Sure you can always just encrypt your messages but even that could have exploits. (either intentionally or accidentally) and then you have governments around the world basically teaming up to get rid of encryption with laws. The next option is a vpn, but really it is not because it also uses encryption so it would fit a legal definition of using encryption.
But maybe not all hope is lost, you could maybe use a proxy server in combination of the Tor browser (for now) sure the contents of your messages but not your ip address. Neither of those use encryption and are not targeted by these laws. Just be sure to use that proxy since the very creation of your messaging accounts till the very end because any small mistake (such as using an app with your own ip address can expose you) can ruin you if you post the most illegal of messages.
I know encryption isnāt just about illegal and harmful activity because itās being used by people in heavily controlled countries to communicate about shifting the government from stepping in peoples lives.
Sure itās legal but the smallest mistake can expose you making your privacy online much much weaker especially when you have a bad server that your data bounces in out of all of the severs in tor that reports your activity as they see fit. This is why you should not support such forced changes in the law that go against encryption.
What about offline encrpytion? Well this question is more complicated to give an honest answer because, what ever you store on your phone is hosted offline on your sd card or hard drive. Becaus e it is not hosted on a pubic service such as Facebook it would be harder to enforce this law on any company because itās stored on that individuals phone. Now if it set to back up to the cloud then thatās when any actually legal concerns would come up in the us. If you are in Australia can you please confirm that for that area. And if you use an open source encryption app seperate form whatās built into your phone offline itās even more difficult to have someone in trouble for not scanning encrypted messages because itās not hosted on a public server and no specific company is involved if everyone just keeps copying and pasting that code.
I use Tor, yes, and some other methods to help with online privacy while using an Android. As for sensitive information I believe requires offline encryption, I only do so on a computer(which alone doesnt guarantee anything) that I can make more suitable for doing such. None of which I would put in a āCloudā of any sort.
Encrypted communication, eh I rather not if possible as it requires both parties to do everything absolutely right at times so thereās that āTrust issueā againā¦
Also, Tor Browser does use Encryption. A simple proxy does not though.
I agree with your post though, especially how one mistake is all it takes. More often than not, itās user error and not the software used for privacy.
Having a little trouble understanding your last paragraph so excuse me if I replied with something you already explained.
I donāt feel like online messaging privacy is decreasing. In fact, I think it is the exact opposite. More people I know currently use secure online messaging than at any point in the past.
What I think is happening is that more people are becoming aware that what they used to assume was secure online messaging was never secure.
In my personal case I run both encrypted XMPP and Matrix servers, which both have clients available on F-Droid (Conversations and Element).
I am told OMEMO with XMPP is secure but I donāt have the knowledge to verify it. It is probably the best thing we have. I would probably only suggest open-source apps.
I would like the ability for Conversations (or any open-source xmpp app) to export chat history as a text file so it can be stored in plain text, away from the app itself. The chat history on the device can then be deleted, while still having a copy off the device that can be read almost anywhere. This is the āsecurityā I want.
Can anybody link a nood friendly guide on how to build a personal XMPP VPS from scratch please. Like what specs are required for a VPS to run letās say Prosody to support a 1000 users. what OS is more suitable for it. And how much more more efforts will it take to host it as an email server at the same time? What software is required to implement an email service as well.
Load testing an ejabberd 19.02 instance on RPi3+/1Gb yielded almost 1000 (simulated) users on SD card, postgresql, and file upload available. So any hardware better than that will be enough imho. But thatās without Audio/Video, since that needs a TURN server (included in ejabberd or using coturn/eturnal for prosody/snikket) which uses more CPU/bandwidth.
a Raspberry Pi 1 can run ejabberd for a family and a group of friends just fine.
The only quirk I ran into is that if ejabberd starts before NTP sets correct system time, itāll be funky.
So either get an RTC addon for your RPI or set ejabberd to delay via systemd or whatever.
I noticed certain quality hardware made for Raspberryās like DAC hats or ham radio hotspots made to pair with piās include their own clocks. I know for audio it can vary where in why it improves the sound quality but in the case of ejabbard or tor which ran on piās can in some cases issues, is it a software issue, or more of an issue with the piās hardware?
If so could a rtc hat solve such issues in these cases?
Thanks. Yeah i know the clocks in those devices wouldnāt help in this case but just remembering many devices including them made me wonder if it a plain clock hat would solve some issues the included clock may cause.
Also i just realized why my question makes me seem so stupid, i just saw skeweds reply and did notice he already answered it by saying to add an RTC addonā¦ I swear to god I do not remember reading that earlierā¦
