• 1 Post
  • 22 Comments
Joined 2 years ago
cake
Cake day: June 11th, 2023

help-circle
  • As you said, if PFS can be disabled by enabling a feature on the receiving end it’s by security practices not enabled, in the industry that’s called a downgrade attack and considered very bad practice.

    The blog post you linked, is the publicly revised version after they were called out by well known cryptographers for their handling. This was their original response to the researchers, again after the researchers disclosed the vulnerabilities to them and actively helped designing the new protocol, not just giving inspiration. This was their initial tweet: „There’s a new paper on Threema’s old communication protocol. Apparently, today’s academia forces researchers and even students to hopelessly oversell their findings“ which is long deleted, but I did read it while it was still up back then. I can’t find a screenshot or anything at the moment, so if you want to call me a liar, go ahead but if you search for that quote you will find many citations.

    Also, they claimed „old protocol“ but Ibex was still months from being deployed widespread, so that’s another big downplay.

    You mention Signals Desktop app issue, Threema claimed the attacks were unrealistic because they require significant computing power or social engineering, both things that are definitely a risk if you’re trying to protect yourself from bigger intelligence efforts. The issue with Signal Desktop however, required full file system access to your device at which point, there is nothing stopping the attacker from simply using a key logger, capturing your screen, etc.

    This is why no big security researchers called out Signal but many shunned Threema. At the end I don’t have a horse in the race for either of them, but I think those are facts people need when making a decision with their private information.


  • If you’re seriously concerned about privacy and security I wouldn’t look at Threema. They severely mishandled vulnerabilities by insulting the security researchers, then introduced a new protocol they built with the advice given to them for free from the SAME researchers before that, and yet it still doesn’t support critical features like full forward secrecy. If all you want primarily is the best security out there Signal is and will be the best for a long time to come by the looks of it.













  • I think we can be pretty damn sure that the encryption is not backdoored since the Signal Protocol is the gold standard in encryption nowadays and thousands if not more highly skilled cryptographers without tied to the US govt looked at it thoroughly. Also Snowden calls Signal the best messenger on the grounds on him using it daily and still being alive so that’s also a pretty good sign.

    Also, do you have a source about them being mainly funded by the US govt? In their blog they talked about mainly being funded by small donors and a few initial loans from people who care about privacy.







  • Well yes sure, but remember AV1 decoding only became standard like 1-2 GPU generations ago. Encoding only this generation. iPhones only got support with the 15 Pro so it will be another generation before it trickles down to the base models. And what about the hundreds of millions of Android phones in Asia and the likes with dirt cheap SoCs. Pretty sure they don’t have dedicated AV1 decoding hardware for a long time.

    So that’s a TON of hardware being made slow and inefficient if everything were to be AVIF tomorrow. Not saying AVIF decoding will be a big hurdle in the future but how long until all this hardware browsing the web has been replaced? That’s why I think somethings that’s efficient and fast on CPUs without any specialised hardware is more suited for a replacement.


  • Well yes, however without acceleration JPEG XL is many times faster. Also if you only have a CPU for example.

    It’s also highly parallelizable compared to AVIF which also matters a lot considering the amount of cores is growing with the likes of ARM and hybrid architecture CPU.

    AVIF also fairs badly with high fidelity and lossless encoding, has 1/3 the bit depth and pretty small dimension limits for something like photography.

    I don’t think AVIF is per se a bad format. I just think if I want to replace a photo oriented format I’d like to do that with one that’s focused on „good“ photos and not just an afterthought with up- and downsides.