[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Diversification [ branched from Re: conflicts in the gnu project now

From: Chris Vine
Subject: Re: Diversification [ branched from Re: conflicts in the gnu project now affect guile]
Date: Wed, 23 Oct 2019 00:24:27 +0100

On Tue, 22 Oct 2019 21:23:32 +0200
Zelphir Kaltstahl <address@hidden> wrote:
> The reason however, why I have only ever used Riot with one person is,
> surprise surprise, that most people are not willing to sacrifice the
> tiniest bit of comfort, for enhanced security. This one person I used it
> with tried to get 2 more people on board, who were even less tech-savy
> and whom I did not have the chance of helping directly, to get things
> set up and so we remained 1-on-1 on Riot.IM.
> Let me explain further:
> To verify another person's device, one has to exchange information via a
> second trusted channel. That information is a sequence of icons being
> shown. If they are the same, that the other person sends you via the
> second trusted channel, you can reasonably assume, that the device you
> are communicating with is under their control.
> When it comes to the step of exchanging information about what icons are
> displayed, most people will close the app and say "it's too
> complicated", because they do not understand it ("Huh? How strange! Why
> I have to do that? Are icons secure?") or do not want to do anything in
> order to have security. They are not willing to invest as much as 5min
> of effort, to have encrypted chat. What makes matters worse is, that
> when you use Riot.IM in the browser, it might happen, that every time
> you log in, the other person has to re-verify your device. Guess what
> people will do when facing that workflow …

This is a public mailing list, and any replacement of it is going to be
a mailing-list-alike.  Why do they (or chats) need to be encrypted or
have the sender verified?  No one should be posting sensitive personal
information here so I don't understand the point of it.  Lack of
understanding of (or disagreement with) the purpose may be what is
holding your idea back. If you want to set up private mailing lists or
chat servers, fair enough, but that's not what this is.

Discord seems a reasonably popular chat medium with a bridge to IRC and
discourse seems reasonably popular as a web based mailing-list-ish
medium with a somewhat more vibey feel than traditional mailing lists.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]