upvote

points

by Cider998611 hours ago |
comments
upvoteby Gigachad8 hours ago|
next
[-]
Tbh I wish all messaging apps worked like this. While it’s kind of cool to make charts like this, the privacy implications are pretty terrible for keeping conversations forever.

A data breach on an IM app would be one of the most devastating leaks ever. And there’s just not that many legitimate use cases for keeping all history. If someone tells you something important you can make the effort to move it to their contact or notes in your phone.

reply
upvoteby darkwater7 hours ago|
parent|
[-]
If the chat is truly E2E there is no way a data breach can happen on the server side. The same applies if the app is only saving chat logs locally. [1]

Now, if the threat scenario is someone implanting a compromised version of the IM app on every device out there, and siphoning data from the device itself, then it's a completely different scenario.

[1] although this could be intercepted by an attacker compromising the IM servers, if the app is not distributed/P2P

reply
upvoteby outime6 hours ago|
parent|
[-]
Logs are stored on local devices and many people back them up in whatever cloud (majority not encrypted).

You or the other person could lose the device and someone could use your PIN/password (something as simple as shoulder surfing while you use it). There could also be a leak in whatever cloud service you're using, or the data could get subpoenaed because of some dumb law that gets passed, some rogue employee, etc. It's a huge liability no matter how you look at it.

reply
upvoteby darkwater6 hours ago|
parent|
[-]
You are proposing scenarios in which the only safe posture is to not chat at all...
reply
upvoteby rhines3 hours ago|
parent|
next
[-]
There is the potential to use homomorphic encryption so that encrypted text can support operations like string search while encrypted, so unencrypted indexes would never need to be stored on user devices. It is a huge hassle though - it requires a ton of compute and is still very slow and limited, it's much more complex, and research is still ongoing regarding security. However if you want to truly minimize the amount of unencrypted data on your device this could one day be an option.
reply
upvoteby outime5 hours ago|
parent|
prev|
next
[-]
The whole thread is about permanently storing every single conversation forever vs conversations that get deleted shortly after. If the latter is chosen, the blast radius is significantly smaller.
reply
upvoteby darkwater3 hours ago|
parent|
[-]
The blast radius of a single person conversations (shoulder surfing) which doesn't make any sense because if you are the kind of person targeted for their conversations you are going to take anyway other countermeasures in any case (in addition to probably disappearing messages).

But for normal people, the biggest risk is companies using their chats to train models / dispatch ads etc to which the only solution is E2EE.

reply
upvoteby actionfromafar5 hours ago|
parent|
prev|
[-]
Not really, if you accept the risk of it happening but you shrink the blast radius.
reply
upvoteby saligne11 hours ago|
prev|
next
[-]
there's a tool for extracting chat history from signal desktop, you could build a plaintext and attachment archive with that if it runs regularly on your pc and appends new chats from the last run.
reply
upvoteby dwedge10 hours ago|
parent|
[-]
I'd be pretty angry if I found out someone I chatted to on Signal was running a service to workaround my message expiry choice and archive my messages. And breaking that trust just to run it through an LLM?
reply
upvoteby saligne7 hours ago|
parent|
next
[-]
Be angry then, IM communication is not a contract with terms unilaterly decided by one party. Or put a confidential signature with every message, see how well that works for you
reply
upvoteby dwedge5 hours ago|
parent|
next
[-]
Be a better person. Or at least put a message in your status that you record everything and send it to Google for analysis for minimum personal gain. Do you also carry a second phone to take a photo just in case someone sends you a disappearing photo?
reply
upvoteby watwut3 hours ago|
parent|
prev|
[-]
If I need a contract for you to treat me decently and respect my choices, I really dont think you can count as a "friend" at all.
reply
upvoteby rablackburn9 hours ago|
parent|
prev|
next
[-]
Everything old is new again. This is basically the debate over IRC Bouncers all over again.
reply
upvoteby Squeeeez9 hours ago|
parent|
prev|
next
[-]
They might not be doing it on purpose, remember that microsoft windows "take a screenshot every few seconds and send it to an llm" thing?
reply
upvoteby nanocat9 hours ago|
parent|
prev|
[-]
fucken yep. don’t do this.
reply
upvoteby valzevul11 hours ago|
prev|
[-]
Do you keep separate notes for things like recommendations or addresses? I often dig through my chats to find them.
reply
upvoteby Cider998611 hours ago|
parent|
[-]
Yeah I use NotesNook for big notes or projects.

I also use the Note to Self which is built into Signal and appears just like any other conversation. I use that for temporary stuff like addresses and keep it clean.

reply