It says, that only my "friends" can know my IP. But it's still insecure. Tox makes it better, IP addresses aren't exposed, users are identified by their public keys only.
I think you might be misunderstanding. Tox is p2p end-to-end encrypted, you still expose your ip when you connect to the p2p network. This is inevitable but nobody will know you message:
This project uses the retroshare protocol. It's also p2p by the only nodes you can connect to are from a "white list". So you expose your ip only to people you know.
With ChatControl looming, I am glad this exists, and I hope we will continue to have a diversity of choices in private encrypted messaging applications.
TFA is pretty cool and the technology is exciting. Nevertheless...
Tech people always think that everything can be solved with better technology. See, we made a protocol for uncensorable communication, now privacy is restored and the evil government plan is thwarted.
No, if e2e becomes illegal, noncompliant apps outlawed and taken out of appstores, if by using this people will risks a fine or prison time or even just police checking you're not actually a pedophile who needs to hide something - regular people won't use it. A small fraction of privacy nerds may do, but that's not significant on a social level. This won't solve recent world privacy problems.
Well, even these government's won't stand up to the US military and intelligence, so at least tor won't be outlawed, so we'll have more browser - based comms.
And buy what instead exactly? We live in a world (or are shortly to be in one) where government and other primary services like banking and digital IDs require not only a smart phone, but one running a “sanctioned” platform where the OS and hardware state have to be attested by a “trusted” provider (Google, Apple, Samsung, etc). Your rooted, Graphene phone need not apply.
I’ve talked to their devs/met them in person and trust them, most of their stack is public/all the primitives they use are available and well documented (see https://github.com/holepunchto and https://docs.pears.com/), I’ve used that stack and verified it does what is advertised, and I believe they’re planning a full open source release of the parts that aren’t already public.
>Without it, abuses are made and evil people take control.
Which will also happen with a zero control, zero responsibility platform.
A given chat will get horrifically toxic, there will be no way of moderation, so users will be forced to create a new chat which will in turn get horrifically toxic and so on and so forth.
I'm not familiar with retroshare but from a quick research it seems you only receive content from people you're connected with and their connections. So it should be pretty straightforward to remove toxic connections
And I can imagine it's possible like with ad block plus et al to have local blocklists in your client.
Its not like we have this situation elswhere (mail, web) so...
Zero responsibility? You are always responsible for the things you say, both morally and legally, both here and elsewhere. Even in public spaces like town squares or hn comment sections. (hn sux, lmao.)
If a chat gets toxic by your standards, just leave. No one forces you to stay in a chat where you don't want to be. On the other hand, governments do censor and scan your private messages. Good cryptography and trustable software mitigates that partially but not entirely. Privacy and autonomy are fundamental human rights. Seemingly, the only way to enforce them is by exercising your rights and holding your government accountable.
I'd rather be abused by a toxic community I can willingly leave than be abused by a toxic government who can take my voice away, imprison me or worse. They can do that to anyone at any time. Laws like SLAs are worth the paper they're written on. And so software that prioritizes censorship-free speech is a tradeoff to be made and cannot be personally made -- it has to be made as a group. (Software like anything else can still be outlawed!)
The recent events with governments eroding privacy, consumer rights and other rights is a good reason to be wary and a good reason to get active and start exercising those rights.
Re: moderation. I don't know about the moderation tools of Xeres, but it seems trivial to be able to boot people from the chat.
I agree that moderation tools are important :) one of signal's failings is the lack of moderation tooling. You can have small scale group moderation without having government scale surveillance.
It says, that only my "friends" can know my IP. But it's still insecure. Tox makes it better, IP addresses aren't exposed, users are identified by their public keys only.
I think you might be misunderstanding. Tox is p2p end-to-end encrypted, you still expose your ip when you connect to the p2p network. This is inevitable but nobody will know you message:
https://tox.chat/faq.html#tox-leak-ip
This project uses the retroshare protocol. It's also p2p by the only nodes you can connect to are from a "white list". So you expose your ip only to people you know.
With ChatControl looming, I am glad this exists, and I hope we will continue to have a diversity of choices in private encrypted messaging applications.
