 13

@ratsnakegames @0xabad1dea I absolutely remember someone complaining that he had to actively tell his DSA/union folks to get off their Slack servers because scabs and managers were filling out the idlers. So they moved to Discord because no one would think to check there: it's full of 15yos playing CounterWarp XVI: Panty Explosion or whatever.

Bredroll Feb 13

@spacehobo @ratsnakegames @0xabad1dea i think that one is on Steam Sale right now

Bredroll Feb 13

@ratsnakegames @0xabad1dea that doesn't mean people wont try or wont succeed https://www.wired.com/story/nepal-discord-gen-z-protests-vote-prime-minister-election/

the key to effective organisation of an underground is to compartmentalise, and you can still communicate secretly in a public system if you do it right

The Inside Story of How Gen Z Toppled Nepal’s Leader and Chose a New One on Discord

The revolution started on social media. It ended with protests, violence, and an online poll to pick the new prime minister.

WIRED

Ratsnake Games 🔞Feb 13

@Bredroll are you training for the Missing the Point Olympics? If so: you've got this!

Owlor 🦋Feb 13

@0xabad1dea I wonder about the government agent whose job it is to pretend to be a puppygirl in order to infiltrate a discord group where people mainly argue about the best way to take HRT.

abadidea Feb 13

@Owlor I imagine there’s a recurring issue with them going native 😂

@0xabad1dea to be honest, i disagree, not because it's safe to fedpost in a chat of hundreds of users, but because it makes e2ee itself less suspicious, and more noisy to infiltrate

yes, a fed can lurk in a large member count e2ee chat, but that still involves the effort to join, and possibly even talk sometimes when spoken to. and they'll absolutely not be in every chat.

as opposed to "hey discord let us run grep across your message database"

like, we're at the point for the web where every website[maintained] is encrypted, even if it would be fine for most to be plaintext. (and we got to that point by making TLS pretty much free)

e2ee is only really considered optional/a misfeature in some cases because it's not free, but it should be.

abadidea Feb 13

@5225225 sorry, I can't hear you. maybe we should both just delete all our keys and generate new ones? just click through whatever warning it shows you, this happens all the time

@0xabad1dea :sigh:

my point is it should be reliable enough to be mandatory and seamless.

are we there yet? no

should it be a goal, as opposed to saying "well, in 15 years we should still leak all our messages to whatever server hosts them"? yes

you don't click through invalid cert warnings when logging into your bank because TLS works, and e2ee should get to that point

is it okay for a discord "competitor" now to not bother with mandatory e2ee because they wouldn't be able to make it seamless?

honestly, sure. i don't care. the problems people have with discord aren't the lack of e2ee, so something else also lacking e2ee isn't making that problem worse.

but "e2ee is a misfeature" is because of bugs which can be fixed, and design decisions that can be weakened to favor usability over security in some cases, not e2ee being inherently bad.

@5225225 @0xabad1dea matrix tried (and still tries) to make e2ee group chats work but either the problem is significantly harder than people imagine, their developers are incompetent, or both. because it is still a pain with hundreds of people, and a disaster with thousands. SSL/TLS works so well because the clients don’t generally need to auth themselves from the server point of view

SIN001E/R-SINE | ΘΔ🦈 | 🏳‍⚧Feb 13

@0xabad1dea @uint8_t @5225225 i looked into this when i was considering making a discord clone a while back

the problem with e2ee is mainly that it doesn't scale to the point a Discordlike needs

there is no proper multi-party asynchronous key exchange mechanism that exists, so all clients must have the keys of all other clients and individually encrypt each message to everyone

that's not a problem with a single-channel Signal group, but the volume of messages is magnitudes higher even in a small Discord; with e2ee what would be one message in client-server encryption becomes as many messages as there are users

and it gets even worse when media is involved, let alone something like group video calls

SIN001E/R-SINE | ΘΔ🦈 | 🏳‍⚧Feb 13

@0xabad1dea @uint8_t @5225225 and to add to that, i doubt an async multi-party async key exchange algo is coming anytime soon either, hell i'm not convinced it's even possible

i suspect the problems with matrix as opposed to signal(signal group chats do work, subject to their scaling factors) is a fair few factors

wasn't designed as an encrypted tool by default, so features aren't gated on "how does this work in an encrypted room?"
linear, consistent history. you will always see every message(assuming the signal servers aren't fucking with you) in a consistent order, there's no disagreement over message ordering, or discovering messages that are backdated.
there is one client implementation and one server implementation. there's no room for "oops a third party client/server made a bug that broke e2ee" since that doesn't exist.

Erin 💽✨Feb 13

@uint8_t @5225225 @0xabad1dea also with a decentralised service you get to choose who operates the server in the middle. with a centralised service you don’t have a choice here.

@uint8_t @5225225 @0xabad1dea When part of your major paying userbase is glowies, is it that surprising some of the glow rubs off onto the devs?

I just want to point out that so many of our issues with social media could be at least partially addressed using web of trust techniques.

That includes avoiding trolls on social media, but also giving a hand to help scale e2ee security.

No, it's not a panacea, but it could help, and it enters the discussion far too little, IMO.
@0xabad1dea

abadidea Feb 13

@volkris ... social media already is the world's largest and most-used web of trust though?? we just call it the follow graph

I personally don't see how getting more cryptography involved would help anything except making it sound more like a 90s cyberpunk novel. In all seriousness, what exactly are you envisioning here?

@5225225 @0xabad1dea > should it be a goal, as opposed to saying "well, in 15 years we should still leak all our messages to whatever server hosts them"? yes

More than that, we should strive to make things truly serverless in the sense of "everything is peer-to-peer and distributed, no server-centric design".

Server-centric design inherently bundles in power dynamics that can be readily weaponized or abused.

seliaste Feb 13

@0xabad1dea @5225225 that's such a terrible reply.

abadidea Feb 13

@seliaste ma’am it’s a lot more efficient to block me yourself than to ask me to block you for you

seliaste Feb 13

@0xabad1dea I'm mostly saying this for the others reading this exchange and showing support to the one who was sharing an interesting counterargument, which you completely brushed aside and then proceeded to make an unrelated joke that's not even a thing in signal. I really didn't expect to see that kind of behaviour around here.

abadidea Feb 14

@seliaste I’m genuinely baffled to the point I have to assume this is a language barrier thing. unrelated joke? it was a rhetorical point about the one piece of software that does in fact do the exact thing I am saying not to do, because this is literally what happens

seliaste Feb 14

@0xabad1dea I completely understand the meaning of the words I used.
You made a complaint about one specific instance of a protocol that used to have this kind of problem (which it does not anymore) to someone who was answering on a completely different topic of "why we should have e2ee" and not "there is good, seamless e2ee in matrix".

@0xabad1dea @5225225 Just because Matrix is a shitshow doesn't make the point wrong.

Consider how there are no such issues for the communications between two I2P or Veilid endpoints.

@5225225 @0xabad1dea
"and they'll absolutely not be in every chat." They absolutely will be in ANY chat that has more than a fistful of participants. They are now silicon based.

George B Feb 13

@5225225 @0xabad1dea

From what I've seen, org based chats (discord, slack, Zulip, etc where you join a server/organization/community that has channels in it that you can join and leave at will) are a lot more complicated to get E2EE working right on than group based ones (like signal where you just join a group) and solve a different problem.

Getting to "E2EE is normal' can be easily done with just the groups. I'm already in 7 signal groups that are just for talking about parenting toddlers.

@0xabad1dea I want to make an E2E Discord clone because it sounds like a cool technical project. I know it would be trash.

Patrick Morris Miller Feb 13

@0xabad1dea "Three can keep a secret if two are dead" and all that.

@0xabad1dea Yeah, but, you know, what's the point of making anything and not overengineering it?

@lynne @0xabad1dea It only needs "overengineering" because the clearnet is inherently not something that should be directly used by any program and so an inordinate amount of effort is required work around that. It is a routing layer and should not be used as anything else.

It is deeply flawed both in replicating power structures consciously in its design and in failing to achieve a basic standard of privacy & security that is baseline in key-addressed overlay networks (anonymizing or not).

End-to-end encrypted chat in I2P is literally as simple as opening netcat pointed at a particular listening peer's netcat in listening mode, if you really want to strip it down to the absolute most basic.

A two liner in shell (a single line per host). There you go. e2ee chat. How's that for overengineering?

:blobancap: :blobcattrans: :blobancap: :blobcattrans: :blobancap: :blobcattrans: (@[email protected])

@lispi314 Well let me put it this way, can you read the decision to build a "computing utility" as anything but political? General Electric alongside Bell Labs and MIT had a vested interest in tra...

Haelwenn /элвэн/

@0xabad1dea Reminds me that I sometimes wonder who created this idea that we should encrypt everything, because as more and more time passes it more feels like a way to make people feel safer than they are, and weaken protocols.

If not entirely make things actually unsafe for people if it ends up with verifiable signatures which can't end up plausibly deniable (one reason why I have rotation on my dkim keys).

derptron Feb 13

@lanodan @0xabad1dea Because the idea that you can solidify insecure protocols by eliminating the steps you use to secure them externally turns out to be lunacy that doesn't even begin to work.

These keys you make for these purposes can be generated on the fly on your computer without any involvement by others. There's no reason to post things to the same handle in a validated manner if you can just invent new handles on the fly. No more trying "anonymous-douch-317" and finding that taken.

@lanodan @0xabad1dea Everything should be using key-addressed overlay networks.

(Or just key-addressed networks, if GNUnet reaches completion at some point and is implemented in hardware, I suppose.)

The notion that addressing a peer doesn't *inherently* mean the communication is encrypted is the problem.

At that point, the notion "if I'm sending the message to a public room it's not private" and "if I'm sending a message to a specific person it's private" is very simple to grasp for users.

Misuse Case Feb 17

@lanodan @0xabad1dea >> because as more and more time passes it more feels like a way to make people feel safer than they are, and weaken protocols.

I don’t know about that, but it’s at the point where you can slap “E2EE” on something for branding purposes and people don’t think about other factors in secure software/services at all. Or what E2EE really means, for that matter.

I don’t blame them though. Most people are not cybersecurity nerds, nor can they be.

verified_transgender

@0xabad1dea I do think there's a point to E2EE that isn't about trying to thwart nation state adversaries. honestly you should probably not talk about your illegal actions on Signal either.

verified_transgender

@0xabad1dea but yeah anything that for all practical purposes is basically open to the public anyway doesn't need encryption. I just don't know that that contains all likely use cases.
though I do see the risk of encryption giving folks a false sense of security.

example: we're in a signal group with several hundred local folks where people share about events, ask recommendations for doctors and the like. at that point the encryption is basically pointless. this is just the chat app everyone happens to have.