undefined | Better HN

0 pointsSquirrelOnFire9mo ago0 comments

Why's that, given that files are encrypted?

0 comments

throwawayffffas9mo ago

With whose key? I am not saying the service is not trust worthy, just that there is trust involved.

Trust not only they are not malicious, but also they won't have some kind of vulnerability.

Plus if it's encrypted how is the other party going to read the file? The key will have to take the same path.

Dylan168079mo ago

> Trust not only they are not malicious, but also they won't have some kind of vulnerability.

Wouldn't that still be the case if relay servers didn't exist? A hacked version can send your file to the wrong person.

throwawayffffas9mo ago

There is more attack surface with a server.

The vulnerability doesn't even have to be in their software, but in any piece of software they use, ssh, nginx, etc.

Dylan168079mo ago

A compromised relay server can't access the data because it's encrypted.

A meaningful vulnerability would have to be in either the software itself or in the coordination server. That attack surface is the same whether or not you have relays.

You can reduce the attack surface to just the software if there's a way for users to verify keys manually. But again, same attack surface whether or not you have relays.

actionfromafar9mo ago

Hopefully it's a privpub negotiation. But yes, you have to trust the code.

j / k navigate · click thread line to collapse

0 comments

throwawayffffas9mo ago

With whose key? I am not saying the service is not trust worthy, just that there is trust involved.

Trust not only they are not malicious, but also they won't have some kind of vulnerability.

Plus if it's encrypted how is the other party going to read the file? The key will have to take the same path.

Dylan168079mo ago

> Trust not only they are not malicious, but also they won't have some kind of vulnerability.

Wouldn't that still be the case if relay servers didn't exist? A hacked version can send your file to the wrong person.

throwawayffffas9mo ago

There is more attack surface with a server.

The vulnerability doesn't even have to be in their software, but in any piece of software they use, ssh, nginx, etc.

Dylan168079mo ago

A compromised relay server can't access the data because it's encrypted.

A meaningful vulnerability would have to be in either the software itself or in the coordination server. That attack surface is the same whether or not you have relays.

You can reduce the attack surface to just the software if there's a way for users to verify keys manually. But again, same attack surface whether or not you have relays.

actionfromafar9mo ago

Hopefully it's a privpub negotiation. But yes, you have to trust the code.

j / k navigate · click thread line to collapse