I've seen a few requests to #chat lately. So I wanted to make something public.
I don't intend to use private chat here, not ever. I don't use it on #mastodon and I never used it on twitter either.
And I have some unsolicited advice too.
We should only use chat services that use publicly audited #e2ee and there are no exceptions to that.
Anything else we say must be treated as public record, because if it isn't now it will be at some point.
What do other #nostritches think? #asknostr
Consumer devices can't do "e2ee"
True. Especially #Apple #iPhone, #Google Android, #Windows
Then actually every (mobile) device due to the closed source broadband chip and every laptop that runs closed source UEFI/BIOS
You also have the forbidden knowledge
No, it's obvious.
Every closed source hard and software should be considered compromised, and it actually is.
Computer chips though produced in #Taiwan are produced on license of US-companies. US companies are forced to comply to the #Patriot_Act which gives three letter agencies unlimited access.
So it is not a question IF your device is compromised, it's only a question of how much effort it takes to use the built in exploits of your device.
Keep in mind that your mobile fone OS runs as a VM. So it doesn't really matter if you run #Graphene or #Google Android.
If you are a high profile target, you dont really have a chance. You would need a LOT of effort and expertise to avoid it, which will be very inconvenient and make your devices almost unusable.
Isnt #Nostr chat E2EE by default by your nsec?
