abadideaFeb 13

When I said that your discord clone doesn’t need e2ee, I got a lot of comments along the lines of “ then how would I use it to organize the revolution!” The answer is: you don’t. If you have more users than can comfortably share a Signal chat and hence want to use discord or something like it, you cannot POSSIBLY be vetting all of them to a high standard of trust. Your logs ARE leaking. End-to-end encryption between more people than can fit around a dinner table is pointless.

This article confirms what I already assumed, that “open source [information sense, not code sense] intelligence gathering on social media” includes, for the US government, asking for links to join groups that may *feel* private. My own discord has literally like a thousand idlers. It would be very *lucky* if none of them were logging for potentially nefarious purposes! And I remind the active users of this occasionally.

https://www.kenklippenstein.com/p/exclusive-ice-masks-up-in-more-ways

Exclusive: ICE Masks Up in More Ways Than One

Feds could be in your group chat

Ken Klippenstein
Show threadRatsnake Games 🔞Feb 13
@0xabad1dea i also don't think that organizing revolutions is the majority usecase for Discord
Show threadabadideaFeb 13
@ratsnakegames no but this is mastodon so no-one’s sure what other social activities exist
Show threadderptronFeb 13

@0xabad1dea @ratsnakegames I don't understand. Are you saying mastodon users are particularly unaware of the existence of Tor, rheticulum, meshtastic, briar, secure scuttlebutt, signal, jitsi, ...

Reading, fishing, mountain biking, horseshoing, needlework, 3d printing, manafesto writing, martial arts, yoga, karayoki....

Than the people who frequent other places like X or whatnot?

Interesting take if so :p

Show threadKevin GranadeFeb 13

@crazyeddie @0xabad1dea @ratsnakegames not that they're unaware of it, but that they're claiming that general-purpose chat tools (and recently this is directed at "discord killers") MUST support e2ee as a bare minimum, which is just not necessary and gives a false sense of security for a group chat without membership vetting, which is one of the other "must have" features.

I've seen the same insistence in several places.

Show threadKevin Granade
@crazyeddie @0xabad1dea @ratsnakegames what people think this is giving them is "my messages aren't stored in plaintext anywhere that can have access to it trivially granted", but if you don't have strong access controls in the first place, someone can just join and bam they have access granted?
And if you have strong access controls you're not actually talking about a discord killer or general purpose chat framework because the join overhead is much, much higher.
Feb 13 at 8:48pmWeb