undefined | Better HN

0 pointsjychang5y ago0 comments

> And if someone's trust for his own service is fleeting... uh-oh.

I definitely won't trust my own code to keep me alive, if that's what's preventing a government from killing me or something.

There's a very good chance my homemade server config or encryption code has a big side channel vulnerability or something.

0 comments

5 comments · 1 top-level

Andrew_nenakhov5y ago· 4 in thread

XMPP servers are really good these days, you know. And, I repeat, if you run your own server, you don't really need e2ee, cause the only one who can access the DB with your messages is a server operator - yourself, i this case, and why would you protect you from yourself?

Also, if you are concerned about privacy, chances are, you are not a private individual and have specially trained people to install that server for you.

Then again, even if you DO need encryption to transmit a critical password or something, well, XMPP clients developers know their business (at least, some of them do), so it is unlikely that you'd be able to screw up something.

monadic25y ago

> And, I repeat, if you run your own server, you don't really need e2ee, cause the only one who can access the DB with your messages is a server operator - yourself, i this case, and why would you protect you from yourself?

The typical idea is being concerned that a state will physically seize your server—you know, real security and privacy concerns.

> Also, if you are concerned about privacy, chances are, you are not a private individual and have specially trained people to install that server for you.

Is this not ultimtely what iMessages is to people?

Andrew_nenakhov5y ago

But the commenter above claimed that trust in entities is fleeting? And we have proven that Apple can read your messages if they really want to. [1]

Also, if you are concerned that state will seize your server physically - then you should probably put the server to a place where it can't.

[1]: https://news.ycombinator.com/item?id=24058454

1 more reply

dmitriid5y ago

> XMPP servers are really good these days, you know.

I definitely would trust Apple more than a random "XMPP servers are really good these days you don't need e2e when you run your own" random commenter on the Internet.

Andrew_nenakhov5y ago

That's what happens when people replace critical thinking with blind trust.

1 more reply

j / k navigate · click thread line to collapse

0 comments

5 comments · 1 top-level

Andrew_nenakhov5y ago· 4 in thread

Also, if you are concerned about privacy, chances are, you are not a private individual and have specially trained people to install that server for you.

monadic25y ago

The typical idea is being concerned that a state will physically seize your server—you know, real security and privacy concerns.

> Also, if you are concerned about privacy, chances are, you are not a private individual and have specially trained people to install that server for you.

Is this not ultimtely what iMessages is to people?

Andrew_nenakhov5y ago

But the commenter above claimed that trust in entities is fleeting? And we have proven that Apple can read your messages if they really want to. [1]

Also, if you are concerned that state will seize your server physically - then you should probably put the server to a place where it can't.

[1]: https://news.ycombinator.com/item?id=24058454

1 more reply

dmitriid5y ago

> XMPP servers are really good these days, you know.

I definitely would trust Apple more than a random "XMPP servers are really good these days you don't need e2e when you run your own" random commenter on the Internet.

Andrew_nenakhov5y ago

That's what happens when people replace critical thinking with blind trust.

1 more reply

j / k navigate · click thread line to collapse