Add Team chat section #1067
@ -21,7 +21,7 @@ linux=""
|
|||||||
|
|
|||||||
{% include cardv2.html
|
{% include cardv2.html
|
||||||
title="Keybase"
|
title="Keybase"
|
||||||
image="/assets/img/tools/keybase.png"
|
image="/assets/img/tools/keybase.png"
|
||||||
TODO TODO
Note to self: reread #740 Note to self: reread #740
Found a higher quality image here:
Found a higher quality image [here](https://commons.wikimedia.org/wiki/File:Keybase_logo_official.svg):
jonah
commented
FYI we don't use SVGs (for some security reason apparently, I think issues with Tor Browser?). So all our images are kinda poor quality on HiDPI displays :/ FYI we don't use SVGs (for some security reason apparently, I think issues with Tor Browser?). So all our images are kinda poor quality on HiDPI displays :/
Ah, gotcha - okay, we can probably than just convert it to a png then. Ah, gotcha - okay, we can probably than just convert it to a png then.
Done, I hope it looks fine for you Done, I hope it looks fine for you
|
|||||||
description='Keybase provides a hosted team chat with end-to-end encryption. It has also been <a href=\"https://keybase.io/docs-assets/blog/NCC_Group_Keybase_KB2018_Public_Report_2019-02-27_v1.3.pdf\">indepedently audited (PDF)</a>. <span class="badge badge-warning" data-toggle="tooltip" title="The server side of Keybase runs on proprietary code and is centralized">experimental <i class="far fa-question-circle"></i> (<a href="https://github.com/keybase/client/issues/6374">GitHub issue</a>)</span>'
|
description='Keybase provides a hosted team chat with end-to-end encryption. It has also been <a href="https://keybase.io/docs-assets/blog/NCC_Group_Keybase_KB2018_Public_Report_2019-02-27_v1.3.pdf">indepedently audited (PDF)</a>. <span class="badge badge-warning" data-toggle="tooltip" title="The server side of Keybase runs on proprietary code and is centralized">experimental <i class="far fa-question-circle"></i> (<a href="https://github.com/keybase/client/issues/6374">GitHub issue</a>)</span>'
|
||||||
|
I forgot that Discord exists and typing this comment I also remember Microsoft Teams being a thing. I think the biggest concerns for FOSS projects/teams are Slack and Discord though and I am sure both have nice links. I forgot that Discord exists and typing this comment I also remember Microsoft Teams being a thing. I think the biggest concerns for FOSS projects/teams are Slack and Discord though and I am sure both have nice links.
This needs attention as I am not sure any team chat is designed with privacy in mind as I recall reading that the reason Slack hasn't implemented E2EE is due to letting "your boss read your PMs". This needs attention as I am not sure any team chat is designed with privacy in mind as I recall reading that the reason Slack hasn't implemented E2EE is due to letting "your boss read your PMs".
Federation is also experimental. Federation is also experimental.
TODO TODO
Obviously TODO, I just wanted a preview build out and me working on this visible to everyone. Obviously TODO, I just wanted a preview build out and me working on this visible to everyone.
TODO, is it OK to use existing topics? TODO, is it OK to use existing topics?
#1066 has links on the requests for E2EE, but I am not sure it's a big priority for businesses. #1066 has links on the requests for E2EE, but I am not sure it's a big priority for businesses.
* https://www.vice.com/en_us/article/kzj5xn/why-slack-doesnt-have-end-to-end-encryption-boss
* https://www.vice.com/en_us/article/8q89ba/dear-slack-please-add-otr
for Discord I couldn't find more than https://discordapp.com/privacy * https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/
* https://drewdevault.com/2015/11/01/Please-stop-using-slack.html
for Discord I couldn't find more than https://discordapp.com/privacy
Typo. Typo.
Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord? Keybase advertises themselves for everyone and one audience that is also on my mind are language learners whom I only know existing in IRC (bigger languages), Discord (a lot of languages) and Slack (one team I found via Duolingo and keep forgetting to login). Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord?
Keybase advertises themselves for everyone and one audience that is also on my mind are language learners whom I only know existing in IRC (bigger languages), Discord (a lot of languages) and Slack (one team I found via Duolingo and keep forgetting to login).