TFA is pretty cool and the technology is exciting. Nevertheless...
Tech people always think that everything can be solved with better technology. See, we made a protocol for uncensorable communication, now privacy is restored and the evil government plan is thwarted.
No, if e2e becomes illegal, noncompliant apps outlawed and taken out of appstores, if by using this people will risks a fine or prison time or even just police checking you're not actually a pedophile who needs to hide something - regular people won't use it. A small fraction of privacy nerds may do, but that's not significant on a social level. This won't solve recent world privacy problems.
Well, even these government's won't stand up to the US military and intelligence, so at least tor won't be outlawed, so we'll have more browser - based comms.
Or mesh networks :)
Stop buying complicit devices
And buy what instead exactly? We live in a world (or are shortly to be in one) where government and other primary services like banking and digital IDs require not only a smart phone, but one running a “sanctioned” platform where the OS and hardware state have to be attested by a “trusted” provider (Google, Apple, Samsung, etc). Your rooted, Graphene phone need not apply.
Looks interesting. I've been using https://keet.io/ for a good while now, which has similar motivations.
I didn't see a public source repository for keet, just compiled releases. Why would you trust closed source for a privacy app?
I’ve talked to their devs/met them in person and trust them, most of their stack is public/all the primitives they use are available and well documented (see https://github.com/holepunchto and https://docs.pears.com/), I’ve used that stack and verified it does what is advertised, and I believe they’re planning a full open source release of the parts that aren’t already public.
Assuming that a bad-people-filter is necessary, what would you use to recognize them?
2 that I can think of : 1) An AI badness pattern recognizer. 2) Vetting by trusted people.
It wouldn't have to be perfect. Would it?
That's a big assuming, yes.
I've not heard of this before. It recently hit v1.0 https://xeres.io/news/version-1-0-0-released/
How does this avoid carrier grade NAT if everyone is on a cellphone?
IPv6? Every device from one of my networks has a different IP.
>Without it, abuses are made and evil people take control.
Which will also happen with a zero control, zero responsibility platform.
A given chat will get horrifically toxic, there will be no way of moderation, so users will be forced to create a new chat which will in turn get horrifically toxic and so on and so forth.
No, thank you.
This is a friend to friend protocol, so you have the power, and should exercise it, to remove negative influences from your social graph.
I'm not familiar with retroshare but from a quick research it seems you only receive content from people you're connected with and their connections. So it should be pretty straightforward to remove toxic connections
http://retroshare.wikidot.com/en:faq#toc1 (Lost the link where there was an example on how to split a group chat if one person leaves that connected two groups)
And I can imagine it's possible like with ad block plus et al to have local blocklists in your client. Its not like we have this situation elswhere (mail, web) so...
Zero responsibility? You are always responsible for the things you say, both morally and legally, both here and elsewhere. Even in public spaces like town squares or hn comment sections. (hn sux, lmao.)
If a chat gets toxic by your standards, just leave. No one forces you to stay in a chat where you don't want to be. On the other hand, governments do censor and scan your private messages. Good cryptography and trustable software mitigates that partially but not entirely. Privacy and autonomy are fundamental human rights. Seemingly, the only way to enforce them is by exercising your rights and holding your government accountable.
I'd rather be abused by a toxic community I can willingly leave than be abused by a toxic government who can take my voice away, imprison me or worse. They can do that to anyone at any time. Laws like SLAs are worth the paper they're written on. And so software that prioritizes censorship-free speech is a tradeoff to be made and cannot be personally made -- it has to be made as a group. (Software like anything else can still be outlawed!)
The recent events with governments eroding privacy, consumer rights and other rights is a good reason to be wary and a good reason to get active and start exercising those rights.
Re: moderation. I don't know about the moderation tools of Xeres, but it seems trivial to be able to boot people from the chat.
Use your free speech to be kind to one another.
I agree that moderation tools are important :) one of signal's failings is the lack of moderation tooling. You can have small scale group moderation without having government scale surveillance.
You directly choose who you can chat with, you moderate by removing the person I would assume
It's rather a world where every platform is 4chan than a world like the Chinese internet where no platform allows criticising the government.
Not every platform should be moderated.