Privacy

33266 readers

521 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

Is using an Matrix account from matrix.org private and secure enough to talk with my family members and people in general? (lemmy.ml)

submitted 2 days ago by Confidant6198@lemmy.ml to c/privacy@lemmy.ml

73 comments fedilink hide all child comments

So, I was told to not use Signal, so all that is left is Matrix. And I am not techy enough to have my own server and neither are my relatives, so Matrix.org is the only option

you are viewing a single comment's thread
view the rest of the comments

[–] mox@lemmy.sdf.org 1 points 2 days ago* (last edited 2 days ago) (1 children)

But who/what gets to decide who the intended recipients are?

The sender, of course.

Can’t the homeserver admin just join the channel and then the other members would exchange keys automatically and now they can see what people say?

No. Verification prevents that.

[–] refalo@programming.dev 1 points 2 days ago (1 children)

I don't understand. How would the sender prevent messages from going to the admin user that joined the room? It sounds like you're implying new users simply can't join a room? That makes no sense to me... I've certainly never experienced that. I see new users join encrypted rooms all the time and they can talk just fine... so what's the deal? And isn't verification off by default?

[–] mox@lemmy.sdf.org 2 points 2 days ago* (last edited 2 days ago) (1 children)

How would the sender prevent messages from going to the admin user that joined the room?

It wouldn't matter if a rogue admin eavesdropped on an E2EE room, because they would see encrypted blobs where the message content would be. That's what E2EE is for.

https://en.wikipedia.org/wiki/End-to-end_encryption

How would the sender prevent messages from going to the admin user that joined the room?

You're conflating multiple things. Merely joining a room does not grant access to message decryption keys.

I respect your curiosity, but I think you're going to have to familiarize yourself with the software and concepts to get a detailed understanding of how all this stuff works. If you're technically inclined, I suggest reading the protocol spec, or at least the parts that interest you. You could also drop in to the public chat room and ask more questions there: #matrix:matrix.org

[–] refalo@programming.dev 2 points 2 days ago

I have read the spec, used the service and also implemented my own clients before, that is why I'm so confused by what you're saying, because this has not been my experience at all. If a user joins a channel, whether they are an admin or not, whether it is encrypted or not, then unless the channel is explicitly setup to only allow verified users to talk (not the default), my understanding is there is nothing preventing that new user from seeing all new messages in the chat.