Sender | Message | Time |
---|---|---|
21 Apr 2024 | ||
@deiabo:matrix.org joined the room. | 04:15:06 | |
@deiabo:matrix.org left the room. | 04:15:25 | |
bluescreen | In reply to @daedric:aguiarvieira.ptWhy not? I don't think I said anything wrong? | 08:05:22 |
bluescreen | 🥲 | 08:05:32 |
bluescreen | In reply to @cvwright:futo.orgI don't know how I missed this for a week, will take a look! | 08:17:14 |
dkasak | In reply to @ity:itycodes.orgNo, you can never re-receive old keys from other people, only from other cross signed devices of your own. | 08:37:25 |
Ricardo Duarte | In reply to @bluescreenoff:matrix.orgOh, i'm not claiming you did 🙂 | 11:12:16 |
Ricardo Duarte | I only said "a public group e2ee room doesn't make much sense" because anyone can join and start reading new messages. You're just preventing the server admin from reading them. | 11:13:08 |
Ricardo Duarte | I was in a smalish e2ee room (i didn't notice) with about 100 members. | 11:13:21 |
Ricardo Duarte | Each time any member updated his device list, my server would receive the new device least and get a performance hit | 11:13:50 |
Brayd | In reply to @dkasak:termina.org.uk Hmm according to this (https://blog.neko.dev/posts/unable-to-decrypt-matrix.html) article it is possible to receive them from the sender From the article: "Now comes the real magic. Clients can request keys from each other by sending a key request. That way you can request the keys to all unreadable messages either from one of your devices or the original sender. This however has limitations. What if your other clients don't exist or are offline? Or the original sender isn't online? Well, then none can send you keys, so you will never receive them. Sorry, make sure to keep a backup next time!" | 19:01:12 |
Matrix joined the room. | 20:00:06 | |
dkasak | In reply to @brayd:chat.braydmedia.de These behaviours were further restricted as part of remediations of https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients/. Nico's blog post predates that so it's outdated in this respect. Using the mechanisms available today, it's impossible to safely accept keys re-shared after the fact from other people's devices. You can only safely accept keys re-shared from your own verified devices. So the former behaviour was removed, for example in the Rust SDK crypto crate. | 23:26:43 |
22 Apr 2024 | ||
BrenBarn | that's completely nuts | 03:11:59 |
Andrew F (sick today) changed their display name from Andrew F (back on April 22) to Andrew F. | 07:16:49 | |
Brayd | In reply to @dkasak:termina.org.uk Ahh that explains Sure that wouldn't be easy to do but I think it could be possible...maybe a reason why it was changed? | 09:49:42 |
Nico | Well, the keys can never be trusted, but apart from them you could still request them as untrusted keys. It is a tradeoff between security and convenience | 09:53:05 |
cvwright | In reply to @brenbarn:matrix.orgIt's unfortunate for sure but it makes sense given the reality of the situation. If we can get something like MSC3917 working and merged into the spec, then a lot of things will be better. | 14:26:55 |
dkasak | In reply to @brayd:chat.braydmedia.deIt's not fundamentally impossible to have the original author of the message securely re-share the key that was initially lost on its way to you. However, there is no current mechanism for the author's client to do so. The mechanism that was being used for this suffers from lesser guarantees, allowing a malicious server to inject messages (and keys), pretending they were authored by someone else. This is why it had to be removed. | 14:28:48 |
Brayd | In reply to @dkasak:termina.org.ukMakes sense | 14:30:11 |
dkasak | In reply to @brayd:chat.braydmedia.de* It's not fundamentally impossible to have the original author of the message securely re-share the key that was initially lost on its way to you (or which you had somehow lost in the meantime). However, there is no current mechanism for the author's client to do so. The mechanism that was being used for this suffers from lesser guarantees, allowing a malicious server to inject messages (and keys), pretending they were authored by someone else. This is why it had to be removed. | 14:30:16 |
dkasak | There was some talk about implementing this mechanism, but given those situations (the key getting lost on its way to you or you losing the key) are usually a result of bugs, priority was given to fixing these bugs instead | 14:31:07 |
dkasak | Ultimately whatever is chosen requires engineering effort and potential maintenance burden | 14:31:45 |
BrenBarn | In reply to @cvwright:futo.orgwhat makes sense given the reality is to just disable e2ee (at least by default) until all such issues are resolved | 18:20:02 |
Brayd | In reply to @brenbarn:matrix.orgWell I'd rather loose access to sensitive information in 1:1 chats rather than not having those information encrypted from third parties | 18:21:30 |
BrenBarn | In reply to @brayd:chat.braydmedia.deI think that is not in line with what most ordinary users want | 18:22:03 |
BrenBarn | (i.e., "grandma" type users) | 18:22:09 |
Brayd | In reply to @brenbarn:matrix.org Tbh those kind of users would probably also loose access their access to their signal messages I don't think it's even easier than that Of course it is important to improve how all of this is handled on Matrix to make it as easy and as fail-proof for non-technical users as possible, but disabling encryption per default until that is ready is a bit drastic IMO (even though afaik you can do that just fine when you're administrating your own Synapse server) | 18:25:30 |
Nico | In reply to @brayd:chat.braydmedia.deAs long as I can tell I prefer being able to read that information instead of having to ask the user to send it to me again. It is just frustrating to have an UTD and not being able to recover from it. Additionally, Synapse relies on the key reqests still to notice device lists being out of date, so without them some temporary faults are unrecoverable right now | 19:07:10 |
Nico | Ideally those would be fixed, but at the current pace, that will take years | 19:07:26 |