undefined | Better HN

0 pointsmaqp6mo ago0 comments

>"Telegram is not fully e2ee but it's way more convenient here."

Yeah convenient way to hand your data to a Russian oligarch.

PGP has no forward secrecy and OTR in XMPP lacks future secrecy, multi-device support etc.

Signal introducing end-to-end encrypted backups is exactly how Telegram should've done it decade ago.

0 comments

ktosobcy6mo ago

Everything boils down to the thread model.

Not everyone is paranoid at extremum.

> PGP has no forward secrecy and OTR in XMPP lacks future secrecy, multi-device support etc.

Have you ever considered that perfect-forward-secrecy is not needed by 99% of the people? And PGP (OX) can be enough of encryption that gives you multi-device support.

Btw. OTR is long dead…

upofadown6mo ago

Future secrecy?

PGP does multirecipients natively, so any restrictions there would be in the XMPP client.

I have actually tried out PGP over XMPP and is was nice once it was set up. Absolutely no state. If the message somehow gets to you it just works. Sucked when the keys expired though:

* https://articles.59.ca/doku.php?id=pgpfan:expire

PGP support on XMPP isn't really that great. Forward secrecy might be a nice addition, even if it was semi-manual. There are compatibility problems between clients for encrypted media. You don't end up with an always encrypted archive like you do with email, but that could be considered an inherent weakness of instant messaging...

maqpOP6mo ago

>Future secrecy?

Meaning --if-- when your keys get compromised the system recovers.

PGP lacks even forward secrecy, meaning key compromise alone allows retrospective decryption of every message you've ever sent.

OTR fixed that in... ...2004 https://dl.acm.org/doi/10.1145/1029179.1029200

Using PGP for secure communication in 2025 when you have option to use stateful E2EE over stuff like Signal is just bonkers.

upofadown6mo ago

If your keys get compromised then you would need new keys in any case.

I think that the sort of people that use PGP are more interested in not having any messages compromised, ever, while still retaining access to their old messages in a secure way. Contrast that with, say, Signal where a forensic tool like Cellebrite will allow access to retained Signal messages[1]. Sure, most of that is due to the inherent insecurity of encrypted instant messaging over, say, encrypted email, but the users in the end don't care. They just want to be able to communicate privately.

[1] https://web.archive.org/web/20201210150311/https://www.celle...

ktosobcy6mo ago

And if you lose your device your messages are compromised as well.

Forcing your paranoidal perception "is just bonkers".

1 more reply

j / k navigate · click thread line to collapse

0 comments

ktosobcy6mo ago

Everything boils down to the thread model.

Not everyone is paranoid at extremum.

> PGP has no forward secrecy and OTR in XMPP lacks future secrecy, multi-device support etc.

Have you ever considered that perfect-forward-secrecy is not needed by 99% of the people? And PGP (OX) can be enough of encryption that gives you multi-device support.

Btw. OTR is long dead…

upofadown6mo ago

Future secrecy?

PGP does multirecipients natively, so any restrictions there would be in the XMPP client.

I have actually tried out PGP over XMPP and is was nice once it was set up. Absolutely no state. If the message somehow gets to you it just works. Sucked when the keys expired though:

* https://articles.59.ca/doku.php?id=pgpfan:expire

maqpOP6mo ago

>Future secrecy?

Meaning --if-- when your keys get compromised the system recovers.

PGP lacks even forward secrecy, meaning key compromise alone allows retrospective decryption of every message you've ever sent.

OTR fixed that in... ...2004 https://dl.acm.org/doi/10.1145/1029179.1029200

Using PGP for secure communication in 2025 when you have option to use stateful E2EE over stuff like Signal is just bonkers.

upofadown6mo ago

If your keys get compromised then you would need new keys in any case.

[1] https://web.archive.org/web/20201210150311/https://www.celle...

ktosobcy6mo ago

And if you lose your device your messages are compromised as well.

Forcing your paranoidal perception "is just bonkers".

1 more reply

j / k navigate · click thread line to collapse