this post was submitted on 22 Jul 2023
2 points (100.0% liked)

SimpleX Chat

460 readers
1 users here now

Community of SimpleX Chat users – managed by the team.

SimpleX Chat is the first chat platform that is 100% private by design – it has no user identifiers of any kind and no access to your connections graph – it's a more private design than any alternative we know of.

Please ask any questions and make feature suggestions. Your ideas and criticism are very welcome!

https://github.com/simplex-chat/simplex-chat

founded 2 years ago
MODERATORS
 

like, if I send the QR code to someone I want to talk to via email, anyone intercepting this message will at the very least know my SimpleX address; same thing if I send it via messenger.

edit: let's assume we don't have an established and trusted channel. furthermore, they're not expecting this info.

you are viewing a single comment's thread
view the rest of the comments
[–] HandwovenConsensus@lemm.ee 1 points 1 year ago

Well, there's not much they can do with the QR code. You can deactivate it as soon as you've made contact and established proof of identity with the recipient.

But, if it was really important, there are cryptographic key-exchange protocols you can do even over an insecure connection. The Diffie-Hellman key exchange is one of them. Using something like that, you can derive a shared secret key even if someone's listening.

But personally, I would just break it into two parts, and send one by email and one with pastebin's "burn-after-read" option.