Comment by codethief

1 year ago

As mentioned in a comment to one of your posts, the GNUnet people have probably gone the furthest in the quest to obfuscate metadata. Unfortunately, to this day no usable messenger application has come out of this, partially because GNUnet has largely been a research project.

As for applications in use today that address the metadata problem, have a look at Signal's Sealed Sender feature: https://signal.org/blog/sealed-sender/

As for recommending Telegram for secure messages, I side with the sibling comments ("Don't").

1 comment

codethief

Reply
codethief  1 year ago

Since you seem to focus on decentralized protocols, I should add: In practice, while we all like federated and p2p apps for the freedoms & this warm fuzzy feeling they provide us with, by default they tend to have a much greater attack surface when it comes to metadata. This is because, compared to a centralized approach, metadata is openly available to far more parties. As a result, 3-letter agencies often won't even need a warrant to get their hands on the metadata: They can simply run traffic analysis and/or participate in the network themselves.