During this year's Google Summer of Code, Anmol will implement optional real-time texting in Dino. Real-time text means that text is transmitted and displayed to the receiver while it is being typed. Anmol will write about his progress here: wolfieanmol.github.io/gsoc-blo #Dino #XMPP #GSoC

@dino
2 questions:

1. What measurements will be taken to mitigate identification through typing rhythm/pattern by an adversary

2. Why is this chosen for the GSoC instead of a adding an additional option for e2e encryption by default? (or something similar that supports e2e encryption that is not accidentally turned off)

@larma

@syster @dino

1. The feature will have to be enabled for each conversation, it is expected to be only enabled with contacts you trust.

@larma @dino
> it is expected to be only enabled with contacts you trust.

what about network sniffing?
what about the server listening to it?

@syster @dino

RTT can be encrypted using omemo:1 (and should be if you want to protect against malicious servers).

RTT instructions are batched into messages of fixed intervals (something like 1s), making it impossible for servers to see any pattern (other than ongoing communication between the two users).

If you don't want to leak that you are currently typing to a user, you need to turn off RTT. Dino allows you to turn off the "is typing"-notification for the same reason.

Follow

@larma @dino
>instructions are batched into messages of fixed intervals (something like 1s),

Ok. That was the part I was hoping for.

Even so I wished the resources would be used for something that is improving Dino's security, that feature doesn't seem to be as bad as I feared in the beginning.

thank you for your explanation.

· · Web · 0 · 0 · 1
Sign in to participate in the conversation
Linux.Pizza

A instance dedicated - but not limited - to people with an interest in the GNU+Linux ecosystem and/or general tech. Sysadmins to enthusiasts, creators to movielovers - Welcome!