[kwlug-disc] Secure IM news
locklin.jason at gmail.com
locklin.jason at gmail.com
Wed Nov 23 11:31:27 EST 2016
I know there are a few people on here watching the IM sphere in the hopes of universal, secure messaging. Two articles have crossed my newsfeeds lately that might be of interest:
Signal has done quite a lot of UX research. They have found that just using the word "fingerprint" sends the wrong message to most people (real fingerprints are considered sensitive information, not something you want to share), and have transitioned to using conversation-specific "safety numbers" rather than user-specific fingerprints.
https://www.whispersystems.org/blog/safety-number-updates/
While Signal has reached a pretty fantastic level of UX, it's still not a free and open network. Matrix, and it's main client, Riot (used to be Vector), added E2E encryption based on Signal's protocol. It's an independent implementation, tuned to work better with the massive multi-user rooms that are common on Matrix, and it has recieved an indepenedent and transparent audit. Due to the nature of Matrix -designed for group collaboration, often accross accross many networks, it's not at all foolproof yet. Matrix, however, is federated, has clients across most platforms, and bridges smoothly with Slack/Gitter/Freenode/Mozilla/Snoonet/OFTC so far, so it makes a good general purpose connection to free software communities that also happens to have the ability to do e2e encrypted group IM.
https://medium.com/@RiotChat/exciting-new-riot-release-get-ready-for-chatting-securely-acc93ecfe0a
More information about the kwlug-disc
mailing list