So the topic of protonmail made me wonder about the privacy issues when using text messaging on the L5. In that, I suppose is is encrypted, (I apologize, I’m playing catch up learning all I can about the L5) but if texting to someone on apple/android regular texting apps, encryption is lost then on their end? Same when sending a protonmail email to a gmail user?
Then I wonder how secure/private it is texting L5 to L5? Or voice calls between L5 and L5? I guess I’m trying to ascertain if it is on par with using Signal?
The chat application used in the Librem 5 (chatty) uses XMPP, and work is being done to properly implement OMEMO, wich is an implementation of the signal encryption protocol, for XMPP.
GSM Calls are not encrypted, but VOIP solutions are being worked on. There are also matrix clients that already support encryption like: mirage
Thanks for the info. So then for it to really be secure, you need both ends using an L5 correct? Otherwise, it’s all open on the user end that may be using apple/android?
you know ProtonMail is the largest in and one of the better email-services on the European continent but the COUNTRY (Switzerland - where the best chocolate comes from and where Lila cows are grown ) is not part of EU …
as a joke. i always ‘pride’ myself in how nice it is to communicate with support-at-puri-dot-sm with e2eee (end to end encrypted email) but i forget that i exchanged the Public-Keys on plain https (secure http) that can be intercepted more easily
that being said you have to watch out HOW you establish TRUST when using e2eee with someone else using ProtonMail or some other capable system of e2eee. at this point i’m mainly getting used to it. i’m definately not where i should be with my CLI usage …
I mean the only breach here is that anybody who intercepted the exchange is now able to encrypt messages that only you can decrypt… Not a breach at all, and there’s a reason key servers are accessible publicly and you can search for anyone’s public key (anyone who shared it on a keyserver, that is), or that people post their public key on their homepage, etc.
Your point about establishing trust does stand though!
The following packages have unmet dependencies:
matrix-mirage: Depends: python3-matrix-nio but it is not installable
Depends: python3 (>= 3.8) but 3.7.3-1 is to be installed or python3-pyfastcopy but it is not installable
Depends: qml-module-qt-labs-qmlmodels but it is not installable
E: Unable to correct problems, you have held broken packages.
So as of now no encrypted messengers are supported natively… Disappointing.
sudo apt install python3=3.9.2-3
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
The following additional packages will be installed:
libpython3-stdlib python3-minimal
Suggested packages:
python3-doc python3-tk python3-venv
The following packages will be upgraded:
libpython3-stdlib python3 python3-minimal
3 upgraded, 0 newly installed, 0 to remove and 111 not upgraded.
Need to get 97,5 kB of archives.
After this operation, 1.024 B disk space will be freed.
Do you want to continue? [Y/n] Y
Disappointing? This is just my abbreviated hint into which direction you should (probably) proceed with! In order to achieve … before you start with apt install matrix-mirage. Either dep: python3 (>= 3.8) or python3-pyfastcopy, explanation is here. In addition to python3.9/, python3.8/is part of PureOS repo as well.