Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

What's the problem with e2e encryption for those organizations?

The problem is if they give those orgs a backdoor



Oh yeah, I actually asked them about that. They said there aren't any backdoors[0]. We're all good, no worries! :) :)

[0] https://mastodon.matrix.org/@element/110340953550548309


Its open source and the crypto library is also 3rd party verified. I don't get your problem.


It's one of the most significant open source messaging systems that exist today. Anyone can audit it at any time.

What more do you want?


How do you know the matrix.org server or the element.io web client is running the same code as the source posted publicly? How exactly do you, personally, audit a hosted service? The answer to both questions is: you don't.


So host it yourself. It's literally designed to do that.


Yeah, that's great for me, but doesn't help me when everyone else is using the hosted stuff :)


Ok, I'll bite, what even could be the alternative here then? You want something without big funders, totally OSS, and extremely friendly for grandmas? Feels like one of those "you can only pick two" type things to me, but would love to learn that's not the case.


Also: 1. Mainstream enough for grandma. 2. No public hosts, you are required to self host it. Totally reasonable I don't see why this is so hard. /s


Its fashionable in the leftist world to compete to take the most radical position you can.

You described the goal, yeah, that would be pretty wonderful, like unicorns, flying pixie dust and other things that don't seem to exist as of yet.


I really don't think that is fashionable. Why would people want to do that?


>How do you know the matrix.org server or the element.io web client is running the same code as the source posted publicly? How exactly do you, personally, audit a hosted service? The answer to both questions is: you don't.

And I don't use them. I grab the posted sources and use them on hardware I physically control. If (I'm not, but I do care about my privacy) I was someone that was being pursued by one or more governments/well-funded private actors, I wouldn't use any communication platforms hosted by others.

As the old saw goes: "Three can keep a secret. If two are dead."




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: