Privacy

33992 readers

1920 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

What do you think about Session as a potential replacement for Signal? (getsession.org)

submitted 2 days ago* (last edited 2 days ago) by [email protected] to c/[email protected]

55 comments fedilink hide all child comments

Especially for the less tech-savvy among us?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 5 points 2 days ago (1 children)

But it's a difficult concept for the average person to not have an account, but everything is device oriented. Same problem with people not using gpg for email. Having to maintain a thing similar to a private key that's not memorizable like a username and password and back that up in case your device is lost. Is a big hurdle for many. And then additionally having to share a qr code or link through some external means for someone to connect with you rather than just telling them to download an app and enter your username HSS always been difficult.

So, IMHO, Signal has the best implementation possible with the level of usability that many nontechnical people expect in a chat application, even if it's not the most secure. I am interested to see how SimpleX solves these issues in the future, though.

[–] [email protected] 2 points 2 days ago (1 children)

Of course it is, that's the innovating part of it ! My opinion was that I rather use SimpleX if I wanted to switch away from Signal, if not I'll simply use Signal not Session. But my threat model isn't everyone's.

I think as people will be more educated on cryptography in there digital lives we will have better UX to the point of it not be as difficult as sending on e-mail in the late 80s. Innovation like Bitcoin, nostr, U2F, passkeys etc... will be more accessible over time. Today sending a message on Signal is infinity more easy, secure and private than the majority of e-mails of the 21th century.

[–] [email protected] 3 points 19 hours ago

Yeah, I just meant people are used to decades of using meaningful usernames. Having to use a cryptographic key has traditionally made it very difficult to get enough people to adopt to make it worth adopting yourself as a technologically savvy person. I never would have used Facebook in a million years if it wasn't for the fact that it was the only place I could get in touch with many people. Having to build your networks in-person is tedious for many people and sharing the codes securely through other means is cumbersome if you don't have an existing method for sharing.

Just like HTTPS needs several layers to make it work and still relies on an untrustworthy and corruptible thing like DNS to verify the destination and it's keys are the thing you're expecting to connect to. There's no secure way to share the route to your device electronically in a user-accountless system with no secure, trusted middleman translating names to addresses unless you do it in-person.