> I like the (public) chat feature but to introduce "private" chats a feature that is clearly intended to increase interactivity and thus use of the feature without making this clear is just wrong IMO.
I think that's backwards. You cannot assume that a "private" message is actually private unless end-to-end encryption is advertised. You still cannot safely assume so unless you've checked the code yourself. Privacy is never the default.
Hence the move to call things "direct" messages, rather than "private" as it used to be.
But how do you know that the build you verified yourself is the one that is running on their server? It would be amazing to solve this problem - are there any solutions?
I was thinking of having a third-party trusted services that compares the hash of the deployed application to the one they independently compiled themselves.
But the complexity is nontrivial and there is enough variations between the output of the same source code across different build environments that would make hashes useless.
Another possibility is having trusted compilers that would send link the source code to the build in a trusted repository.
"Customers can choose to further encrypt the messages prior to sending and after receiving for end- to-end encryption as needed (but this will cause moderation tools and search features to malfunction)."
Reddit may prefer to not provide end-to-end encryption due to reasons, say, keyword marketing.
It encrypts messages with a passphrase using scrypt, AES-GCM, and sha256 for an HMAC.
Each v1 protocol message includes a salt/iv, scrypt N&r, HMAC, and whether or not to lower-case the password. All messages encrypted with the proof-of-concept will be decrypt-able by all future clients, as there's room for 13 more protocol versions.
The code is in complete disarray, and I wouldn't want anyone to sift through it in it's current state[1], but the proof-of-concept is finished, and life came up, so it's been sitting since.
I have a list of features[2] I want to add in the issues tracker :)
The user who posted that has a strong history of looking for, and loudly proclaiming, malice in many decisions reddit makes. They're not necessarily wrong, though, just slightly more deserving of fact-checking than the average reddit user.
This is probably a sign that the situation is more complicated than it appears to be.
I mean if they have hundreds or thousands of engineers, billions of dollars etc. they have surely considered these heuristics before, and there's probably a reason they haven't done them "right," we just are not privy to that reason.
There's probably some class of genuine users who would get banned unfairly. Just look at the complaints of blocking mega links. Imagine if they went full Paypal and started randomly banning accounts just because someone's mother died and they sent a lot of messages all at once.
Most of the spam on Twitter (and assuming on Reddit PM) are from newly created accounts. They follow hundreds of other accounts (follow spam) and/or post hundreds of similar tweets mentioning someone else (mention spam).
Yeah, and MSN and Facebook block messages containing ThePirateBay.org. You can argue both ThePirateBay.org and Mega.co.nz are very likely copyright infringement material.
Also, these are not private messages. That's why Tweakers.net calls private messages "direct messages" (DMs) and not "private messages" (PMs). They scan them, they read them back in case of a dispute, but apart from the moderator team other users cannot read them.
The title of this subject seems to call it DM whereas Reddit appears to call their system PMs. Either way, Reddit falls under a different jurisdiction than Tweakers.
A simple solution could be using GPG, or a different method of communication e.g. using JS over a less censoring platform. By using GPG (or some other form of public key cryptography), the messages are private, and the integrity of the data can be guaranteed.
That thing about Facebook blocking messages with links to the thepiratebay.org doesn't seem to be true. I just tested it. Maybe it's a regional thing (i.e. it works in the US but not in the EU).
Boy, if you think getting people to use encrypted email is hard, I can only imagine trying to convince reddit users. Why would you even use reddit to send an actual, private communique? If you know the person through some other channel, why prefer a pseudonymous platform controlled by a third party, that is notoriously unreliable? If you don’t know them outside of Reddit, I find the odds of wanting or needing truly private communications very small, and a DM could easily be used to establish a more secure connection elsewhere.
You don’t need to know them outside of Reddit, just outside of the DM. I can easily imagine a situation where members of a subreddit might want to DM each other securely. For example users of a marketplace subreddit might want to DM each other to negotiate transactions. In that case I could imagine the OP providing a GPG public key in a post and asking anyone who sends a DM to send it GPG encrypted with that key.
Also, convincing reddit users to use GPG is definitely easier than convincing email users, because it only needs to happen for specific subsets of them, and many already use it (eg in the old /r/DarkNetMarkets).
By using GPG (or some other form of public key cryptography), the messages are private, and the integrity of the data can be guaranteed.
Until they start blocking that (it's very easy to detect excessively high entropy, in fact one of the properties of good encryption is that output is indistinguishable from random noise) --- in which case, start using stenography...
