Trans Rights

User Tools

Site Tools

Trace:
security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
security [2025/06/20 05:54] fe80:d69e:c173:b6ef:2bb3:2bec:4a3c:e1a0security [2026/03/30 02:34] (current) admin
Line 2: Line 2:
  
  
-### Secure+===== Secure =====
   * SimpleX - Bit more secure then Signal, as it has built in privacy features at the protocol level (such as message padding). By default users /chats don't have constant identifiers either. Allows for anonymous profiles and supports multiple profiles.   * SimpleX - Bit more secure then Signal, as it has built in privacy features at the protocol level (such as message padding). By default users /chats don't have constant identifiers either. Allows for anonymous profiles and supports multiple profiles.
   * Signal - Good replacement for normal "text messaging". Share your username instead of phone number.   * Signal - Good replacement for normal "text messaging". Share your username instead of phone number.
-  * Keybase - Supports multiple profiles, allows managing teams. Roughly an alternative to discord/slack. 
   * Delta Chat - Supports multiple profiles.   * Delta Chat - Supports multiple profiles.
  
-### Less Secure + 
-  * Matrix Fluffychat client is recommended, as it supports multiple profiles. Setup a home server and disable federation to prevent metadata being copied around. Note Homeserver owners can join encrypted chats and impersonate users.+===== Less Secure ===== 
 + 
 +  * Keybase Supports multiple profiles, allows managing teamsRoughly an alternative to discord/slack. Currently owned by Zoom. Keybase has access to metadata to understand who is talking to who. https://book.keybase.io/docs/chat/crypto#metadata 
 + 
 +  * Matrix   
 +      * Configuration Steps:   
 +        * Setup a home server and disable federation to prevent metadata being copied around to other servers,  This option is also configurable by the room creator, which is helpful and can decide when to use it. 
 +        * Enable End To End Encryption (E2EE) for sensitive rooms.  
 +      * Security And Privacy Notes: 
 +        * While messages are encrypted in E2EE rooms, privacy leaks are possible. Metadata is not encrypted and currently not supported by the protocol, although it' being worked on.This includes usernames of who are in encrypted chat rooms, who created the room, and the title of the room. 
 +        * Homeserver owners can join encrypted chats technically. They would have to impersonate users by adding their own device key to the targeted user account.  This is a bug that is being mitigated in 2026 by requiring users to confirm new devices added to their account https://element.io/blog/verifying-your-devices-is-becoming-mandatory-2/. Note users will be notified that a new device was added, and they should not validate it to avoid having messages sent to it. 
 +        * A stolen domain for homeserver can gain rights as any user that has joined the room from the homeserver, This is due to Matrix stores permissions as user@homeserverDomain.com for rooms. 
 +        * Fluffychat client is recommended, as it supports multiple profiles.  
 +        * Users joining E2EE encrypted rooms can not see past messages. This is being worked on currently (https://github.com/matrix-org/matrix-spec-proposals/pull/4268).
security.1750398846.txt.gz · Last modified: 2025/06/20 05:54 by fe80:d69e:c173:b6ef:2bb3:2bec:4a3c:e1a0