WingNews logo WingNews
top | item 33029827

(no title)

throwawayKiwi9 | 3 years ago

You mean, allowed to decrypt unless following the discussed mitigations? I suspect you don't regularly use the client, which is fine, but these warnings and notifications are very annoying and essentially impossible to ignore. You are highly incentivised to resolve them. Obviously, I agree the exploit is bad. I just think the millions of users would appreciate practical discussion of the very practical mitigations instead of all the unnecessary doomsaying happening surrounding this.

discuss

order

tptacek|3 years ago

The paper goes into detail on the errors and how they compare to the normal experience of using Element, but I think that discussion kind of dignifies the situation, doesn't it? We're talking about a warning that essentially says "an unauthorized person is now decrypting your messages". This isn't a reasonable thing to "warn" people about it; in a secure messenger, your job is to prevent it from happening at all.

It's weird that we're even discussing this. In Matrix, group membership is key distribution, and it's controlled by the server! That's not OK!