Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
infosec.space is one of the many independent Mastodon servers you can use to participate in the fediverse.
A Mastodon instance for info/cyber security-minded people. This instance blocks threads.net

Administered by:

Server stats:

50
active users

infosec.space: AboutPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.0-alpha.4+glitch

Public

There are no known security issues with "Siacs OMEMO" / OMEMO v0.3¹ despite of what some very loud Signal fans would like you to believe. It has been audited by a third party² who took a longer look at it than all of the Signal fans combined.

Yes, #OMEMO v0.7+ (or TWOMEMO 😜) is a cleaner spec with more features (most notably Stanza Content Encryption). That’s why we wrote it. I’m a co-author. That doesn’t mean v0.3 is insecure.

¹: xmpp.org/extensions/attic/xep-
²: conversations.im/omemo/audit.p

xmpp.orgXEP-0384: OMEMO Encryption
#XMPP
Public

@daniel Most of those Signal fans probably refer to a certain blog post by a certain hobby cryptographer. [edit to add: specifically not linked or named because that person doesn't like "evangelists" for messengers-that-aren't-Signal near them. I respect that.]

One argument there holds water, though: OMEMO use is opt-in, and with opportunities to opt-out.

That's different from what Signal offers, and a foot-gun that is way too simple to trigger. (On the down-side, Signal can't opt-out of data being processed in the US. Trade-offs! 🤷)

All the fluff about this-algorithm-or-that or dependency management in Conversations (their solution is dependabot, unvetted-updates-as-a-service. really?!?) is minor compared to that one aspect.

The expectation should be that stuff is E2EE, with carefully (and loudly announced) exceptions where reasonable (when using XMPP as an internal bus protocol, you might be able to get away without it; when running a client on retro gear, you might get better mileage without the crypto overhead, too - but these must be exceptions, not semi-automatic fallbacks)

*
Public
@patrick@retro.social [retro.social]
Omemo isn't opt in or out.

There are clients that enforce it.
There are clients that don't.
These are client decisions, unrelated to omemo.

Signal only has one Clint and forbits you to use another. And it enforces it, that's all.

@menel @patrick and despite their and is a very , & system relying on and their |s as well as neither allowing nor .

  • Given the risks if being bound to law (incl. ) it's just not an option.

Not to mention it's toxic followers that avt like cultists [infosec.space]!

Mar 29, 2025, 01:00 PM·Public
0boosts·1favorite
Explore
About