I feel the same, Telegram and Matrix got hyped and whatnot but same like Signal they got millions of dollars and are light years behind the competition. Which makes me wonder what they do with the money and why they do not hire competent people, which I would do in such case to address all concerns and design flaws.
Matrix encryption is flawed too, avatars, reactions etc. are NOT encrypted. Matrix might be an alternative until all flaws are fixed, but that might take years from now.
and this requires devices to exchange the shared private key which is inherently risky.
There is some risk, sure. I don’t see how this would be any more risky than a TLS exchange. Obviously the exchange can be implemented badly, but if done correctly it seems like it would work with certs and send the key encrypted.
I think the bigger risk is the key sitting at rest on multiple devices, some of which are easily lost (cell phones) and could then compromise an account.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !opensource@lemmy.ml
All about open source! Feel free to ask questions, and share news, and interesting stuff!
I feel the same, Telegram and Matrix got hyped and whatnot but same like Signal they got millions of dollars and are light years behind the competition. Which makes me wonder what they do with the money and why they do not hire competent people, which I would do in such case to address all concerns and design flaws.
Matrix encryption is flawed too, avatars, reactions etc. are NOT encrypted. Matrix might be an alternative until all flaws are fixed, but that might take years from now.
deleted by creator
There is some risk, sure. I don’t see how this would be any more risky than a TLS exchange. Obviously the exchange can be implemented badly, but if done correctly it seems like it would work with certs and send the key encrypted.
I think the bigger risk is the key sitting at rest on multiple devices, some of which are easily lost (cell phones) and could then compromise an account.
deleted by creator
deleted by creator