Oh and someone I chatted with IM apps said that they would be a bit wary of Rocket.chat due to it not being designed to federate and that possibly leaving more room for mistakes. Oh and someone I chatted with IM apps said that they would be a bit wary of Rocket.chat due to it not being designed to federate and that possibly leaving more room for mistakes.
Richard Stallman offers us the following:
via Matrix Richard Stallman offers us the following:
* https://stallman.org/discord.html
* https://stallman.org/slack.html
* https://stallman.org/microsoft.html - no mention of Microsoft Teams though
via Matrix
The existing thread was https://forum.privacytools.io/t/what-do-you-think-about-keybase-io/920?u=mikaela and I didn't feel comfortable reusing it. The existing thread was https://forum.privacytools.io/t/what-do-you-think-about-keybase-io/920?u=mikaela and I didn't feel comfortable reusing it.
Experimental --> closed source server? centralized? And I think I am out of time and cannot think of this further today. Experimental --> closed source server? centralized?
And I think I am out of time and cannot think of this further today.
> for Discord I couldn't find more than https://discordapp.com/privacy
[From Discord, 2 years ago](https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and):
> E2E encryption is not a focus nor currently planned...
Great question -- I'd agree with your assumption 👍 > Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord?
Great question -- I'd agree with your assumption :+1:
https://forums.rocket.chat/ ?
jonah
commented
`The server side of Keybase runs on proprietary code and is centralized`?
No, it's our forum thread https://forum.privacytools.io/t/discussion-rocket-chat/1223 No, it's our forum thread https://forum.privacytools.io/t/discussion-rocket-chat/1223
I applied your suggestion, but Blah blah blah needs to change before resolving this conversation. I applied your suggestion, but Blah blah blah needs to change before resolving this conversation.
> RocketChat stores the quasi-end2end keys, server-side. And does not implement perfect forward secrecy. More like protonmail's security-model than like signalapp. RocketChat/Rocket.Chat#9999 (comment) Basically, if your decrypt-passphrase is every compromised (either by a trojan or a compromised server... or just, by you logging in from a browser or OS that is vulnerable to the badguys) then the badguys get your entire messaging-history, and that of every team you are on, correct?
* https://github.com/privacytoolsIO/privacytools.io/issues/999#issuecomment-518303585
Suggestion:
Suggestion:
> Team chat applications where everything is end-to-end encrypted *or* under control of your team administrator.
Links either: https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/ or https://drewdevault.com/2015/11/01/Please-stop-using-slack.html (I kind of prefer this one) Discord: https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and (I prefer) or https://stallman.org/discord.html ? > If your team is currently using service like [Discord] or [Slack], you should pick an alternative here.
Links either: https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/ or https://drewdevault.com/2015/11/01/Please-stop-using-slack.html (I kind of prefer this one)
Discord: https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and (I prefer) or https://stallman.org/discord.html ?
https://github.com/privacytoolsIO/privacytools.io/issues/1066#issuecomment-519922407 - Mattermost should be delisted. https://github.com/privacytoolsIO/privacytools.io/issues/1066#issuecomment-519922407 - Mattermost should be delisted.
Link is currently broken, just needs to be updated to Link is currently broken, just needs to be updated to
```html
<a href="https://keybase.io/docs-assets/blog/NCC_Group_Keybase_KB2018_Public_Report_2019-02-27_v1.3.pdf">indepedently audited (PDF)</a>
```
Small grammatical suggestion:
Small grammatical suggestion:
> If your project ~~is currently using~~ currently uses a team chat like...
Missing a space here: Missing a space here: ```</i> Team```
Won't that break it due to being in the card? I removed the backslashes though. Won't that break it due to being in the card? I removed the backslashes though.
Apparently not. Apparently not.
I forgot that Discord exists and typing this comment I also remember Microsoft Teams being a thing. I think the biggest concerns for FOSS projects/teams are Slack and Discord though and I am sure both have nice links. I forgot that Discord exists and typing this comment I also remember Microsoft Teams being a thing. I think the biggest concerns for FOSS projects/teams are Slack and Discord though and I am sure both have nice links.
This needs attention as I am not sure any team chat is designed with privacy in mind as I recall reading that the reason Slack hasn't implemented E2EE is due to letting "your boss read your PMs". This needs attention as I am not sure any team chat is designed with privacy in mind as I recall reading that the reason Slack hasn't implemented E2EE is due to letting "your boss read your PMs".
Federation is also experimental. Federation is also experimental.
