L5 Messaging app

So the topic of protonmail made me wonder about the privacy issues when using text messaging on the L5. In that, I suppose is is encrypted, (I apologize, I’m playing catch up learning all I can about the L5) but if texting to someone on apple/android regular texting apps, encryption is lost then on their end? Same when sending a protonmail email to a gmail user?

Then I wonder how secure/private it is texting L5 to L5? Or voice calls between L5 and L5? I guess I’m trying to ascertain if it is on par with using Signal?

Sorry if this has been covered before.

The chat application used in the Librem 5 (chatty) uses XMPP, and work is being done to properly implement OMEMO, wich is an implementation of the signal encryption protocol, for XMPP.

GSM Calls are not encrypted, but VOIP solutions are being worked on. There are also matrix clients that already support encryption like: mirage

7 Likes

Thanks for the info. So then for it to really be secure, you need both ends using an L5 correct? Otherwise, it’s all open on the user end that may be using apple/android?

No you only require that both ends support the same protocols for an encrypted conversation.

That is the beauty of federated services.

4 Likes

you know ProtonMail is the largest in and one of the better email-services on the European continent but the COUNTRY (Switzerland - where the best chocolate comes from and where Lila cows are grown :joy: ) is not part of EU …

as a joke. i always ‘pride’ myself in how nice it is to communicate with support-at-puri-dot-sm with e2eee (end to end encrypted email) but i forget that i exchanged the Public-Keys on plain https (secure http) that can be intercepted more easily :upside_down_face:

that being said you have to watch out HOW you establish TRUST when using e2eee with someone else using ProtonMail or some other capable system of e2eee. at this point i’m mainly getting used to it. i’m definately not where i should be with my CLI usage …

edited name :stuck_out_tongue:

I mean the only breach here is that anybody who intercepted the exchange is now able to encrypt messages that only you can decrypt… Not a breach at all, and there’s a reason key servers are accessible publicly and you can search for anyone’s public key (anyone who shared it on a keyserver, that is), or that people post their public key on their homepage, etc.

Your point about establishing trust does stand though!

1 Like

the COUNTRY (Sweden - where the best chocolate comes from and where Lila cows are grown :joy: ) is not part of EU …

SWIT ZER LAND

1 Like

That would be Switzerland.

1 Like

Sweden has the best rotten herring. There are no lilac cows there, but many of the houses are red.

Sweden is part of the EU.

1 Like

lol. i always confuse the two when writing :stuck_out_tongue: thanks guys for pointing out the error !

yes i was talking about Switzerland :slight_smile: but accidentally wrote Sweden :joy: silly me