[kwlug-disc] Secure IM news
Hubert Chathi
hubert at uhoreg.ca
Thu Nov 24 11:18:42 EST 2016
On Thu, 24 Nov 2016 09:49:39 -0500, "locklin.jason at gmail.com" <locklin.jason at gmail.com> said:
> On Wed, 23 Nov 2016 16:28:32 -0500
> Nick Guenther <nguenthe at uwaterloo.ca> wrote:
>>
>> I am suspicious here; encrypted group chat is really hard. Does the
>> server hand out keys when new people join? They say users can
>> blacklist each other, but blacklists are weak: just come back under a
>> different key. And it's claiming end-to-end encryption, but for the
>> same reason the server could generate fake users at will. If they
>> have or add a whitelist mode, every new user would have to be
>> approved by every other new user; maybe users could delegate their
>> trust to an OP deciding on who to whitelist, though.
> I havn't played with it, but e2e encrypted channels are
> invite-only. Someone in the channel must invite a new party
> (obviously, as with any encrypted chat, you have to trust everyone
> inside).
That's not true. Encryption can be turned on in any room, including
publicly available rooms. For example, there's an e2e test room
(#megolm:matrix.org) than anyone can join, which currently has 74
members. Obviously, using encryption in a room that anyone can join
limits the effectiveness of the encryption, but it can be done.
More information about the kwlug-disc
mailing list