Comment on NaiHe – lightweight E2E encrypted chat over any self-hosted MQTT broker
moonpiedumplings@programming.dev 2 days ago
You and your peer agree on an encryption key (any string).
This is unacceptably unsecure for the usecases you mention. There is a reason why the most secure messaging apps don’t use symettric encryption, don’t use passphrases, and they also possess forward secrecy.
It’s pointless to push this as a censhorship circumvention method
I appreciate the projects, but use of this to bypass
clinamen0@lemmy.world 2 days ago
Thank you for your reply. In fact, this project is a one-off project and a vision. The original idea came from fear — my fear. The fear of having your communications surveilled, and the legal risks that come with having your speech monitored. I face all of these.
My vision: the software should be simple, easy to use, quickly distributable, non-commercial, available to every ordinary person, maximizing the cost of censorship for authoritarian governments — until the day when we can finally see the light.
For this reason, I gave up many complex designs.
Its goal: “two people get the software and can use it right away.” Only this way can more ordinary people in authoritarian countries embrace this kind of information protection. Indeed, more secure methods exist, but those tools are too complex. Moreover, citizens in authoritarian countries are naturally hostile toward such software. But an app that lets you chat in ciphertext directly on social media, or use it standalone, is something interesting. And citizens in many authoritarian countries are about to face ubiquitous surveillance — because of AI.
Based on this, anyone with some basic knowledge of Rust can quickly build and distribute it. For higher-risk scenarios, excellent community forks can address those needs.
This is my vision.
Note: This account will be retired soon to prevent tracing. And I hope we shall meet again, in the place where there is no darkness.