• MentalEdge@sopuli.xyz
        link
        fedilink
        arrow-up
        10
        arrow-down
        1
        ·
        10 months ago

        Lemmy is public and my matrix server doesn’t.

        Yeah, e2ee on activitypub platforms isn’t widely implemented yet, but it’s likely it will be.

        I don’t see discord making that jump.

          • MentalEdge@sopuli.xyz
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            10 months ago

            Well, first, at least encrypt your damn DMs.

            Second, allowing access to message history is perfectly doable if the invite process involves the inviter providing the decryption keys to the invitee.

            • LufyCZ@lemmy.world
              link
              fedilink
              arrow-up
              1
              arrow-down
              2
              ·
              10 months ago

              You’re actually joking with the “inviter providing the decryption keys to the invitee” part right?

              The whole point why people use discord is that it’s simple, this is a feature that’d only annoy the average person, and every single extra step is a disaster for user retention (look at any eshop study).

              Stuff like this is completely irelevant to discord, the tiny subset of people who actually care will and should use Matrix / other solutions, because that’s the people they were made for.

              • MentalEdge@sopuli.xyz
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                edit-2
                10 months ago

                Have you ever had to worry about the encryption keys in chat apps that encrypt messages? No?

                That’s because the app handles it all. Why would you think I’m suggesting something complicated?

                All I’m telling you, is that the technical limitation you claim exists, doesn’t.

                • LufyCZ@lemmy.world
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  10 months ago

                  They are exchanged between the two devices.

                  Have you tried using Signal on desktop? It doesn’t offer history syncing. Cross device for whatsapp for example is also a terrible experience. Unusable for something like Discord.

                  For a seamless experience Discord would probably have to store the keys themselves, defeating the whole point.

                  • MentalEdge@sopuli.xyz
                    link
                    fedilink
                    arrow-up
                    1
                    arrow-down
                    1
                    ·
                    edit-2
                    10 months ago

                    That’s because both Signal and WhatsApp don’t store the message history anywhere except on your primary device. (plus personal backups) That’s why WhatsApp desktop stops working if your phone is off. Because it works by getting your message history, from your phone.

                    So to get the message history on Signal/WhatsApp in a chat you just joined, someone else already there would have to send you the entire chat history from their primary device. Which might not be on. Or have the battery to spare to stream years of messages to random people coming and going from the chat.

                    For “a seamless experience” Discord only needs store the message history on their servers, just as they already do, but do so encrypted.

                    For you to see that history, all that needs to change with how invites work, in that they would come with a decryption key transferred in the same secure way normal messages are. So your client can then access that server-stored chat history and decrypt it.

                    The difference here isn’t that WhatsApp and Signal are encrypted, it’s that they fundamentally handle messages differently from discord. Their servers only deliver them. So you can’t get the chat history from their servers, because it isn’t there.

      • MentalEdge@sopuli.xyz
        link
        fedilink
        arrow-up
        7
        arrow-down
        1
        ·
        edit-2
        10 months ago

        “If you have nothing to hide” has never been a valid excuse to compromise on privacy.

        Yeah, most of the time you don’t actually need it, but if you don’t make it the norm, one day you’ll wake up and find that the entire concept of encrypted communication was made illegal.

        As the UK is actively trying to do. And the first sparks of which have been seen in the EU as well.

        And that’s before even bringing up that even innocent normal conversation data can be used to profile individuals and mass-influence the democratic voting process with targeted campaigning.

              • MentalEdge@sopuli.xyz
                link
                fedilink
                arrow-up
                7
                arrow-down
                2
                ·
                edit-2
                10 months ago

                Again. What?

                Discord is a DM platform first, a public space second. And it’s way better at being the first, than the second.

                Providing support on discord is stupid, it’s only semi-public and hides solutions to already solved problems beyond the reach of search engines and real public platforms.

                  • MentalEdge@sopuli.xyz
                    link
                    fedilink
                    arrow-up
                    3
                    ·
                    edit-2
                    10 months ago

                    I’m not trying to convince anyone to ditch discord.

                    You pushed the point that “it doesn’t need to be secure because it’s all public” which is complete bullshit. Not everything on discord is public.

                    That its secondary ability to function as a public space has over the years become the standard way to provide a point of communication in a manner that tries to fit the round peg into the square hole, is not an excuse for their privacy policy to be as crappy as it is.