!boLskYiwabbCQNNhlK:sw1v.org

End-to-end crypto in Matrix

1125 Members
Discussion around implementing and using encryption in Matrix via Olm/Megolm | Spec work and reference impl work in #e2e-dev:matrix.org164 Servers

Load older messages


Timestamp Message
20 Feb 2019
19:08:40* @matthew:matrix.orgMatthew feels like he's stuck in some cryptographic groundhog day dystopia
21:18:16@charlesyi:matrix.org@charlesyi:matrix.org left the room.
21:30:10@8bit64:matrix.orgPikachuIs there any way to stop RIOT from pasting in a bunch of fragments/meta data when I use my clip board and paste text into a room?
21:30:36@8bit64:matrix.orgPikachuIt shows things like the URL it was copied from etc, which is just absurd and dumb when all I am trying to do is paste in a tiny small block of text to share with someone.
21:34:39@mathijs:matrix.vgorcum.comMathijs
In reply to @8bit64:matrix.org
Is there any way to stop RIOT from pasting in a bunch of fragments/meta data when I use my clip board and paste text into a room?
you'll probably want to aka this question in the relevant room, so #riot:matrix.org or #riot-android:matrix.org or #riot-ios:matrix.org
21:43:36@djeturn:matrix.orgDjeturn joined the room.
21:44:31@djeturn:matrix.orgDjeturnHi, new to Riot.im and Matrix in general, I guess. I'f I stumble into a room that has encryption enabled, how am I supposed to "verify" everyone?
21:45:13@red_sky:ocean.joedonofry.comred_sky

It's meant to be done on a person-by-person basis

21:45:31@red_sky:ocean.joedonofry.comred_sky

like, you want to verify person A in the room is the person A you really know, so you would contact them over some other trusted medium to get them to verify that their device fingerprint matches what you are seeing in riot

21:45:41@djeturn:matrix.orgDjeturnIf the room has a hundred+ people?
21:46:04@red_sky:ocean.joedonofry.comred_sky

You can always just verify them without doing the out-of-band contacting

21:57:39@tulir:maunium.nettulir
In reply to @djeturn:matrix.org
If the room has a hundred+ people?
generally you use e2ee in rooms where you can verify the other participants
21:57:59@djeturn:matrix.orgDjeturnGotcha
22:00:09@djeturn:matrix.orgDjeturnMaybe you guys should put a big pop-up warning on the little slider for "Encrypted" That says "Are you sure you wanna do this?"
22:00:34@djeturn:matrix.orgDjeturnCause right now, you can accidentally click it, and "Oops, gotta make a new room now..."
22:25:41@red_sky:ocean.joedonofry.comred_skytechnically, it is possible to unencrypt a room
22:25:45@red_sky:ocean.joedonofry.comred_skybut it's intentionally not easy to do
22:26:22@red_sky:ocean.joedonofry.comred_skythe idea being, if a room owner could just turn off encryption and room users weren't aware, they could continue conversing thinking that they were communicating via E2EE
22:26:39@red_sky:ocean.joedonofry.comred_skyI should re-phrase that... it's technically possible to turn encryption off for a room
22:26:44@red_sky:ocean.joedonofry.comred_skynot unencrypt existing messages
22:36:47@kollaps:datenwarte.dekollaps joined the room.
22:48:24@kollaps:datenwarte.dekollaps
23:00:34@nirojan:chat.weho.stnirojan joined the room.
23:34:42@uhoreg:matrix.orguhoreg Looks like I need to do a blog post about "no, we're not simply comparing 42 bits of fingerprint" :P
23:36:47@uhoreg:matrix.orguhoreg (and we're not really rolling our own crypto, as it's heavily based on a scheme created by some guy named Zimmerman, which some people may have heard of)
21 Feb 2019
00:24:51@red_sky:ocean.joedonofry.comred_sky You meant matrix isn't using emoji-based encryption? I feel deceived
00:33:34@uhoreg:matrix.orguhoreg We use a brand new encryption scheme called rot-😋. It's like rot-13, but uses emoji.
00:36:11@red_sky:ocean.joedonofry.comred_skybrilliant!
00:36:20@red_sky:ocean.joedonofry.comred_skyno one will ever crack it
01:02:37@vurpo:hacklab.fivurpo
In reply to @red_sky:ocean.joedonofry.com
I should re-phrase that... it's technically possible to turn encryption off for a room
Correctly implemented Matrix clients should not accept an event that disables encryption in a room

There are no newer messages yet.


Back to Room List