Fediverse @lemmy.world minnix @lemux.minnix.dev 6 mo. ago

Encrypted DMs Are Coming to ActivityPub

wedistribute.org Encrypted DMs Are Coming to ActivityPub

A recent proposal and grant funding might finally make secure, encrypted private messaging viable for the entire network.

Fediverse @midwest.social PenguinCoder @beehaw.org 6 mo. ago

wedistribute.org /2024/05/encrypted-dms-activitypub/

41 comments

There aren't serious technical obstacles but it may be a poor idea if it turns into a hive of abuse. I got into a discussion about implementing forum software a while back and I said I wanted it to have encrypted DM's, and several operators jumped in and said it would probably attract more trouble than it was worth. People wanting direct private comms can always use encrypted email. On Reddit whenever I wanted to discuss anything the least bit private, I generally asked to exchange email addresses with the person or similar, and went from there in some cases to a self hosted encrypted chat.

Anyway this feature should be weighed somewhat carefully. Are you going to do the thing with warrant canaries? Any attempt at all to conceal metadata? Etc.
- Yeah i am not a fan of services trying to cover all needs that people might ask for. This is a public forum system, if you start adding things like this to it, the protocol will become bloated real fast.
  
  Also idk how they want to implement this, but proper multi client e2ee is complicated as fuck. Are they going to store keys in the browser? How will it work with non official clients? How do keys get transferred between clients?
  
  This is a hugely time intensive project and if you fuck it up, people will be more mad than if you just didnt do it.
  
  It's less a technical problem than one of attracting bad actors, then law enforcement chasing the bad actors, warrants, subpoenas, seizures, that whole bit. Think of running a Tor exit oode. If that's what you want to do and you go into it wth your eyes open, then fine, but sleepwalking into it seems like something to avoid.
- On Lemmy you can't exchange email addresses though... else you'd be exposing the addresses publicly and that's also rife for spam
  
  Of course you can PM your email address to someone. It's not encrypted but it's not exactly public in the sense that spammers can see it.
- So the worry is that people will be abusive in private messages and mods will have no chance to moderate that talk?
  
  Yes basically. And also use the pm system for literal crime, bringing heat on the admins.
finally. cant wait to receive dozens of P U S S Y I N B I O messages
- Gotta love protected sex
Make it so users can opt out and not be sent messages at all. I have a feeling spam thats harder to moderate is coming.
- If it's with asymmetric encryption, wouldn't it be possible for the report button to generate a key based on their private key which can only be used to decrypt the given message?
  
  Sounds like you know more about encryption than I do, I would hope they can do that but I still think a full off switch for users would be wise though.
  
  Or just send them the message in plain text, since you're showing it to somebody else anyway.
  
  But I think the issue is there's no way for your instance to stop you getting the spam as they've no idea what it is until you unlock it.
  
  I guess the best they could do is block messages from a certain user/instance but since you can generate as many accounts as you want, it's hard to tell how effective that could be.
- Yeah, it would be nice to not end up like Reddit, where every day brought a new crypto scam my way.
That seems good.
Here's to hopping lemmy implements it cause frankly the using matrix idea isn't to my liking . Reasons : I don't wanna connect another id to an internet forum where any troll can get it, Its easier and better and would solve a major security issue lemmy has, i think matrix is a hot mess for now .
Finally I can accept pictures of all my e friends dinguses
I think they should use matrix
- Agreed. There's no need to reinvent the wheel.
  
  Anti Commercial-AI license
Hallelujah
The real question is whether Evan & Tom will take sup's way of working into account when researching this, or go in a completely different direction.
I really hope this would end up as just security extension, to additionally encrypt something because we can. And not another reinventing of the chat network.
"Encrypted DMs"

isn't that just a longer way of saying "PM"?
- PMs today aren't really private as in E2EE. They're private as in only you, the receiver and the "trust me bro" company can see them. In special data breach cases, the attacker as well.
Keeping messages is a recipe for backdoors. There's a reason signal does not store DMs long term.
please just offer good matrix integration and be done with it

You've viewed 41 comments.