Comment on Switching to more privacy friendly alternatives
LWD@lemm.ee 7 months agoDespite being around for a while, that project is incomplete and/or insecure depending on which encryption protocol you want to choose (the best one is still labeled with a warning that it is just experimental). And then you have to hunt down a client that supports the features you want, which is another headache…
kpw@kbin.social 7 months ago
Which encryption protocol is labeled with a warning? The link I posted makes choosing a client very easy.
LWD@lemm.ee 7 months ago
The good one, aka OMEMO, which is mentioned on the site but not in the app recommendations
kpw@kbin.social 7 months ago
Yes, the XSF has a very high bar what a standard is and what not, so the many protocol extensions are labeled experimental. However that doesn't mean implementations are "incomplete" or "insecure". OMEMO has good support nowadays and the implementation in Conversations has been independently audited.
LWD@lemm.ee 7 months ago
The Conversations Independent audit casually mentions forward secrecy was broken, and that the documentation itself was out of date… And that was at the time the audit was released. The website doesn’t mention if Conversations took these recommendations into account, either.
And that’s just if we assume users only want to use one device at a time, and they won’t touch a desktop.
It’s been 8 years, how regularly should I check back to see if OMEMO is accepted as a standard?