Our great sponsors
-
-
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
After reading this[0] I can't help but wonder how Alice talking to Bob will now be compromised by a third actor: Mallory[1]. From the Wikipedia article on Alice & Bob:
> Mallory: A malicious attacker. Associated with Trudy, an intruder. Unlike the passive Eve, Mallory is an active attacker (often used in man-in-the-middle attacks), who can modify messages, substitute messages, or replay old messages. The difficulty of securing a system against Mallory is much greater than against Eve.
I had a look at Matrix[2] and it's developed in the UK, per their site ('a non-profit UK Community Interest Company') so since the UK is no longer a member of the EU I presume they're immune from the EU backdooring Matrix, unless I'm mistaken?
Then there's Session[3] & Cwtch[4] which look promising too. I can't imagine how Matrix, Session, or Cwtch could be backdoored since they're designed differently than other apps.
Are these chat systems immune from Mallory? Can we use them going forward when all the mainstream messenger apps are compromised in the near future (Whatsapp, etc)?
[0] https://tutanota.com/blog/posts/eu-surveillance-csam/
[1] https://en.wikipedia.org/wiki/Alice_and_Bob
[2] https://matrix.org/
[3] https://getsession.org/
[4] https://cwtch.im/
After reading this[0] I can't help but wonder how Alice talking to Bob will now be compromised by a third actor: Mallory[1]. From the Wikipedia article on Alice & Bob:
> Mallory: A malicious attacker. Associated with Trudy, an intruder. Unlike the passive Eve, Mallory is an active attacker (often used in man-in-the-middle attacks), who can modify messages, substitute messages, or replay old messages. The difficulty of securing a system against Mallory is much greater than against Eve.
I had a look at Matrix[2] and it's developed in the UK, per their site ('a non-profit UK Community Interest Company') so since the UK is no longer a member of the EU I presume they're immune from the EU backdooring Matrix, unless I'm mistaken?
Then there's Session[3] & Cwtch[4] which look promising too. I can't imagine how Matrix, Session, or Cwtch could be backdoored since they're designed differently than other apps.
Are these chat systems immune from Mallory? Can we use them going forward when all the mainstream messenger apps are compromised in the near future (Whatsapp, etc)?
[0] https://tutanota.com/blog/posts/eu-surveillance-csam/
[1] https://en.wikipedia.org/wiki/Alice_and_Bob
[2] https://matrix.org/
[3] https://getsession.org/
[4] https://cwtch.im/
Related posts
- Suli,oktatás(?) rant
- r/signal moderators keep temp banning me for talking about long overdue privacy feature request of substituting usernames for phone numbers
- How does SonoBus compares to Signal with regards to encryption, quality and latency?
- "message deleted" prompt still appears after months
- session wont connect. is anyone else having issues?