Para_lyzed

By the same (virtually nonexistent) logic, neither are games in general, or operating systems, or computers, or anything that is not strictly “necessary” for one to survive. Yet all of these things clearly have a strong intrinsic value to society, else we wouldn’t be working so hard on all of it. If you don’t enjoy VR, don’t use it; it doesn’t get much simpler than that. I can guarantee you that no one on the SteamVR dev team is going to care about your opinion or where you think their resources are better spent. Want to change that? Apply for a job at Valve. Pointless comments aren’t going to do anything.

Yes, that is exactly where perfect forward secrecy fails in Element. It allows all of the message keys to be downloaded by attacking a single point of failure. Perfect forward secrecy would necessitate that all messages and their encryption keys be completely independent, and each message would need to be broken one-by-one, as each key is completely different. What Element does with their cloud backup solution is it adds a single point of failure that results in every single message being compromised, without physical access to any device. Real perfect forward secrecy would make that impossible, as you have to break the encryption of every message independently (again, ignoring physical access to the device, because the device will always have access to all the messages anyway). It essentially invalidates many of the benefits of using a double-rachet key exchange protocol to begin with, as you can attack a single point of failure that would compromise all messages instead.

Granted, whether or not that matters to you is entirely up to you. I’m just clarifying that Element lacks perfect forward secrecy, so I have an ideological objection to my own personal use of it for anything sensitive, since there are more secure messengers out there (like SimpleX) that do have perfect forward secrecy, and many more security and privacy features (like the whole no user identifiers thing and no server side storage with SimpleX). That does of course come with the tradeoff that you can only use it on one device at a time, but everything is a list of pros and cons. Is anyone going to target you and attack you by attempting to gain access to your cloud backup keys? No, most certainly not. But the fact that it exists as an attack vector to begin with is troubling from a security perspective (again, that’s where SimpleX shines with all data being stored locally, so there is no way to access those messages on demand without physical access to the device). I personally think that the metadata issues are much worse with Matrix from an immediate privacy perspective, as that is an avenue that can be actively exploited in a much easier capacity.

If I understand correctly though, I believe we’re both on the same page. Element is still a much better option than something like Discord, but it is not without its own flaws.

The idea with perfect forward secrecy is that by breaking one key, you aren’t able to read all the other messages. The way Element works (allowing users to share encryption keys for messages stored server-side across devices, using a shared storage system), allows for a single key to allow access to all messages. All you need is your backup phrase (or a valid login session), and suddenly not just one message is visible, but all messages are. That is fundamentally in complete opposition to perfect forward secrecy.

The way to work around this is by storing all messages locally so they cannot be decrypted simply with server access, but Element stores messages on their servers, not locally (like SimpleX does, for instance). That would allow robust backup and syncing without breaking PFS.

Do you have any sources for that, preferably their own documentation

https://github.com/element-hq/element-meta/issues/1296

I got that from the privacyguides.org website, at:

https://www.privacyguides.org/en/real-time-communication/#element

If you look carefully on the Element website, there are never any claims that it provides perfect forward secrecy. This is intentional, and unless they change their backup keys, it will continue to stay that way. As the issue is still currently open, I can only assume it is still currently an issue.

From the article, it seems that there will be a DRM-free version available on the game’s website for Linux (and that will be the only place to get the Linux native package). So no need to go through Epic. Plus, most Epic exclusives eventually end up on Steam anyway, it’s just a matter of time.

I’d like to add SimpleX to this list, as Matrix based messengers hemorrhage metadata, and Session doesn’t have perfect forward secrecy. Also, while the Matrix protocol technically supports perfect forward secrecy, Element does not currently use it.

https://simplex.chat/

Yet Another Call Blocker. Also available on F-Droid

1984.hosting is great, I’ve been using their service for a couple of years now. They’re based in Iceland (really strong privacy laws) and have options for crypto payment if you don’t want to reveal yourself through your payment method. As with all registrars, they’ll need an email address (or alias) to reach you at in case there’s a domain dispute, and while they also ask for address and phone number, they’ve never had me actually verify anything beyond the email. If you give a fake address and phone number, then you’ll just need to understand that if someone challenges your domain, it will be very difficult for you to prove ownership with fake details (not as if that’s likely to happen unless you’re allowing the site to be crawled by a search engine though). I only have a domain through them, not a hosted webserver, but they seem to have good options for hosting. I know that they handle Let’s Encrypt certs automatically for hosted sites, and they run off green energy (geothermal) if that matters to you.

Talking on the YouTube front, a trivially small donation will support them far more than watching ads ever could. Even something as small as $1/year is often far more than they would ever make from you in a year. As far as donations to developers go, it depends entirely on what you feel comfortable with. Most people who work on open source projects are unpaid volunteers, so it isn’t expected that you donate, but if you choose to do so it can be quite helpful to sustaining the project. If many people in the userbase were to make small donations, that would go a long way.

In reality, ads almost entirely benefit exploitative multi-billion dollar companies such as Google and Facebook, so my personal philosophy stands against them. I much prefer donating to people directly to cut out the exploitative middle-man.