Privacy

35801 readers

590 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

I want to make it dead-easy for others to chat with me. I want a browser-based, FLOSS, E2EE chat solution that doesn't require the other party to log in. Does that exist? (lemmy.ml)

submitted 18 hours ago* (last edited 17 hours ago) by snek_boi@lemmy.ml to c/privacy@lemmy.ml

42 comments fedilink hide all child comments

Here's my problem: every F(L)OSS and E2EE solution that I know of requires other people to download an app or log in.

I want to reduce the friction for others to communicate for me. I want to give a business card with a URL where people can go and immediately send messages to my Matrix or my email or something, and they don't need to log in at all.

They just open their browser, go to snek_boi.io or whatever and a chat appears.

A couple of years ago, I was suggested Cactus Comments. I suppose that works, but I was wondering if there are other solutions. I was wondering if now there was an even easier solution for my purposes.

you are viewing a single comment's thread
view the rest of the comments

[–] mutual_ayed@sh.itjust.works 1 points 12 hours ago (1 children)

I don't know yet. It's more a thought experiment than anything else.

https://github.com/muke1908/chat-e2ee

Looks like the URL is part of the seed and salt which is cool.

Proving who you are is done in another stream. Like MFA.

You do a one time pad, generate the URL with that. Communicate what's needed, then the URL dies.

I'm still noodling with it.

[–] ganymede@lemmy.ml 2 points 12 hours ago (1 children)

cool, sounds like you have most of the principles down.

what i didn't yet see articulated with chat-e2ee is how the actual code itself verifies itself to the user in the browser? it sounds to me like it assumes the server which serves the code is 'trusted', while the theoretically different server(s) which transmits the messages can be 'untrusted'.

[–] mutual_ayed@sh.itjust.works 1 points 12 hours ago* (last edited 12 hours ago) (1 children)

I think that's by design and the nature of the setup. Anyone with the URL can communicate.

If your other comms method is compromised this doesn't have much use. Which is a different problem all together. I think this would work great as something like a deadrop so two completely faceless people can communicate. I like it a lot.

[–] ganymede@lemmy.ml 2 points 12 hours ago (1 children)

ah fair enough. i think that was the initial confusion from myself and perhaps the other user in this discussion. i didn't realise your use cases.

it's always a fun topic to discuss and got me thinking about some new ideas :)

[–] mutual_ayed@sh.itjust.works 2 points 12 hours ago

Right?! This is why I love the Fediverse and FOSS.

Have a good night/day

Hope you find new fun ideas as well!