feld on Nostr: You Will (Not) Escape ☸️ > Is this not how Matrix allows multiple devices to ...
You Will (Not) Escape ☸️ (nprofile…ake6) > Is this not how Matrix allows multiple devices to decrypt the same chat?
Ahh, sorry! E2EE should not support multiple devices without friction, I agree. The Matrix design is not something I'm comfortable with. We are definitely in agreement here. There is a mechanism to securely get the key to a device but it's way too complicated for my taste.
> Not to mention, a separate issue, if you're hosting a server, it's VERY easy to impersonate a user.
But how without the admin having their private key? It should be very obvious when their messages are not encrypted with the same keys, or the messages should be dropped/rejected automatically.
You should give DeltaChat a try. It's federated, has features others don't have, and the security is solid, audited. Signal has a couple properties that makes it more resilient against an attacker with infinite resources and the ability to MITM all your traffic but the gap is closing -- perhaps this year, waiting on an RFC to leave draft status. Multi device onboarding requires both devices be on the same network because a direct connection between devices is created to transfer the key material.
Give it a try. Instant anonymous sign ups, and idle accounts are automatically deleted after 90 days by default. Send me a message, I'll demo some features for you.
Contact me on Delta Chat:
https://i.delta.chat/#BFE115F2AD580709F1CA482ACC8E93570310DD43&a=az2g6a4rm%40chat.feld.me&n=Mark&i=YforNGURahV&s=qXFHXwnH7uq
Ahh, sorry! E2EE should not support multiple devices without friction, I agree. The Matrix design is not something I'm comfortable with. We are definitely in agreement here. There is a mechanism to securely get the key to a device but it's way too complicated for my taste.
> Not to mention, a separate issue, if you're hosting a server, it's VERY easy to impersonate a user.
But how without the admin having their private key? It should be very obvious when their messages are not encrypted with the same keys, or the messages should be dropped/rejected automatically.
You should give DeltaChat a try. It's federated, has features others don't have, and the security is solid, audited. Signal has a couple properties that makes it more resilient against an attacker with infinite resources and the ability to MITM all your traffic but the gap is closing -- perhaps this year, waiting on an RFC to leave draft status. Multi device onboarding requires both devices be on the same network because a direct connection between devices is created to transfer the key material.
Give it a try. Instant anonymous sign ups, and idle accounts are automatically deleted after 90 days by default. Send me a message, I'll demo some features for you.
Contact me on Delta Chat:
https://i.delta.chat/#BFE115F2AD580709F1CA482ACC8E93570310DD43&a=az2g6a4rm%40chat.feld.me&n=Mark&i=YforNGURahV&s=qXFHXwnH7uq