TODO TODO
Obviously TODO, I just wanted a preview build out and me working on this visible to everyone. Obviously TODO, I just wanted a preview build out and me working on this visible to everyone.
TODO, is it OK to use existing topics? TODO, is it OK to use existing topics?
#1066 has links on the requests for E2EE, but I am not sure it's a big priority for businesses. #1066 has links on the requests for E2EE, but I am not sure it's a big priority for businesses.
* https://www.vice.com/en_us/article/kzj5xn/why-slack-doesnt-have-end-to-end-encryption-boss
* https://www.vice.com/en_us/article/8q89ba/dear-slack-please-add-otr
for Discord I couldn't find more than https://discordapp.com/privacy * https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/
* https://drewdevault.com/2015/11/01/Please-stop-using-slack.html
for Discord I couldn't find more than https://discordapp.com/privacy
Typo. Typo.
Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord? Keybase advertises themselves for everyone and one audience that is also on my mind are language learners whom I only know existing in IRC (bigger languages), Discord (a lot of languages) and Slack (one team I found via Duolingo and keep forgetting to login). Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord?
Keybase advertises themselves for everyone and one audience that is also on my mind are language learners whom I only know existing in IRC (bigger languages), Discord (a lot of languages) and Slack (one team I found via Duolingo and keep forgetting to login).
Oh and someone I chatted with IM apps said that they would be a bit wary of Rocket.chat due to it not being designed to federate and that possibly leaving more room for mistakes. Oh and someone I chatted with IM apps said that they would be a bit wary of Rocket.chat due to it not being designed to federate and that possibly leaving more room for mistakes.
Richard Stallman offers us the following:
via Matrix Richard Stallman offers us the following:
* https://stallman.org/discord.html
* https://stallman.org/slack.html
* https://stallman.org/microsoft.html - no mention of Microsoft Teams though
via Matrix
The existing thread was https://forum.privacytools.io/t/what-do-you-think-about-keybase-io/920?u=mikaela and I didn't feel comfortable reusing it. The existing thread was https://forum.privacytools.io/t/what-do-you-think-about-keybase-io/920?u=mikaela and I didn't feel comfortable reusing it.
Experimental --> closed source server? centralized? And I think I am out of time and cannot think of this further today. Experimental --> closed source server? centralized?
And I think I am out of time and cannot think of this further today.
> for Discord I couldn't find more than https://discordapp.com/privacy
[From Discord, 2 years ago](https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and):
> E2E encryption is not a focus nor currently planned...
Great question -- I'd agree with your assumption 👍 > Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord?
Great question -- I'd agree with your assumption :+1:
https://forums.rocket.chat/ ?
jonah
commented
`The server side of Keybase runs on proprietary code and is centralized`?
No, it's our forum thread https://forum.privacytools.io/t/discussion-rocket-chat/1223 No, it's our forum thread https://forum.privacytools.io/t/discussion-rocket-chat/1223
I applied your suggestion, but Blah blah blah needs to change before resolving this conversation. I applied your suggestion, but Blah blah blah needs to change before resolving this conversation.
> RocketChat stores the quasi-end2end keys, server-side. And does not implement perfect forward secrecy. More like protonmail's security-model than like signalapp. RocketChat/Rocket.Chat#9999 (comment) Basically, if your decrypt-passphrase is every compromised (either by a trojan or a compromised server... or just, by you logging in from a browser or OS that is vulnerable to the badguys) then the badguys get your entire messaging-history, and that of every team you are on, correct?
* https://github.com/privacytoolsIO/privacytools.io/issues/999#issuecomment-518303585
Suggestion:
Suggestion:
> Team chat applications where everything is end-to-end encrypted *or* under control of your team administrator.
Links either: https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/ or https://drewdevault.com/2015/11/01/Please-stop-using-slack.html (I kind of prefer this one) Discord: https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and (I prefer) or https://stallman.org/discord.html ? > If your team is currently using service like [Discord] or [Slack], you should pick an alternative here.
Links either: https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/ or https://drewdevault.com/2015/11/01/Please-stop-using-slack.html (I kind of prefer this one)
Discord: https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and (I prefer) or https://stallman.org/discord.html ?
https://github.com/privacytoolsIO/privacytools.io/issues/1066#issuecomment-519922407 - Mattermost should be delisted. https://github.com/privacytoolsIO/privacytools.io/issues/1066#issuecomment-519922407 - Mattermost should be delisted.
