Oddbean new post about | logout
Martti Malmi | 1 months ago (raw) | root | parent | reply | flag +1 
 There's nothing preventing users from moving to another DM client. You can always go back to the old client or export or copy paste message histories if you need them.

It's not comparable to Twitter or Facebook, because you own your identity key and can always change the client or relays.

There's always a tradeoff between availability and security of messages, and maybe there are different use cases for both kinds of messaging. On Nostr, we are free to choose.
Vitor Pamplona | 1 months ago (raw) | root | parent | reply | flag +2 
 If you can export and import it, you don't have any forward secrecy... Ever.
Martti Malmi | 1 months ago (raw) | root | parent | reply | flag +1 
 Signal doesn't have forward secrecy if you can save a backup of your chat? I don't think that's the definition.
Vitor Pamplona | 1 months ago (raw) | root | parent | reply | flag +3 
 Signal started by not allowing anyone to export it. That was forward secrecy. But when they added the import/export and desktop clients, forward secrecy became irrelevant because all an attacked needs to do is to attack the import feature. They don't need to decrypt individual messages anymore. It's just way easier to attack the "seed" 

Also Signal is terrible because their servers know everything. It's not private at all. The server can pinpoint anyone, geolocate and uniquely identify all of a user's messages. 

If a protocol doesn't operate with multiple servers chosen by the user, privacy is pretty much gone. Regardless of the quality of underlying protocol.
Martti Malmi | 1 months ago (raw) | root | parent | reply | flag +1 
 Forward secrecy means that compromise of a long-term key doesn't reveal past messages. Signal does provide that. It's a different category of attack if someone gets access to your device and sees your chat history, or tricks you to link an untrusted device.

Export is possible in any client, at the very least with screenshots or by writing the message history on a piece of paper, but that's not related to forward secrecy. Disappearing messages is the solution when you don't want your message history potentially seen by anyone later.

You can use a VPN to hide your geolocation from Signal (which you should do on Nostr as well if you need privacy), but it's true that they can connect your messages to your phone number, see when and probably with whom you're chatting. Not surprised if intelligence agencies are mining that data.

With Nostr we're at least over the phone number part, there's no single service that sees all traffic and there are different ways to fix the metadata issue — and do forward & backward secrecy when desired.