URL seems to be wrong … here’s the correct URL
cross-posted from: https://merv.news/post/82405
It will be open source, end to end encrypted using Signal’s double ratchet encryption protocol, and he plans to make it easy for fediverse platforms to integrate it. The beta will release later this month.
He’s also the creator of https://fedidb.org btw
I like Daniel’s constant work to improve/add features to PixelFed, but he also tends to rush stuff out and then have to fix it later. So personally, I would wait until he’s had time to figure out any flaws and bugs.
Because I have no knowledge or understanding of programing, can someone please eli5 how an open source program can remain encrypted and secure? Is it just a matter of good faith that jerks won’t mess with it or does the encryption programming itself have protections?
From my understanding, open source encryption is actually better for privacy than closed source, since then you can have external auditors. Basically, encryption is doing a TON of math involving prime numbers, so even if you know the algorithms used, you still won’t be able to figure out what the secret (or password) is without using inordinate amounts of computing power.
For more reading, check out Kerkchoff’s Principle
without using inordinate amounts of computing power.
which is one of the big things behind quantum computing. we will (will, not might) get to a point where QCs can do the math to crack RSA/other large prime-based encryption standards.
Thank you. This is helpful!
Sounds interesting. I’ll be sure to keep an eye on how it plays out.
Not sure how I feel about this being a standalone app, it already feels like there’s so many vying for attention, with IRC, XMPP and Matrix being federated already. While Signal exists, I’m not sure how I feel about it being a walled garden despite being open source.
I do love the idea of it hopefully being added to Fediverse platforms though - even though it makes sense to use an actual messaging app for messaging, it’s user expectation that you can just message people on any platform you’re on easily, it’s something Mastodon desperately needs.
Edit: Really though, what I want to see is an interoperable protocol being picked (Signal is actually one of them, FWIW, the Foundation just doesn’t federate with its flagship app due to “user experience and innovation” per Moxie), and then people make their platforms on that, just like how ActivityPub has become the standard for interoperable social media.
