Oddbean new post about | logout
whoeverlovesDigit | 4 months ago (raw) | root | parent | reply | flag 
 Corrected version (not rearranged) -

All of these things listed below: software only, not capable of having end to end encryption 

Discord: you're pretty much right except it is encrypted "in a way," just not in the way that matters (end to end - not possible in software)

SMS: again you're kinda pretending end-to-end encryption is the only encryption

VoIP: no it doesn't separate you from a cell tower. To separate from cell towers you have to actually separate from them, using VoIP over cell data does nothing. It separates your location from an area code for caller ID maybe

Signal: same as discord, not end to end encrypted (software-only)

Matrix: not end to end encrypted (it's only software, like signal and discord) but with track record for waiting before revealing MITM attacks (unlike signal and discord who have been open about their MITM attacks on users)

Session: no end-to-end encryption (software-based), not sure about track record

SimpleX: no end-to-end encryption (software-based), not sure about track record

Self-hosted Tor XMPP w/ OTR: no end-to-end encryption (no specific hardware mentioned), track record probably better than discord

Conclusion:
Anything is better than Discord.

Additional communication method not in the original:

Encrypted hand-written letters - hardware solution, end-to-end encrypted
PlasmaGuardian | 4 months ago (raw) | root | parent | reply | flag 
 What do you mean by software based? How else are you going to do encryption?
whoeverlovesDigit | 4 months ago (raw) | root | parent | reply | flag 
 You can do end-to-end encryption by hand or with electronics, but it's very hard to run this type of software without electronic hardware. Electronic end-to-end encryption requires implementation at the hardware level, you can't write a piece of software that magically stops anything from running it maliciously or modifying it to run maliciously.
SimplifiedPrivacy.com Podcast | 4 months ago (raw) | root | parent | reply | flag 
 There’s a lot to digest in your points.  Let’s start with VoIP since it’s the easiest to explain.

If I have JMP.chat linking an XMPP account to a SMS phone number.  The SMS carrier does not know my physical location where I’m standing if using VPNs/Tors.  We outlined this here:
simplifiedprivacy.com/voip

Are you disputing this?
whoeverlovesDigit | 4 months ago (raw) | root | parent | reply | flag 
 No, I was disputing what you put in your post after it popped up in a feed on primal or iris. Nothing to do with that webpage
SimplifiedPrivacy.com Podcast | 4 months ago (raw) | root | parent | reply | flag 
 I am saying that the post has the same content as the website:
VoIP lets you do SMS with Tor/VPN, so it COULD separate physical location from the SMS.

Are you disputing this?  Perhaps I should have used the word “could”
whoeverlovesDigit | 4 months ago (raw) | root | parent | reply | flag 
 Using "could" would help, or not saying "your location" - the distinction I'm seeing is important for some people, for example any leet haxxor who thinks their burner phone doesn't know who they are because they use VoIP over WiFi or something (cell phone can still be tracked by cell towers without cell service)