Notices
Page 5 of 7 « First 34 5 67
Reply
Thread Tools
gaelic is offline gaelic
2016-11-07 , 10:44
Posts: 201 | Thanked: 410 times | Joined on Dec 2013
#41
Originally Posted by chrm View Post
All popular chat solutions today are unusable.
They all use a central server instance which can be hacked or controlled by individuals who wants to read my private conversations.
Only p2p messengers are usable - as of the status of today.

Got that?
No, because: Such general statements are mostly wrong.

Seriously: If you want to go "off the record" use the ORT functions implemented in most messengers that are out there in the wild.
And still providing message delivery if the contact is not online at the moment.
 

The Following User Says Thank You to gaelic For This Useful Post:
gaelic is offline gaelic
2016-11-07 , 10:46
Posts: 201 | Thanked: 410 times | Joined on Dec 2013
#42
Originally Posted by juiceme View Post
Yeah, but that behaviour is a BUG --> it will be corrected.
No. After 5mins the message will still go to nirvana. This is intended as far as I understand.
 

The Following 2 Users Say Thank You to gaelic For This Useful Post:
dovf is offline dovf
2016-11-07 , 10:51
Posts: 31 | Thanked: 44 times | Joined on Jun 2010
#43
Originally Posted by chrm View Post
Do you know XMPP transports?
The problem with such extensions is that someone has to maintain them. Its useless to have a "WhatsApp" transport which do not work because of protocol changes.
Of course, that's why I am not advocating WhatsApp, which is actively blocking connections from outside its network. So I don't expect to ever see a WhatsApp-matrix bridge (any more than I expect to see a ring-WA bridge, or a tox-WA bridge, or an XMPP-WA bridge, or anything bridge with WA).

But if we're discussing alternatives to the closed, central networks, I wanted to point out that there *is* something in between central and p2p (namely, federated); and an implementation of such a network which seems to be Done Right (namely, matrix).

And this in-between thing exactly answers the problems being discussed here with p2p (namely, transmission of messages when one of the parties is offline...).
 

The Following 3 Users Say Thank You to dovf For This Useful Post:
chrm is offline chrm
2016-11-07 , 11:38
Posts: 133 | Thanked: 405 times | Joined on Mar 2012 @ Europe
#44
Originally Posted by gaelic View Post
No, because: Such general statements are mostly wrong.

Seriously: If you want to go "off the record" use the ORT functions implemented in most messengers that are out there in the wild.
And still providing message delivery if the contact is not online at the moment.
Its not possible to establish an OTR session with an offline contact. So no, this solution doesn't work.
 

The Following User Says Thank You to chrm For This Useful Post:
gaelic is offline gaelic
2016-11-07 , 12:23
Posts: 201 | Thanked: 410 times | Joined on Dec 2013
#45
Originally Posted by chrm View Post
Its not possible to establish an OTR session with an offline contact. So no, this solution doesn't work.
Yes, that's the idea behind OTR, if you and your contact go OTR the server is left out. But only if you need and want it. And not as the only solution as with Ring.
 

The Following User Says Thank You to gaelic For This Useful Post:
chrm is offline chrm
2016-11-07 , 12:43
Posts: 133 | Thanked: 405 times | Joined on Mar 2012 @ Europe
#46
Originally Posted by gaelic View Post
[...] But only if you need and want it [...]
Is there someone out there 2016 who do not want and need E2E encryption?

You can never trust the transport way, not even if the service is running on your own server.

And yes, there is something like OMEMO (double ratchet) which allows sending E2E encrypted messages to offline contacts. This is well documented and already implemented in XMPP clients:
https://conversations.im/xeps/multi-end.html
Of course this opens a new attack vector since the keys are cached on the server.

All this will be also made for matrix to reach the same privacy level which is already done in XMPP.

Don't get me wrong - its great people wants to implement new, open and secure conversation systems.
But at the end, the only difference between XMPP and matrix will be the protocol layer: HTTP/JSON vs. XML. And I prefer XML :P
 

The Following 4 Users Say Thank You to chrm For This Useful Post:
gaelic is offline gaelic
2016-11-07 , 12:47
Posts: 201 | Thanked: 410 times | Joined on Dec 2013
#47
Originally Posted by chrm View Post
Is there someone out there 2016 who do not want and need E2E encryption?
Encryption is a totally different topic. Please explain the connection?
 

The Following User Says Thank You to gaelic For This Useful Post:
chrm is offline chrm
2016-11-07 , 13:07
Posts: 133 | Thanked: 405 times | Joined on Mar 2012 @ Europe
#48
Originally Posted by gaelic View Post
Encryption is a totally different topic. Please explain the connection?
What do you mean? OTR has nothing to do with end point connection, its just encrypted payload over the same connection/protocol.

Yes, that's the idea behind OTR, if you and your contact go OTR the server is left out.
Are you sure, you understand the technology?
 

The Following User Says Thank You to chrm For This Useful Post:
gaelic is offline gaelic
2016-11-07 , 13:41
Posts: 201 | Thanked: 410 times | Joined on Dec 2013
#49
Originally Posted by chrm View Post
What do you mean? OTR has nothing to do with end point connection, its just encrypted payload over the same connection/protocol.



Are you sure, you understand the technology?
You're going down the wrong direction here.

a) I was criticising that with Ring you can't reach offline contacts and messages go to waste.
-> you reply that p2p / serverless chat is "the only solution"
b) I reply that OTR is also possible with existing messaging applications using server infrastructure. Encyrytion yes/no is not the topic here
-> some bogus from you

Sorry, end of discussion for me here.
 

The Following 2 Users Say Thank You to gaelic For This Useful Post:
chrm is offline chrm
2016-11-07 , 14:34
Posts: 133 | Thanked: 405 times | Joined on Mar 2012 @ Europe
#50
Originally Posted by gaelic View Post
You're going down the wrong direction here.

a) I was criticising that with Ring you can't reach offline contacts and messages go to waste.
-> you reply that p2p / serverless chat is "the only solution"
If you mean this statement:

All popular chat solutions today are unusable.
They all use a central server instance which can be hacked or controlled by individuals who wants to read my private conversations.
Only p2p messengers are usable - as of the status of today.

Got that?
this was only cynically to demonstrate, how senseless such general statements are!

Originally Posted by gaelic View Post
b) I reply that OTR is also possible with existing messaging applications using server infrastructure. Encyrytion yes/no is not the topic here
-> some bogus from you
Nothing bogus here. Its only because OTR also doesn't work for offline contacts - like Ring. You will always face the same systematic problems when entering such level of privacy/security.

Sorry, end of discussion for me here.
Your wish is my command
 

The Following 2 Users Say Thank You to chrm For This Useful Post:
Reply
Page 5 of 7 « First 34 5 67

Tags
sip client, videocall

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 15:17.

Contact Us - Home - Archive - Top