undefined | Better HN

0 pointsmwest3y ago0 comments

In theory you can use OTR[1] but I've yet to see an easy way to use this from a phone.

I remember IRC very fondly, but I feel it has a lot of baggage that makes it difficult to bring into the modern era.

This blog post (not mine) explains it quite well: https://jlu5.com/blog/im-tired-of-irc-heres-why

0 comments

OTR doesn't do groups. So it isn't really applicable to IRC. At this point, I am not really sure that end to end encryption is generally applicable to groups. The identity management problem quickly spirals out of control. I note that Telegram doesn't even try. I think the best that can be done is a scheme that makes everyone entirely trust the moderator of the group.

nix233y ago

>At this point, I am not really sure that end to end encryption is generally applicable to groups.

You encrypt the message with all the public key's from persons in the group, what's the problem? You do it the same way with Mail...aka pgp.

You don't need OTR just plain old gnupg:

https://www.gnupg.org/gph/en/manual/x110.html

upofadown3y ago

Each participant needs to verify each and every other participant. So for 2 participants that's 2 verifications. For 3 participants that is 9 verifications. For 4 it's 16. The square of the number of participants. With just 30 participants that works out to 900 verifications ... and who actually knows 30 people on the internet? Even if you could do the verification in a technical sense it wouldn't mean anything.

If you get a whole bunch of people together in real life for a meeting then chances are one or more of them is going to leak what happened. The problem is to a great extent inherent.

1 more reply

j / k navigate · click thread line to collapse

0 pointsmwest3y ago0 comments

In theory you can use OTR[1] but I've yet to see an easy way to use this from a phone.

I remember IRC very fondly, but I feel it has a lot of baggage that makes it difficult to bring into the modern era.

This blog post (not mine) explains it quite well: https://jlu5.com/blog/im-tired-of-irc-heres-why

[1] https://otr.cypherpunks.ca/

0 comments

upofadown3y ago

nix233y ago

>At this point, I am not really sure that end to end encryption is generally applicable to groups.

You encrypt the message with all the public key's from persons in the group, what's the problem? You do it the same way with Mail...aka pgp.

You don't need OTR just plain old gnupg:

https://www.gnupg.org/gph/en/manual/x110.html

upofadown3y ago

If you get a whole bunch of people together in real life for a meeting then chances are one or more of them is going to leak what happened. The problem is to a great extent inherent.

1 more reply

j / k navigate · click thread line to collapse