CWTCH - Surveilance proof messaging
-
Came across this recently, and love to see this on cloudron!
Site address: https://cwtch.im/
Serve install/set up: https://git.openprivacy.ca/cwtch.im/serverWhat is Cwtch?
Cwtch (/kʊtʃ/ - a Welsh word roughly translating to “a hug that creates a safe place”) is a decentralized, privacy-preserving, multi-party messaging protocol that can be used to build metadata resistant applications.
Decentralized and Open: There is no “Cwtch service” or “Cwtch network”. Participants in Cwtch can host their own safe spaces, or lend their infrastructure to others seeking a safe space. The Cwtch protocol is open, and anyone is free to build bots, services and user interfaces and integrate and interact with Cwtch.
Privacy Preserving: All communication in Cwtch is end-to-end encrypted and takes place over Tor v3 onion services.
Metadata Resistant: Cwtch has been designed such that no information is exchanged or available to anyone without their explicit consent, including on-the-wire messages and protocol metadata.
-
@subtlecourage very nice
-
@timconsidine
Thank you! -
@subtlecourage Looking forward to trying it on my GrapheneOS de-googled phone.
I've been thinking for some time that all the discussion in privacy forums etc and in the public arena about E2E end-to-end encryption is just missing the point.
Seems a fundamental principle of privacy is that you never entrust responsibility for it to a 3rd party. Encrypt locally, decrypt on receiving end based on key. PGP had it right. I quite like the https://www.oversec.io/ approach (although it is not fluid, the price you pay I guess).
Why are we getting kickers-in-twist about E2E on different providers when it's really a personal responsibility.
I guess it comes down to the generally low level of tech knowledge in the wider public.
-
@timconsidine I fully agree with
I guess it comes down to the generally low level of tech knowledge in the wider public.
When people hear the word "Encryption" they misunderstand exactly what that means.
E2EE is a fundamental human right, regardless if it can be exploited by criminals.
Having a trustless ecosystem that allows E2EE comms. is vital for the future.
-
Reminds me of Confidant Mail
-
@robi said in CWTCH - Surveilance proof messaging:
Confidant Mail
Oh thats neat!
https://www.confidantmail.org/docs/ -
-
@subtlecourage indeed
but needs updating
not sure how live the project is -
@timconsidine still works. I was the reason for the last update after a conversation with the inventor. (tied to the version of PGP/GPG and TLS)