Link is currently broken, just needs to be updated to Link is currently broken, just needs to be updated to
```html
<a href="https://keybase.io/docs-assets/blog/NCC_Group_Keybase_KB2018_Public_Report_2019-02-27_v1.3.pdf">indepedently audited (PDF)</a>
```
Small grammatical suggestion:
Small grammatical suggestion:
> If your project ~~is currently using~~ currently uses a team chat like...
Missing a space here: Missing a space here: ```</i> Team```
Won't that break it due to being in the card? I removed the backslashes though. Won't that break it due to being in the card? I removed the backslashes though.
Apparently not. Apparently not.
|
|||||||
website="https://keybase.io/"
|
website="https://keybase.io/"
|
||||||
forum="https://forum.privacytools.io/t/discussion-keybase/1224"
|
forum="https://forum.privacytools.io/t/discussion-keybase/1224"
|
||||||
github="https://github.com/Keybase"
|
github="https://github.com/Keybase"
|
||||||
|
|||||||
|
I forgot that Discord exists and typing this comment I also remember Microsoft Teams being a thing. I think the biggest concerns for FOSS projects/teams are Slack and Discord though and I am sure both have nice links. I forgot that Discord exists and typing this comment I also remember Microsoft Teams being a thing. I think the biggest concerns for FOSS projects/teams are Slack and Discord though and I am sure both have nice links.
I forgot that Discord exists and typing this comment I also remember Microsoft Teams being a thing. I think the biggest concerns for FOSS projects/teams are Slack and Discord though and I am sure both have nice links. I forgot that Discord exists and typing this comment I also remember Microsoft Teams being a thing. I think the biggest concerns for FOSS projects/teams are Slack and Discord though and I am sure both have nice links.
This needs attention as I am not sure any team chat is designed with privacy in mind as I recall reading that the reason Slack hasn't implemented E2EE is due to letting "your boss read your PMs". This needs attention as I am not sure any team chat is designed with privacy in mind as I recall reading that the reason Slack hasn't implemented E2EE is due to letting "your boss read your PMs".
This needs attention as I am not sure any team chat is designed with privacy in mind as I recall reading that the reason Slack hasn't implemented E2EE is due to letting "your boss read your PMs". This needs attention as I am not sure any team chat is designed with privacy in mind as I recall reading that the reason Slack hasn't implemented E2EE is due to letting "your boss read your PMs".
Federation is also experimental. Federation is also experimental.
Federation is also experimental. Federation is also experimental.
TODO TODO
TODO TODO
Obviously TODO, I just wanted a preview build out and me working on this visible to everyone. Obviously TODO, I just wanted a preview build out and me working on this visible to everyone.
Obviously TODO, I just wanted a preview build out and me working on this visible to everyone. Obviously TODO, I just wanted a preview build out and me working on this visible to everyone.
TODO, is it OK to use existing topics? TODO, is it OK to use existing topics?
TODO, is it OK to use existing topics? TODO, is it OK to use existing topics?
#1066 has links on the requests for E2EE, but I am not sure it's a big priority for businesses. #1066 has links on the requests for E2EE, but I am not sure it's a big priority for businesses.
#1066 has links on the requests for E2EE, but I am not sure it's a big priority for businesses. #1066 has links on the requests for E2EE, but I am not sure it's a big priority for businesses.
* https://www.vice.com/en_us/article/kzj5xn/why-slack-doesnt-have-end-to-end-encryption-boss
* https://www.vice.com/en_us/article/8q89ba/dear-slack-please-add-otr
* https://www.vice.com/en_us/article/kzj5xn/why-slack-doesnt-have-end-to-end-encryption-boss
* https://www.vice.com/en_us/article/8q89ba/dear-slack-please-add-otr
for Discord I couldn't find more than https://discordapp.com/privacy * https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/
* https://drewdevault.com/2015/11/01/Please-stop-using-slack.html
for Discord I couldn't find more than https://discordapp.com/privacy
for Discord I couldn't find more than https://discordapp.com/privacy * https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/
* https://drewdevault.com/2015/11/01/Please-stop-using-slack.html
for Discord I couldn't find more than https://discordapp.com/privacy
Typo. Typo.
Typo. Typo.
Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord? Keybase advertises themselves for everyone and one audience that is also on my mind are language learners whom I only know existing in IRC (bigger languages), Discord (a lot of languages) and Slack (one team I found via Duolingo and keep forgetting to login). Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord?
Keybase advertises themselves for everyone and one audience that is also on my mind are language learners whom I only know existing in IRC (bigger languages), Discord (a lot of languages) and Slack (one team I found via Duolingo and keep forgetting to login).
Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord? Keybase advertises themselves for everyone and one audience that is also on my mind are language learners whom I only know existing in IRC (bigger languages), Discord (a lot of languages) and Slack (one team I found via Duolingo and keep forgetting to login). Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord?
Keybase advertises themselves for everyone and one audience that is also on my mind are language learners whom I only know existing in IRC (bigger languages), Discord (a lot of languages) and Slack (one team I found via Duolingo and keep forgetting to login).
Oh and someone I chatted with IM apps said that they would be a bit wary of Rocket.chat due to it not being designed to federate and that possibly leaving more room for mistakes. Oh and someone I chatted with IM apps said that they would be a bit wary of Rocket.chat due to it not being designed to federate and that possibly leaving more room for mistakes.
Oh and someone I chatted with IM apps said that they would be a bit wary of Rocket.chat due to it not being designed to federate and that possibly leaving more room for mistakes. Oh and someone I chatted with IM apps said that they would be a bit wary of Rocket.chat due to it not being designed to federate and that possibly leaving more room for mistakes.
Richard Stallman offers us the following:
via Matrix Richard Stallman offers us the following:
* https://stallman.org/discord.html
* https://stallman.org/slack.html
* https://stallman.org/microsoft.html - no mention of Microsoft Teams though
via Matrix
Richard Stallman offers us the following:
via Matrix Richard Stallman offers us the following:
* https://stallman.org/discord.html
* https://stallman.org/slack.html
* https://stallman.org/microsoft.html - no mention of Microsoft Teams though
via Matrix
The existing thread was https://forum.privacytools.io/t/what-do-you-think-about-keybase-io/920?u=mikaela and I didn't feel comfortable reusing it. The existing thread was https://forum.privacytools.io/t/what-do-you-think-about-keybase-io/920?u=mikaela and I didn't feel comfortable reusing it.
The existing thread was https://forum.privacytools.io/t/what-do-you-think-about-keybase-io/920?u=mikaela and I didn't feel comfortable reusing it. The existing thread was https://forum.privacytools.io/t/what-do-you-think-about-keybase-io/920?u=mikaela and I didn't feel comfortable reusing it.
Experimental --> closed source server? centralized? And I think I am out of time and cannot think of this further today. Experimental --> closed source server? centralized?
And I think I am out of time and cannot think of this further today.
Experimental --> closed source server? centralized? And I think I am out of time and cannot think of this further today. Experimental --> closed source server? centralized?
And I think I am out of time and cannot think of this further today.
> for Discord I couldn't find more than https://discordapp.com/privacy
[From Discord, 2 years ago](https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and):
> E2E encryption is not a focus nor currently planned...
> for Discord I couldn't find more than https://discordapp.com/privacy
[From Discord, 2 years ago](https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and):
> E2E encryption is not a focus nor currently planned...
Great question -- I'd agree with your assumption 👍 > Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord?
Great question -- I'd agree with your assumption :+1:
Great question -- I'd agree with your assumption 👍 > Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord?
Great question -- I'd agree with your assumption :+1:
https://forums.rocket.chat/ ?
https://forums.rocket.chat/ ?
jonah
commented
`The server side of Keybase runs on proprietary code and is centralized`?
jonah
commented
`The server side of Keybase runs on proprietary code and is centralized`?
No, it's our forum thread https://forum.privacytools.io/t/discussion-rocket-chat/1223 No, it's our forum thread https://forum.privacytools.io/t/discussion-rocket-chat/1223
No, it's our forum thread https://forum.privacytools.io/t/discussion-rocket-chat/1223 No, it's our forum thread https://forum.privacytools.io/t/discussion-rocket-chat/1223
I applied your suggestion, but Blah blah blah needs to change before resolving this conversation. I applied your suggestion, but Blah blah blah needs to change before resolving this conversation.
I applied your suggestion, but Blah blah blah needs to change before resolving this conversation. I applied your suggestion, but Blah blah blah needs to change before resolving this conversation.
