If anything something p2p like Keet or Briar is higher up the sovereign dimension since it doesn't rely on servers/relays and goes directly to your peer. Whats your opinion on those?
But I was thinking along the lines of lacking perfect forward secrecy. I agree though none are perfect.
Yes, agreed. Keet and Briar maximize network sovereignty, but sacrifice fluidity and scalability. They have greater friction for average users.
Session prioritizes metadata privacy over total physical independence.
Neither achieves absolute sovereignty: technical freedom and usability are always at odds.
Keet uses other peers to relay, it's just everyone in P2P can be one
Alot of the metadata and other security issues with keet are yet to be addressed but can be
Thanks for the info. Can you name some of the security and metadata issues? I'm not super familiar with Keet
Because some of keet remains closed its not fully certain what the issues are, which is probably the biggest issue, but from having used it here is some ideas and speculationsI have
Direct IP connections exposing your IP. These do not happen all the time tho
Main id, username and screen name exposed to every room
Seems like no forward secrecy on the P2P distributed room data
Seems the room data can be freely distributed to anyone that knows it exists but there is obviously an issue identifying it given peers also encrypt connections to each other
Notifications on mobile in some part (said to be encrypted obviously) go via Google and apples servers
Each room message is identifiable to each device
Screenshot message data might be matchable to room hash data
Might be possible to forge results with their username system then maybe mitm is possible etc
Wow thats a lot of problems...tbh I kind of lost interest after waiting for them to go fully open source for about 4+ years now. I know they recently did for the android app but pretty sad that some parts are still closed after all this time. Holepunch itself seems like it has a lot of potential though.
They are my speculations, tbh P2P solves so many problems it's worth trying. They never fully open source anything yet, they plan to next year
The early versions of keet on desktop had all the source available in the install location which they later obfuscated but is still available
The app and tech is extremely promising and looks near 100% will replace all current tech. You need to realise any problem centralised tech and data centres etc solve P2P can solve and actually solve better but it just needs different thinking
