End-to-end encryption protects messages
Uncategorized
10
Posts
3
Posters
4
Views
-
End-to-end encryption protects messages.
Metadata protects (or exposes) people.Recent research shows how WhatsApp metadata can be enumerated, correlated, and used for device fingerprinting and targeting — without touching message content.
I analysed the implications for privacy, GDPR, and why federated protocols like XMPP and Matrix represent a different governance model.
🔗 https://www.nicfab.eu/en/posts/whatsapp-metadata-privacy/
#Privacy #Metadata #GDPR #Cybersecurity #DigitalRights #XMPP #Matrix
-
End-to-end encryption protects messages.
Metadata protects (or exposes) people.Recent research shows how WhatsApp metadata can be enumerated, correlated, and used for device fingerprinting and targeting — without touching message content.
I analysed the implications for privacy, GDPR, and why federated protocols like XMPP and Matrix represent a different governance model.
🔗 https://www.nicfab.eu/en/posts/whatsapp-metadata-privacy/
#Privacy #Metadata #GDPR #Cybersecurity #DigitalRights #XMPP #Matrix
-
@fluttersh @matrix @xmpp if you refer to a centralized system, I agree.
-
@fluttersh @matrix @xmpp if you refer to a centralized system, I agree.
@nicfab @fluttersh @matrix @xmpp
Signal metadata is said to be better protected than in the other systems (perhaps at the cost of centralization). I think, optimal behaviour is to have signal, matrix and xmpp accounts, so that we make it easier if the other person has any...
Btw, despite of agreeing with the article i think that besisdes metadata, one cannot be sure of the whole messages as source is closed. Believing in whatsapp encryption is trusting in META words...
-
@nicfab @fluttersh @matrix @xmpp
Signal metadata is said to be better protected than in the other systems (perhaps at the cost of centralization). I think, optimal behaviour is to have signal, matrix and xmpp accounts, so that we make it easier if the other person has any...
Btw, despite of agreeing with the article i think that besisdes metadata, one cannot be sure of the whole messages as source is closed. Believing in whatsapp encryption is trusting in META words...
@antoniovr @nicfab @matrix @xmpp
tcp packets + tls carry less metadata than signal messages imo, but this is at a different layer on the entire solution and requires most people to host (from home) which could be ideal if there were good prepackaged solutions like routers/nas
-
@nicfab @fluttersh @matrix @xmpp
Signal metadata is said to be better protected than in the other systems (perhaps at the cost of centralization). I think, optimal behaviour is to have signal, matrix and xmpp accounts, so that we make it easier if the other person has any...
Btw, despite of agreeing with the article i think that besisdes metadata, one cannot be sure of the whole messages as source is closed. Believing in whatsapp encryption is trusting in META words...
1/2
@antoniovr @fluttersh @matrix @xmppThank you for the insightful comment.
You raise two valid points:
1. Signal does implement stronger metadata protection (e.g., Sealed Sender), though centralization remains a trade-off. Having accounts across multiple protocols is indeed a pragmatic approach — interoperability without dependency.
-
@nicfab @fluttersh @matrix @xmpp
Signal metadata is said to be better protected than in the other systems (perhaps at the cost of centralization). I think, optimal behaviour is to have signal, matrix and xmpp accounts, so that we make it easier if the other person has any...
Btw, despite of agreeing with the article i think that besisdes metadata, one cannot be sure of the whole messages as source is closed. Believing in whatsapp encryption is trusting in META words...
2/2
@antoniovr @fluttersh @matrix @xmpp2. You're absolutely right: with closed-source clients, E2EE claims are ultimately trust-based. Verifiable security requires open code and independent audits — which is precisely why open protocols matter.
Both points reinforce the article's core argument: content protection is necessary but not sufficient. Protocol transparency and architectural choices are equally critical.
-
@antoniovr @nicfab @matrix @xmpp
tcp packets + tls carry less metadata than signal messages imo, but this is at a different layer on the entire solution and requires most people to host (from home) which could be ideal if there were good prepackaged solutions like routers/nas
@antoniovr @nicfab @matrix @xmpp
like even vps providers have issues with spying on their customers even if you did host from a datacenter it's still in the cloud
-
@antoniovr @nicfab @matrix @xmpp
tcp packets + tls carry less metadata than signal messages imo, but this is at a different layer on the entire solution and requires most people to host (from home) which could be ideal if there were good prepackaged solutions like routers/nas
@fluttersh @antoniovr @matrix @xmpp
Valid point — at the transport layer, raw TCP + TLS carries less application-level metadata. The challenge is that most users operate at higher layers where protocol design matters.
On self-hosting: projects like @snikket_im (XMPP) are moving in that direction, but a true "plug and play" home server solution is still missing.
Infrastructure sovereignty shouldn't require sysadmin skills.
-
@antoniovr @nicfab @matrix @xmpp
like even vps providers have issues with spying on their customers even if you did host from a datacenter it's still in the cloud
@fluttersh @antoniovr @matrix @xmpp
True — VPS self-hosting shifts trust, doesn't eliminate it. You control software, but the provider controls hardware.
Full sovereignty requires physical control: home hosting or owned infrastructure. That's the trade-off between convenience and trust minimization.
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@tomjennings And the design of HP alculator keys is unique.
-
It's kind of a perfect Object. I don't own a lot of things like this. The spiral bound manual is lovely too.
-
@VeroniqueB99 also, you run (if you're late) down the jetway, and the plane takes off/lands on the runway.
-
Mentre Trump fa scoppiare la guerra in mezzo mondo, come volete passare il tempo?
-
This post did not contain any content.
-
... in quelli che avvicino io cerco solo due cose, che in pochissimi hanno. La poesia e la grazia ... https://cctm.website/elsa-morante-a-renata-debenedetti/
Elsa Morante
frammento da una lettera a Renata Debenedetti, 1943
#ElsaMorante #poesia #grazia #cctmwebsite #anoipiaceleggere #leggere
-
@tomjennings All in all not too bad.
-
Luca Caputa (@lucacaputa.bsky.social)
https://bsky.app/profile/lucacaputa.bsky.social/post/3mbuc35fa3s2v
> “Luca cosa pensi di Acca Larentia?”