> RocketChat stores the quasi-end2end keys, server-side. And does not implement perfect forward secrecy. More like protonmail's security-model than like signalapp. RocketChat/Rocket.Chat#9999 (comment) Basically, if your decrypt-passphrase is every compromised (either by a trojan or a compromised server... or just, by you logging in from a browser or OS that is vulnerable to the badguys) then the badguys get your entire messaging-history, and that of every team you are on, correct?
* https://github.com/privacytoolsIO/privacytools.io/issues/999#issuecomment-518303585
> RocketChat stores the quasi-end2end keys, server-side. And does not implement perfect forward secrecy. More like protonmail's security-model than like signalapp. RocketChat/Rocket.Chat#9999 (comment) Basically, if your decrypt-passphrase is every compromised (either by a trojan or a compromised server... or just, by you logging in from a browser or OS that is vulnerable to the badguys) then the badguys get your entire messaging-history, and that of every team you are on, correct?
* https://github.com/privacytoolsIO/privacytools.io/issues/999#issuecomment-518303585
Suggestion:
Suggestion:
> Team chat applications where everything is end-to-end encrypted *or* under control of your team administrator.
Suggestion:
Suggestion:
> Team chat applications where everything is end-to-end encrypted *or* under control of your team administrator.
Links either: https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/ or https://drewdevault.com/2015/11/01/Please-stop-using-slack.html (I kind of prefer this one) Discord: https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and (I prefer) or https://stallman.org/discord.html ? > If your team is currently using service like [Discord] or [Slack], you should pick an alternative here.
Links either: https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/ or https://drewdevault.com/2015/11/01/Please-stop-using-slack.html (I kind of prefer this one)
Discord: https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and (I prefer) or https://stallman.org/discord.html ?
Links either: https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/ or https://drewdevault.com/2015/11/01/Please-stop-using-slack.html (I kind of prefer this one) Discord: https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and (I prefer) or https://stallman.org/discord.html ? > If your team is currently using service like [Discord] or [Slack], you should pick an alternative here.
Links either: https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/ or https://drewdevault.com/2015/11/01/Please-stop-using-slack.html (I kind of prefer this one)
Discord: https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and (I prefer) or https://stallman.org/discord.html ?
https://github.com/privacytoolsIO/privacytools.io/issues/1066#issuecomment-519922407 - Mattermost should be delisted. https://github.com/privacytoolsIO/privacytools.io/issues/1066#issuecomment-519922407 - Mattermost should be delisted.
https://github.com/privacytoolsIO/privacytools.io/issues/1066#issuecomment-519922407 - Mattermost should be delisted. https://github.com/privacytoolsIO/privacytools.io/issues/1066#issuecomment-519922407 - Mattermost should be delisted.
Link is currently broken, just needs to be updated to Link is currently broken, just needs to be updated to
```html
<a href="https://keybase.io/docs-assets/blog/NCC_Group_Keybase_KB2018_Public_Report_2019-02-27_v1.3.pdf">indepedently audited (PDF)</a>
```
Link is currently broken, just needs to be updated to Link is currently broken, just needs to be updated to
```html
<a href="https://keybase.io/docs-assets/blog/NCC_Group_Keybase_KB2018_Public_Report_2019-02-27_v1.3.pdf">indepedently audited (PDF)</a>
```
Small grammatical suggestion:
Small grammatical suggestion:
> If your project ~~is currently using~~ currently uses a team chat like...
Small grammatical suggestion:
Small grammatical suggestion:
> If your project ~~is currently using~~ currently uses a team chat like...
Missing a space here: Missing a space here: ```</i> Team```
Missing a space here: Missing a space here: ```</i> Team```
Won't that break it due to being in the card? I removed the backslashes though. Won't that break it due to being in the card? I removed the backslashes though.
Won't that break it due to being in the card? I removed the backslashes though. Won't that break it due to being in the card? I removed the backslashes though.
Apparently not. Apparently not.
Apparently not. Apparently not.
|
|||||||
I forgot that Discord exists and typing this comment I also remember Microsoft Teams being a thing. I think the biggest concerns for FOSS projects/teams are Slack and Discord though and I am sure both have nice links.
I forgot that Discord exists and typing this comment I also remember Microsoft Teams being a thing. I think the biggest concerns for FOSS projects/teams are Slack and Discord though and I am sure both have nice links.
