You can use matrix/element and if someone loses her phone, you can remove her from the room. The room will disappear from the other phone if it’s connected to the internet
I’ve been interested in looking at matrix due to its decentralyzed nature, and self host capability. But as much as I love to self host certain things. Self hosting isn’t always the shining example its portrayed as. That comes with its own security/privacy flaws. I will do some reading on matrix and learn about the features. Thanks for shedding some light on the actual topic at hand.
Edit for matrix info which can be found here for those wanting to learn more. -> matrix.org
You don’t have to selfhost. You can use anyone’s server. It’s all e2e. The social graph may be visible. Selfhosting is easy. Look for an install with docker.
Will do thanks. I don’t care about social graph being visible so long as there isn’t identifiable info during sign up. I’d much rather self host as needed. But what if matrix was self hosted on a hostile network. Under VPN from both sides. Say matrix was running from a hotel WiFi. How would one secure the service.
I don’t care about social graph being visible so long as there isn’t identifiable info during sign up. well said
you can also look into hosted services like EMS but I don’t know if you have to provide identifiable info.
But what if matrix was self hosted on a hostile network.
it’s all encrypted on the client -> e2e. even if it was http and no SSL
Say matrix was running from a hotel WiFi.
you have to provide a domain, I’m not sure how easy it would be to run it without and only locally on a LAN. IT’s possible but the experience wont be good. you also can’t federate. It’s much easier to use a hosted server.
How would one secure the service.
the same way like you’d do it with a publicly exposed host.
BUT I think I’d go with p2p matrix before going the LAN route.
Using Signal with disappearing messages set to a really short time is probably the closest thing you can get. You can use a VOIP number from Cloaked behind a VPN to sign up anonymously.
I don’t think so. AFAIK there is no native method to caption images in markdown, which is what this editor uses. People try to bring about this effect by italicising the part they would want as a caption right underneath the image. However, in your case, I see a [You’ve done well] banner underneath the image, which I assume is the caption you meant. Not sure how that happened but if that works, great!
Motorola phones are very easy to mod(root,custom rom) and even if you brick the phone in most cases you can just use the lenovo recovery tool. I personally use crdroid but lineage is fine too. I recommend you use microg with magisk to hide that the device is root/has custom rom. You can also just use shelter for the banking apps.
The OS itself is private because it’s DeGoogled. I also installed GApps because I wanted the convinence of the App store and core feature I’ve been used to for so long.
I also knew the moment I did the google-fication privacy was out the window.
I was fine with LineageOS and would happily go back when my Pixel7a becomes EOL.
First things first, there is no app like you describe. You have to take my word for it. Let’s say a certain country’s law enforcement might be very interested in taking to me if it knew role in certain events.
I examined many messaging and chat platforms, and the closest to what you’re asking for are custom Telegram clients that go a longer way to ensure that TG’s local data gets deleted properly (by default it doesn’t, easy peasy to get data from the local DB, half cleansed chats from 6 months ago pop up in exports or even the UI, etc).”, has a built in double bottom for accounts, etc. An example of what I am talking about is here: github.com/wrwrabbit (check the repos yourself).
Secondly, you must understand that when the law enforcement seizes a phone, upon initial quick examination (sometimes using brutality to force you to unlock it), they will shut it down to ensure it is not connected to the Internet. And then criminalists will use a special black box device sold by an Israeli cybersec firm (its name always escapes me, but I think the product might be called Pegasus) to extract all data for offline analysis.
So thirdly, you must not rely on any app that conditionally removes data from a device. You must not entrust your well-being to it. Which leaves you basically the only choice: only ephemeral messaging capabilities which are available only when you are in the app, through the server over which you have full control.
Or your messaging sessions must take place only when you’re in a secure location. And even then you should have a “wipe all button” in case the police come after you unexpectedly.
Calyx with Micro G does have benifits, but isn’t quite as good as sandboxing, and also doesn’t have some of the other degoogling and security Graphene does.
It depends on your threat model. If you simply want fewer targeted ads, there is a benefit. If you are a journalist under a dictatorship, there is little to no benefit.
This is called ephemeral messaging. A good feature of many apps. But doesn’t serve the same purpose for which I am asking. Thanks for mentioning another option other than the usual messenger apps. This is the description for others copied from a basic browser search.
Keybase is a key directory that maps social media identities to encryption keys (including, but not limited to PGP keys) in a publicly auditable manner. Additionally it offers an end-to-end encrypted chat and cloud storage system, called Keybase Chat and the Keybase Filesystem respectively.
Website here for those interested in reading about it -> keybase.io
This part about the zoom acquisition is true, but to date no sketchy things have been committed to the client repos, they’re open source
Personally I think the acquisition was to disrupt development, not to hijack it. You’re right that dev work essentially stopped at that time, outside of security fixes.
Also, it doesn’t track you, it allows you to post public proofs so you can choose to let the people you connect with verify your identify. It’s not mandatory.
I hate relying on anything big corp for privacy. Thanks for the reply and I’ll keep this in mind. It seems so far matrix chat is the only e2e chat that can remove the conversation from an individuals device once their removed from a room. I will have to do deeper research into matrix to see it it fits my use cases. I’m just not sure how it stacks up against other big name chat platforms as far as security/privacy goes. I’ve heard of it before. Never deep dived into the data.
Its my understanding the metadata is only stored on the home server that runs for the clients, so under a self host scenario the hoster would be the only party that could access such metadata. One big con to Matrix is that it lacks ephemeral messaging so I’m not sure if chat history is stored on client side once the server goes offline? I cannot find an answer through browser search or documentation. Couldn’t the hosted server be restarted anytime and it would essentially delete the metadata generated each cycle and chat history as well because the chat room would be deleted? Or ran inside say persistent Tails and with a device shutdown or unplug all data would be wiped due to its ram only nature while persistence only keeps the base setup of matrix not a full carbon copy so a new chat would be generated each power cycle. Similar to VPN services running on ram. Thoughts anyone?
privacy
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.