Taara is Google, just saying.

Thanks Microsoft for admitting that Wimdows sucks. You didn’t even try really.

Maybe they should also ban lobbying by Google, Microsoft etc.

Honestly I’m not sure what the definition says. But in case of the original axolotl/signal protocol the ‘ratchet’ construction in my understanding allows to recover from a key compromise given that the attacker is passive (read only). Let’s say you have to hand your phone to the police, they disappear with it for a moment and get a copy of all the keys you use for the axolotl protocol. As long as they don’t manage to manipulate network traffic but only intercept everything your chat session will ‘recover’ once a new (EC)DH agreement is completed with your chat partner. This might not happen immediately though in case your chat partner is offline.

This property (securing future messages) can only be achieved with asymmetric cryptography. Securing past messages can in principle be achieved with symmetric cryptography: You could imagine a ratchet mechanism where each chat partner computes a new key by transforming the old key with a entropy-preserving and hard-to-invert function (such as sha3) and then deleting the old key (and also best deleting old messages).

P.S. Just did some reading: https://signal.org/docs/specifications/doubleratchet/

Forward security: Output keys from the past appear random to an adversary who learns the KDF key at some point in time.

Break-in recovery: Future output keys appear random to an adversary who learns the KDF key at some point in time, provided that future inputs have added sufficient entropy.

So what I meant is not called forward secrecy but break-in recovery. Confusing terms.

Use uMatrix and see more sewage

Let’s poke the bubble.

In m opinion this is a real risk. In case od Organic maps already started happening. The FOSS community should move away from github and consider alternatives like codeberg.org (germany) or self-hosted forgejo instances to mitigate the risk.

Generally seems an okay idea to me because it allows you to use the rust tool-chain and you can more easily achieve compatibility with other rust code. In fact, there’s other languages which do something similar. I remember F* (f-star) which compiles to OCaml.

Maybe you could also consider to extend an existing good PQC protocol (for example https://signal.org/docs/specifications/pqxdh/) by adding a shared secret. The shared secret could flow into the key derivation functions which are used to derive the symmetric encryption keys. This way you would have quite strong guarantees (forward secrecy) as long as nobody can break the PQC algorithm and still some guarantee of confidentiality when somebody breaks asymmetric primitives. In the protocol you outlined now, there’s no forward secrecy. Meaning that once a key is compromised, all past and future messages can be decrypted.

Interesting :)

A few quick questions & comments:

1. I don’t quite understand “If all users accept the introduction, a list of contacts is sent for each contact pair. These contacts are not used for messaging to prevent more than two parties from having encryption keys.” (line 66) What exactly are the “contacts”? Is it the same data as defined on line 8? Where do the encryption keys come from? Do initiators of introduction reveal encryption keys of their existing contacts?

2. After an introduction there’s the problem that newly introduced people cannot setup secret keys in a very clean way. Because this secret keys can be computed if an attacker gets hold of the introducer, has recorded traffic and is in possession of a large enough quantum computer (which you assume in your threat model). You therefore would need some sort of ‘upgrade’ mechanism which would allow either two people to meet in person to ‘upgrade’ their secure channel. Or you could add a asymmetric key-agreement or key-exchange on top (probably post-quantum algorithm).

3. I don’t quite get the combination of “HTTPS”, “Tor”, “symmetric crypto because of quantum computers”. Why HTTPS if Tor already provides confidentiality? HTTPS implies certificates, no? What about them?

4. What about nonces for GCM? How do you prevent replay attacks?

5. If you want to truly understand your protocol and get confident about it, I recommend studying something like this: https://tamarin-prover.com/ This allows you to model your protocol more formally, state your security claims and check if the protocol satisfies this claims :)

Always have some chewing gum ready. (I would advise for cyanoacrylate but that’s illegal in some places because you could use it to stick yourself to the road as a form of protest)

Is tempting to check if it’s still down. But wom’t touch this ugly domain.

Please panic. There’s Librewolf. A deshittified Firefox fork. Would be great to support that project.

Windows also used to show me the ugly face of Trump in the start menu even if I didn’t ask for it. That was more than 4 years ago. Recently was accidentally hovering over some ‘copilot’ button in Edge of a friend. And again - pop-up with Trump. So yes: fuck Windows, fuck Microsoft

deleted by creator

We need such statements now more than ever. Thank you Codeberg <3

Green flags:

• copyleft license (GPL or better AGPL) + they accept contributions without contributor license agreement
• code written by many people who personally own the copyright
• active community

Yellow flags:

• permissive license
• business model which can’t be really be sustainable with a shit-free product

Red flags:

• VC funding (implies enshittification in future because of profit maximization)
• proprietary license
• project does not take contribution from the outside or asks to transfer copyright or sign some document (CLA)

Google has always been fuckers, they are still fuckers and going with the fascist flow they’ve proven that they will remain fuckers. Even if they switch side once the Trumpian monster stumbles, the can never be trusted.

This days it’s plain obvious. Before was slightly better hidden.

They could decide not to give 1M to Trump, but they did: https://www.theguardian.com/technology/2025/jan/09/google-microsoft-donate-trump-inaugural-fund They could use their reach and make a clear public statement: “we don’t support this”. But I’ve never seen any. They could give higher rating to actual useful information and try to show less fascist propaganda to people. I have to assume that’s going wrong as well.

Because of their giant impact, they send a message to all others. “We go with the fascists, we are not on the side of humanity but on the side of profit”. That creates dangerous dynamics.

It was limiting them. To truly maximize profits they need to strip off all limits. I’m not joking. Really not. This is why capitalism and fascism go so well together.