(no title)
myu701 | 5 years ago
I am extremely proud of what work is being done online today to secure communications.
While we have companies telemetrying our native stacks[1], web browsers[2], and messaging platforms[3], we also have people working on software that doesn't do those things and still tries to empower the user to get what they need done without being a double agent for a 3rd party.
1 (windows 10, chrome OS, GMS android)
2 (cookies, pixels, fingerprinting, CDNs, chrome itself)
3 (whatsapp, FB messenger, telegram)
From OS[4] to browser[5] to messaging platform[6].
4 (debian, qubes)
5 (...maybe not? konqueror probably doesn't do telemetry?)
6 (irc probably, matrix, delta chat)
Matrix is IMHO in competition for mindshare not (directly) with WhatsApp, but with Signal.
Matrix | Signal
Increasingly decentralizable | Centralized
E2EE but not quite for metadata | E2EE and metadata-free mostly except recently requiring PINs and server-side storage
Federated with its costs (slower development etc) | Nonfederated with its costs (outages etc)
Temptingly close to P2P or CS | only CS
No voice comms | Voice and video comms
No built-in social graph | social graph via phone (being worked on?)
OSS in practice | OSS in law but hard to contribute to
josh2600|5 years ago
Signal is attempting to design the system such that Signal can never know whose contacts are in your phone as a service provider. They deal with side-channel leakage of lookups from the contact DB into the enclave using a technique called linear scan which is a constant-time bitwise XOR operation on every contact. This is the most brute force version of a class of techniques known as oblivious RAM (ORAM) which are increasingly being used to manage data loads into secure enclaves.
Obvious caveat: if SGX gets broken then these contact lookups are vulnerable to side-channel analysis until the enclave is patched. I think this is a strictly better security property than not having the enclave, but it's far from perfect (no security model is perfect FWIW).
In short, Signal is doing everything they can to avoid having access to your social graph. If you still don't think what Signal is doing is enough, you can run your own signal (or matrix) server, but then you are running a very, very valuable server from a graph analysis perspective. At present, I believe the only way to make the metadata in these services less interesting is to put it inside of an enclave in the hopes that will reduce the value of attempting to attack the servers which manage the graphs for these comms networks.
Source: I work on MobileCoin which uses similar techniques for managing a side-channel resistant ledger.
Arathorn|5 years ago
...which is precisely why we’re working on P2P matrix. No servers; nowhere for metadata to accumulate (other than the clients, of course).
schoolornot|5 years ago
lub|5 years ago
3rd party identifiers like phone numbers and email addresses can be registered and discovered via centralized service. At least for phone numbers it's not really possible decentralized.
Arathorn|5 years ago
sergeykish|5 years ago
I like this idea so much that I've found and opted-in https://wiki.archlinux.org/index.php/Pkgstats
majewsky|5 years ago
On my work notebook, I get "your organization has blocked access to this page."
/me freaks out
anonbanker|5 years ago
incorrect. I use voice/video over matrix every day.