The creator of Pixelfed announced an upcoming encrypted messenger for the fediverse that will work across the fediverse - eviltoast

It will be open source, end to end encrypted using Signal’s double ratchet encryption protocol, and he plans to make it easy for fediverse platforms to integrate it. The beta will release later this month.

He’s also the creator of https://fedidb.org btw

  • Nix@merv.newsOP
    link
    fedilink
    English
    arrow-up
    93
    ·
    1 year ago

    Im mainly looking forward to it replacing the “DMs” of mastodon and lemmy.

    • Jackthelad@lemmy.world
      link
      fedilink
      English
      arrow-up
      61
      ·
      1 year ago

      I’ve not been on either platform long enough to use the DMs, but this is a good point.

      After all, DMs aren’t actually private on either platform, as far as I’m aware.

      • sab@kbin.social
        link
        fedilink
        arrow-up
        24
        arrow-down
        2
        ·
        1 year ago

        If they’re not end to end encrypted, your messages are not actually private on any platform.

        It’s a bit more obvious in the Fediverse than elsewhere, as direct messages are generally stored on two separate servers (sender and receiver). Furthermore each server tends to be smaller: if Zuckerberg decides to go through people’s DMs it’s unlikely to affect any particular Facebook user, but if the owner of a Mastodon instance does the same it’s small enough that she could actually get an overview. It’s mostly a false sense of security embedded in larger services, but people are all about having a false sense of security.

        • outdated_belated@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          9
          ·
          edit-2
          1 year ago

          Like anything, depends on the threat model. Private from your little sister? Probably. Private from your boss, at least in the next few months prior to them being leaked? Also probably. Private enough?

          That’s to some extent a question that can only be answered individually, as everyone’s threat models differ. I suppose this fact (everyone having differing threat models) is one of the reasons that so many arguments occur over security.

          • sab@kbin.social
            link
            fedilink
            arrow-up
            5
            ·
            1 year ago

            In the end any successful chat service is going to be used by horny teenagers sharing nudes with each other, which is honestly for me better reason than any state secret why all communications should be end to end encrypted at all times. I don’t trust Zuckerberg or Musk with that, or any other third party for that matter.

      • HughJanus@lemmy.ml
        link
        fedilink
        English
        arrow-up
        7
        ·
        1 year ago

        DMs aren’t actually private on either platform, as far as I’m aware.

        “Private” is not really a binary concept.

        They’re “private” in the sense that no one can see them other than the participants and the server admin (if they really wanted to).

        They’re not private in the sense that they can be hacked and leaked, or subpoenaed.

    • OverfedRaccoon 🦝@lemmy.world
      link
      fedilink
      English
      arrow-up
      14
      ·
      1 year ago

      Yep. That was my first thought - how everyone says to use Matrix rather than Lemmy DMs for anything sensitive. This will be fantastic.