Cassie Heart
@cassie
wow, signal is speedrunning the death of all security advantages it had: https://community.signalusers.org/t/public-signal-backups-testing/69984
9 replies
5 recasts
69 reactions
jd 🌺
@jdl
say more sailor. explain it to us like we're eleven
1 reply
0 recast
8 reactions
Cassie Heart
@cassie
Say you and your friend pass notes to each other in class, but you change the code every day so confiscated notes from the teacher on one day can't be used to decode the next day's notes. But then your friend decodes all the notes in a journal that he puts a padlock on, and leaves it in his locker. One day, the principal busts open the locker smelling something strange, and finds the journal and some weed. He breaks open the journal, and now your clever code scheme doesn't mean shit, and you're getting blamed for selling weed because the journal said something about your yard having skunks
4 replies
0 recast
20 reactions
jd 🌺
@jdl
love this. now why do we trust other tools to do proper encryption — in transit and at rest — and to store it without the provider holding a key
1 reply
0 recast
2 reactions
Cassie Heart
@cassie
We shouldn't – unless the tools are open sourced, and more importantly, verifiable against that source. Quorum Messenger is open source (https://github.com/quilibriumnetwork/quorum-desktop), and the cryptographic primitives we use are audited: https://github.com/QuilibriumNetwork/quilibrium-js-sdk-channels
2 replies
0 recast
7 reactions
Matthew McDowell-Sweet
@msms
Do you have any plans to bring this to iOS?
0 reply
0 recast
0 reaction