Comment on Switching to more privacy friendly alternatives
LWD@lemm.ee 1 year agoDespite being around for a while, that project is incomplete and/or insecure depending on which encryption protocol you want to choose (the best one is still labeled with a warning that it is just experimental). And then you have to hunt down a client that supports the features you want, which is another headache…
kpw@kbin.social 1 year ago
Which encryption protocol is labeled with a warning? The link I posted makes choosing a client very easy.
LWD@lemm.ee 1 year ago
The good one, aka OMEMO, which is mentioned on the site but not in the app recommendations
kpw@kbin.social 1 year ago
Yes, the XSF has a very high bar what a standard is and what not, so the many protocol extensions are labeled experimental. However that doesn't mean implementations are "incomplete" or "insecure". OMEMO has good support nowadays and the implementation in Conversations has been independently audited.
LWD@lemm.ee 1 year ago
The Conversations Independent audit casually mentions forward secrecy was broken, and that the documentation itself was out of date… And that was at the time the audit was released. The website doesn’t mention if Conversations took these recommendations into account, either.
And that’s just if we assume users only want to use one device at a time, and they won’t touch a desktop.
It’s been 8 years, how regularly should I check back to see if OMEMO is accepted as a standard?