1352
you are viewing a single comment's thread
view the rest of the comments
[-] MentalEdge@sopuli.xyz 17 points 9 months ago

Discord collects every message you ever send in cleartext.

[-] Takumidesh@lemmy.world 10 points 9 months ago

So does lemmy, so does matrix if that's what the admin wants to do.

[-] MentalEdge@sopuli.xyz 10 points 9 months ago

Lemmy is public and my matrix server doesn't.

Yeah, e2ee on activitypub platforms isn't widely implemented yet, but it's likely it will be.

I don't see discord making that jump.

[-] Omega_Haxors@lemmy.ml 5 points 9 months ago

You can even request your entire metadata blob to see for yourself.

[-] LufyCZ@lemmy.world 4 points 9 months ago

That's how joining a server and being able to see history works

[-] MentalEdge@sopuli.xyz 2 points 9 months ago
[-] LufyCZ@lemmy.world 1 points 9 months ago

Do you want to explain how to do it better?

[-] MentalEdge@sopuli.xyz 2 points 9 months ago

Well, first, at least encrypt your damn DMs.

Second, allowing access to message history is perfectly doable if the invite process involves the inviter providing the decryption keys to the invitee.

[-] LufyCZ@lemmy.world 1 points 9 months ago

You're actually joking with the "inviter providing the decryption keys to the invitee" part right?

The whole point why people use discord is that it's simple, this is a feature that'd only annoy the average person, and every single extra step is a disaster for user retention (look at any eshop study).

Stuff like this is completely irelevant to discord, the tiny subset of people who actually care will and should use Matrix / other solutions, because that's the people they were made for.

[-] MentalEdge@sopuli.xyz 1 points 9 months ago* (last edited 9 months ago)

Have you ever had to worry about the encryption keys in chat apps that encrypt messages? No?

That's because the app handles it all. Why would you think I'm suggesting something complicated?

All I'm telling you, is that the technical limitation you claim exists, doesn't.

[-] LufyCZ@lemmy.world 1 points 9 months ago

They are exchanged between the two devices.

Have you tried using Signal on desktop? It doesn't offer history syncing. Cross device for whatsapp for example is also a terrible experience. Unusable for something like Discord.

For a seamless experience Discord would probably have to store the keys themselves, defeating the whole point.

[-] MentalEdge@sopuli.xyz 1 points 9 months ago* (last edited 9 months ago)

That's because both Signal and WhatsApp don't store the message history anywhere except on your primary device. (plus personal backups) That's why WhatsApp desktop stops working if your phone is off. Because it works by getting your message history, from your phone.

So to get the message history on Signal/WhatsApp in a chat you just joined, someone else already there would have to send you the entire chat history from their primary device. Which might not be on. Or have the battery to spare to stream years of messages to random people coming and going from the chat.

For "a seamless experience" Discord only needs store the message history on their servers, just as they already do, but do so encrypted.

For you to see that history, all that needs to change with how invites work, in that they would come with a decryption key transferred in the same secure way normal messages are. So your client can then access that server-stored chat history and decrypt it.

The difference here isn't that WhatsApp and Signal are encrypted, it's that they fundamentally handle messages differently from discord. Their servers only deliver them. So you can't get the chat history from their servers, because it isn't there.

[-] LufyCZ@lemmy.world 1 points 9 months ago

Yep, guess that'd do it.

You'd still have to handle transferring keys across your devices, every time you login on a new one.

Also, searching would probably not work, at least as well as it does right now, since all messages are indexed on the discord side, which they wouldn't be able to do without seeing them. Everything would have to happen on device, meaning the devide would have to store all messages.

[-] MentalEdge@sopuli.xyz 1 points 9 months ago* (last edited 9 months ago)

Matrix does all of this. When you log in on a new device, you verify the login on an old device where you are already logged in (or provide the master key, set up when you created your account).

Some clients will indeed cache your entire chat history to provide search. And not all rooms are encrypted, you can disable it for rooms where it's unwarranted.

And as Signal/WhatsApp show, doing all this on device is quite doable. It's just a pain sometimes with the message history not also being stored on an always accessible server, and messaging relying on always going through that one, single, primary device.

this post was submitted on 02 Mar 2024
1352 points (100.0% liked)

Open Source

31654 readers
95 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS