this post was submitted on 19 Mar 2025
38 points (95.2% liked)
Privacy
35783 readers
552 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
https://medium.com/sessionstack-blog/how-javascript-works-cryptography-how-to-deal-with-man-in-the-middle-mitm-attacks-bf8fc6be546c
I still don't see how
or
Wouldn't significantly change the recieved hash and break the stream thus ending comms. Also unless you're hosting and building it yourself you have to trust the recipient and the cloud host.
I agree if an attacker owns the server comms can be compromised. I thought that was the benefit of the ephemeral nature. It's for quick relay of information. Best practices would probably include another cypher within the messages themselves like a one time pad or some such.
https://www.itstactical.com/intellicom/tradecraft/uncrackable-diy-pencil-and-paper-encryption/
https://github.com/muke1908/chat-e2ee
i'm trying to understand your exact scenario.
but in general, the problem is where do you get your original key, or original hash to verify from? if they are both coming from the server, along with the code which processes them, then if the server is compromised, so are you.
thankfully browsers give alot of crypto API lately (as discussed in your link)
but you still need at minimum a secure key, a hash and trusted code to verify the code the server serves you. there are ofc solutions to this problem, but if the server is unstrusted, you absolutely can't get it from them, which means you have to get it from somewhere else (that you trust).
I don't know yet. It's more a thought experiment than anything else.
https://github.com/muke1908/chat-e2ee
Looks like the URL is part of the seed and salt which is cool.
Proving who you are is done in another stream. Like MFA.
You do a one time pad, generate the URL with that. Communicate what's needed, then the URL dies.
I'm still noodling with it.
cool, sounds like you have most of the principles down.
what i didn't yet see articulated with chat-e2ee is how the actual code itself verifies itself to the user in the browser? it sounds to me like it assumes the server which serves the code is 'trusted', while the theoretically different server(s) which transmits the messages can be 'untrusted'.
I think that's by design and the nature of the setup. Anyone with the URL can communicate.
If your other comms method is compromised this doesn't have much use. Which is a different problem all together. I think this would work great as something like a deadrop so two completely faceless people can communicate. I like it a lot.
ah fair enough. i think that was the initial confusion from myself and perhaps the other user in this discussion. i didn't realise your use cases.
it's always a fun topic to discuss and got me thinking about some new ideas :)
Right?! This is why I love the Fediverse and FOSS.
Have a good night/day
Hope you find new fun ideas as well!