This needs attention as I am not sure any team chat is designed with privacy in mind as I recall reading that the reason Slack hasn't implemented E2EE is due to letting "your boss read your PMs".
This needs attention as I am not sure any team chat is designed with privacy in mind as I recall reading that the reason Slack hasn't implemented E2EE is due to letting "your boss read your PMs".
Federation is also experimental.
Federation is also experimental.
TODO
TODO
Obviously TODO, I just wanted a preview build out and me working on this visible to everyone.
Obviously TODO, I just wanted a preview build out and me working on this visible to everyone.
TODO, is it OK to use existing topics?
TODO, is it OK to use existing topics?
#1066 has links on the requests for E2EE, but I am not sure it's a big priority for businesses.
#1066 has links on the requests for E2EE, but I am not sure it's a big priority for businesses.
for Discord I couldn't find more than https://discordapp.com/privacy
for Discord I couldn't find more than https://discordapp.com/privacy
Typo.
Typo.
Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord?
Keybase advertises themselves for everyone and one audience that is also on my mind are language learners whom I only know existing in IRC (bigger languages), Discord (a lot of languages) and Slack (one team I found via Duolingo and keep forgetting to login).
Question: who is our target audience? I guess I am going by assumption that it's people who run open source teams (community managers?) and people who care and are unhappy with Slack or Discord?
Keybase advertises themselves for everyone and one audience that is also on my mind are language learners whom I only know existing in IRC (bigger languages), Discord (a lot of languages) and Slack (one team I found via Duolingo and keep forgetting to login).
Oh and someone I chatted with IM apps said that they would be a bit wary of Rocket.chat due to it not being designed to federate and that possibly leaving more room for mistakes.
Oh and someone I chatted with IM apps said that they would be a bit wary of Rocket.chat due to it not being designed to federate and that possibly leaving more room for mistakes.
Richard Stallman offers us the following:
via Matrix
Richard Stallman offers us the following:
via Matrix
The existing thread was https://forum.privacytools.io/t/what-do-you-think-about-keybase-io/920?u=mikaela and I didn't feel comfortable reusing it.
The existing thread was https://forum.privacytools.io/t/what-do-you-think-about-keybase-io/920?u=mikaela and I didn't feel comfortable reusing it.
Experimental --> closed source server? centralized?
And I think I am out of time and cannot think of this further today.
Experimental --> closed source server? centralized?
And I think I am out of time and cannot think of this further today.
From Discord, 2 years ago:
From Discord, 2 years ago:
Great question -- I'd agree with your assumption 👍
Great question -- I'd agree with your assumption 👍
https://forums.rocket.chat/ ?
https://forums.rocket.chat/ ?
The server side of Keybase runs on proprietary code and is centralized?The server side of Keybase runs on proprietary code and is centralized?No, it's our forum thread https://forum.privacytools.io/t/discussion-rocket-chat/1223
No, it's our forum thread https://forum.privacytools.io/t/discussion-rocket-chat/1223
I applied your suggestion, but Blah blah blah needs to change before resolving this conversation.
I applied your suggestion, but Blah blah blah needs to change before resolving this conversation.
Suggestion:
Suggestion:
Links either: https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/ or https://drewdevault.com/2015/11/01/Please-stop-using-slack.html (I kind of prefer this one)
Discord: https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and (I prefer) or https://stallman.org/discord.html ?
Links either: https://www.theregister.co.uk/2016/03/17/no_slack_for_open_sourcers/ or https://drewdevault.com/2015/11/01/Please-stop-using-slack.html (I kind of prefer this one)
Discord: https://web.archive.org/web/20171029114027/https://feedback.discordapp.com/forums/326712-discord-dream-land/suggestions/17094256-implement-whispersystems-encryption-for-voice-and (I prefer) or https://stallman.org/discord.html ?
https://github.com/privacytoolsIO/privacytools.io/issues/1066#issuecomment-519922407 - Mattermost should be delisted.
https://github.com/privacytoolsIO/privacytools.io/issues/1066#issuecomment-519922407 - Mattermost should be delisted.
Link is currently broken, just needs to be updated to
Link is currently broken, just needs to be updated to
Small grammatical suggestion:
Small grammatical suggestion:
Missing a space here:
</i> TeamMissing a space here:
</i> TeamWon't that break it due to being in the card? I removed the backslashes though.
Won't that break it due to being in the card? I removed the backslashes though.
Apparently not.
Apparently not.