Conversation:
Notices
-
Joshua Judson Rosen (rozzin)'s status on Friday, 24-Aug-2018 16:05:02 EDT Joshua Judson Rosen I am... so not understanding #OMEMO. Why do people actually like this? -
(kmicu)'s status on Saturday, 25-Aug-2018 08:05:55 EDT @rozzin maybe because with OTR we need to be online at the same time or in general OMEMO is better suited for mobile-driven world ????
-
keverets (keverets)'s status on Sunday, 26-Aug-2018 00:43:09 EDT keverets @rozzin Not entirely sure what you mean, but I like end-to-end encryption (and forward secrecy) and federated services like jabber, so OMEMO fills a need. Is there something you don't like about it?
Joshua Judson Rosen repeated this. -
Joshua Judson Rosen (rozzin)'s status on Tuesday, 11-Sep-2018 20:25:42 EDT Joshua Judson Rosen @keverets yeah I get that, and I generally agree; my issue is that trying out a client that had OMEMO enabled for a moment meant that I suddenly would never be able to read any of the messages people were sending me on any of the other clients/computers that I actually use. Suddenly I was the guy saying "I cannot read your messages, please stop doing that". -
Joshua Judson Rosen (rozzin)'s status on Tuesday, 11-Sep-2018 20:54:10 EDT Joshua Judson Rosen ... and then, even when I had successfully received and decrypted messages with that client on that device, there's no provision for forwarding those messages to another client/device so that I can ever migrate away from the original one. -
Joshua Judson Rosen (rozzin)'s status on Tuesday, 11-Sep-2018 21:01:45 EDT Joshua Judson Rosen When "my messages are all locked up inside one particular device" was one of the major reasons I gave up on SMS and switched to XMPP in the first place, suddenly having the old SMS problems show up in XMPP hits a sore spot... https://www.hackerposse.com/~rozzin/journal/availability/cutting-the-cord-on-sms.html -
keverets (keverets)'s status on Wednesday, 12-Sep-2018 10:02:08 EDT keverets @rozzin I can understand that. Though I still find many XMPP servers don't support XEP-0280 so the problem persists even for non-encrypted messages. Having a well-configured XMPP server has been an ongoing struggle since I started using https://status.hackerposse.com/url/17780 terms of E2E encryption there's an attack vector I've observed where two d… -
Joshua Judson Rosen (rozzin)'s status on Wednesday, 12-Sep-2018 10:21:27 EDT Joshua Judson Rosen I actually do really want to secure my data in transit; but it's frustrating to the point of deterrence that the tools for secure transit seem to frequently create more problems for data at rest. #Enigmail maintained similar barriers to PGP use for years, for example: http://status.hackerposse.com/conversation/44450#notice-52884 #crypto -
keverets (keverets)'s status on Wednesday, 12-Sep-2018 10:32:31 EDT keverets @rozzin I agree. It seems like a solvable problem but too often it's made into an all-or-nothing approach. It would be good to be able to select the degree of confidentiality: none (red), confidential-in-transit (yellow), confidential-in-transit-and-at-rest (green).
Perhaps even a level beyond with an ephemeral (do not store) though too many options leads to other problems.
Joshua Judson Rosen repeated this. -
Joshua Judson Rosen (rozzin)'s status on Friday, 28-Sep-2018 16:18:06 EDT Joshua Judson Rosen @keverets, I'm comfortable just keeping `how it gets there' and `what you're supposed to do with it after it arrives' separate domains—and actually I'm pretty sure I prefer it at this point; everything I said 5 years ago in that other conversation still stands ☺http://status.hackerposse.com/conversation/44450#notice-52898
-