Matrix: E2EE aktiviert - endlich!

Seit gefühlt einem Jahr gibt es das Feature Ende-Zu-Ende-Verschlüsselung #E2EE in #Matrix bzw. #Element.
Seit dieser Zeit testet die Familie es in direkten Chats und kleineren Gruppen, aber bislang zauderte ich, es tatsächlich auch für die größeren Räume mit der erweiterten Familie (inklusive Oma + Opa) zu aktivieren. Zu viel Respekt hatte ich bislang vor Akzeptanzproblemen, wenn es in dem Bereich Ärger gibt und man wegen weiter Entfernung und Pandemie quasi nicht supporten kann.

Heute ist die Testphase offiziell vorbei - es ist nun für alle Räume scharf geschaltet.
Yeah!

End-to-end encrypted RCS Chat messaging is now available for more users in Google Messages

Google began rolling out end-to-end encryption at the end of last year for select Google Messages beta users who have enabled Chat, Google’s implementation of RCS. End-to-end encryption ensures that conversations stay encrypted from when they leave your smartphone, to when they arrive at the other end. There is no server-side decryption, meaning that data can’t be collected in the middle from the servers that pass your messages along. This is a selling point of many texting applications like Signal as it’s a major step towards ensuring the privacy of a user, and now it’s finally rolling out to more users who use Google Messages.

Of course, until either RCS (Rich Communications Services) or iMessage is available across both Android and iOS, neither will be a solution to universal messaging or replacing SMS. Ironically, as I understand it, both depend on Tim Apple! RCS needs to be a standard independent of just Google alone as we've seen how many times Google changes its mind over messaging apps, and having iMessage controlled by a single company is also not a universal solution.

See Encrypted messaging is now available for more users in Google Messages

#technology #RCS #E2EE #instantmessaging

End-to-end encrypted messaging is now rolling out to more users in Google Messages, giving RCS another advantage over SMS.

---

https://gadgeteer.co.za/end-end-encrypted-rcs-chat-messaging-now-available-more-users-google-messages

Annonce d'une passerelle XMPP <=> ActivityPub doublé d'un chiffrement de bout en bout pour XMPP Pubsub, projet financé par NLnet/NGIZero.

https://www.goffi.org/b/passerelle-activitypub-et-chiffrement-de-bout-en-bout-pubsub-q2KM

#XMPP #activitypub #libervia #nlnet #e2ee #pubsub

Announcing XMPP<=>ActivityPub gateway project doubled with XMPP Pubsub end-to-end encryption supported by NLnet/NGI Zero (thanks again @NGIZero !)

https://www.goffi.org/b/activitypub-gateway-and-pubsub-e2ee-QGqK

#XMPP #activitypub #libervia #nlnet #e2ee #pubsub

End-to-End Encryption (E2EE) vs Client-to-Server Encryption is not the same and many messaging services incorrectly claim to do E2EE

Only messaging services which enable full E2EE from one end-user all the way through to the destination end-user have true E2EE. Too many services in fact just have transport layer encryption (TLS) between end users and the server in the middle, which means all your communications could be intercepted at either end or from the server in the middle.

Sales people often market E2EE meaning that their server forms one end of the communications, full knowing that end users will be duped into thinking the encryption is through to their end destination.

With true E2EE there is no way to intercept or alter the message from the server side, and no way to recover any message at the server end without your private encryption key. So always ask yourself why a service provider can reset your password or access to your data on their servers or their cloud (they're essentially using a back door). This is also why Telegram's default messaging (not secret chats) are insecure, and why Zoom or Skype can hook in phone calls into many video conferences.

You either have security or you don't have, there is no 80% secure. Security is not always convenient because convenience introduces vulnerabilities.

See End-to-End Encryption vs. Client-to-Server Encryption | Wickr

#technology #security #privacy #E2EE #instantmessaging

Describing a communication tool as “secure” generally implies that it protects all communication through encryption and authentication. While encryption is crucial, how it is used makes all the difference in the world.

---

https://gadgeteer.co.za/end-end-encryption-e2ee-vs-client-server-encryption-not-same-and-many-messaging-services

Regierungen fordern ungeniert pauschal eine #Backdoor in #E2EE - es geht um das letzte Stückchen #Privatsphäre der Bürger.

Kann es eine anschaulichere Werbung für freie Projekte wie #Matrix, #XMPP oder geben?

#PoweredByRSS #Bürgerrechte #Freiheitsrechte
Combating abuse in Matrix - without backdoors. | Matrix.org

Oh, gerade wurde unter Android #Riot.im durch #Element ersetzt. Ich hoffe, meine kleine Userschar in der Familie ist nicht zu sehr verwirrt, wegen des neuen Namens und neuem Logo. Teilweise sind die User an die 80 Jahre und 70 km entfernt...

Nach ersten Tests funktioniert scheinbar noch alles. Jetzt wird es spannend, wegen #E2EE.

#Matrix

Progress note (W14) is out.
Talking about files attachments, OMEMO and the recent online Berlin sprint:
https://www.goffi.org/b/fKHK3FdnT37PkeohFBQeSH/progress-note

#salutatoi #XMPP #progress_note #cagou #omemo #file #sharing #e2ee #android #berlin #sprint

Here is the first progress note of the year (W01) available at https://www.goffi.org/b/66adNNNbFp84CWFzyvGpmK/progress-note

It is talking again about OMEMO (with full support one2one, files + MUC now available in SàT), and UX on Android.

#salutatoi #XMPP #progress_note #kivy #OMEMO #e2ee #e2e #encryption #android

New progress note (W51) available at https://www.goffi.org/b/JLPTTHfRnqhxNozHjRz553/progress-note

This one is about Kivy, infinite scroll and other changes, and OMEMO with e2e file sharing

#salutatoi #XMPP #progress_note #kivy #OMEMO #e2ee #e2e #encryption #aesgcm