Both: Use Bluetooth

Briar: Uses Tor, you don’t reveal your IP address to the people you talk to.

Berty: Uses both IPFS and P2P, so you reveal your IP to anyone you talk to.

Discussion: Berty looks to have a larger developer community and funding, had iOS and Android apps.

Berty, if someone could monitor your traffic they could see who you talk with, even if the messages are encrypted your social graph would be available.

Do you see Berty replacing session (where people don’t trust each other)? Can Berty survive without central servers, or if IPFS does?

I know Briar will always work, no central control at all.

  • jet@hackertalks.comOP
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    I should mention session in this discussion, but I think their oxen network is so unique It basically counts as centrally controlled.

    Plus session doesn’t have Perfect Forward Secrecy. Not sure of Berty does either.

    • AHEHE@unilem.org
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      It’s worth noting on session brute force is less of a concern than usual with a 2^128 value, but your point stands it wasn’t a great decision.

      • jet@hackertalks.comOP
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I think the main issue with perfect for secrecy is not brute forcing the code. It’s eventually one of your computers is going to get compromised. And then they’ll have a key to unlock all the messages historically. That’s not great

        • AHEHE@unilem.org
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          Well said and even if you delete history daily there’s no way to know for sure it’s being removed from servers at the same interval.