> in fact one of the properties of good encryption is that output is indistinguishable from random noise
Technically this is not correct, though your point about high entropy nonetheless stands. Ciphertext indistinguishability (IND, and more generally computational indistinguishability) refers to the inability of a polynomial-time algorithm to differentiate between two different output streams of data, given some input stream of data. To be precise, it is sufficient for a ciphertext to achieve indistinguishability under an adaptive chosen ciphertext attack (IND-CCA2) if an attacker cannot distinguish which of two ciphertexts corresponds to a plaintext message with greater with 50% probability in polynomial time, even when they can arbitrarily decrypt ciphertexts of their choosing.
Academically speaking, distinguishability against a set of uniformly random bits is a nice model and a bar to strive for. In practice it's not necessary, and it's harder to achieve with public-key cryptography than secret key cryptography. AES's substitution permutation network should generally have output that appears uniform (except for special cases, like GCM). But public-key cryptosystems like RSA rely on so much algebraic structure to achieve their encryption that it's very regular to find some latent structure which clearly distinguishes ciphertext data from random data. This doesn't diminish the security, because you still can't distinguish between ciphertexts themselves in polynomial time. But from the perspective of attackers and onlookers, if it's not already obvious how a ciphertext was generated from context, it's usually not infeasible to figure it out by looking directly at the ciphertexts or their accompanying metadata. It is much harder to do this with hash functions.
There is not much research in cryptographically secure stenography because that sort of obscurity is usually not desirable except for very special cases. To combat the appearance of high entropy, I would use a specialized encoding algorithm that breaks the ciphertext into many short, variable-length fragments, then intersperses it into a commensurately larger corpus of randomly generated plaintext. Localized pockets of entropy would still be evident even if it's less "loud", so I'd then disguise them by putting them into e.g. very long URLs, which often have great length and pseudorandomly generated tokens.
With an actual research team and a few months I'm confident you could massage this plan into something pretty decently secure as long as the underlying cryptography wasn't too radical. The real question is why go through all the effort to impose secrecy on a platform that's clear antagonistic to it? If you're at the point of considering stenography for a direct messaging system, just message a redditor and ask them to chat with you on a different system for security.
It seems like Reddit, Facebook, YouTube and others are "converging", partly due to the economic forces behind delivering good engagement metrics to advertisers and not placing ads next to undesirable content.
It has nothing to do with advertising. It's about control and propaganda. The elites want to take control over social media. They want social media to be like the rest of media. Where the masses see what they want us to see.
It's why europe has been on a censoring rampage. It's why china/russia/etc are very strict about social media.
Do you think that advertisers, who are stepping over each other to advertise in china ( where they kill prisoners to harvest their organs ) or saudi arabia ( where they stone rape victims for adultery ) have any morals?
Ultimately, reddit, facebook, youtube and others doesn't need advertisers. The advertisers need them. That's why the establishment has been waging a war to take control over social media. Social media is where the people ( young and increasingly the older ) are.
This was actually first. We saw the start of this about a year and a half ago when they deleted their warrant canary. And half a year ago they announced that they went closed-source.
I read their re-design announcement and am really confused. Did they actually conduct user studies? focus group studies? research? proper A/B testing?
The general consensus seems that the re-design has a horrible user experience for most people. Curious on what their approach would be as I'm sure they're seeing horrible conversions.
I bet they have a lot of “conversions” because a significant portion of their user base don’t log in and use the site to interact with others, they just browse the front page of some particular sub or thread they ran across. Not something you can exactly do with FB for example. Of course, the redesign is so badly broken it will dump you back to the old view half the time. But they have this weird sort of captive yet passive audience that sees what is delivered by default via the front page and the default subs.
I can't read Reddit without logging in because that's what applies all my filters. It's a much more agreeable site once you strip off all the politics subreddits. Now I just need a way to filter off the karma whores like gallowboob.
This something people keep bringing up but many people have pointed out that Digg didn't just redesign their site. They changed the way the site worked.
Reddit is a private entity entitled to make their own decisions on what is allowed on their platform. I'm a private entity entitled to say their decisions suck. HN is a private entity which (for now) is willing to host my opinion.
Your response falls completely flat because I never claimed a right to Reddit.
the "private entity entitled to their decisions" argument is facing an interesting 1st ammendment challenge based on a 1946 court case Marsh v. Alabama
It may not hold up after all, i.e. facebook censoring users because they are a private entity, they may be forced to provide some avenue for people to do so in the future. Its interesting to me because it goes against everything I use to believed in, but at the same time these entities are being used to promote a dark globalist agenda.
> Reddit's new "private" chat system is powered by send bird without any additional end to end encryption.
> This means send bird provides a searchable plaintext database of all of these "private" chats.
> https://sendbird.com/features
> I like the (public) chat feature but to introduce "private" chats a feature that is clearly intended to increase interactivity and thus use of the feature without making this clear is just wrong IMO.