lainchan archive - /tech/ - 35410
[ Return /
Go to bottom ]
File: 1489184439955.png (54.16 KB, 300x292, anisec2.jpg)
Every month or so one of my friends tries to convince me to install the latest chat apps. I mean, if I install every chat app that people reccomended to me, it would be in the tens of dozens. It's annoying. So I either just flat out reject them, or begrudgingly install the app. Even a lainon convinced me to use pidgin, and another one mumble, I haven't even used pidgin since, nor had any wish to. I think about mumble every month or so but I don't want to bother.
My real issue though is that 99% of those applications are cookie cutter levels of similar. They are functionally the same thing when compared to ICQ from 1996. OK, some of them have some encryption, which may or may not be soykafty, and they really should have encryption but I am digressing. Others that have video or voice calls are functionally the same thing as skype from 2003. OK I myself avoid skype because muh M$.
Why do people get this excited over constantly discovering new chat applications? Most of them did exactly the same thing for decades.
Mods: Sorry if this rant is too aggressive, if needed I will delete this even myself.
My real issue though is that 99% of those applications are cookie cutter levels of similar. They are functionally the same thing when compared to ICQ from 1996. OK, some of them have some encryption, which may or may not be soykafty, and they really should have encryption but I am digressing. Others that have video or voice calls are functionally the same thing as skype from 2003. OK I myself avoid skype because muh M$.
Why do people get this excited over constantly discovering new chat applications? Most of them did exactly the same thing for decades.
Mods: Sorry if this rant is too aggressive, if needed I will delete this even myself.
I suppose they are somewhat misinformed about the pros and cons of each, and get caught in a hype train. It feels good when you spread something that you currently believe to be good, especially if you have a narrative of "fighting the evil facebook".
It's almost like those long commercials where they make a product that nobody ever needs in real life, but show 6-8 scenes of people using it in real life and it coming in handy. The impression of usefulness remains, and people who try to think positively (e.g. your lainon who tries to stop being depressed), will simply focus on the nice use-cases and deny/ignore 99% of use-cases where the thing isn't useful or not any better.
It's almost like those long commercials where they make a product that nobody ever needs in real life, but show 6-8 scenes of people using it in real life and it coming in handy. The impression of usefulness remains, and people who try to think positively (e.g. your lainon who tries to stop being depressed), will simply focus on the nice use-cases and deny/ignore 99% of use-cases where the thing isn't useful or not any better.
File: 1489188398515.png (1.65 MB, 140x200, 1488914723114.jpg)
I think you have to distinguish between client and protocol.
Having a fuarrrkton of different clients that use the same protocol is not a bad thing but rather creates competition.
Having many non-interoperable clients harms the goal of bringing the general public to adopt secure, decentralized communication.
In my opinion, XMPP with OTR or OMEMO is the best option as there are many different clients available for this.
Having a fuarrrkton of different clients that use the same protocol is not a bad thing but rather creates competition.
Having many non-interoperable clients harms the goal of bringing the general public to adopt secure, decentralized communication.
In my opinion, XMPP with OTR or OMEMO is the best option as there are many different clients available for this.
>>35416
tox's crypto is complete garbage and they have no intention to fix it. I recommend people stay away from it.
https://github.com/TokTok/c-toxcore/issues/426
tox's crypto is complete garbage and they have no intention to fix it. I recommend people stay away from it.
https://github.com/TokTok/c-toxcore/issues/426
I think you should give Pidgin a lot less flak, OP. It is actually the solution to your problem: a multi-protocol chat client where protocols can be added as plugins. By default, it supports XMPP/Jabber, AIM, Google Talk's custom protocol, IRC, and a few others. With plugins, it can do things like P2P video calls (with Jingle), tox (tox.dhs.org), and OMEMO encryption over XMPP (github.com/gkdr/lurch), and lots of other nice stuff, all in one client.
>>35418
Could you elaborate on your criticism of Tox's crypto? Unfortunately, cryptography is not an area I am well versed in yet, and I've been recommending Tox since my understanding painted it as a decently secure, decentralized medium. Genuinely curious as to what you mean when you say their crypto is garbage.
Could you elaborate on your criticism of Tox's crypto? Unfortunately, cryptography is not an area I am well versed in yet, and I've been recommending Tox since my understanding painted it as a decently secure, decentralized medium. Genuinely curious as to what you mean when you say their crypto is garbage.
>>35418
Jesus Christ. Not that I could say much about the crypto aspect, but the general tone of the discussion makes me doubt the trustworthyness and reliabilty of anyone involved in this project. And irungentoos response along the lines of "Yeah, that is a problem, but if someone has your private key, they can do even worse stuff, so why bother fixing it?" is not very reassuring.
Jesus Christ. Not that I could say much about the crypto aspect, but the general tone of the discussion makes me doubt the trustworthyness and reliabilty of anyone involved in this project. And irungentoos response along the lines of "Yeah, that is a problem, but if someone has your private key, they can do even worse stuff, so why bother fixing it?" is not very reassuring.
>>35414
IRC works perfectly for a (semi-)public, group chat. But for a private chat, IRC failed to provide any end-to-end encryption. Yes, there are simple implementations of ECB (?!) block cipher and even OTR ports, but unfortunately nobody really uses them, and because of the diversity of IRC clients, it is not usable at all.
I prefer to keep an IRC client and a XMPP client with OTR / OMEMO plugin, and that's all, and no more.
IRC works perfectly for a (semi-)public, group chat. But for a private chat, IRC failed to provide any end-to-end encryption. Yes, there are simple implementations of ECB (?!) block cipher and even OTR ports, but unfortunately nobody really uses them, and because of the diversity of IRC clients, it is not usable at all.
I prefer to keep an IRC client and a XMPP client with OTR / OMEMO plugin, and that's all, and no more.
>>35428
>the problem does not stem from the application but from the user
The problem always stems from the application and the user, and hardly stems from crypto algorithms and protocols IRL. It's hard to believe we still have people arguing about the security of 128-bit or 256-bit, while a "ptr++" can cause buffer overflow and remote code execution.
>the problem does not stem from the application but from the user
The problem always stems from the application and the user, and hardly stems from crypto algorithms and protocols IRL. It's hard to believe we still have people arguing about the security of 128-bit or 256-bit, while a "ptr++" can cause buffer overflow and remote code execution.
Tox team are going to fix the handshake problem. Just wanted to counter-weigh the period-relevant critiques about Tox ITT.
Finally got around to reading the source code for signal and why it uses play services / phone verification. Signal is as close as I've gotten to having all of my friends on one secure chat app.
User base is as much a part of what makes a communication app great as any other feature and I think people are dissatisfied with most messengers and so want to experiment. Plus apps like Facebook messenger , Twitter and Google's hangouts wall off their garden once they get big enough.
User base is as much a part of what makes a communication app great as any other feature and I think people are dissatisfied with most messengers and so want to experiment. Plus apps like Facebook messenger , Twitter and Google's hangouts wall off their garden once they get big enough.