this post was submitted on 05 Jul 2023
10 points (85.7% liked)

Asklemmy

43978 readers
707 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy πŸ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
 

I just read this post https://lemmy.world/post/1041399 And I wonder if messages here are end to end encrypted, or readable by admins or semi- public like voting? Thanks

top 19 comments
sorted by: hot top controversial new old
[–] [email protected] 21 points 1 year ago (3 children)

They are not secure, as it states when you try to DM someone:

This is the same as any other DM service on any site that isn't end-to-end encrypted, which are the majority. Nothing sensitive should ever be shared via DM.

[–] mythic_tartan 3 points 1 year ago

Ok, thanks! I had not yet tried the feature.

[–] wildbus8979 1 points 1 year ago

Fun fact, Twitter had actually bought out Moxie Marlinspike's "Whisper Systems" to have him ads e2e DMs. Which he did. And then they never rolled it out (probably due to three letter agency's pressure).

[–] rarely 1 points 1 year ago

A good rule is to assume all messages on the internet, even those sent end to end encrypted as being in the open. While breaking end to end encryption is difficult if not impossible for the average user, government bodies have much more capable systems. It was revealed a while ago that the US stores all encrypted traffic it seems cross the border "just in case" it ever needs to decrypt that traffic to solve an investigation.

Truly, the only real form of secure communication is via face to face private conversations irl.

[–] gibbedygook 4 points 1 year ago

And I wonder if messages here are end to end encrypted,

No, like Twitter

or readable by admins

yes

[–] [email protected] 2 points 1 year ago

no privacy on lemmy with that regard, try matrix for e2ee

[–] [email protected] 2 points 1 year ago

This is a support question and would be better suited to [email protected].

[–] [email protected] 2 points 1 year ago (1 children)

DMs aren't secure but there is a great and tight integration to Matrix such that anyone privacy minded should use that feature. No need for Lemmy to reinvent that wheel.

[–] taladar 2 points 1 year ago (1 children)

Can you elaborate how there is any integration between Lemmy and Matrix? I haven't noticed any feature related to Matrix in Lemmy so far.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

In settings on your Lemmy account accessible when you browse your home instance you can add your matrix account handle and then you get the option to send your DMs through Matrix instead to anyone that has done the same:

https://lemmy.mildgrim.com/pictrs/image/2862348f-237f-4855-b391-49d652b1c975.png

As a bonus you can self host Matrix as well :)

[–] taladar 2 points 1 year ago (1 children)

I see. I have honestly ignored those "Give us all your other accounts" parts in sign up and profile settings on so many websites for so long I barely even see them any more.

It is a bit of a surprise to see actual functionality attached to that.

How does it authenticate you and prevent the instance admin from sending Matrix messages in your name though? Or for that matter, how does it prevent the instance admin from reading your messages before encryption or after decryption?

[–] [email protected] 2 points 1 year ago (1 children)

It doesn't go through Lemmy at all, it sends you through Matrix if you chose that option. Just carries in the receiver nothing more. The integration is asking you if you want to send securely when that option is available by both of you having Matrix accounts and told Lemmy about them.

[–] taladar 1 points 1 year ago (1 children)

I see, so it basically generates the Matrix equivalent to a mailto: link?

Sounds like in that case the worst an admin could do is essentially a downgrade or MITM ttack by blocking or modifying the message that tells you about the Matrix address of the other person or the fact that they have Matrix.

[–] [email protected] 1 points 1 year ago (1 children)

Yeah, but anytime you use an instance on Lemmy you need to trust those admins. With this being open source its fairly trivial to change it for nefarious purposes while still maintaining the core functionality. Changing links to point to whatever. JavaScript changes to steal the password entered (since so many reuse passwords) etc.

[–] taladar 1 points 1 year ago

Of course, but it is always good to know what they could do in the worst case.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

As far as I know, they're readable by admins. So at least right now, if you want to use Lemmy for private communications, you have to do it manually with something like GPG. Hopefully e2e encryption on DMs gets implemented at some point.

[–] [email protected] 1 points 1 year ago

I guess everything we say and do here is meant to be public, not unlike posting to a blog, or commenting on one.

One potential issue I can think of is that malicious instance owners can impersonate you, and post posts and comments as you - but I hope that this would be quickly discovered and the instance defederated.

Basically, I think at this point you can’t full trust without a doubt that a persona wrote every message their account is linked to (short of gpg signing every message).

Hoping that someone more informed on the inner workings of Lemmy can correct me on this.

[–] [email protected] 1 points 1 year ago

I assume no, because public forum like Lemmy end to end encryption would be quite irrelevant feature. If you communicate secrets, you use messaging apps, not link aggregators.

load more comments
view more: next β€Ί